Social Wallets with One-Time-Passwords
💰

Social Wallets with One-Time-Passwords

Wallets are becoming the Web3 portals as a DeFi dashboard for asset swaps and investments, a NFT gallery for collectible editorials and auctions, or a DAO townsquare for governance votes or payrolls.

Introduction to 1Wallet

⚡ WHY

Billions of users can earn 10% or more annual returns with crypto assets. But they must stop worrying about seed phrases, device loss, email phishing, phone hijacking... We can secure everyone’s financial future against password breaches, software bugs, platform malware and exchange hacks.

👩‍👩‍👧‍👦 WHOM

Global consumers with just a few thousand dollars and no technical background.

💎 WHAT

A digital wallet for crypto assets, investment and identity. Consumers can buy crypto assets via credit cards, then trade between multiple platforms. They can earn fixed-rate interests or actively invest for higher returns. Their profiles can hold digital arts or custom domain names.

🤯 MAGIC

  • Earn 20% annual interests for the first million users.
  • No emails, SMS, passwords or government documents necessary.
  • Seamless between assets from Bitcoin, Ethereum or any networks.

🔨 HOW

  • Many staking protocols offer 10% yields, lending protocols offer 10%, and liquidity pools offer 20%.
  • Assets and keys are secured on blockchain; only need Google Authenticator and social recovery.
  • Harmony supports non-custodial and trustless transactions in 2 seconds and at less than $0.01 fees.

💪 WHO

Ph.D.s, ex-Google developers, formal verification as security audit, top branding agency, builders of billion user products.

🔥 WHERE

The Future of Money is already here but unevenly distributed. Decades of cryptography, best research in production.

🚀 WHEN

Product launch and hackathon in 2021 Q3 with 1000 users, then 10k users in Q4 with each wallet holding $1000, video campaign and 20% deposit return in 2022 Q1.

💡 Terms

  • Social recovery: friends or other devices unlock funds for you if you lose access to your wallet.
  • Non-custodial: no network, software, developers, government or even Harmony control your fund.
Our 1Wallet – with social recovery and on-chain security based on Google Authenticator – supports any asset tokens (ERC21) as well as unique NFT (ERC721) and limited editions (ERC1155). Get started at

Open Tasks: Categories & Examples

CategoryExamples
video campaigns like "Who Build & Create Wealth", RabbitHole for education rewards, Robinhood's $500 referral
social-location-mobile games like Forever.ONE, 1world, Timeless, burner wallets & BuffiDAOs
UX and portfolio analytics like Zapper, Zerion
metaverse, art galleries, casinos, conferences, fantasy sports. e.g. CryptoVoxels, Decentraland, Sorare's One Shot League
proof of membership for working groups. e.g. Orca Protocol's grant committee or Spartan Council's SC-NFT for a governance protocol, unlock on-chain permissions, budget approvals
Crazy.ONE, Ethereum name and login services like ENS or Torus, Unstoppable Domain, Handshake
"Instagram" or social networks for owners and creators. e.g. Showtime, combining Twitter & OpenSea
proof of attendance for POAP or Bankless's community calls, Infinite Players, Collab.Land, MintGate
open QR-code authenticator, login based on biometric & location, EIP3009/3074 for delegation & authorization
mechnican checks with Coq or Runtime Verification's K; strong type system with noninterference guarantee
More grants, bounties and DAOs at harmony.one/300

Decentralized Basic Income

Our thesis is that cross-chain network staking gives 10-15%, lending marketplaces gives 5%-20%, fixed-income protocols gives 5%-10%. Underlying innovations: blockchains that scale to billions, radical markets with small epoches, social experiments on wealth.

Sam Altman (of Y Combinator and WorldCoin) says: it's "Moore's Law for everything: AI, capitalism; people entrusted to use the money however they needed or wanted. For better education, healthcare, housing, starting a company; technology to create more wealth, policy to fairly distribute it"

Radical social change? Follow #startsmall by Jack Doresey: $4.4B open fund & $418M disbursed across 230 projects in 15 months on google spreadsheet. For covid, social justice, girl’s health and education, universal basic income. Why transparency, why now?

Future is already here on Terra. See "Debt-free yield: Proof-of-Stake. Libor rate for DeFi money markets" & Delphi Digital. Can staking derivatives Lido, stablecoins liquity, fixed income barn bridge... all become cross-chain?

Wealth is beyond dollars: basic living standard for Lin Jin's "creator economy" & Jesse Walden's "ownership economy" is more than a fixed-rate earn. Let's put consumer price index, anonymous bounties, self-assessed salary, retroactive funding... on-chain?

And, beyond universal basic income: robot automation, deception economy, self-sovereign identity... for the radical future we are already living in. How do you value trust, autonomy and privacy? Read our 85-page "Day ONE" Magazine.

