Skip to content

Incomplete learning spike demonstrating crypto polyfill/shimming for React Native crypto applications.

Notifications You must be signed in to change notification settings

brandonfancher/wallet-rn

Repository files navigation

wallet-rn

Tasks

  • On restore, register new addresses with websocket as listeners...and new webhooks.
  • Move as much of that initialization stuff out of App.js
  • Document initialization flows
    • New wallet initialization
    • Wallet startup for already-initialized wallet
    • Restore initialization
  • Fork react-native-bitcoinjs-lib and react-native-bip39 myself? I will control it (more secure) and I can update bitcoinjs-lib to support things like Segwit.
  • Update to main react-native-randombytes repo
  • Support multiple coins
    • bitcoin
    • litecoin
    • dash
    • ethereum
    • bitcoin testnet3
    • blockcypher test chain
  • Security review. Make sure that react-native-crypto and crypto-browserify are secure.
  • Fix view height with something like react-native-status-bar-size when hotspot status bar size increases. Or using the <View />'s onLayout() prop.

Polyfills and Resources Re: Crypto Libraries.

Some dependencies rely on crypto and other libraries that are usually bundled with Node but which are missing from the React Native environment. Those missing libraries must be shimmed with something like browserify and similar tools. One method for including such shims is React Nativify, which relies on babel-plugin-rewrite-require to point existing require or import scripts to the shimmed packages.

Instead of babel-plugin-rewrite-require, I'm using the more popular babel-plugin-module-resolver, as detailed in this Stack Overflow Post. I'm also declaring my transformers within .babelrc. It's simpler and fixes two issues: slow rebuilds and slow chrome debugger source maps.

React Nativify

  • The alternative to the React Nativify method is rn-nodeify, but that's messy and scary.
  • node-libs-browser should be installed to provide many of the basic node functions.
  • We may have issues with Jest tests when we use them. If so, refer to this SO Thread. One person said that was fixed by remembering to include a .babelrc file. We'll see when we get there.

crypto

  • There are several libraries that attempt to shim crypto: react-native-crypto (a clone of crypto-browserify with randomBytes replaced) and native-crypto. I opted for the former. Haven't tried the latter yet.
  • pbkdf2 If pbkdf2 errors out, ensure that it is frozen at 3.0.8. An npm list pbkdf2 should show only 3.0.8.
  • react-native-crypto relies on react-native-randombytes for random byte generation, which in turn relies on SJCL (Standford Javascript Crypto Library) for synchronous generation and iOS's SecRandomCopyBytes for asynchronous generation. react-native-randombytes recommends linking with rnpm link, however that and react-native link is not currently working for me. The Manual method must be used. Furthermore, two files must be manually modified in Xcode for newer versions of React Native: mvayngrib/react-native-randombytes#15. Hopefully that will be merged soon. In the meantime, I'm depending on my branch (listed in package.json) with those files fixed already. That library must be installed, added to the .babelrc file.
  • Here's another interesting take on React Native Synchronous Secure Random Number Generation.

BIP39

BIP32 and Other Cryptocurrency Functions

Building for Production

So, there are more catches: https://github.com/bitcoinjs/bitcoinjs-lib#browser

  • Buffer Version: If we run into issues with bitcoinjs-lib (especially on iOS 10), we may need [email protected] or greater.
  • React Native will mangle things it shouldn't when uglifying for Release:

Other Documentation

Before Going to Production

  • Ensure any dev tunneling changes are reverted (especially App Transport Security Settings exceptions.)

Onboarding Flow

state:
  initialized: false
  walletUUID: null
  mnemonic: null

componentWillMount:
  set up websocket and connect

componentDidMount:
  (loading-wallet screen renders)
  initialize: get or generate: walletUUID, mnemonic, addresses

bcoin

Notes

Derivation Paths for Testnet

See: https://iancoleman.github.io/bip39/

  • Receive (Main) Addresses: m/44'/1'/0'/0
  • Change Addresses: m/44'/1'/0'/1

TestNet Backup

nose hello extra summer elder capital marine term glide choice plate release

About

Incomplete learning spike demonstrating crypto polyfill/shimming for React Native crypto applications.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published