Cardano SeedSigner: Affordable DIY air-gapped Hardware Wallet

[GENERAL] Name and surname of main applicant

Angel Castillo

[GENERAL] Are you delivering this project as an individual or as an entity (whether formally incorporated or not)

Entity (Incorporated)

[GENERAL] Co-proposers and additional applicants

• Luis Daniel Bianchi Cordova
• Anledry Cobos

[GENERAL] Please specify how many months you expect your project to last (from 2-12 months)

12

[GENERAL] Please indicate if your proposal has been auto-translated into English from another language

No

[GENERAL] Summarize your solution to the problem (200-character limit including spaces)

Build an open-source Cardano app on SeedSigner hardware to provide a DIY, secure transaction signing solution. Users can create an air-gapped, stateless device with <$50 in parts.

[GENERAL] Does your project have any dependencies on other organizations, technical or otherwise?

No

[GENERAL] If YES, please describe what the dependency is and why you believe it is essential for your project’s delivery. If NO, please write “No dependencies.”

No Dependencies

[GENERAL] Will your project’s output/s be fully open source?

Yes

[GENERAL] Please provide here more information on the open source status of your project outputs

Our project will be fully open source, hosted on GitHub to facilitate community collaboration and transparency. We will release the entire library under the Apache License 2.0.

[METADATA] Horizons

Cybersecurity

[SOLUTION] Please describe your proposed solution

Our solution is to build an open-source Cardano application that runs on SeedSigner hardware.

By leveraging SeedSigner's DIY air-gapped (no physical connection to the computer) hardware, we will provide Cardano users with a secure, affordable, and offline transaction signing solution. This app will be developed specifically to run on inexpensive, off-the-shelf components (typically <$50) to create an air-gapped, stateless device, similar to the SeedSigner used for Bitcoin. Users will be able to sign transactions without permanently storing any private keys on the device. The solution will use animated QR codes for secure, offline communication between devices.

Key Features:

Stateless and Secure: No private keys are stored on the device, and the device has no direct connection to other devices (no USB, Bluetooth, or Wi-Fi). Data is transmitted using animated QR codes.

DIY and Affordable: Provides an inexpensive alternative to mainstream hardware wallets. The device can be built with off-the-shelf components for an average cost of less than $50.

Full Protocol Support: Unlike other hardware wallets with limited firmware capacity, SeedSigner has enough storage to fully support the Cardano protocol. The app can be easily swapped by replacing the SD card. This means any valid transaction can be signed with the SeedSigner, and the SeedSigner can receive the transaction in CBOR and decode it internally (no need for canonical CBOR either).

[IMPACT] Please define the positive impact your project will have on the wider Cardano community

Value to Cardano Community:

The success of this project will bring immense value to the Cardano community by providing an affordable hardware wallet option, increasing the accessibility of secure transaction signing and enhancing the overall security of the community. More users will have the ability to safely sign transactions offline, which is critical for self-custody and protecting funds from online threats. This will contribute to a stronger, more secure Cardano ecosystem, especially for those who cannot afford existing premium hardware wallets.

Measuring Impact:

We will measure our project’s success through the adoption rate of the device, and feedback from the community.

Sharing Outputs and Opportunities:

All outputs will be shared openly through GitHub under the Apache 2.0 license, ensuring full accessibility and encouraging collaboration. We will also engage the Cardano community through forums, social media, and meetups to share updates, gather feedback, and promote the adoption of the solution. Detailed guides and tutorials will be published to help users easily build and use the device.

[CAPABILITY & FEASIBILITY] What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

Project Delivery Capability:

I bring over a decade of experience in C and C++ programming in high-stakes fields such as democracy and elections technology, alongside a robust background in blockchain and Cardano in particular, I have been working professionally in the space for several years.

Team Expertise:

• Alendry Cobos: Alendry is a product owner with over 12 years of experience leading the Hardware Quality Departments. His work electronic electoral devices, and his skills in directing software and hardware testing lifecycles will be crucial for our project. Alendry will enhance our development process, ensuring efficient management and high-quality outputs.
• Luis Daniel Bianchi Cordova: Luis has extensive experience as a software engineer, working with C/C++ in the banking sector. His background in managing security vulnerabilities and implementing development pipelines provides a strong foundation for ensuring our library's security and reliability.

Validation of Approach:

1. Technical Validation: Rigorous testing cycles including unit, integration, and system testing will validate the library's compliance with MISRA-C guidelines and functional requirements.
2. Community Engagement: Feedback from the Cardano community will be instrumental in refining our solution, ensuring it meets the real-world needs of developers and users.
3. Prototype Development: An early prototype will help identify technical issues and refine our approach based on practical outcomes.

Risk Management:

We anticipate potential delays due to unforeseen technical challenges or updates in Cardano's protocol. Our response includes a flexible development strategy, buffer periods for problem-solving, and regular updates to stay aligned with Cardano developments.

[PROJECT MILESTONES] What are the key milestones you need to achieve in order to complete your project successfully?