Hackathon – On-Chain with Wallet Security

One key theme of our recent hackathon is on-chain social wallets and keyless security. The 4 tracks — Frontends, Web3, Web2, Security — emphasize the consumer experience of delighting the users without worrying about blockchain technology or custody. Wallets are becoming the Web3 portals as a DeFi dashboard for asset swaps and investments, a NFT gallery for collectible editorials and auctions, or a DAO townsquare for governance votes or payrolls. Our hackathon encourages seamless onboarding and incentivized education for smart contract wallets; builders can start from our audited prototypes featuring authenticator-based security and on-chain account recovery.

Composing Web3 contracts and integrating Web2 components is the crossing of the chasm for daily uses. Our wallets should work as a mobile or even wearable client. They can also curate crypto and domain names, work activity and reputations, or even virtual and life moments. Furthermore, the wallets can link your identity on Twitter as social clout, Github as work prowess, or Linkedin as tailored profiles. At this hackathon, cryptography or security researchers can extend our authentication to multiple factors, verify implementations with formal methods, or prototype based on our latest research papers.

Wallet DAO – Fearless wallet for everyone

#ONEwalletDAO is one of our key DAO initiatives with the mission “fearless wallet & wealth for everyone”. Let's bring “creating wealth in harmony” and the adoption of social wallets! In particular, this DAO will educate — through powerful storytelling and visual media — on wallet security based on one-time-password (like Google’s and iOS’s) authenticators as well as social recovery with friends, family or bots as guardians. Like fearless concurrency in Rust programming, consumers should self-custody assets, identities, collectibles or governance, without worrying about hardware theft, password loss, or platform hacks.

  • Security: promote social recovery & one-time-password authenticators for on-chain fund
  • Impacts: create basic income & wealth from fixed-rate or high-yield investments
  • Adoption: open millions to self-custody assets & collectibles without hardware, password or hack

Impacts for the first hundreds of million users can come in the form of basic income, fixed-rate savings, and curated high-yield investments. Blockchain projects are the epicenter of innovations on finance and marketplaces, drawing in enormous investment and returns; blockchain networks are rewarding stakers for transaction validations and platform security, handing out more than 10% annual return; blockchain lending products are facilitating billion dollars of liquidity every month, some liquidity pools rewarding more than 20% in short-term returns. Information is now free for 5 billion people and mobile phones are affordable for 3 billion; our collective goals should be financial wealth and social impacts for every one of us.

Security Goals

ONE Wallet is designed with these goals in mind for security:

Social (people)

  • Resilient. Funds are recoverable through time locks and multiple safety nets. No single point of failure such as thefts, cracks, loss, censorship or coercions is catastrophic.
  • Sufficient. All steps are well defined without delegating to hardware devices or seed phrases in safety boxes. Users do not need any passwords or rely on biometrics.
  • Anonymous. An account is a fresh cryptographic hash, not tied to existing systems or real-world identity. Derived paths support multiple public keys to protect privacy.

Smart (code)

  • Composable. One-time or low-entropy passwords are useful for small funds. Multiple authentications can independently boost protection thresholds against brute-force.
  • On-chain. A decentralized network with high stakes and fast finality validates all transactions. Its platform has sustainable incentives and open governance to evolve.
  • Programmable. Operations can call third-party contracts, store history of states, or upgrade its code. Complex applications may use oracles of time, locations and events.

Hard (math)

  • Self-Sovereign. No third parties, government documents, designated guardians, backup servers or hardware enclaves are necessary. Users have full custody and self control.
  • Air-Gapped. Key-loggers and man-in-the-middle attacks are minimized. The full parameters of transactions are easy to verify and approve without cables or cameras.
  • Verified. Trusted are only open source and hardened cryptography. Formal verification, through logical frameworks, assures end-to-end security beyond tests and audits.

Make a link for OTP auth generation on https://dan.hersam.com/tools/gen-qr-code.php, or try these samples:

otpauth://totp/one1jfl24ndhmahl3h50puq78767tdd6rsqkq38ycf?secret=JBSWY3DPEHPK3PXP&issuer=1&digits=8&period=10
otpauth-migration://offline?data=CjsKFKqjT2jQHY5syBOK6+uDHiMILHqREhREZWdyZWUgU3RhaXJzIENyZWRpdBoHSGFybW9ueSABKAEwAhABGAEgAA==
image
image
image

No need to save your account name or account address elsewhere. For recovery or export of accounts, just lookup Google Authenticator on your mobile phone: the vendor label is simply "1", and the full account address is in the text field after choosing the menus "..." for Setting (on the top right of the screen) and "Edit".

image
image

Bounties

There may be conflicts, tradeoffs or impracticality of the goals above. Here's our rule of thumb:

  1. Toward validating our innovation with 10k users (each with $100 assets), focus on these three goals: sufficient, resilient and composable.
  2. Toward adopting our product with 1m users (each with $1k assets), differentiate with these three goals: on-chain, self-sovereign and air-gapped

Reading

SmartOTPs
SmartOTPs: An Air-Gapped 2-Factor Authentication for Smart-Contract Wallets