The Good Tech Companies - Introducing Llavero: The $1 Hardware Wallet!
Episode Date: May 30, 2024This story was originally published on HackerNoon at: https://hackernoon.com/introducing-llavero-the-$1-hardware-wallet. Discover Llavero Wallet, a self-service solution... that simplifies secure self-custody of digital assets using AWS KMS. Check more stories related to web3 at: https://hackernoon.com/c/web3. You can also check exclusive content about #crypto-wallet, #aws-kms, #llavero, #self-sovereign-identity, #self-custody-solutions, #crypto-wallet-security, #digital-asset-security, #good-company, and more. This story was written by: @llavero. Learn more about this writer by checking @llavero's about page, and for more stories, please visit hackernoon.com. Llavero Wallet is an easy installer created with AWS CDK that sets up a Next.js server with Lambda functions using Next.js. It installs a AWS KMS - a cloud-based hardware security module to securely manage your private keys. By taking advantage of AWS's free tier, the only cost is $1/month for KMS.
Transcript
Discussion (0)
This audio is presented by Hacker Noon, where anyone can learn anything about any technology.
Introducing Yavaro. The $1 hardware wallet, by Yavaro Wallet.
Greater than since your private keys never leave the KMSHSM,
you don't have to worry about greater than seed phrase or device vulnerabilities.
And if you forget your password, you greater than can recover it seamlessly through your
own self-hosted Amazon Cognito server greater than supporting MFA via SMS, email, and soon, PASCIS.
The Yavaro Wallet.
Some weeks ago I made Yavaro Wallet a self-service solution that gives you complete control over
your digital keys and assets public.
Yavaro means, keyring, in Spanish, and this wallet lives up to its name by providing you
with the tools you need to secure
your digital world. This initial MVP release I samed at technical users for now. However,
I need feedback from knowledgeable people to improve and simplify things for a broader
audience down the road. So I'm hoping this generates interest from potential contributors.
Love the problem. Effortless secure self-custodiality be real, managing your own keys
in a completely secure way is hard work. Understanding and mitigating all the hardware,
software, and seed phrase vulnerabilities requires a huge investment of time and effort that most
people can't make. For regular users, it's a daunting prospect to have a cold hardware wallet
stored in a safe somewhere, paper backups, and detailed instructions for lovodones on what to do if something happens to you. They understandably
fear losing keys, getting robbed, or messing up backup procedures. It's not a very user-friendly
or reassuring solution for daily digital asset use. People are used to the simplicity and safety
nets of modern online banking, recovering passwords via MFA, biometrics,
simple KYC processes, undaving some recourse if things go wrong. Self-custody needs to be
effortless while maintaining privacy and true ownership. HowITWorks' Yavaro wallet provides
a self-custodial and secure way to manage your cryptocurrency assets through a user-friendly
cloud infrastructure deployed using a WS Cloud Development Kit, CDK. It sets up a next.js front-end hosted on Amazon CloudFront
content delivery network, with the backend powered by Lambda functions, and data storage using
Amazon DynamoDB and S3. The core is the AWS Key Management Service, KMS, a cloud HSM that generates and safeguards your
private keys. KMS acts as a dedicated hardware wallet in the cloud, ensuring your keys never
leave its hardened enclave. For authentication, Yavaro uses Amazon Cognito to provide a self-hosted
user directory supporting MFA via SMS, email, and soon PASCII. The transaction signing workflow is 1. Initiate
transaction on Yavaro front-end. 2. Request signature from Cognito for MFA. 3. Verify MFA,
SMS, email, authenticator. 4. Provide MFA confirmation to front-end. 5. Front-end
requests KMS to sign transaction. 6. KMS signs transaction
and sends to blockchain. 7. Transaction confirmation relayed back. By utilizing AWS
free tiers for services like CloudFront, DynamoDB, S3, Cognito and KMS, the entire
Yavaro infrastructure has a recurring cost of only around $1 monthly for an individual.
Future Roadmap. Enable installation across multiple clouds and personal hardware using
cryptographic techniques like Shamir secret sharing or multi-party computation
MPC to split and reconstruct the private key across a centralized web of nodes without any
single point of control. The goal is an effortless way to deploy resilient,
censorship-resistant and vendor-agnostic self-custodial infrastructure tailored to
desired security posture. LLAVERO Wallet Quick Demo. HTTPS colon slash slash U2.
B. J8GBE7S Fly U. C equals DDWE PJD Bembo CO and embeddable equals true finding a niche,
blockchain purists, people who truly grok self-custody likely won't ever trust a cloud-based
product like Yavara Wallet. They already have a hardware wallet like Ledger stashed in a safe,
stamped backups in safe deposit boxes, and a thoroughly documented deadman switch set up
with their family. For them, a dedicated offline cold wallet is the only acceptable way.
And you know what? They're not wrong. A hardware wallet hidden in a secure home
location is exceedingly safe in general. It's about as robust as physical security gets.
But, that's just not a viable solution for most regular people doing daily digital life
and asset management. If you set
everything up correctly with a hardware wallet, the hassles and key vulnerability risks are still
pretty high for a blockchain newbie. So Yavaro's niche will be tricky to find at first. I'm hoping
it resonates with blockchain newbies, plus tech-savvy folks who want self-custody without
the super hardline approach. Easing the UX while maintaining robust security.
My long-term V-I-S-I-O-N-I believe every individual should have seamless access to
their own sovereign personal infrastructure stack. A resilient service stack that's
essentially effortless to use and own. In the coming AI era, cyber security will become even
more crucial as threats evolve. And like physical security, favoring isolation reduces risk from
cascading mass attacks. Each person having their own fully isolated stack makes systematic
compromise far more difficult. Here's the high-level roadmap for getting there.
1. AWS installation. Really cheap self-hosted cloud with SaaS companies removed.
This is Yavaro's first MVP version.
2. Agnostic Cloud. The ability for users to easily migrate between different cloud providers like AWS, Azure, Google Cloud etc. 3. Censorship Resistance. Supporting a
multi-provider, multi-paws, SaaS architecture. Using novel crypto techniques like Shamir's
secret sharing or multi-party computation to split trust.
4. Hardware backups, mixing cloud services with owned local hardware like Raspberry Pis or
repurposed old cell phones, laptops. 5. Family and friends network,
extending trust to a decentralized web of people you trust, for ultimate redundancy and resilience.
Today, cloud and software costs are already very
inexpensive, and in the following years they will continue dropping towards zero cost as these
technologies become further commoditized. Truly sovereign personal infrastructure should be free
or ultra-low cost for everyone. Join LLAVERO represents my first step toward that vision of
individual empowerment on effortless self-sovereign security. It's my attempt to make AWS's powerful KMS accessible and
self-custodial for people. I hope you'll check it out, provide feedback, and consider contributing
your skills. I'm aiming to have over 10 people engaged in conversations about contributing code,
security expertise, QA testing, or architectural input within the next
few weeks. Let's work together to make truly effortless self-custody a reality, bringing
enterprise-grade security and privacy to the people. The Vault for the People.
https colon slash slash yavero. app https colon slash slash github.com.
Yavero Wallet. Yavero, thank you for listening to this Hackernoon story, read by Artificial Intelligence.
Visit hackernoon.com to read, write, learn and publish.