Zulu Republic - Hybrid Custodial Wallet
Christian Tucker
About the Zulu Republic Hybrid Custodial Wallet..
Building a hybrid-custodial wallet was a great learning opportunity for me to break into the crypto-space. It allowed me to familiarize myself with security precautions that I would have never considered otherwise. Typically, in cryptocurrency the idea between a Custodial and Non-Custodial wallet is black and white, so you may be thinking.. what is a Hybrid Custodial Wallet?
A custodial wallet is the concept of a cryptocurrency wallet where the service provider holds your keys and as such they typically have complete control over your funds. To put things in simple terms, it's basically the same as a bank. You deposit your money into the account and then the bank has free control to do whatever they want with the money, it's likely that you'll get it back, but there's always a chance that you won't. A custodial wallet is often (but not always) backed up by a ledger system, similar to a bank as well. This allows the business to transfer funds between customers without conducting fees for on-chain transactions.
A non-custodial wallet is different, instead of a service-provider having access to your funds, you hold your own private keys. You must write down this key and keep it safe and secure as this key provides access to your money and without it, there is zero chance to re-obtain it. However, on the flip-side, if someone else gains it, there's nothing to stop them from taking it and due to the nature of the blockchain, you'll likely never figure out who took it.
So, then what exactly was the Zulu Republic Hybrid-Custodial Wallet? Well, similar to a custodial wallet we actually did keep your private key within our database, however we did not have access to it. This is because your key was double-encrypted. First, we would encrypt the key on the backend using our own encryption key and then we would take the encrypted output and encrypt it again utilizing a password provided by the user. We used some other secret variables to provide additional security here as well, but the important part is that the value that we stored was the value that was encrypted by the users passcode. This means that even though we technically had ownership of the key, we could not in any-way utilize the key without the users password.
Some interesting features and ideas ZR Wallet had for improving the cryptocurrency experience...
The Zulu Republic Wallet was interesting because it was an ecosystem before a wallet, there were other products focused around it such as Lite.IM Zulu Passport Popsicle Finance Abracadabra
Whenever you sent a transaction to an account that didn't exist, the money was sent to one of the Zulu Republic wallets, which basically served as an Escrow. We then sent an email out to the recipient which allowed them to create an account to claim their funds. Whenever they created an account, the system would detect that an account associated with a pending transaction was created and send the transaction to that user. This did mean that there were some incurred costs, however the platform ate these fees as a "marketing cost" so the user always got the appropriate amount of money.
What was the Infrastructure?
Infrastructure was a bit odd as we started the project with a tech-lead that wasn't making the best choices, he was certain that Firebase
