Hi HN! I've been working with the Stellar blockchain recently and I found it hard to get a simple, open and transparent wallet that would let me keep my accounts on my local machine. So I wrote my own and made it available for everyone.
I've tried to keep the code simple and clean and I would appreciate any feedback. The goal is it should be a simple, powerful wallet that any dev can pick up - be confident how it works and be able to hack in 5 minutes.
I don't know Stellar, but I am interested in crypto and blockchain technology.
You say you are working with the Stellar blockchain. But then you say it's a thin wrapper around an API.
Are you doing the crypto (creating private keys, signing transactions) in your code? Looking through the code it looks like you call something called 'stellar-sdk' for it. Which is not part of the repo. I have the feeling the magic is happening in this external code. Which conflicts with the statement that the wallet is "easy to understand at a glance and transparent enough to be easily customized and fully trusted". One would have to also analyze that stellar-sdk: https://github.com/stellar/js-stellar-sdk/tree/master/src
Something that is way too big to understand easily.
Also, I see some account creation code in your repo. If it is using a blockchain, why is it creating accounts on a service via an API? Can't I have my Stellar assets under control without having an account somewhere?
They provide a REST API for interacting with the network itself and JS/Go/Python/Java standard libraries that can be used. Of these, the JS library is the most developed which is why I picked it.
Using the standard stellar library to connect with stellar is secure and transparent enough. What the wallet does is encrypts and protects your account keys (which are what give you control over your accounts). It does this using `scrypt`(https://www.npmjs.com/package/scrypt) for PKDF and sodium (https://www.npmjs.com/package/tweetnacl) for the actual encryption. Having access to the code should show you that there are no backdoors built in, no information being sent across to any third-parties, and so on. This is what people care about when protecting their accounts.
Your second question is also very insightful. Creating accounts is at the heart of Stellar. You cannot start performing any transactions on the network without first creating an account. And, in order to create the account, it needs to be be funded. This is why the wallet allows you to create (and fund) a new account on the network. You can read more about it here: https://www.stellar.org/developers/guides/get-started/create...
There could be bugs, of course, but the library is open source and developed by the Stellar network team.
Of course you are right in a sense - the core team also should not be blindly trusted. But, because your account is managed by the wallet and stays local to your machine, there is nothing much the library _can_ do IMHO.
It's code that runs on your machine. What would prevent it to do whatever it wants? Like sending your private keys somewhere? Or using a weak form of crypto to create them so that somebody can guess them?
I've tried to keep the code simple and clean and I would appreciate any feedback. The goal is it should be a simple, powerful wallet that any dev can pick up - be confident how it works and be able to hack in 5 minutes.