StableCoin Wallet without Internet

Hello Builders of the Future :heart:
We have a proposal in Fund6 Catalyst Proposal StableCoin Wallet without Internet

Simple Description we want to give people with non-Smart Phones access to the blockchain
to do so, we will build a DApp (let’s call it RainMaker) to be the link between the 2 worlds, receiving the payment request from the Mobile Network USSD protocol, for
example * 888 * 9345 * 50 * 0912255021 * 0911758888 #
888=send money command
9345=user secret pin
50= ADA or StableCoin Amount
0912255021=Sender Phone Number
0911758888=Receiver Phone Number
The Dapp will translate the Phone numbers to a Wallet Address
Store the Transaction Metadata
Forward the Transaction Data to StableCoin Wallet(Djed) or any other wallet to confirm the Payment
After Reaching N number of payment Validation the RanMaker will send an SMS message to the Sender and Receiver phone numbers to acknowledge the payment.
if you like this Idea we are looking for developers to make it true. :smiley:

1 Like

Hi guys, I like the idea! I was wondering how one would implement this in an permissionless blockchain where all can see the hashed datums and even transaction data (in the MEM pool of node). I have some security concerns about thit, could you elaborate on this?

looking forward to your reply!

Thanks for your replay fermat, your concerns are right, Security is the main issue, the DApp (RainMaker) will be a closed hiding ledger accepting change (Payments-Account Creation-Account Termination-Blockchain Payment Password) only from the Telecom Network (USSD Gateway), and forward accounts using USSD should have a maximum amount of 100$.
In fact, we don’t have all the answers, if you got a suggestion please share it with us, we are looking for Partners.

I think I have an idea that might work. What about the following, use 2FA :slight_smile:

What one can do is create a centralized oracle on-chain that receives the request of validation (that is a newly generated 2fa code + an identification bit like a telephone nr). This oracle checks whether the 2FA code + associated ID are correct and give the authority for a transaction to proceed.

I think this work in that it is safe. But note that nothing comes for free, this implementation will result in higher transaction fee’s and most 2FA implementations (like the opensource one by google) have a time out of 30 sec (in which the transaction settlement will not have certainty…). So there is some things to overcome there. But you get the general idea, since it is an open blockchain one must generate verification on the spot (like 2FA), dont use passwords on a blockchain pls :slight_smile: Maybe create a blockchain equivalent that works with blocks instead of seconds.

:heart_eyes: dear fermat your Idea is perfect, but since we are dealing with non-smartphones google authenticator or other authentication apps is unaplicable, but we could use SMS, after the centralized oracle (RainMaker) receive the payment request it will replay to the sender with SMS message identifying the payment request is received and ask the sender to replay with (Yes or No) to forward the payment to the Blockchain.
There is 2 Major Component in the System

  • USSD GateWay: responsible for the communication between the USSD protocol in the Teleco Network and the RainMaker.
  • RainMaker (Centralized Oracle): the GateWay between the USSD Gateway and the BlockChain
    Securing the communication between USSD gateway and RainMaker is crucial, ist possible to build RainMaker as Smart Contract in the BlockChain to be a DApp ledger like Atala Prism?

Sounds good, glad I could help with the idea, hope that you can get a working implementation! Then I would also advise to do something about privacy. It is not advisable to have a simple link between funds and a simple telephone number. As an adversarial it would be simple to social hack this sort of stuff. Maybe encrypt the conformation data with the just 2FA sms code (try to keep te data exposure to the public at a minimum, all bits help hackers).

Once you have a good thorough understanding of the risks at hand and an protocol of how to handle data I would like to help and have a look at it from a security perspective.