Since I use a full node wallet (I guess most of us do with Grin++), it is a bit annoyin to sync the node before interacting. Sure it is a great support for the nodes of Grin but I am thinking of how a lightweight wallet (without full node) could look like. What is not really clear for me is
can we manage all wallet operations via foreign api (create/send/receive/slatepack) ?
how would the auth look like, we need seedphrase not only pw?
If the 2 points above cant be handled via foreign API, the dev would have to host a full node and create an own custom API via his owner API, but this scenario would include that the lightweight wallet users have to trust in any way the origin who hosts the custom API and node.
Dont know if I miss out some points - but any help would be nice.
I think this would be an important step to adopt grin with mobile wallets, Browser wallet etc.
Grim mobile wallet runs a GUI with a local grin-wallet and both the option for running a node on your phone, like Grin++, or connecting to a remote node run by Ardocrat. I am not sure if it also has the option to connect to your own remote node.
You do not need to reveal your privatekey to let the remote node scan the chain for outputs that belong to you. However, the remode node does know your IP and which outputs belong to you so it does weaken your privacy. Signing transactions is still on your phone using grin-wallet and as such your privatekeys are not put at risk.
Indeed a good mobile wallets plus working payment proofs are important for day to day use of grin. I think Grim and Grin++ are quite good although Grin++ can be a bit heavy on your phone, on the plus side, it syncs fast. Both of them need bidirectional/universal payment proofs to be implemented (now only inplemented in the experimental contract github branch which needs more testing).
The Gui/Grim repo looks interesting, thanks mate.
Rust crossplatform support looks great.
My idea was more like “let the backend do the work” and lightweight the wallet just via APIs commands. Have to do some more research about the grin.mw foreign API.
That is exactly what the above mentioned wallets do. They are very light to run, and connect to a remote node via its foreign API.
Perhaps in the future alternative methods for light wallets could be considered, e.g. only verifying a certain Horizon or only validating the last 48 hours of blocks. However, for now, connecting to a node via the API should be just fine.
What I personally think would be most important for the project is to make it incredibly easy to set up your own node and connect your wallet to it. For example, using Umbrel OS on Raspberry Pi or Umbrel Home (mini PC with very good hardware) where in the store you can one click install grin node with a simple web interface (@bruges, @wiesche, @ardocrat, @davidtavarez@Yeastplume). In the web-interface we could have a button “Connect wallet” that shows a QR code that you can scan with your Grin++ mobile or with Grim mobile wallet to connect to the node.
Would that not be the most wonderful and user friendly experience while also greatly boosting our node network?
I tagged the above people because Umbrel OS and Umbrel store requires a software to be a docker image that includes a simple web-interface for the node [LINK], and we need support on mobile wallets to connect via QR. All of you have worked on the above mentioned components and we already have docker image and if I remember correctly also with a simple web interfaces for grin node.
You might be thinking why Umbrel? Sure, it is not perfect, but there are some 100.000 Umbrel nodes out there by my estimates and I am quite certain some of them would be willing to support Grin. Also it makes it very easy for anyone to setup their own node either on an Umbrel Home node or on a Raspberry Pi running Umbrel OS. In both cases it would be a one click install via the default store with no need to compile and a one click button to link node and wallet via a QR code, it does not get easier than that.
No worries, there is no hurry to implement this, we can let grin first die in peace , just think it over.
Personally I think the below mentioned changes to the grin ecosystem would have the highest impact:
Making a one click package to install grin node on Umbrel OS + QR support to link your mobile wallet to your node
I know. But there is a whole wallet implementation necessary. I just want to abstract wallet commands with basic operations like create/send/receive/invoice/slatepack/restore/getUtxo etc. I will try it with my node and write a custom nodejs/exressjs api. That would be super light and no need for rust in the client. Just operate all you need with JSON-API.
Yes exactly Sir. I think most adopted Crypto Providers like Exchanges do it that way.
But for no thrills I would expand it to pass the seed-phrase through to the user that he is real owner. Unfortunately it would only work with nodes that uses this custom API. But the potential easy-to-use way would come in handy.
I think if you go down that road, it is probably best to either go for a full remote wallet (basically what EasyGrin is), or an exchange where you have your grin wallet with an option to access that wallet and perhaps even trade using the API.
At this point it would however not anymore be a light-wallet, but a remote wallet.
Even if you let the user download the mnemonic (good to provide the user with a backup), this would still mean the private-key is controlled by that wallet provider and as such it is more accurate to call it a remote wallet.
Essentially you can already do what you describe with grin-wallet connected to a remote node using the owner API. So one thing to consider is if the potential easy of use by making it a single remote API is worth the reduced security when going for a remote wallet. On the other hand, grin’s API’s are not that easy to play around with so any API you design yourself could be made easier although perhaps less secure.
Sure best thing would be a real lightweight wallet like GRIM. But it seems to me that it is not widely used maybe because system intergration. And in my intro post here I mentioned that the user would have to trust the origin which is a big security point.
In term of GRINs strongest attributes security and privacy it might not be the best idea.
My intension was to widely easly spread out GRIN use - but with security concerns its not a good basic.
However in the long run GRIN will need .js libs since this is the key for getting adopted.
I am personally not a big fan of Javascript, but I know many in the crypto sphere are good with Javascrip. if we look at most crypto projects out there, having both good Python libraries and Javascript libraries is instrumental to empower developers. If this is where your passion is, I would say go for it . If you need any help with or a bounty, just ping me or other CC members.
, just think it over.
. If you need any help with or a bounty, just ping me or other CC members.