Twinds SDK

Building Blocks

API

zenroom

Android

iOS

Local Storage - Settings

Android

iOS

Remote Storage - ECIES colendi

Android

iOS

API

React Native - DisposableIdentityModule - Android

Twinds SDK - Kotlin Multiplatform

Javascript

Remote Storage

Gaia Protocol

Local Storage

Keys
Vault
Settings
SecuredSettings

zenroom

multiplatform
various scenarios: ecdh, secshare, w3c

Cryptography

Key generation, zenroom

deterministic, seed from user

Shamir's secret sharing, zenroom

3 out of 5

Gaia file encryption, colendi

private key derived from seed from user
secp256k1 bouncycastle implementation

Proof of identity relationship, zenroom

double signature

Signed JWT, uport

sha256
komputing, spongycastle implementaiton

Derivation with zenroom

seed + path to create hmac (sha512 of 2048 bit)

key pair with hmac + hmac

BIP39 mnemonic / 24 words

-> seed with salt

BIP32 derivation for main DIDs and disposable DIDs

-> key pair

Key Derivation

Derivation Proof Credential (Verifiable Credential)

Linked Data Signature by disposable DI of claim, then

Linked Data Signature by main DID of signed claim

Proof of Identity Relationship

zenroom

scenario: web3 + ecdh

uport

sha256 + spongycastle

3 of 5

Shamir's Secret Sharing

zenroom

scenario: secshare

3 times 22 bytes to share 64 byte secret

Radical Open Security

Findings

TWF-010

Encrypted Settings

-> configure DI with appropriate libraries

TWF-004

Cryptographic
Implementation "seed from user"

-> ?

TWF-002

Logging

-> Disable

TWF-012

Naming passPhrase

-> ? / masterPrivateKey

TWF-005

Cyphertext + private key in during decryption with colandi

-> ?

TWF-001

React-Native Module initialisation

-> Remove Logging

Radical Open Security

Non-Findings

Production Readiness

Documentation
- User guide
Code Quality
- Remove partial implementations