Lit Password Manager

A web3-native password manager that utilizes decentralized infrastructure and lit protocol to store and retrieve passwords.

Lit Protocol is a decentralized key management network powered by threshold cryptography. A blockchain-agnostic middleware layer, Lit can be used to read and write data between blockchains and off-chain platforms, facilitating encryption, access control, and automation for the open web via programmatic signing.

Tech Stack

Frontend: Next.js, Antd
Web3 Client: ethers.js
Smartcontracts: Solidity, Hardhat
Storage: IPFS, Pinata
Encryption: Lit Protocol
Blockchain Network: Polygon Mumbai
Indexer: The Graph

Workflow Architecture:

Access Control conditions:

Its quite surprising that many people use NFT or eth balance based access control. If I posses specific NFT or balance in my account, I should be able to decrypt other users passwords? No. So, I'm using the logic where the user who encrypted the password can only decrypt it. This is a very basis of encryption and decryption of passwords. I'm not sure if this is the right way to do it. I'm open to suggestions.

// only the user who encrypted the data should be able to decrypt it
const accessControlConditions = [
  {
    contractAddress: "",
    standardContractType: "",
    chain: "mumbai",
    method: "",
    parameters: [":userAddress"],
    returnValueTest: {
      comparator: "=",
      value: account // ,<=== user address should be dynamic and match the user address connected to the wallet
    }
  }
];

Prerequisites

There are some optional prerequisites that you can skip and use my deployed resources instead.

Node.js Nodejs version 14.17.0 or higher.
Private key of an Ethereum account with some ETH/Matic in it. (Optional)
RPC endpoint of an Ethereum node of your choice. (Optional)
Metamask extension installed in your browser.
Pinata API keys.
The Graph Account. (Optional)

Deployed Resources:

Getting Started

Copy the .env.example file to .env and fill in the required values.

Deploying Contract (Optional)


yarn install

yarn hardhat compile

yarn hardhat deploy --network polygonTest

# copy contract address deployed and paste it in client's .env file

Deploying Subgraph (Optional)

Note: Update the subgraph.yaml file with the contract address deployed in the previous step. Update deploy script with your own subgraph name.


cd indexer
yarn install
yarn codegen
yarn deploy

# copy subgraph url and paste it in client's .env file

Running the client

Copy the .env.example file to .env and fill in the required values.

cd client
yarn install
yarn dev

Safety

This is experimental software and is provided on an "as is" and "as available" basis.

Lit Password Manager is a proof of concept and is not ready for production use. It is not audited and has not been tested for security. Use at your own risk. I do not give any warranties and will not be liable for any loss incurred through any use of this codebase.

Demo

intro_video.mp4

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
.github/workflows		.github/workflows
client		client
contracts		contracts
indexer		indexer
resources		resources
scripts		scripts
test		test
.env.example		.env.example
.gitattributes		.gitattributes
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
hardhat.config.js		hardhat.config.js
package.json		package.json
yarn.lock		yarn.lock

License

ronxjansen/lit-password-manager

Folders and files

Latest commit

History

Repository files navigation

Lit Password Manager

Tech Stack

Workflow Architecture:

Access Control conditions:

Prerequisites

Deployed Resources:

Getting Started

Deploying Contract (Optional)

Deploying Subgraph (Optional)

Running the client

Safety

Demo

About

Resources

License

Stars

Watchers

Forks

Languages