Stellar Paper Transaction platform

QuasarK

Hi erverybody,
I would like to create a Stellar Paper Transaction platform. The purpose of this platform is to create a kind of "prepaid" card to sell or to send to someone else in order to transfert lumens between accounts even if the receiver has not yet an account.

Here is the use case:
A print the prepaid card
B buy the card
B send the card to C (by email or by mail)
C use the card and receive the XLM.

What do you think about this idea?
If you need more technical information on the implementation, don't hesitate to post a comment or send me a PM.

azheps

I choose send the card using email

fiatjaf

Create a Stellar account, fund it with the quantity you want to send. Write down the public and private key in the paper and send the paper. Done.

QuasarK

fiatjaf, I don't think that it is efficient at all to do all the things that you explained.
Furthermore, sending the private key is a huge security issue.

fiatjaf

Ok, you want to create a website that will basically do these things, but will keep the private key on its database, giving it to the person when they arrive to grab it?

Yeah, that may work. I think it is a solid value proposition, but there's the problem of people trusting you to hold their lumens (the lumens they're trying to send). Well, that problem exists everywhere. There's the risk of you deciding to close the site while lumen transfers are still pending and all that.

Maybe you could do some app that will do the steps I mentioned all on the client-side with Javascript (and host the code on GitHub Pages, for example, so everyone can believe). The generated private key would then be "encoded" in a readable format, like a sequence of words (see http://www.spammimic.com/ -- I'm not suggesting that, it is ugly, but as inspiration it is valid) plus a password (which will somehow simmetrically encrypt the key for safety).

The encoded private key (or, well, it could just be the raw output of encrypting the private key with the password) would then be printed or turned into a card and the person could give it to anyone else, along with the password.

Despite having a link to your site the card could also have instructions for manual deciphering of the keys.

(I'm just rumbling here, you don't have to take me serious.)

QuasarK

Hello,
What I have in mind is a javascript only app in order to avoid any "man in the middle" attack.
So yes, the private key should be encrypted by a password.
I will also implement a password recovery system based on the sender's private key + the prepaid card.

The password will be randomly generated.
After reading your comment I think that the password will not be needed for small amount (e.g: < 20$) in order to simplify the app.

sacarlson

you can already do this with my_wallet. with my_wallet you can send a URL link over any channel like email or paper qr-code that contains the secret key that is added to the end of the URL. This key can be encrypted or not as an option before sending. There is also an option when the the person that first clicks the URL that the wallet will auto re-key the original account and move all the funds (supports multi assets) into the new random created secret key account. This URL can also be turned into a QR-code that can be printed on a peace of paper that you hand some one or snail mail it. Any standard QR-code reader on an android phone will convert the qr-code to the url and you can click it and collect the funds on your paper from your phone. The code for my_wallet is open source on github and can be run from github no servers needed to run it. can run it here http://sacarlson.github.io/my_wallet/ and the code https://github.com/sacarlson/sacarlson.github.io/tree/master/my_wallet a prefunded wallet example with testnet worthless funds: https://wallet.funtracker.site/?json=%7B%22seed%22:%22SAYRX7D4XXTMBKNGDG7TV2WLVJ2UEJPNGS3JQTDADX4J4X66XAMVDGHT%22%7D

comefromotherworld

I like this idea but we have more case to use. ? bookmark to my mind