Architecture

A detailed look at the architecture of a Walletium crypto wallet: from key storage to blockchain interactions 🔍

Scope and Goals

  • Unique Stack: Hybrid (custody + non-custody), multi-chain, crypto-fiat, multi-platform wallet with custom accessibility/privacy regulation.

  • Supported Cryptocurrencies and Networks: Ethereum, Bitcoin, Tron, BNB, stablecoins, and an internal token called TEX for fee payments.

  • Target Audience: Telegram users and people connected to the crypto world.

  • User Experience Goals: User-friendly design, security, ease of use, unique tools, and cost-saving on fees.


Security First

  • Key Management:

    • Wallet keys are stored on a separate server in encrypted form.

    • Users can add their own keys or store them independently.

    • The company does not have access to users' keys.

  • Secure Communication Channels:

    • The Daemon Engine is a central pillar of the project.

    • It serves as a full-fledged API for managing and working with various blockchains, including Ethereum, Bitcoin, BNB, and Tron.

    • New blockchain networks and their tokens will be added in the future, enhancing the platform's capabilities.

  • User Authentication:

    • 2-Factor Authentication (2FA) for added security.

    • End-to-end encryption to protect user data and communications.

    • Cloud-based encryption for additional security layers.


Core Components

  • Wallet Engine Features:

    • Envelopes: A new method for transferring funds, allowing users to send "envelopes" with their assets.

    • Virtual Cards: Capability to create virtual cards for transactions.

    • Address Management: Ability to add public addresses, groups of addresses, or address + key for fund movement and transaction signing.

    • Cross-Blockchain Swapping: Swap functionality between different blockchains.

    • Funds Management: Deposit and withdrawal capabilities.

    • Media Center: A section where users can access news and updates related to the crypto world.

    • Personal Payments: Personal payments via direct links.

    • Payment Receivers: Creation of payment receivers for channels, other bots, and platforms.

    • Staking: Ability to stake assets.

    • Proportional Storage: Funds storage in proportions instead of specific currencies.

    • Watch-Only Wallets:

      • Address Management: Users can import or add addresses to the watch-only wallet.

      • Transaction History: The wallet displays a complete transaction history for the watched addresses.

      • Balance Information: Real-time balance updates are provided for all watched addresses.

      • No Sending or Receiving: Users cannot send or receive funds from a watch-only wallet.

  • Blockchain Interaction:

    • Daemon Engine: An API for managing and interacting with various blockchains, including Ethereum, Bitcoin, BNB, Tron, and future networks.

    • Batching Transactions: Grouping multiple transactions into a single batch to reduce blockchain interactions.

    • Caching Blockchain Data: Caching frequently accessed blockchain data to minimize direct queries.

  • Storage Mechanisms:

    • Private Keys: Stored in encrypted form on third-party servers.

    • Transaction Signing: Transactions are signed via the API.

    • Transaction History & Personal Data: Managed and accessed through the API.

  • User Interface Design:

    • Platform: The wallet is designed as a Telegram Mini App, leveraging Telegram as the platform.

    • Privacy: The mini app does not leave digital traces on the user's or provider's side.

    • Accessibility: Push notifications for easy access and security control.

    • Media Center: A compact media center within the wallet keeps users updated with news.

    • Community: A live community on Telegram for industry discussion, mutual assistance, and insights.

    • Knowledge Base: Access to a comprehensive crypto knowledge base.

    • Ease of Use: From registration to deposit and first withdrawal, the wallet aims to be the simplest and most user-friendly crypto wallet in the world.


Scalability and Performance

  • Performance Expectations:

    • Web API + Business Solutions: Provide external P2P connections and business solutions.

    • Direct Payments: Support for personal payments via direct links.

    • Proportional Asset Management: Ability to store funds in proportions rather than specific currencies.

  • Horizontal Scaling:

    • Adding More Servers: As the load increases, additional servers can be added to distribute the workload.

    • Load Balancers: Distribute incoming traffic across multiple servers for efficient processing.

    • Microservices Architecture: Application is broken down into smaller, independent services, each scalable based on its resource requirements.

  • Content Delivery Networks (CDNs):

    • Offloading Static Content: Use CDNs to distribute static content like images, stylesheets, and JavaScript files, reducing the load on the origin server.

    • DDoS Protection: Implement measures such as rate limiting and use a CDN with DDoS protection to mitigate attacks.


Data Management

  • Data Minimization:

    • Collect only essential data for wallet functionality.

    • Avoid storing unnecessary personal information.

  • Secure Storage:

    • Encrypt user data at rest with strong algorithms (e.g., AES-256).

    • Consider using hardware security modules (HSMs) for extra protection of sensitive data like private keys.

  • Data Encryption in Transit:

    • Encrypt all communication channels between user devices and wallet servers using TLS/SSL.

  • Regular Security Audits:

    • Conduct regular penetration testing and security audits to identify and address vulnerabilities.

  • User Education:

    • Educate users on best practices for data protection, such as using strong passwords and enabling 2FA.

  • Compliance with Regulations:

    • Adhere to relevant data privacy regulations (e.g., GDPR, CCPA) for responsible data handling.

  • Backup Methods:

    • Mnemonic Phrase: A list of randomly generated words representing private keys; users should securely store this phrase in a physical location.

