Skip to content

Latest commit

Β 

History

History
108 lines (75 loc) Β· 4.61 KB

README.md

File metadata and controls

108 lines (75 loc) Β· 4.61 KB

LOBSTR-Vault

LOBSTR Vault - Multi-signature security on the Stellar network.

This repository contains the source code of the LOBSTR Vault transaction signer app with local key storage for Android mobile platform.

LOBSTR Vault uses multisignature technology of the Stellar Network and allows you to create a local signer account and verify transactions from multiple Stellar accounts.

Main features

  • Create new signer account on the Stellar Network or recover existing account
  • Local key storage - private keys never leave your device
  • Recover existing account. Mnemonic (BIP39) support for account backups
  • Fully integrated with LOBSTR wallet, StellarTerm.com and Stellarport.io
  • LOBSTR Vault signer account can sign transactions of one or more Stellar accounts
  • Install LOBSTR Vault on multiple devices to protect one Stellar account with N of N multisig setup
  • View and sign transactions on the Stellar Network
  • Import transaction XDRs for signatures
  • Receive signature requests with PUSH notifications
  • Protect your account with PIN and biometric authentication
  • Available for iOS and Android devices

Developers: Integrate LOBSTR Vault with your service

Are you a representative or a developer of a wallet, exchange or service on the Stellar Network and looking to integrate the support of the LOBSTR Vault signer app with your solution?

To integrate LOBSTR Vault with your service, please follow the simple steps below:

  • Check if a Stellar account is protected by LOBSTR Vault

To confirm that LOBSTR Vault is used to protect a certain Stellar account, check the account.signers property of Stellar account and look for signer with the following public key:

GA2T6GR7VXXXBETTERSAFETHANSORRYXXXPROTECTEDBYLOBSTRVAULT

Example of signers property:

"signers": [
    {
      "weight": 10,
      "key": "GDXRCYMVIZ76WWEJ23Q5UVB2ICDIVVPWD2STXNHLPOIY5EXHBLO5U2GJ",
      "type": "ed25519_public_key"
    },
    {
      "weight": 1,
      "key": "GA2T6GR7VXXXBETTERSAFETHANSORRYXXXPROTECTEDBYLOBSTRVAULT",
      "type": "ed25519_public_key"
    },
    {
      "weight": 10,
      "key": "GCG5XRQF7KOVT47RNWBHOPP2QJCNRCWDRXQ64SC7T7K5AGC5WHR4B4IK",
      "type": "ed25519_public_key"
    }
  ],

In order to submit users' signed transactions to LOBSTR Vault for additional signatures, please make a POST request to https://vault.lobstr.co/api/transactions/ with XDR data of transaction sent in the body of the request.

No authentication required.

Please see the cURL example below:

curl 'https://vault.lobstr.co/api/transactions/'  -d '{"xdr": "AAAAADHO3Y+T41Lpy8prDeQ5yOs1nQHE5u9IsLeaYnKwA7XkAAAAZAD8XysAAACnAAAAAAAAAAAAAAABAAAAAAAAAAsAAAAAAAAAAQAAAAAAAAAA"}' -H "Content-Type: application/json"

  • Submitting unsigned transactions

LOBSTR Vault has a built-in protection layer that allows users to select whether they want to receive transaction requests that don't contain any valid signatures.

When you submit a transaction to LOBSTR Vault for additional signatures, you might receive the following response:

Status code: 403 Forbidden

{
  "detail": "Signers of this account do not allow unsigned transactions. Attach a valid signature and resubmit the XDR."
}

This response indicates that all signers of the protected account have opted not to receive transactions that don't contain valid signatures from the protected account itself or other signers.

You should attach a valid signature to this transaction and resubmit the transaction XDR using the /transactions endpoint.

Support

Have any questions or encountered an issue?

Visit the LOBSTR Vault Help Center for a list of frequently asked questions or Contact Support if the issue persists.

Links

License

LOBSTR Vault is an open source software and is licensed under the GNU General Public License v3.0. Please understand the license carefully before using LOBSTR Vault.