WalletMatrix

34

wallets and stacking!

Calling all Wallet Vendors!

Wallet Vendors are the fuel of the WalletMatrix machine. You tell us about your new features and we display them for you – free! 1

It seems obvious now, but manually scraping vendor’s websites for content is madness! It just isn’t sustainable. That's why the WalletMatrix way is for wallet features to arrive directly from vendors themselves. Users are assured of up-to-date and accurate information and service running costs are kept to an absolute minimum.

Benefits

Users search for the wallet features they’re interested in and a comparison matrix result is displayedThis means increased exposure of wallets, products and related services to our users, but you also get to further give back to the community by providing consistently accurate and up-to-date information.

WalletMatrix also supplies a simple REST API for developers to leverage in their own applications. This has the potential to further increase the exposure of each vendor’s products and services.

API data is currently supplied for free with a basic rate limit imposed, but we have plans for a greater range of data which will be paid for on-the-fly programmatically using Bitcoin on Lightning (Using LSAT).

For this to work, vendors do need to consent to supplying their data for free to WalletMatrix 2 initially, on the understanding that their data will eventually be on-sold. 3

Find out more

Please email us if you'd like to find out more about providing your data to WalletMatrix: hello@dcentrica.com.

Further Information

FAQ

I'm keen, where do I sign up!?

If we haven't contacted you already, then all that's needed is for you to send an email to hello@dcentrica.com with the following information:

  • Your company or organisation name (Used to create your own, private data repository on GitHub)
  • Your wallet name
  • An email address and username
    • The address and username should be associated with an existing Github repo (preferably an official wallet repo owned by your organisation). We'll send an invite to this address for granting access to your new private, DCentrica owned GiHub data repository.
    • The address should also be associated with a public PGP key if you want users to be able to self-verify your data (recommended)

Once we hear from you, we'll setup your repository and respond with the repo URL and information about next steps.

Who are DCentrica?

DCentrica is the parent company of WalletMatrix, a small, bespoke software development shop based in New Zealand looking to specialise in software development using decentralised systems such as Bitcoin and IPFS.

How does it work?

We're assuming your developers already have a GitHub account, so we just need you to supply us with a GitHub username and email address and we'll add that user to a dedicated, private GitHub repository.

Developers create a special JSON file and push a GIT commit to the private repo each time there’s a new feature to add or change to make. WalletMatrix periodically consumes the GitHub data, validates and renders it on the website visually within the matrix itself and also via our REST API.

If you’re keen to take part, we’d love to hear from you: hello@dcentrica.com.

Why do I need to login to see The Matrix?

While WalletMatrix is in beta, The Matrix itself is tucked away behind an authentication wall. This is a temporary measure to allow vendors time to review data displayed about their wallets and to provide feedback before going live with it. Logging-in is as simple as authorising WalletMatrix as a social login to your Github or your Google accounts, but only invited vendors will be accepted by the system. This is so that only legitimate vendor accounts are created. This does mean that the Github or Google account being used to authenticate with, is the same address associated with your wallet's email address, as per your matrix.json file.

Note: We only fetch the "email" field from each provider, which is encrypted before being saved.

What does the JSON file look like?

The file is named matrix.json and should validate against our version 1 JSON schema. Vendor data is automatically validated against the schema each time our automated import process runs. Validation failures are automatically detected and we're automatically notified.

We have two GitHub repos for our iOS and Android app, do these count as two separate wallets?

No.

We don't support multiple data repos for the same wallet. Instead we assume an iOS and Android app comprise the same features of the same wallet and therefore only a single instance of matrix.json should exist. In this case the matrix.json data file can be configured to contain Github references to both projects' repos too.

Why GIT?

  • You have developers!
  • Incorporate matrix.json creation and validation as part of your CI pipelines
  • No admin login required, which is a reduced attack vector, and less hassle for vendors

How do we validate our matrix.json against the schema?

VSCode users can configure their editors to validate their matrix.json file against the official schema.

How does self-validation for users work?

Wallet vendors can optionally, digitally sign their matrix.json file using PGP by exporting a detached signature file called matrix.asc. Once pushed to GitHub and when WalletMatrix discovers this file, an extra validation process occurs during the periodic import process.

If the signature is valid for the associated matrix.json file, then a “shield” icon becomes highlighted when your wallet appears in search results. Users can then select this in order to download the files and manually validate them using free and open source tools.

We updated matrix.json but forgot to update matrix.asc, what happens now?

Not much! But while this remains the case, the automated validation process will fail which will result in users seeing the corresponding “shield” icon displaying as "faded" (aka un-verified) for your wallet, when displayed in search results. This means that users will not be able to download your files in order to self-verify.

You should create a new matrix.asc file and push that to your GitHub repo as soon as possible, so it can be processed in the next import run.

We changed our company name and updated matrix.json, but self-verification breaks. What happened?

The automated PGP validation system relies on there being a match between the "organisation.name" JSON field, and the DCentrica github repo slug. Future iterations will likely rely on a UUID which of course is not subject to change.

In the interim, if you need to change your organisation name, just let us know with as much notice as you can, and we’ll sort that for you.

What does it cost?

Nothing for vendors. For at least the first 12 months of operation, it will be free for vendors to submit their JSON and signature files. Thereafter we’re likely to impose a payment procedure, payable via Bitcoin, in order to cover infrastructure, development and staff costs.

For this to work, vendors need to consent to supplying their data for free to WalletMatrix 2 initially, on the understanding that their data will eventually be on-sold. 3

It will always be free for platform visitors to view the data via a browser, and while Web API requests are initially free, we do plan on introducing a tiered access model, priced and paid in Satoshi, using Lightning via LSAT.

How are wallets in the Matrix sorted?

In order to avoid gamification of search results by sorting by last-updated date, search results are instead ordered alphabetically by wallet name.

How often is new Wallet data automatically updated?

Hourly.

We pushed some changes, but they haven't appeared for over an hour. What's up?

Assuming you can rule-out browser or proxy caches that are showing you stale data, then it's likely your matrix.json hasn't validated correctly against our schema. Double check that then commit your changes and push again.

Note: There is currently no automated alert for you when this happens (It's in our backlog though).

How do you avoid Wallet Scams?

In order to ensure a minimum level of quality and to avoid scam projects, there's a handful of criteria that wallets should meet:

  1. Publicly available for at least 6 months (e.g. via an app store)
  2. Website domains should have been registered for at least 6 months
  3. Wallets or its components, should ideally be available under an open source software licence

Can we help with anything?

You sure can!

How can the current version 1 schema be improved? What does the WalletMatrix JSON Schema v2 look like? The schema is used to validate incoming data from GitHub. Our ideas right now are centred around fine-grained data points for Lightning Network features such as the following, but your suggestions are welcome. Flick us an email: hello@dcentrica.com.

  • Trampoline payments (Y|N)
  • Auto channel funding (Y|N)
  • Testnet (Y|N)
  • Custodial (Y|N)
  • Fees [0-9]%
  • AMP (Y|N)
  • In-app Bitcoin purchase (Y|N)
  • Turbo channel aware (Y|N)
  • Loop-in / Loop-out (Y|N)

Appendix

1. For the first twelve months after the WalletMatrix service moves out of beta, participating vendors are able to submit their wallet data for free. After this period, the service will incur a fee payable in Bitcoin using Lightning. Vendors will be given notice well before this time.

2. We assume that vendors have read, understood and agreed-to their data being disseminated and paid-for using WalletMatrix. Please see the relevant section of our Terms and Conditions page.

3. Income derived from this process is directed into the ongoing maintenance of the WalletMatrix platform, its hosting and development.