Dear Astar community, my name is Ainhoa, from Zondax team, and I am submitting a proposal for further development and maintenance of the recently released Astar Ledger App.
We are requesting fund from Astar treasury. Although the budget is stated in USD, we acknowledge that if approved, the payout from treasury will be in ASTR tokens equivalent to the USD amount requested.
Proponent account: XUb5M87FHkzCRL5D1bj2dWWHu4bYxVEoWyhEWUCLY9qvCwb
If you have any questions or need further clarification, please feel free to reach out.
Overview and Context
Zondax has developed the Astar Ledger app providing users with a secure and seamless experience for interacting with the Astar blockchain from their Ledger devices. Our goal with this proposal is to enhance the app’s functionality and ensure its continuous compatibility with runtime upgrades and major modifications. We are committed to delivering a high-quality Ledger app that meets the evolving needs of the community.
W3F Grant initially covered the initial basic implementation of the Astar Ledger app. This work has been completed and any additional features or maintenance for Astar Ledger App are not covered.
The team
Zondax is a growing and distributed team with experience and projects for more than 50 blockchains. Zondax has been contributing to the Substrate ecosystem since 2018-2019. The team has received and completed a large number of W3F grants and currently maintains most Ledger apps for the ecosystem. Apart from the substrate ecosystem, Zondax participates and contributes to other large ecosystems such as Cosmos, Avalanche, Algorand, Filecoin, ICP, etc. Our team includes experts in most blockchain aspects, cryptography and programming languages.
Legal structure
Zondax AG
Dammstrasse 16
Zug 6300
Switzerland
UID CHE-491.796.576
Most of our contributions to the blockchain ecosystem can be found in our GitHub organization: zondax · GitHub
Over the last few years, Zondax has been involved in a large number of projects for most of the key players in the blockchain industry. For this reason, we are confident that we can provide a long term commitment.
Project Overview/ SoW :
Given that we have already developed the Astar Ledger app, which is available under the following GitHub repository (GitHub - Zondax/ledger-astar), our next steps will include implementing additional features requested by the Astar team and the community, providing compatibility with runtime upgrades, and offering comprehensive maintenance support. We will follow a detailed timeline for each task that will be shared with the team, ensuring efficient execution and timely delivery. The costs associated with each phase are outlined in the budget section.
- Additional features: Based on the leading team requests, we will add new features to the Astar Ledger app to improve user experience and expand functionality. We will budget additional features up to 50h of development.
- Maintenance and app Compatibility: We will diligently update the Ledger app to ensure compatibility with runtime upgrades and major modifications of the Astar blockchain, polkadot, Substrate or Ledger SDK. This will cover the following services:
- Upgrading Ledger SDK or firmware that affects the application
- Providing device support for Ledger Nano S, Nano Plus, Nano X, Stax
- Fixing security issues related to Ledger SDK layers
- Monitoring and addressing repository and issue triage
- Supporting breaking upgrades such as runtime and tx_version breaking upgrades
- Addressing incidental development and modifications
- Ensuring resource availability through internal training and resource rotation
- Analyzing and providing early warnings for known security issues that may affect your application
- Prioritizing and providing early warnings for urgent issues or vulnerabilities
- Coordinating periodically with Ledger
- External Third-party formal reviews with Ledger approved auditors to enable a seamless release process. This is a mandatory requirement before official release by Ledger. The external auditor will be selected from a list provided by Ledger SAS. Ledger SAS claims and it is public knowledge that when provided with a satisfactory auditor report from an auditor in that list, apps will be published in a much shorter period of time. In order to streamline the publication process.
Budget and Funding:
To support the development and maintenance of the Astar Ledger app, we have prepared a comprehensive budget breakdown:
- New features: up to 50 working hours (over the maintenance period of 6 months) 8’800 USD
- Maintenance Support x 6 months 33’800 USD
- External Third-party formal reviews up to a budget cost of 16,250 USD. The exact amount of audits needed and cost per audit will depend on the complexity of the changes and the breaking upgrades. Based on previous experience we expect this should cover enough upgrades for the period of 6 months. If additional budget is needed for external audits this will be communicated in advance.
The total amount of budget requested is 58’850 USD for developing new features, maintaining the app after breaking upgrades and assuring a smooth release process with third-party reviews. The fee is paid upfront for six months of product maintenance time.
License and Legal Notes
Submission
Zondax implements changes under the Apache 2.0 license. Zondax is building upon an app (GitHub - Zondax/ledger-astar) that the Astar team has already submitted to Ledger. We will submit PRs to Ledger with the corresponding improvements. We assume that the original submitter and/or Ledger authorize and approve our pull request and modification effectively and timely.
Compensation
The compensation is paid upon approval of the proposal or according to the compensation mechanisms provided for in the corresponding chain protocol.
Liability and warranty
Zondax shall develop the solution according to the present proposal under the Open Source Apache 2.0 license. Accordingly, any warranty and liability is limited to what is expressed in the Apache 2.0 license. In general, Zondax disclaims any liability and warranty to the extent permitted by law arising from the present proposal and the resulting agreement.
Applicable Law / Place of Jurisdiction
Swiss law is applicable. The place of jurisdiction is Zug.