we already posted this in the buidlweek page but I’m posting it here again because I would love some feedback and help to improve it and make it real.
The keycard itself can already be used to sign transactions, but in this project we aim to use it to sign meta transactions, so that the real control can be in a smart contract, where we can have more settings like max tx value, max daily txs etc…
Keycard onbarding without asking users to setup a wallet and manage their keys or mnmemonic.
Selling keycards with some tokens already associated to them without losing the tokens if the keycard is lost or not sold.
Paying on an untrusted point of sale without pairing the keycard. Setting some daily and transaction limits in a smart contract. Signing meta transactions checked and approved by the smart contracts, leaving the gas fee payment to the merchant.
In the phone on the right I setup a Tap Wallet. The dapp deploys a smart contract similar to a multi sig where the only signer is the keycard, and the owner is the current account used in status.
I can setup multiple Tap Wallets, each one with a different keycard associated to it, for example:
- One for me with my keycard, and I set a limit of 0.01 value for each tx
- Another one for me, with a different keycard and different settings
- One for my kids so that I can top up them with some ETH weekly and manage it in case the keycards are lost.
- One for a friend of mine that doesn’t have a phone. I’m the owner of the contract and I top it up, but he can use it to pay around.
- One associated to a keycard I sell to a customer. He can become the owner when he becomes more expert, but he can use it straight away without setting up anything.
After the setup, the phone is no longer needed, I can just use the card to pay.
Paying at a merchant Point Of Sale (POS)
The keycard doesn’t have a display, so the POS can send any transaction and I can’t see what I’m signing. It’s ok when I use my trusted device but not with an untrusted POS.
Normally we can decide to use the keycard to sign full transactions with a pinless key, where we keep a few ETH and it’s separated from the main BIP44 addresses that we use when we pair the card to a trusted device.
In this specific use case instead, the card doesn’t have any ETH, it’s just a signer of a smart contract that has some value.
Here what happens when I tap the card on the POS (phone on the left):
- The POS send a random message to the keycard to be signed and get the keycard pinless address.
- The POS checks the Tap Wallet Factory and gets the Tap Wallet address associated to the card.
- The POS sends a meta transaction to the card, the card signs it and the POS sends it to the Tap Wallet.
- The Tap Wallet smart contract checks that the meta transaction has been signed by the right keycard. After that it checks if the value is lower that the maxTransactionValue setting. After that it allows the meta transaction and move the value to a pendingWithdrawal associated to the POS. The meta transaction is sent by the POS, so the user doesn’t pay any gas.
- If everything went good, the POS is allowed to withdraw the payment and get the ETH/tokens.
In this example the POS needs to put the password to send the actual transaction, but it can be avoided when we finish the new keys management. After that the tx can be sent with a hot key without asking the password, and the value can be sent automatically to a cold address.
With this use case the keycard doesn’t have any value, so it’s not a problem if we lose it. We can also give it away to a friend, and just remove it from our Tap Wallet.