Skip to content
The AirGap Vault is installed on a dedicated or old smartphone that has no connection to any network, thus it is air gapped. This app handles the private key.
Branch: master
Clone or download
Pascal Brun
Pascal Brun Merge branch 'feat/grs-2' into 'master'
feat(coinlib): update coinlib

See merge request papers/airgap/airgap-vault!105
Latest commit a4d5251 May 7, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitlab/issue_templates feat(): adds inital gitlab issue template Jan 10, 2019
apple feat(deeplink): add universal link config file Nov 15, 2018
build/android feat(cordova): use cordova 8 Nov 23, 2018
e2e feat(prettier): config files Nov 26, 2018
electron feat(electron): add electron Nov 22, 2018
hooks chore(): initial commit Aug 23, 2018
resources feat(splash): new splash screen Oct 1, 2018
src feat(from-to): include transaction data May 6, 2019
test-config feat(component): add signed-tx component Feb 26, 2019
.dockerignore chore(): initial commit Aug 23, 2018
.editorconfig chore(): initial commit Aug 23, 2018
.gitignore Feat/ci ios Nov 19, 2018
.gitlab-ci.yml feat(qa): adds sonarqube branch support May 6, 2019
.prettierignore feat(prettier): config files Nov 26, 2018
.prettierrc
Dockerfile feat(translation): introduces translated vault Dec 10, 2018
README.md feat(readme): updates readme Dec 18, 2018
banner.png
config.xml fix(ios): deeplink cordova-ios 5 Apr 8, 2019
copy.config.js feat(prettier): config files Nov 26, 2018
devices.png feat(readme): updates readme Dec 18, 2018
ionic.config.json feat(prettier): config files Nov 26, 2018
package-lock.json feat(grs): update coinlib May 6, 2019
package.json feat(grs): update coinlib May 6, 2019
tsconfig.json
tslint.json feat(prettier): config files Nov 26, 2018
uglifyjs.config.js feat(prettier): config files Nov 26, 2018

README.md

AirGap Vault

Your old smartphone is your new ‘hardware wallet’

AirGap is a crypto wallet system, that let's you secure cypto assets with one secret on an offline device. The AirGap Vault application is installed on a is installed on a dedicated or old smartphone that has no connection to any network, thus it is air gapped. The AirGap Wallet is installed installed on an everyday smartphone.

Description

AirGap Vault is responsible for secure key generation, for this entropy like audio, video, touch and accelerator are added to the hardware random number generated. The generated secret is saved in the secure enclave of the respective mobile operating system only accessible by biometric authentication. Accounts for multiple protcols can be created and transactions prepared by the AirGap Wallet application without any network connection needed. The mobile application, AirGap Vault is a hybrid application (using the same codebase for Android and iOS which helps with coordinated development). Created using Ionic framework and AirGap's coin-lib to interact with different protocols and a secure storage implementation.

Download

Features

  • Secure secret generation with added entropy like audio, video, touch and device accelerator
  • Secure storage in the secure enclave of the mobile operating system, accessible only by biometric authenticaiton
  • Secure Communication with AirGap Wallet over URL schemes, QR codes or app switching
  • Create accounts for all supported currencies like Aeternity, Ethereum, Bitcoin etc.
  • Sign transactions created by AirGap Wallet

Security

The security concept behind air-gapped systems is to work with two physically separated devices, one of which has no connection to the outside world, any network. In the context of AirGap the component which has no internet connection is AirGap Vault. The two components, AirGap Vault and AirGap Wallet, communicate through URL schemes, these URLs can be simply provided with QR codes.

Key Generation

The entropy seeder uses the native secure random functionality provided by the system and concatenates this with the sha3 hash of the additional entropy. The rationale behind this is:

  • the sha3 hashing algorithm is cryptographically secure such that the following holds: entropy(sha3(secureRandom())) >= entropy(secureRandom())
  • adding bytes to the sha3 function will never lover entropy but only add to it such that the following holds: entropy(sha3(secureRandom() + additionaEntropy)) >= entropy(sha3(secureRandom()))
  • by reusing the hash of an earlier "round" as a salt we can incorporate the entire collected entropy of the previous round.
  • native secure random cannot be fully trusted because there is no API to check the entropy pool it's using

The algorithm being used for the entropy seeding:

const ENTROPY_BYTE_SIZE = 256
let entropyHashHexString = null


function toHexString(array){
  return array.map(function(i) {
    return ('0' + i.toString(16)).slice(-2);
}).join('');
}

function seedEntropy (additionalEntropyArray) {
   const secureRandomArray = new Uint8Array(ENTROPY_BYTE_SIZE)
   window.crypto.getRandomValues(secureRandomArray)
   console.log(entropyHashHexString+toHexString(secureRandomArray)+toHexString(additionalEntropyArray))
   entropyHashHexString = sha3_256(entropyHashHexString+toHexString(secureRandomArray)+toHexString(additionalEntropyArray))
   return entropyHashHexString
}

Build

First follow the steps below to install the dependencies:

$ npm install -g ionic
$ npm install -g cordova
$ npm install

Run locally in browser:

$ ionic serve

Run on device:

$ ionic cordova platform run android
$ ionic cordova platform run ios

Testing

To run the unit tests:

$ npm test

Security

If you discover a security vulnerability within this application, please send an e-mail to hi@airgap.it. All security vulnerabilities will be promptly addressed.

Contributing

You can’t perform that action at this time.