Please describe your proposed solution.

The problem

The interest in Self-Sovereign Identity (SSI) keeps growing. And it's no wonder: it offers a solution to the ever-growing problems surrounding trust on the Internet, digital identity, and the worrying trends towards centralization. With DIDs (Decentralized Identifiers) and VC (Verifiable Credentials), we finally got a way to govern our own digital identities. IOG has launched PRISM, a very promising technological implementation of the concept of SSI. While IOG is developing products internally to roll out the technology in cooperation with the Ministry of Education in Ethiopia, other companies like DISH or WorldMobile are building their own solutions. However, these are only proprietary products for their own specific markets. Outside these business deals, it is primarily thanks to Project Catalyst that so many projects based on PRISM have already been funded and are all developing new and exciting solutions. In short: Things are moving forward!

However, what is still missing and preventing some projects from pressing on is a browser wallet. With a browser wallet, scenarios like logging in with a DID, or signing credentials on a web page would finally be possible. These are all essential building blocks to enable PRISM to become mainstream. And the demand is substantial!

Okay, but aren't there already other wallets?

First, we have to distinguish between crypto-wallets and identity-wallets. Although they both communicate with the Cardano blockchain, the technology behind them is fundamentally different. Crypto light wallets such as Yoroi, Etnerl, Metamask etc. are the part of the wallet where we store our money. Identity wallets, on the other hand, hold our ID, our education degree, our driver's license, and much more. One day, there will be a type of wallet, like our physical wallet, that combines both, but it will be quite some time until that is happening.

And what about other identity wallets?

In the Cardano ecosystem, there is currently RootsWallet (also a Catalyst project), a wallet for Android which is getting built with great success and energy. Primary focus of this wallet is communication with other wallets, and using identity wallets in the real world. Blocktrust identity wallet, on the other hand, focuses on interaction with websites. Think Metamask for Identity! For us, it's first and foremost about finally providing the ecosystem with a working identity wallet, which is able to interact with websites. And these don't even have to be just the Cardano ecosystem! Additionally, it is necessary to understand that we are working with a technology with is standardized in public (W3C, Decentralized Identity Foundation, …). There is no vendor lock-in here. Moving your identity from blocktrust identity wallet to RootsWallet? Not a problem.

There are currently other mobile wallets like Proofspace (also a great approach), as well as various concepts and proposals to move the wallet issue forward. IOG's light wallet called Lace introduced at Consensus is also supposed to be able to manage digital identities one day, but this is an addition which will come somewhat after the initial release (which itself is still unknown). As it currently stands, there's a lack of solutions for the pressing need of wallets which are able to integrate into websites.

Why did it take to so long to build a browser-wallet then?

Although the core of the PRISM technology is almost two years old, there has not been a way to build a light wallet. This is due to the fact that the PRISM SDK (written in Kotlin) is not yet public and the JavaScript SDK, which is needed to build browser wallets, theoretically exists but also has no release date yet. Almost all PRISM projects are waiting in one way or another for the release of these SDKs. We, at blocktrust, have gone the long way and simply written our own SDK, which allows us to develop and implement new ideas much more rapidly. As a result, we are also the first to implement a light wallet — simply because we don't have to wait. And the best: IOG is exited to see us move forward (I, as the main proposer, am in contact with most of the Atala PRISM staff).

What will you get?

You will get the blocktrust identity wallet as browser-extension (Chrome, Edge, Firefox, Safari) in a very short timeframe to finally be able to continue building and integrate your applications with a browser-wallet.

The wallet will have the following features:

• It allows you to create and manage multiple DIDs (local, testnet and mainnet).
• It makes it possible to issue, receive, share and store Verifiable Credentials.
• Furthermore, it will allow you to connect to and interact with PRISM-enabled websites
• And it will enable you to create backups, restore from backups and import contents of other wallets into the identity wallet.

Additionally, we will provide documentation and a toolkit to help developers integrate the wallet with their web app to allow login, bidirectional sharing of credentials, and to process signature requests. We believe that having a good documentation geared towards developers and code example and demos is as important as the wallet itself.

