Keyvault - UCG Proposal

No problem, I understand that the team is likely quite busy during this period. But if you’d like to share or update any information, you can always provide feedback. And thank you very much for the latest updated report. =)

Hi @lousydropout. Great that you are sharing timely updates with us.

I’m trying to access the GitHub link you share and I get that it doesn’t exist, maybe the repository is private?

From what I understand, the app is not yet available to be used and tested, is that correct? I would like to do the data encryption process myself.

Hi,

Ah, it seems the period at the end messed up the link. So, instead of
batch multiple creds into each encryption; update encryption/decrypti… · lousydropout/keyvault@2209556 · GitHub. , it should be
batch multiple creds into each encryption; update encryption/decrypti… · lousydropout/keyvault@2209556 · GitHub
(give the link its own line just in case). (also,

As for the code, yeah, getting the app packaged for people to easily use is still something I’m working on. I’m trying to get a initial version up today.

For the encrypting and decrypting of messages, the current version expects both parties (sender and recipient) to have published their encryption public key onto the keyvault smart contract. Here’s a video demonstrating the process: https://youtu.be/HVZ6Vv_RRAI

(I’m currently working on the other screen recordings and hope to have them recorded by tonight.)

[doing a quick test before publishing the mainnet version. will give update once that’s done.]

If you’d like to to play with it on localnet for now, you can check out Release keyvault Chromium extension [dev] · lousydropout/keyvault · GitHub or build it following the instructions in browser-extension/README.md. Note: building it yourself is the safer option when it comes to browser extensions.

Quick guide for loading keyvault extension on chrome

1. download and extract zip file in the location of your choice (alternatively, build the extension following the instructions in the README.md. the output will be the browser-extension/dist/ directory)
2. on chrome/brave, go to chrome://extensions/ (enter this as if it’s a link)
3. on the top-right, enable developer-mode
4. click on Load unpacked and select the directory from (1)

Just replaced the localnet release with a mainnet release (still beta and subject to sudden changes): Release 2024-11-03 beta · lousydropout/keyvault · GitHub

Note: For the localnet version, please follow the build instructions in the READMEs and reach out whenever something is not crystal clear.

Still working on short screenshots demoing keyvault. Will upload them here when finished before being added to the website (easier to just dump links here than to update a webpage looks somewhat presentable).

Screencasts demoing keyvault

1. Initializing keyvault - https://youtube.com/watch?v=wciwR8Zwf6Q
2. Adding a new credential - https://youtube.com/watch?v=aMRcr7iVhhc
3. Syncing to smart contract - https://youtube.com/watch?v=ps53kBl4ph0
4. Importing encryption key - https://youtube.com/watch?v=KAmS5s0noT8
5. Generating and publishing an encryption keypair - https://youtube.com/watch?v=PNsj-duYgJk
6. Encrypting a message - https://youtube.com/watch?v=bpCeuNbTv9U
7. Decrypting a message - https://youtube.com/watch?v=vecmiKWDPH4

(Will be working on adding these to the website over the coming week.)

I really like Your detailed reports Will try Keyvault and share the feedback with You

@lousydropout
Great data you’ve shared with us! I was checking out your GitHub repository, trying to understand a bit more of the source code, and along with these demo videos you shared, it’s much clearer to visualize how the application works.

Well done! I’ll tag you if I have any questions.

Exciting update-things are falling into place! Thumbs up for providing very informative guides on setting up the extension and the rest of the helpful resources. This being released to mainnet beta is huge; perfect is the video and upcoming screenshots for guiding everyone through setup. Looking forward to seeing the initial version in action and testing keyvault on mainnet!

Let us know if there’s anything particular to watch out for, and congratulations on the progress!

still working on website.

forgot about financial update until now. just withdrew 100% of rewards since my last report (Oct. 4th - Nov. 7th).

summary:

total withdrawn: ~9,245 ASTRs (~$508.48 @ $0.055 / ASTR)

extrinsic ids

7415914-78
7415914-75

Please share with us a working demo on Vercel, along with the GitHub repository.

