Manta Signer App

# Manta Signer App ## Overview Manta Signer is a desktop application that securely stores a secret key. Manta Signer runs in the background as a daemon and exposes an API. Each API endpoint wraps a function that uses the secret key. Manta Team can provide all of these functions in Rust, as a black box. Some API calls also cause Manta Signer to display a simple UI that accepts user inputs, such as passwords. Manta Web App (developed and hosted by Manta Team) calls the API endpoints that Manta Signer exposes. Manta Web App should not be able to directly access the secret key in Manta Signer. ## Manta Signer Toolbar Manta Signer should have a toolbar icon at the top of the screen. When the user clicks the icon, a dropdown should appear with the options "Settings" and "Quit". Clicking "Quit" should quit the application. "Settings" is a placeholder (we can implement in a later version). ![](https://i.imgur.com/5PqJU7J.png) ## Manta Signer Setup When the user opens Manta Signer for the first time, Manta Signer does not contain a secret key. As long as it does not contain a secret key, it prompts the user to begin the setup workflow when the user opens the application. ![](https://i.imgur.com/UIXmmwo.png) ### Setup Workflow 1: Create account 1. Manta Signer calls the rust function `generate_recovery_phrase()`, (provided by Manta team). Note that `generate_recovery_phrase()` needs access to a true RNG. 2. `generate_recovery_phrase()` returns a recovery phrase string. Manta Signer displays this string in a small popup. ![](https://i.imgur.com/T5Qtj7i.png) 3. After the user clicks "Okay," Manta Signer displays a small form for the user to set a password. ![](https://i.imgur.com/u7VrASt.png) 4. The user enters a password and clicks "Set." 5. Signer converts the recovery phrase into a secret key, using a function provided by Manta team. 6. Signer encrypts the new secret key using the new password and saves the ciphertext to disk. The popup displays a confirmation message. ### Setup Workflow 2: Recover Account 1. Manta Signer displays a small form for the user to enter a recovery phrase. ![](https://i.imgur.com/VPr35cA.png) 2. When the user clicks "Submit," Signer displays a small popup form for the user to set a password. ![](https://i.imgur.com/u7VrASt.png) 3. The user enters a password and clicks "Set". 4. Manta Signer converts the recovery phrase into a secret key, using a function provided by Manta team. 5. Manta Signer encrypts the recovery phrase using the new password and saves the ciphertext to disk. The popup displays a confirmation message. ## Signer Core API After the user has logged in, Manta Signer will exposes several API endpoints. Each endpoint will deserialize the parameters sent from Manta Web App, feed the deserialized parameters into a function provided by Manta team, and dispatch the function's return value to Manta Web App. All functions will require access to the in-memory secret key. #### Example function provided by Manta team `generate_manta_asset(assetId, path, amount, app_version)`, where: * `assetId` is a `u32` * `path` is a `String` * `amount` is a `u128` * `app version` is a `String`(?) * the return value is a byte array. ### Transaction Confirmation Signer Core API endpoints that prepare transactions (`GeneratePrivateTransferPayload`, `GenerateRedeemPayload` and `GenerateAsset`) should be password protected. Even if the user has already entered their password to log in, the user should be required to enter the password again to confirm the transaction. ![](https://i.imgur.com/L4HdiC8.png) ## Manta Signer UI and Packaging Manta Signer should be packaged into an install file for Mac/Win. It can be opened in two ways: 1. By clicking the Manta Signer icon 2. By clicking on a link in Manta Web App (like Zoom); Manta Web App should be able detect whether Manta Signer is running. If not, Manta Web App will display a link to install/open Manta Signer. ## Communications between the Manta Web App and Manta Signer This part should be figured out by the outsourcing company, e.g. Daemon runs a webserver locally with a REST API or any other reasonable design. ## Security Manta Signer will generate many kinds of sensitive information. No data generated by Manta Signer should ever be transferred via internet to a remote server. Only the **encrypted** secret key should ever be written to disk. All other data should only live in memory, in the Rust code provided by Manta team. ## Delivery The out-sourcing company should deliver the following to Manta: 1. The source code of the Mac/Win App 2. The build instructions to build the App from the source code to installation files in Mac/Win 3. The test cases that have reasonable test coverage Manta team will also coordinate with the out-sourcing company with the integration test of Manta Web App and Manta Signer.