This post was originally written by Kieran Elby for a project he has since shut down. We have made some small modifications to reference KIWI Exchange, but all credit for this article belongs to Kieran.
At KIWI Exchange, we want to make it as easy as possible for clients to start trading (without compromising on security).
Being totally decentralized, KIWI Exchange doesn’t have any sign-up or verification, so ideally new clients should be able to turn up, deposit and buy in minutes.
Instead of sign-up, the most important part for a decentralized app (“DApp”) like KIWI Exchange is how clients can safely let the DApp send Ethereum transactions from their Ethereum address, in our case to buy and sell tokens on the exchange.
In an ideal world, everyone would use a nice browser extension like MetaMask, and DApps could just rely on that, but in practice there’s at least five different ways clients want to send transactions:
- Manual Transactions (user copy-and-pastes details into e.g. MEW)
- Browser Extension (MetaMask)
- Dapp Browser / Local Client (Mist, Parity, Geth)
- Hardware Wallet (Ledger, Trezor)
- Imported Private Key / Keystore JSON / Mnemonic
Right now, KIWI Exchange supports the first three - but we’d really like to offer clients the choice of improved security from hardware wallets and the more integrated experience possible with an imported private key.
- Create addresses, view balances
- Select network + address to use
- Confirm transactions, choose gas price
- Sign messages
- Transfer ETH + tokens between addresses
- Show recent transaction history
And of course, for MetaMask clients the magical library would let MetaMask handle most of the above, and for Hardware Wallet clients it would talk to the hardware, and for private key clients it would provide its own User Interface for transactions and key management.
Naturally, the User Interface would be reskinnable to match the style of the Dapp using it, and all text displayed to clients would be internationalized with high quality translations into many languages.
Unfortunately, unless we’re missing something, there’s no library that quite does all the above out of the box - though there’s lots of great lower-level building blocks, and some promising stuff out there. Here’s a round up of libraries we’ve looked at:
web3.js - (Starting with the obvious one for completeness!) This is the core interface between JS and the Ethereum blockchain for most DApps. Quite low-level, currently undergoing a transition from 0.9 to 1.0.
MetaMask/Mascara - This does actually sound very much like the wished for magical library; a MetaMask user experience without needing to install MetaMask. Sadly not production ready yet, and no hardware wallet support.
ethereumjs-wallet - Lower-level library to generate private keys and decrypt/encrypt into various key store formats.
web3 provider-engine - The concept of “web3 provider engines” allows extra functionality to be added to the base web3.js - for example, by ledger-wallet-provider, which provides support (but no UI) for connecting to the Ledger hardware wallet.
MyEtherWallet Source - Not a library as such, but the splendid folks at MyEtherWallet make their code available under a permissive license which allows us to take a little peek at how they do a great job of handling lots of wallet types …