This could helps us to see the advantages of your project more quickly, good idea!

@WakeUp Sorry for the late reply. Didn’t notice the new message.

As for demo, the chrome extension was always downloadable and installable via the Github link above. If you mean like some sort of free demo, I guess I can work on that. Maybe on Sepolia? I guess that’d make sense to do so that users can “try it out” before spending their ASTRs. I’ll need to think about how add that feature. Thanks for the suggestion

As for the monthly report, I’m gonna be late in giving the final monthly update. Hopefully, sometime tomorrow? Something came up.

However, main summary: this month, I was mainly doing a lot more “in-the-field” testing (localnet version). I noticed some more UX issues and worked on them. Beyond that, I finally got the keyvault chrome extension up on the Google Chrome Store. Still working on getting it ready for the Firefox’s store.

Hi @lousydropout , it sounds very good! Thanks for a heads up.

I am curious if you plan to extend the UCG program. If so, please check.

@pithecus No, I’m not going to extend the UCG program. In part, I feel a bit burned out dealing by my initial overestimate of what I can achieve. Although I fell far short of what I wanted (although, there were some very extensive optimization and refactoring that was not part of the initial plan), I think dealing with UCG on top of my other personal and professional responsibilities is too much at the moment. That said, I remain grateful for being accepted into and participating in this UCG program. I found the discussion helpful and am still working on keyvault and intend to continue doing so, just not within UCG.

As for my updates. Today, upon doing a final test before submitting updates to the Chrome extension and to the GitHub repo, I noticed a bug. I want to finish debugging it before updating the extension and code base, but that’s obvious not gonna happen today. So, I’m gonna keep working on that when I can. Hopefully, it’ll be sometime this week.

In any case, here is my (slightly more detailed) update:

1. I conducted a lot of usage tests on the localnet version. Main things I was on the look out for were state transitions within the Chrome extension, whether data uploaded to the smart contract were consistently being reflected on the extension, and the ease of selecting a desired credential to be used on a site login. (Here, it turns out to work on some but not all sites. I suspect it has to do with how a site chooses to update the username and password fields. Not sure. I’ll need to study how other open source password managers handle this.)

   One UX bug I eventually noticed was the lack of notification for when there are data on the extension but not yet on the smart contract. So, this was meant to be the mean code update this month. But, I noticed inconsistency issues today and started working on it. It’s not yet done. Hence, the delay with the code update. It’s in progress.

2. Submitted the extension to the Chrome Web Store. It has been published and can be found at https://chromewebstore.google.com/detail/keyvault-password-manager/mgdcnfdccekpbegddnhalbibogjohfoo

   Publishing keyvault as a Firefox add-on is next.

   I should add. I believe that the safer practice (for users) to just install the extension manually, since you can at least verify the source code (even if you choose not to). Unfortunately, Firefox disagrees and their users are not allowed to choose to install extensions not approved by them. So, that’s why I started the process of submitting keyvault to Chrome and Firefox. Since I’ve been mainly testing on Brave (Chromium), I went with the Chrome Web Store first.

3. Although the encrypt and decrypt functions work as of last month’s checkin, I realized it could be made more usable. I think my issue is with the lack of an address book (where you can select saved contact’s info, like how you don’t need to memorize your friend’s email and can just type his/her first name).

   So, I’ve been working on potential fixes. Initially, my thoughts went to creating an “address book” smart contract to handle this. Then, I considered making use of ENS, thereby pushing part of the work off to 3rd parties. I was mainly researching how keyvault would look for these 2 options. I’m currently leaning to neither and perhaps allow the user to store these information directly on keyvault. I have a preliminary sketch of how it’ll be implemented, but little has been moved into the coding phase.

Thank you for all your reports here @lousydropout. As the UCG grant period for KeyVault has ended, we have unstaked the 17M $ASTR and now staking it back to the community treasury.

Thank you and let us know if you need help on anything.

hey @lousydropout could you check the announcement and fill up the form, please?