Requirements Gathering and Initial Design

Objective: Develop a comprehensive design document detailing all aspects of the Cardano application to be integrated with SeedSigner.

Outputs:

• A detailed document outlining the technical specifications, architecture, and functionality of the app.
• Documentation of all menu options and user interactions.
• Specifications for the frame structure that will be transmitted via animated QR codes.

Acceptance Criteria:

• The design document must fully articulate the app's functionalities, including interactions, user interface, and communication protocols.
• All design decisions must prioritize security, efficiency, and compatibility with SeedSigner hardware.

Evidence of Completion:

• A finalized design document covering technical specifications, architecture, menu flows, and QR frame structure.

Develop initial application prototype and GUI

Objective: Develop an initial version of the Cardano application that runs on the SeedSigner hardware

Outputs:

• A working prototype that can display a graphical interface on the SeedSigner screen.
• Implementation of all menu items, with mocked versions of all screens to illustrate the intended user flow.

Acceptance Criteria:

• The application must be able to run on the SeedSigner hardware and provide a fully navigable graphical interface.
• All menu items must be present, and each screen must demonstrate the intended functionality, even if the business logic is not yet implemented.

Evidence of Completion:

• A functional prototype deployed on SeedSigner hardware.
• Screenshots/video of the graphical interface, showing the entire menu flow.
• Source code published on GitHub, showing implementation of the graphical interface and menu navigation.

Seed Management Implementation

Objective: Implement seed importing and new seed generation functionalities in the Cardano application for SeedSigner.

Outputs:

• Implementation of seed importing via seed phrase input and QR code scanning.
• Functionality for generating new seeds, with both seed phrases and QR codes as output.

Acceptance Criteria:

• The application must allow users to import an existing seed by manually inputting the seed phrase or by scanning a QR code.
• The application must support generating a new seed and displaying it both as a seed phrase and as a QR code to be transcribed (see SeedSigner Bitcoin app for an example).

Evidence of Completion:

1. A working demonstration of seed importing and new seed generation functionalities on SeedSigner hardware.
2. Screenshots/video showing the seed importing and seed generation processes.
3. Source code updates published on GitHub, documenting the seed importing and generation features.

Data Transmission Protocol Implementation

Objective: Implement the animated QR code functionality for data transmission and reception on the SeedSigner.

Outputs:

• Implementation of animated QR code reading and generating functionality, enabling the SeedSigner to receive data from and transmit data via animated QRs.
• Implement exporting the root public key as the first use case for data transmission.

Acceptance Criteria:

• The application must be capable of reading animated QR codes to receive data and generate animated QR codes for transmitting data.
• The SeedSigner must successfully demonstrate exporting the root public key using the animated QR code protocol.

Evidence of Completion:

• A functional demonstration of animated QR code reading and generation on SeedSigner hardware.
• Screenshots/video showing the export of the root public key using animated QR codes.
• Source code updates published on GitHub, documenting the implementation of the QR code transmission protocol.

Transaction Signing via Animated QR Codes

Objective: Implement transaction signing functionality using animated QR codes for data reception and transmission.

Outputs:

• Functionality for receiving transactions to be signed via animated QR codes.
• Display of transaction details to the user for confirmation before signing.
• Implementation of signing the transaction and transmitting the witness data to the other device using animated QR codes.

Acceptance Criteria:

• The application must be capable of reading animated QR codes to receive transaction data.
• Transaction details must be displayed to the user for review and confirmation before signing.
• The signed transaction (witness data) must be transmitted to the other device using animated QR codes.

Evidence of Completion:

• A functional demonstration of transaction reception, review, signing, and transmission via animated QR codes on SeedSigner hardware.
• Screenshots/video showing each step of the process, including receiving the transaction, displaying details, signing, and transmitting the witness data.
• Source code updates published on GitHub, documenting the implementation of transaction signing and the QR code transmission protocol.

Project Wrap-Up and Integration Demonstration

Objective: Finalize the project by fixing existing bugs, completing documentation, and demonstrating integration with an open-source browser wallet.

Outputs:

• Resolution of all known bugs and issues.
• Complete user and developer documentation, covering setup, integration, and operation of the SeedSigner Cardano app.
• Proof of Concept (PoC) demonstrating the integration of the SeedSigner with an open-source browser wallet via a fork.
• Initiate communication with browser wallet vendors to explore official integration of the SeedSigner.

Acceptance Criteria:

• All known bugs must be resolved, and the application must be stable.
• Documentation must be comprehensive and easily accessible, providing clear instructions for developers and users.
• Successful demonstration of integration with an open-source browser wallet as a PoC.
• Establish initial communication with browser wallet vendors to promote official SeedSigner integration.

Evidence of Completion:

• A detailed bug report and resolution log showing all issues addressed.
• Complete user and developer documentation published alongside the final application on GitHub.
• Screenshots/video, demonstration of the PoC integration with an open-source browser wallet.
• Records of communications initiated with browser wallet vendors regarding SeedSigner integration.

