Bitcoin Forum

Hi there,

I am at the concept stage of a project mobile app that I'd like to know the practicality of one part of it.

Basically I would like to use the tech of an open source non-custodial wallet (such as Edge) and build some features ontop of it.

My question is building a non-custodial wallet using existing open source tech, how practical is this? I don't want to build a wallet from scratch if possible due to possible vulnerabilities etc, my budget is'nt big enough to make sure a custodian wallet is 100% air tight. So that's why I had the idea to build upon an existing widely used open source non - custodial wallet.

As it is an open source wallet, would it just be the case of a developer building the user interface around it? Or would there be some security issues also for the holding of the coins etc? I would ideally have the app on andoid and ios.

Thanks in advance :)

Technically custodial wallers are not wallets. All wallets should allow users to hold their private keys.  A wallet is an interface that allows you to sign transactions with the private key, just that.

Technically it is simple to use an open source wallet like electrum and modify its code for what you want. There are other good options like Samourai.
Do you want to support more coins? If you do, you can't do that with open source wallets (I don't know a single multicurrency open source wallef)

Hi bitmover, thanks for your reply. I'd agree with that, not your private keys not your coins. I've used electrum before, Samoruai is a new one to me - will check it out though.

Ideally yes, Bitcoin, Ether and possibly the capacity for some ERC-20's (DAI etc). If it was just bitcoin though, it would still be okay.

I've been looking into it and I've found Edge (previously Airbitz) - https://github.com/EdgeApp - their wallet app offers milticurrencies and they claim at least to be open source.

I'm not a developer myself, so would have to hire one. I guess my concern was twofold:

1) The ability for a developer to act malicious and somehow put a backdoor in my app? Which seems unlikely if open source software is used?
2) The expense of developing & branding the actual open source within your own app. I'll be adding additional features, but that's the more straight forward part. So I guess it's not too difficult an undertaking in that case - to develop an open source non custodial wallet within your own app?





https://github.com/EdgeApp

[/quote]

Technically custodial wallers are not wallets. All wallets should allow users to hold their private keys.  A wallet is an interface that allows you to sign transactions with the private key, just that.

Technically it is simple to use an open source wallet like electrum and modify its code for what you want. There are other good options like Samourai.
Do you want to support more coins? If you do, you can't do that with open source wallets (I don't know a single multicurrency open source wallef)
[/quote]

I am  not a developer neither. But I think your idea is pretty simple to do.

As long as you don't hold users private keys it is a non custodial wallet.
Adding new features is not  big deal, depending on the features ofc.

Many multicurrency wallets like coinomi and atomic wallet offers a few services  like an integrated exchange within the wallet. But those ones are closed source.

in my experience the best way is to either contribute to the already existing project or write things from scratch instead of copying another open source project and trying to change that. when copying someone else's code you are subjected to all their coding conventions (which may not be the best) all the problems they have introduced to their code (lack of scaling, lack of testability, sometimes even low security) and refactoring all that is going to consume a much longer time than writing it from scratch (assuming the developer doing it is a good one).
for example in the near future that we get Schnorr signatures a lot of tools will have a nightmare adding it to their code because didn't have scaling in mind (scaling in its programming sense).

you can't expect to earn money from an open source non-custodial wallet. so you would be only spending money trying to build something like that.
additionally a wallet needs constant developer's attention. it is not a one time hire and build thing to be done with it. specially since it would deal with other people's money.

it is only unlikely if you expert-review the code line by line.
and the whole app needs to be open source not only parts of it

Yeah, this can't be stressed enough. Building the software is where it begins, not where it ends. Don't underestimate the maintenance cost that follows once a project like this is "done".



For this (1) your code needs to be open source as well, not just the software you base it on and (2) someone else needs to actually care reviewing the code that is being written and deployed. The many eyes principle only applies if there's many eyes watching (and even then it's not always effective).