Skip to content

Offline Signing Library for XmrSigner Production

Thorsten Kaiser requested to merge DiosDelRayo/ccs-proposals:OfflineSigningLibrary_XmrSignerToProduction into master

Offline Signing Library for XmrSigner Production

About

This proposal aims to create a minimal library for offline signing on air-gapped devices, focusing on essential features:

  • Seed phrase generation (including polyseed)
  • Address and key generation
  • Account and sub-address management
  • Address verification
  • Output importing and Key Image exporting (raw and encrypted)*
  • Unsigned transaction handling (description, sanity checks, signing)
  • Block height and date estimation

The library will be implemented in C++ with a C ABI, allowing use in multiple languages. It will be based on the current Monero source but without relying on wallet2, aiming for minimal external dependencies, not inventing the wheel again, nor rolling own crypto.

Key objectives:

  • Comprehensive documentation
  • Quick start guide for offline and hardware wallet developers
  • Documentation of challenges in stripping down and cross-compiling
  • Buildroot package for easy target system integration
  • Python module for library usage
  • Test code
  • Modification of XmrSigner to use this new library

Who

Thor (vThor/DiosDelRayo), currently completing the XmrSigner (MoneroSigner Resurrection) proposal.

Why

XmrSigner, while functional, is currently more of a proof of concept than a production-ready tool. This library addresses several key issues:

  1. Performance: The current implementation using wallet RPC is slow, especially on resource-constrained devices.
  2. Security: Minimizing dependencies and code base improves auditability and reduces attack surface.
  3. Flexibility: A dedicated library allows for easier integration into various offline signing solutions.
  4. Resource efficiency: Stripping down to essential features enables use on lower-power devices.

By creating this library, we can:

  • Bring XmrSigner to production readiness
  • Provide a foundation for future hardware wallet development
  • Explore the viability of using even more resource-constrained devices (e.g., MCUs) for offline signing

A proof of concept has been developed to validate this approach: c_abi_for_cpp_code_PoC

This library will significantly improve XmrSigner's performance, security, and usability while opening doors for more diverse Monero hardware wallet solutions in the future.

Milestones and Timeline

Given the significant time investment and potential challenges ahead, I propose a shift from my usual value-based pricing to an hourly rate for this project.

Proposed terms:

  • 120 hours per month for two months (240 hours total)
  • Compensation: 48 XMR per month (96 XMR total)
  • Additional 1 XMR for printed literature (requested at project start)
  • Total compensation: 97 XMR

Hours worked beyond 120 in the first month will roll over to the second. If the project completes before 240 hours, unused funds can be allocated to future proposals or returned to the general fund. Should more time be needed, I'll submit a new proposal.

Merge request reports