    • Seed Phrase: Used similarly to a mnemonic phrase for wallet restoration.

    • Private Key Export: Users can export private keys as files, although this method is less secure.

    • Wallet File Export: Exporting the entire wallet, including private keys and transaction history.

    • Cloud Backup: Offering cloud backup options where wallet data is encrypted and stored on remote servers.

  • Restoration Methods:

    • Using Mnemonic or Seed Phrase: Allows users to restore their wallet on a new device.

    • Importing Wallet File: Wallets can be imported using exported wallet files.

    • Restoring from Cloud Backup: Users can download and restore their wallet from the cloud backup.

  • Recovery Procedures:

    • Regular Backups: Ensure frequent backups of wallet data, including private keys, transaction history, and other relevant information.

    • Multiple Backup Locations: Store backups in multiple locations (e.g., physical, cloud) to prevent data loss due to a single point of failure.

    • Backup Verification: Regularly verify the integrity of backups to ensure they can be restored successfully.


Integration with Other Systems

  • External Services and APIs: This information will be updated soon.

  • Security Considerations for Integration:

    • Risk Assessment and Vendor Due Diligence:

      • Conduct a comprehensive security assessment of the third-party service provider.

      • Investigate the provider's reputation, history of data breaches, and compliance with security standards.

      • Review the provider's data privacy and security policies to understand how your data will be handled.

      • Assess the provider's incident response plan to determine how they handle security breaches.

    • Data Security:

      • Share only the necessary data with the third-party service (Data Minimization).

      • Ensure data is encrypted both at rest and in transit.

      • Implement strict access controls to limit who can access shared data.

      • Conduct regular security audits to identify and address vulnerabilities.

    • Authentication and Authorization:

      • Use robust authentication methods like multi-factor authentication (MFA) to protect access to the third-party service.

      • Implement Role-Based Access Control (RBAC) to grant appropriate permissions based on user roles.

      • Securely manage API keys and other credentials used to access the third-party service.

    • Security Testing:

      • Conduct regular vulnerability assessments to identify potential weaknesses in the integration.

      • Perform penetration testing to uncover vulnerabilities and assess the system's resilience.

      • Regularly conduct security audits to evaluate the overall security posture.

    • Incident Response:

      • Develop a comprehensive incident response plan to address security breaches effectively.

      • Conduct regular incident response simulations to ensure preparedness.

      • Establish clear communication channels for reporting and responding to incidents.

    • Contractual Obligations:

      • Ensure a clear Data Processing Agreement (DPA) outlines data sharing, processing, and security responsibilities.

      • Define service levels in the Service Level Agreement (SLA), including security requirements and penalties for breaches.

      • Plan for the termination of the relationship, including data retrieval and security measures.

    • Continuous Monitoring:

      • Implement systems to detect unusual activity or data breaches (Anomaly Detection).

      • Regularly analyze logs for suspicious patterns or security incidents.

      • Keep the third-party service and your systems up-to-date with the latest security patches.


Architecture Diagrams

  • Data Flow Diagrams:

    • Data flow diagrams will be used to illustrate the system architecture, showing how data moves through the system and how components interact.


Development Methodology

  • Prioritization:

    • Features will be prioritized based on their value to the user and the overall project goals.

  • User-Centric Approach:

    • A strong focus on user experience and feedback will drive development decisions.

  • Version Control System:

    • Git: The preferred choice for version control, offering distributed nature, speed, and powerful branching capabilities ideal for managing code changes efficiently.

  • Testing Strategy:

    • Unit Testing: To verify individual components for correctness.

    • Integration Testing: To ensure that different components work together as expected.

    • Security Testing: To identify and mitigate security vulnerabilities.

    • Performance Testing: To assess the system's performance under various conditions.

    • Usability Testing: To evaluate the user interface and overall user experience.


Additional Features

  • HD Wallets:

    • Key Generation: HD wallets will generate public and private key pairs deterministically from the master seed, ensuring consistency and reproducibility.

    • Address Generation: The wallet will generate multiple addresses for each account, providing better privacy and security.

  • Multi-Signature Wallets:

    • Status: Coming soon.

  • Hardware Wallet Integration:

    • Status: No integration planned.

  • Watch-Only Wallets:

    • Functionality:

      • Address Management: Users can import or add addresses to the watch-only wallet.

      • Transaction History: The wallet displays a complete transaction history for the watched addresses.

      • Balance Information: Real-time balance updates are provided for all watched addresses.

      • No Sending or Receiving: Users cannot send or receive funds from a watch-only wallet.

    • Use Cases:

      • Monitoring Funds: Investors or traders can track the movement of funds without controlling the assets.

      • Portfolio Management: Users can monitor their cryptocurrency holdings across multiple wallets or exchanges.

      • Cold Storage Verification: Watch-only wallets can be used to verify the balance of cold storage wallets without exposing private keys.

      • Auditing: Businesses or organizations can use watch-only wallets to audit their cryptocurrency transactions.


Documentation and Maintenance

  • Scheduled Updates

  • Regular reviews and updates will be conducted to ensure the document reflects the current state of the architecture.

Now let's take a look at the Walletium Deep Paper ➡️


Last updated

Was this helpful?