Skip to content
This repository has been archived by the owner on Dec 21, 2023. It is now read-only.

Latest commit

 

History

History
137 lines (102 loc) · 4.04 KB

charge_wallet.md

File metadata and controls

137 lines (102 loc) · 4.04 KB
Raw

Alt text

The Charge Wallet 💼 (also the Charge app) is Charge's mobile app which allows users to pay for their items and to store their assets.

wallet_vault mobile_payments_checkout

The Charge Wallet is based around the 🔑 Key Management System (KMS) 🔑

Key Management System 🔑

The KMS main responsibility is

🔒 Cryptographically secure your items in the Vault 🔒

Constructor & Public Methods

The KeyManagement class ensures a singleton instance of the class which uses a public factory constructor with a private regular constructor:

class KeyManagementSystem with ChangeNotifier {
  ...
  static KeyManagementSystem _instance;

  factory KeyManagementSystem() => _instance ??= KeyManagementSystem._();

  KeyManagementSystem._();
  ...
}

This means that by calling KeyManagementSystem() will always result in the same instance. ??= means that KeyManagementSystem._() is only executed when _instance is null and if its executed the result will be assigned to _instance before it is returned to the caller.

The public methods are:

// generates a new instance of a KMS
void generateInitialKMS((String encryptionKey)
// encrypt decrypted data
String encrypt(String encryptionKey, String data)
// decrypts the encrypted data
String decrypt(String encryptionKey, String data)

Vault & Vault Items 🔐

The Vault responsibilities are:

  1. Generate a default Vault for first time use
  2. Translate between JSON and Vault Item objects
  3. POST and GET the Vault from the server

The Vault holds a List of Vault Items defined by:

class VaultItem {
  final String label;
  final VaultTypes type;
  final Map<String, String> meta;

  VaultItem({
    @required this.label,
    @required this.type,
    @required this.meta,
  });

The meta field is specific to the particular Vault Item. Currently the defined Vault Items are:

enum VaultTypes { CryptoWallet, CreditCard, ACH, Bank }
  • CryptWallet.meta: {phrase: 'mnemonic'}

The public methods are:

// POST a Vault object to the server
// body: json.encode(
//   {
//     'data': encryptedData,
//     'key': key,
//     'vector': iv,
//   },
// ),
Future<void> postVault(String encryptedData) async
// GET Vault object(s) from server
// [
//     {
//         "id": "04a5bfdc-a3a4-4351-9723-a0260f6050d9",
//         "object": "vault",
//         "userId": "775671ff-f70d-415d-b523-f50b05139ac9",
//         "data": "...WfzY=",
//         "vector": "...WmdlKZsBk0KOx9MbCBn5A==",
//         "encryptionKey": "...47f0abb"
//     }
// ]
Future<void> getVault() async

Flow

A User is browsing a cool online merchant store, and finds something they like to buy:

tablet_payments_checkout

Luckily, the merchant has integrated with 💸 Charge Payments 💸 So the user is confident that there is no chance of fraud. After clicking the Checkout with Charge button, the user gets a push notification to their Charge App

wallet_pending wallet_confirm

The user then simply selects a Payment method stored in their Vault and securely pays for their items.