UniSwap

5EYG...YhTN
6 Jan 2024
64

The Uniswap mobile app is a self-custodial wallet that is simple, safe, and easy to use. Now that it's out, we wanted to give you a behind-the-scenes look at our design principles, why we open sourced it, and how we think about security and privacy.

Open Source
We open sourced the Uniswap mobile app for a few reasons:

Open Source is User Aligned: Users have a right to choose the product that is best for them. Instead of trusting our claims about security, privacy, and data retention, users should be able to validate these claims by directly viewing the source code. Open source products allow users to evaluate their options to the greatest extent possible.
Open Source Builds Trust: The Uniswap mobile app has been audited by multiple parties, including Trail of Bits. These security reviews build trust in the safety of our products. Open sourcing takes this one step further. By exposing our codebase to the public forum, security researchers can further vet our app.
Open Source is Collaborative: When we started building the app, there weren't many open sourced wallets to learn from. By publishing our code, the Uniswap mobile wallet becomes a reference for other builders.
We've open sourced the entire app, including code that touches private keys, seed phrases, and on-chain data. You can inspect our repo, but some noteworthy code includes key management, iCloud backup, arbitrary transaction signing using WalletConnect, token swaps on multiple chains, viewing NFTs, and various UI components.

Security
We had two goals that informed the mobile app design principles:

Protect the user's wallet from being drained by securely storing and accessing the seed phrase
Protect the user from losing wallet access with backup options
Seed Phrase Storage
Seed phrases and private keys stored on local devices use a combination of iOS Keychain and Secure Enclave to maximize security.

Apple built the iOS Keychain as a SQLite database that securely stores secrets, like passwords, certificates, and private keys. Some unique properties of the Keychain include:

Items are encrypted using two AES-256-GCM keys: A table key and per-row key
Items never leave your device
Items cannot be shared between applications
Items do not sync to the iCloud keychain
Keychain items are encrypted using 256-bit keys stored in Apple's Secure Enclave, a dedicated hardware-based key manager isolated from the main processor.

Decrypting data within the Keychain requires a round trip through the Secure Enclave adding an extra layer of security. If the iOS keychain or application processor is compromised, Uniswap mobile app's keychain items remain encrypted because the encryption key is kept in a hardened hardware module separate from the main processor. iOS Keychain and Secure Enclave are Apple implementations and are not specific to our wallet.

Accessing Private Keys & Seed Phrases
The Uniswap mobile app accesses seed phrases and private keys to

Display the seed phrase on-screen
Create signatures
To display items on-screen, we use a native UI component written in Swift to fetch and display the seed phrase from the secure iOS Keychain.

The flow for creating signatures is more extensive. When the wallet has a message or transaction to sign, it is sent from React Native to Swift. The wallet's private key is securely fetched from the iOS keychain, and the ethers-rs-mobile library - written in Rust - generates the signature. The valid signature is passed back through Swift and Javascript to execute transactions.

To further protect these sensitive user flows, you can enable biometric authentication via Face ID or Touch ID. Whenever you attempt to view your seed phrase or sign a transaction, you will be prompted to complete biometric authentication.

We compiled the ethers-rs library written in Rust to an iOS-compatible version in C++, ethers-rs-mobile, giving us performance and security benefits with key derivation and signing functions. While React Native is fantastic for mobile app development, Javascript is susceptible to supply chain attacks from upstream dependencies. The ethers-rs-mobile library ensures that wallet seed phrases and private keys never touch Javascript code.

Backups
All self-custodial wallets come with manual backups, encouraging users to write down their seed phrase for later recovery. But if a user loses their phone without a manual backup, they will lose access to their wallet. That’s why the Uniswap mobile app offers two recovery methods:

Manual seed phrase
iCloud backup
Users can manually back up their seed phrase by viewing it during the onboarding flow or by revealing it in-app after passing an authentication check. They are encouraged to physically write it down. We strongly recommend Face ID as the strongest authentication treatment.

iCloud recovery is optional but highly recommended for those new to crypto. When a user chooses the iCloud backup, we require a user password to encrypt the seed phrase before storing it in iCloud. This way, even if a user's iCloud account is compromised their wallet is still protected.

The seed phrase is locally encrypted using Apple's AES.GCM cipher suite with a key derived from the user password using the Argon2 key derivation function. Even in this flow, sensitive data like the encryption key does not touch Javascript.

To restore a wallet from iCloud backup, users must be logged into their iCloud account and enter the password they used to encrypt their seed phrase.
This additional encryption mechanic maximizes security while still supporting an intuitive and familiar backup experience.

Privacy
Uniswap Labs does not keep any information that allows us to identify individuals. We do not store first name, last name, street address, date of birth, email address, or IP address in any of our products, including our mobile wallet.

Anything we keep is confined to on-chain data and very limited off-chain data like device type and browser version, which allows us to troubleshoot errors and improve products for our users. None of this data is identifiable.

The Uniswap mobile app uses APIs like Infura, OpenSea, Covalent, TRM, and more. Many of these APIs help us serve data to the user, like token prices, NFT data, and on-chain activity. Most requests sent to these APIs are proxied through a Uniswap Labs server that removes and deletes IP addresses. A handful of API calls sent to Infura are direct, which includes IP. We are actively working to obfuscate non-proxied API calls.

Get fast shipping, movies & more with Amazon Prime

Start free trial

Enjoy this blog? Subscribe to Mr. Joshgun

4 Comments