Popular Post RareData Posted July 28, 2018 Popular Post Share Posted July 28, 2018 (edited) To encourage early community feedback, I'd like to introduce you to the XRP Toolkit, project goals and roadmap. Background When looking for different options to conveniently adjust wallet settings, trade on the decentralized exchange and escrow XRP, I found a few pioneering web tools like The World Exchange and Bithomp. With a background in cybersecurity and secure software development, I found it unacceptable that very few were using security headers like HTTP strict transport security (https://tools.ietf.org/html/rfc6797) and DNS security extensions (https://tools.ietf.org/html/rfc4033). In other words, the developers are either unaware or simply not doing everything in their power to protect their users against e.g. man-in-the-middle, clickjacking, cross-site scripting and DNS spoofing attacks. You can verify what security headers your favourite exchange uses with e.g. securityheaders.com: You can verify if DNSSEC is properly setup for your favourite exchange with e.g. dnsviz.net: After reaching the conclusion that a more secure and user-friendly XRP ledger interface was needed, I began developing the XRP Toolkit with security as the highest priority followed by user-friendliness. A summary of security related design choices can be seen below: Client-side transaction signing, sensitive data never leaves the browser. Hardware wallet integrations, sensitive operations can be performed inside the hardware wallet itself. Extensive server hardening with strict use of security headers. Compulsory HTTPS for all endpoints and enabled DNSSEC for all name servers. Hardware Wallet Integration Demo I recently published some early proof-of-concept code, showcasing how Ledger hardware wallets can be used to securely send XRP payments from browsers, which was quickly picked up and covered by Hodor on the XRP community blog (https://xrpcommunity.blog/enjoy-your-summer-the-xrp-ledger-is-always-working/? Quote It’s great to see so many new applications springing up that truly reflect a small-but-growing cadre of community developers who are potentially ready to boost XRP adoption (...). Project Goals After releasing the demo application, I've continued to develop the first version of XRP Toolkit and setup three major project goals: 1. Accelerate XRP mainstream adoption, by releasing a secure and user-friendly web interface, providing convenient access to the full feature set of the XRP ledger. 2. Encourage learning and XRP ledger experimentation, by making the test net more accessible. 3. Enable multisignature coordination and high security use-cases, by implementing transaction notifications and hardware wallet support. GUI Mockup/Prototype Edited June 5, 2020 by RareData Updated info and removed broken links SGoldstein, 1Ton, pucksterpete and 21 others 14 10 Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now