But it's not just about developers. As soon as the first PRISM-enabled websites take advantage of the integrations, a new realm of possibilities and use-cases will suddenly emerge for everyone to enjoy.

The key to driving the adoption of Atala PRISM, in our opinion, is primarily the ability to integrate PRISM with a wide range of web apps. These will initially be apps from the PRISM ecosystem, but there is no reason to stay only in the crypto space, SSI can be used everywhere.

Please describe how your proposed solution will address the Challenge that you have submitted it in.

This proposal could have also been submitted in the "Developer Ecosystem" challenge, but the wallet is an application for everyone, not just developers.

What are the main risks that could prevent you from delivering the project successfully and please explain how you will mitigate each risk?

Technical risks

Since a working demo already exists, there are no technical risks as far as the actual product is concerned. There should not be any significant delays here.

Delivery risks

After the essential development is completed, the browser extension will be made available for public download (phase 2). This allows developers to use the wallet straight away. In order for the wallet to be used by the general user without technical knowledge, it must be offered in the Chrome Web Store and the Firefox Add-ons Marketplace, among other places. For this purpose, the wallet has to go through a review process. The certification for the Chrome Web Store is particularly time-consuming and tiresome. In addition, there are problems with the new format for WebExtension Manifest v3 (regarding WebAssembly browser-extentions). Although a time buffer has been included, there may be delays in delivery for individual browsers that are beyond our control.

Additional delays may result from the fact that IOG has not yet published its PRISM SDK. Although we are technologically not dependent on it, it is still unclear to what extent any kind of software that directly or indirectly uses PRISM can be made public before any kind of official SDK is released. This affects not only us, but any PRISM project whose code becomes public. We expect this uncertainty to be resolved in the very near future.

Please provide a detailed plan, including timeline and key milestones for delivering your proposal.

Phase 1 (10 weeks)

The currently existing demo will be built out to a complete product. This includes among other things:

• Set up a continuous integration pipeline
• Rethinking the UX and revising the user flows
• Improvement of the user interface
• Add functionality to handle multiple DIDs at the same time
• Adding missing features for export, backup, and restoring DIDs and VCs
• Improve flows for using the app in connection with web apps
• Implement the handling of long-running background tasks
• Integration of logging and an activity history
• Opening the extension in a popup-window
• Improve encryption and security measures of the closed wallet

Phase 2 (6 weeks)

We have the explicit goal to get the wallet into the hands of developers and the first users as quickly as possible. For this purpose, we will be making the wallet available for download on our website as soon as this phase begins. The second phase will be dedicated to feedback, bug fixing and support.

• While the first users are already using the wallet, we will continue to work on improvements, fine-tune details and fix bugs in the background.
• Extend the test suite for improved unit, integration and UX testing.
• We will conduct a security review and get an outside opinion of possible flaws
• We will actively seek feedback from developers and promote the wallet within and outside the Catalyst and PRISM communities.
• We will engage with other wallet-teams to find a common standard for website integration processes and APIs and ensure interoperability of all major wallet operations (import, export, …).

Phase 3 (4 weeks)

Since the essential work should already be finished with the completion of phase 2, we will focus on getting the wallet into the web stores of the different browser providers in phase 3. Unfortunately, this is not a job for one day, but might require patience and longer discussions. While we wait for the approval, we will build a website for the wallet, with all the explanations for users and documentation for developers:

• Creating an identity wallet website with information about the wallet and SSI in general.
• Filming instructional videos showing what the wallet is needed for and how it can be used
• Creating documentation material for developers
• Creating example projects that show how SSI wallets can be integrated into web apps.
• Finally, upon completion, the wallet should be available in all web stores.

Other projects and timelines

If there will be funding of any additional proposals from blocktrust, there will inevitably be an overlap. Priority will then be given first to the proposal with the most votes (considering the technical feasibility of the order in which the projects could be completed most efficiently).

