Twinds SDK
Building Blocks
API
zenroom
Android
iOS
Local Storage - Settings
Android
iOS
Remote Storage - ECIES colendi
Android
iOS
API
React Native - DisposableIdentityModule - Android
Twinds SDK - Kotlin Multiplatform
Javascript
Remote Storage
- Gaia Protocol
Local Storage
- Keys
- Vault
- Settings
- SecuredSettings
zenroom
- multiplatform
- various scenarios: ecdh, secshare, w3c
Cryptography
Key generation, zenroom
- deterministic, seed from user
Shamir's secret sharing, zenroom
- 3 out of 5
Gaia file encryption, colendi
- private key derived from seed from user
- secp256k1 bouncycastle implementation
Proof of identity relationship, zenroom
- double signature
Signed JWT, uport
- sha256
- komputing, spongycastle implementaiton
Derivation with zenroom
seed + path to create hmac (sha512 of 2048 bit)
key pair with hmac + hmac
BIP39 mnemonic / 24 words
-> seed with salt
BIP32 derivation for main DIDs and disposable DIDs
-> key pair
Key Derivation
Derivation Proof Credential (Verifiable Credential)
Linked Data Signature by disposable DI of claim, then
Linked Data Signature by main DID of signed claim
Proof of Identity Relationship
zenroom
scenario: web3 + ecdh
uport
sha256 + spongycastle
3 of 5
Shamir's Secret Sharing
zenroom
scenario: secshare
3 times 22 bytes to share 64 byte secret
Radical Open Security
Findings
TWF-010
Encrypted Settings
-> configure DI with appropriate libraries
TWF-004
Cryptographic
Implementation "seed from user"
-> ?
TWF-002
Logging
-> Disable
TWF-012
Naming passPhrase
-> ? / masterPrivateKey
TWF-005
Cyphertext + private key in during decryption with colandi
-> ?
TWF-001
React-Native Module initialisation
-> Remove Logging
Radical Open Security
Non-Findings
Production Readiness
- Documentation
- User guide
- Code Quality
- Remove partial implementations
Twinds SDK
By friedger
Twinds SDK
- 247