[RESOURCES] Who is in the project team and what are their roles?

Project Team and Roles

1. Angel Castillo - Project Lead and Primary Developer

• LinkedIn Profile: https://www.linkedin.com/in/angelcastillob/
• GitHub: https://github.com/AngelCastilloB
• Role: Responsible for overall project management, core development of the C library, and integration with Ledger hardware wallets.
• Experience: Over a decade in C/C++ developing mission critical applications, extensive experience with Cardano building libraries and developer tools.

1. Anledry Cobos - Quality Assurance and Documentation Lead

• LinkedIn Profile: https://www.linkedin.com/in/anledry/
• Role: Will lead the testing phases including unit, integration, and system testing. Anledry is also tasked with overseeing the documentation of the library and ensuring compliance with MISRA standards.
• Experience: Expert in hardware and software testing lifecycles, previously led the Hardware Quality Department in electronic electoral devices.

1. Luis Daniel Bianchi Cordova - Senior Software Engineer

• LinkedIn Profile: https://www.linkedin.com/in/luis-daniel-bianchi-cordova/
• GitHub: https://github.com/luisdbianchi
• Role: Focuses on the development of security protocols within the library, and assists with the integration and debugging of core modules.
• Experience: Rich background in software engineering for banking systems, specializing in security and C/C++ development.

[BUDGET & COSTS] Please provide a cost breakdown of the proposed work and resources

Milestone 1: Requirements Gathering and Initial Design

• Duration: 2 months
• Angel Castillo: 20 days at 1,100 ADA/day = 22,000 ADA
• Anledry Cobos: 10 days at 1,000 ADA/day = 10,000 ADA
• Luis Daniel Bianchi Cordova: 10 days at 900 ADA/day = 9,000 ADA
• Total Milestone 1: 41,000 ADA

Milestone 2: Initial Application Prototype Development

• Duration: 2 months
• Angel Castillo: 20 days at 1,100 ADA/day = 22,000 ADA
• Anledry Cobos: 10 days at 1,000 ADA/day = 10,000 ADA
• Luis Daniel Bianchi Cordova: 10 days at 900 ADA/day = 9,000 ADA
• Total Milestone 2: 41,000 ADA

Milestone 3: Seed Management Implementation

• Duration: 2 months
• Angel Castillo: 20 days at 1,100 ADA/day = 22,000 ADA
• Anledry Cobos: 10 days at 1,000 ADA/day = 10,000 ADA
• Luis Daniel Bianchi Cordova: 10 days at 900 ADA/day = 9,000 ADA
• Total Milestone 3: 41,000 ADA

Milestone 4: Transaction Signing via Animated QR Codes

• Duration: 2 months
• Angel Castillo: 20 days at 1,100 ADA/day = 22,000 ADA
• Anledry Cobos: 10 days at 1,000 ADA/day = 10,000 ADA
• Luis Daniel Bianchi Cordova: 10 days at 900 ADA/day = 9,000 ADA
• Total Milestone 4: 41,000 ADA

Milestone 5: Data Transmission Protocol and Root Public Key Export

• Duration: 2 months
• Angel Castillo: 20 days at 1,100 ADA/day = 22,000 ADA
• Anledry Cobos: 10 days at 1,000 ADA/day = 10,000 ADA
• Luis Daniel Bianchi Cordova: 10 days at 900 ADA/day = 9,000 ADA
• Total Milestone 4: 41,000 ADA

Milestone 6: Project Wrap-Up, Integration, and Documentation

• Duration: 2 months
• Angel Castillo: 20 days at 1,100 ADA/day = 22,000 ADA
• Anledry Cobos: 10 days at 1,000 ADA/day = 10,000 ADA
• Luis Daniel Bianchi Cordova: 10 days at 900 ADA/day = 9,000 ADA
• Total Milestone 4: 41,000 ADA

[VALUE FOR MONEY] How does the cost of the project represent value for money for the Cardano ecosystem?

The cost of this project represents excellent value for money for the Cardano ecosystem by providing an affordable, open-source, air-gapped hardware wallet solution at a fraction of the cost of existing hardware wallets.

Enhance Security: Make secure transaction signing accessible to a broader range of Cardano users by offering a DIY solution that uses inexpensive hardware (typically <$50). This will significantly improve self-custody and security across the ecosystem.

Affordability and Accessibility: By creating an affordable alternative to premium hardware wallets, the project lowers the barrier to entry for users who value security but cannot afford high-cost solutions. The use of SeedSigner hardware further makes the solution accessible to a wider audience.

Open-Source Development: All project outputs will be released under the Apache 2.0 license, ensuring that the wider Cardano development community can freely access, audit, and contribute to the project.

Comprehensive Capabilities: Unlike some existing hardware wallets that offer limited Cardano protocol support, this project aims to offer full protocol support and provide a secure, air-gapped, stateless environment. The result is a secure and versatile solution that rivals premium hardware wallets without the cost burden.