To be as transparent as possible: here are the other proposals from blocktrust in this fund:

• PRISM analytics platform
• PRISM credentials for the web

Björn Sandmann is also working on a previous proposal from Fund 7. It allowed the proposer to work full-time on PRISM and laid therefor the basis for much of what was accomplished since then (e.g., .net SDK for Atala PRISM and also the PoC of this browser-extension wallet). The proposal from F7 is still ongoing and will likely finish as planned (September) and therefore will not collide with the new proposals.

Please provide a detailed budget breakdown.

The budget only consists of the required work for development and documentation.

Lead-Developer (Björn Sandmann): effectively working for 40h/week for 10 weeks to complete the first phase as fast a possible to get the wallet into the hand of its first users (400 h). Thereafter, I’ll work for 25h/week for the other half of the project (250h). With a rate of 80 USD, this does amount to 52,000 USD. This being an essential project for the PRISM community, I would invest my time/money into the project and reduce my personal costs to <u>40,000 USD</u>.

Frontend-Developer (John Grabenmeier): 5 weeks with 20h/weeks *50 USD = Resulting in <u>5,000 USD</u>.

A contingency for budget overruns is not necessary in our opinion, since the project is clear in scope and should not contain any major risks which would cause costly delays. If so, these costs will be covered by the team and will not cause a halt of the project before completion.

Overall: <u>45,000 USD</u>

Please provide details of the people who will work on the project.

blocktrust is a startup focusing on developing technologies around Atala PRISM. For more information about our other proposals visit: <https://blocktrust.dev>

Björn Sandmann

9+ years of full-stack development with the .net Stack. Focused on identity and privacy solutions. PRISM Pioneer, Atala ASTRO, Plutus Pioneer, already funded proposals. Implemented all aspects of the working demo of the blocktrust identity wallet.

LinkedIn: <https://www.linkedin.com/in/codedata/>

Project history and technical skills: <https://www.gulp.de/gulp2/g/spezialisten/profil/bsandmann>

John Grabenmeier

20+ years of frontend development. Proven track record of from small online shops to high-profile enterprise systems.

In this project, John Grabenmeier will be mainly in a supporting role for UX questions and the creation of the website for the documentation. He will also be involved in some parts of the Javascript based communication between the wallet and websites.

LinkedIn: <https://www.linkedin.com/in/johngrabenmeier/>

Project history and technical skills: <https://www.johngrabenmeier.com/>

If you are funded, will you return to Catalyst in a later round for further funding? Please explain why / why not.

There are no plans for further funding through Project Catalyst at this time. However, if there is a need for additional features on the community side after the project is completed, subsequent funding may be considered.

One idea might be to make this wallet also available on Android and iOS. Because of the technology used, nearly all the code can be reused for this (from the SDK up to layout and the input controls of the interface).

Please describe what you will measure to track your project's progress, and how will you measure these?

During the complete funding phase of the project, we will write a blog entry every two weeks at <https://blocktrust.dev/blog>, which will provide information about the progress of the work including screenshots of the current state of development.

Additionally, the first goal of publishing the wallet after phase 1 can easily be verified. After that all the work takes place in the open anyway: There will be discussion with the community, and then later the creation of the website with all the educational material for users and the write-up of the documentation for develops.

Finally, after shipping the wallet to the web stores of the browser vendors (Firefox, Chrome, Edge, Safari) everybody will be able to track the numbers of download publicly.

What does success for this project look like?

Success could, of course, be defined by the user numbers of the wallet. But the real success lies in the fact that a working browser extension wallet means that many PRISM projects that have already been started can now be completed. An identity wallet is not a standalone application, but primarily an enabler for many other ideas that are still in people's heads. Much like Metamask permanently transformed Web3 with their website integration to allow users to interact financially with web apps, an SSI wallet will rise to do the same with user identity. Of course, we hope it will be this wallet, but eventually, it doesn't matter. What is important is that we move the PRISM ecosystem forward as a whole, and this proposal is in a good position of doing exactly that.

Please provide information on whether this proposal is a continuation of a previously funded project in Catalyst or an entirely new one.

This proposal is entirely new and has no relationship to previous ones.