We at MontaQ Labs (X: @montaqlabs) received a fast grant from the W3F and are about to deliver our Milestone 2. Currently, the dApp allows users to pay with any tokens on the Westend Asset Hub by scanning a QR code (optimized for mobile view).
Please don’t transfer mainnet tokens to test it; it only works on the Westend Asset Hub for now.
We are not here to seek funding from the Treasury, so we can relax However, we currently lack feedback about it from real users. If anyone is interested, feel free to give it a try and send your feedback to us (DM our X account or post it in the comments).
We want to make it worthwhile for real users with Polkadot technology; any feedback is welcome! Cheers!
Thanks for the question! So the process goes like this:
User create/import a wallet
The mnemonic phrase + keys got stored inside the browser’s local storage
Then after user entered the password, the mnemonic phrase + keys got encrypted with the password and stored in the browser. The plain text ones got deleted.
After user enter the password to login, it get decrypted to use.
After user clicked logout, the decrypted version got deleted
1 - As a user do I need to know the AssetID to pay? I’m sure I’ll now the token name and would like to serch by the token name.
2 - As a merchant, can I generate a QRCode with the exact amount to be requested? This way I could connect with my current payment system and generate a request based on the client bill (services/products).
1 - Yes!! In the newest version, you can search for the token name; it’s live now.
2 - That’s a good point. Yes, we will add that feature. The next release will focus on flexible fee token selection, followed by improvements to the merchant experience, and we’ll try to make the process you described easier. Thanks for the suggestion!!
I’ll keep posting updates in this post and also in our X account: @montaqlabs
We are planning adding more features for merchants, we’d really like to know your payment experience with existing softwares as a merchant, and we want to learn what are the real pain points that can be solved by Asset Hub.
Would you be interested in a quick 15 min user interview? If you are, feel free to schedule a meeting with us using the link:
If anyone saw this post and have feedback/feature request to give, also are very welcome to schedule a quick call with us!
Thanks for the kind words! Yes, there is a plan, but it still needs quite a bit of work.
It is based on one of my Polkadot hackathon submissions from two years ago. This enables users to export seed phrases into images or upload images and embed the seed, allowing them to upload an image to the cloud and use the image as a wallet key. The goal is to make sure the picture embedded with the seed phrase is not easily distinguishable by humans and software.
Interesting, but couldn’t someone just bruteforce but trying to extract it from the images, or is there another detail I am missing (not criticizing just curious).
I’ve always wondered if something like Shamir’s secret sharing can be used for something like this, i.e., split up the key (or even an encrypted key) into a bunch of indiscernable bits. Out of my paygrade though, I am not a cryptographer
You could Shamir’s secret sharing like [Banana Split](Banana split) does.
Other than that, what about social recovery? I think that would be a very nice UX feature. Have a script for the user to choose 3 to 5 contacts that can help him recover his wallet if they lose it or it gets stolen. The backend for that is already built as part of the [recovery pallet](polkadot-sdk/substrate/frame/recovery at master · paritytech/polkadot-sdk · GitHub) but I’ve yet to seen any UI for it.
Yup, you are right, if we store it in plain text, then it is possible to get brute-forced. I’ve tried to store an encrypted seed phrase in the image, but it didn’t work very well.
Regarding Shamir, you are also right; it worked. We tried it during the product’s prototype phase (back then, we had a customized merchant POS made with Arduino). The tech works, but the UX didn’t. However, we might be able to do something with the suggestions provided by Cisco below.
Oh wow, I didn’t know the pallet existed before; I just read through it.
Awesome, then the thing we need to solve now is how to turn the complex recovery process into a UX that non-crypto users/merchants can efficiently operate. Thanks for the information, we’ll try something out!
But I still have some doubts regarding social recovery. I think this mechanism assumes the user has enough friends who already know & use web3, or they should even use the same dApp. It could work very well if a dApp has enough users, but for the first batch of non-crypto users, I think this mechanism puts too much pressure on the user (they need to convince their friends), which might harm the initial user onboarding process.
I agree that not enough people have friends that know about web3 or care but you can give the app an option to invite friends. You hide away the complexity of the wallet and just show this functionality as a “forgot my password” type thing where you pick from the friends you added and invited
However, we currently lack feedback about it from real users. If anyone is interested, feel free to give it a try and send your feedback to us (DM our X account or post it in the comments).
Will the fee token be customizable as well?
if you are looking for more feedback we have group on x called BuildOnDot always looking for more members to share their projects
