
Show HN: Weekend Project – A Stellar blockchain wallet on the command-line - brown-dragon
https://github.com/theproductiveprogrammer/luminate
======
brown-dragon
Hi HN! I've been working with the Stellar blockchain recently and I found it
hard to get a simple, open and transparent wallet that would let me keep my
accounts on my local machine. So I wrote my own and made it available for
everyone.

I've tried to keep the code simple and clean and I would appreciate any
feedback. The goal is it should be a simple, powerful wallet that any dev can
pick up - be confident how it works and be able to hack in 5 minutes.

~~~
TekMol
I don't know Stellar, but I am interested in crypto and blockchain technology.

You say you are working with the Stellar blockchain. But then you say it's a
thin wrapper around an API.

Are you doing the crypto (creating private keys, signing transactions) in your
code? Looking through the code it looks like you call something called
'stellar-sdk' for it. Which is not part of the repo. I have the feeling the
magic is happening in this external code. Which conflicts with the statement
that the wallet is "easy to understand at a glance and transparent enough to
be easily customized and fully trusted". One would have to also analyze that
stellar-sdk: [https://github.com/stellar/js-stellar-
sdk/tree/master/src](https://github.com/stellar/js-stellar-
sdk/tree/master/src) Something that is _way_ too big to understand easily.

Also, I see some account creation code in your repo. If it is using a
blockchain, why is it creating accounts on a service via an API? Can't I have
my Stellar assets under control without having an account somewhere?

~~~
brown-dragon
The Stellar network is a new-ish blockchain network managed by
[https://www.stellar.org/](https://www.stellar.org/)

They provide a REST API for interacting with the network itself and
JS/Go/Python/Java standard libraries that can be used. Of these, the JS
library is the most developed which is why I picked it.

Using the standard stellar library to connect with stellar is secure and
transparent enough. What the wallet does is encrypts and protects your account
keys (which are what give you control over your accounts). It does this using
`scrypt`([https://www.npmjs.com/package/scrypt](https://www.npmjs.com/package/scrypt))
for PKDF and sodium
([https://www.npmjs.com/package/tweetnacl](https://www.npmjs.com/package/tweetnacl))
for the actual encryption. Having access to the code should show you that
there are no backdoors built in, no information being sent across to any
third-parties, and so on. This is what people care about when protecting their
accounts.

Your second question is also very insightful. Creating accounts is at the
heart of Stellar. You cannot start performing any transactions on the network
without first creating an account. And, in order to create the account, it
needs to be be funded. This is why the wallet allows you to create (and fund)
a new account on the network. You can read more about it here:
[https://www.stellar.org/developers/guides/get-
started/create...](https://www.stellar.org/developers/guides/get-
started/create-account.html)

~~~
TekMol

        Using the standard stellar library to connect
        with stellar is secure and transparent enough
    

How would one know that there are no backdoors or bugs in the library?

~~~
brown-dragon
There could be bugs, of course, but the library is open source and developed
by the Stellar network team.

Of course you are right in a sense - the core team also should not be blindly
trusted. But, because your account is managed by the wallet and stays local to
your machine, there is nothing much the library _can_ do IMHO.

~~~
TekMol

        there is nothing much the library _can_ do IMHO
    

It's code that runs on your machine. What would prevent it to do whatever it
wants? Like sending your private keys somewhere? Or using a weak form of
crypto to create them so that somebody can guess them?

~~~
brown-dragon
That's an excellent point. The only place the library has access to the
private keys are during account creation and message signing. Perhaps I should
implement both directly in the wallet so it's visible and clear to everyone.

