[$20k total bounty] Shielded USD Payments Mobile App

This bounty is active!

Summary

Build a mobile application for iOS and/or Android designed to facilitate shielded USD payments using Namada’s MASP, fiat onboarding and offboarding, shielded swaps, and more.

Procedures

• This bounty is split between two main milestones and three bonus milestones.
• The bounty for each milestone will be paid to the first application which I and others test which meets the product requirements described in the milestone, reasonably interpreted, and does so reliably (e.g. if shielded transfers don’t work half the time, the product requirements are not considered met). If any of the product requirements are unclear, please ask for clarification. Any clarifications to the product requirements will take place in public so that everyone has a fair chance.
• In order to qualify for a milestone bounty payout, your application and instructions must be open-source and available so that anyone can test / use it, and you must post a testing video which demonstrates completion of all of the product requirements in the milestone. After this has happened I and others will personally test and pay out the bounty if the milestone has indeed been met.
• In order to qualify for the bonus milestones, your app must first have qualified for the main milestones (but the bonus milestones can be qualified for independently from each other).
• Even if your app isn’t the first to a particular milestone (and don’t win the bounty associated with that milestone), you could still be the first to a later or bonus milestone (and win the bounty associated with that milestone).
• Ideally, your app works on both iOS and Android. Practically, I can only test on Android, so it must at least work on Android in order to qualify for the bounties.
• Payments will be made using Namada shielded transfers and an asset of mutual agreement (not necessarily USDC itself, but an asset of equivalent value at the time of transfer).
• A reminder that this initiative is a personal experiment aimed to encourage rapid development of novel Namada applications – it’s not an attempt to provide any kind of long-term sustainable revenue stream to application developers.

First milestone: working shielded transfers [$5k]

With the app, users must be able to:

• Create and manage Namada keys in the application (similar to what the web extension does)
• Deposit via Namada t- and z-addresses
• View their balances of all assets on Namada, with the typical fiat conversions + an overall portfolio page
• Send transparent transfers (to Namada t-addresses) and shielded transfers (to Namada z-addresses)
• Keep an address book to map friendly names to addresses

Second milestone: fiat on-boarding and off-boarding [$5k]

With the app, users must be able to:

• Onboard fiat using zkP2P, Coinbase, or other methods
  • No-KYC options must be available for small amounts
  • USDC so onboarded must be automatically sent to Namada
• Offboard fiat using zkP2P, Coinbase, or other methods
  • USDC so offboarded must be automatically sent from Namada to wherever is required for offboarding (e.g. Ethereum for zkP2P or Base for Coinbase)

In general, the user must be able to start with dollars in some existing application such as Venmo, transfer those dollars to Namada and send them around in the shielded pool for as long as they like, and send those dollars back to their existing application (e.g. Venmo) whenever they want.

Bonus milestone: connected debit card [$5k]

With the app, users must be able to:

• Generate a virtual card (Mastercard/Visa/etc., something standard)
• Unshield assets from the MASP on-demand to use for payments (via a few clicks in the mobile app before payment is OK)
• Pay with the card at any location where credit/debit card payments are accepted
• Track their card payments

Bonus milestone: shielded swaps on Osmosis [$2.5k]

With the app, users must be able to:

• Execute shielded swaps (starting and ending with assets on Namada) using Osmosis as the DEX backend, for any token supported by Namada and Osmosis
• Track their portfolio and shielded swap history

Bonus milestone: shielded swaps on Ethereum [$2.5k]

With the app, users must be able to:

• Execute shielded swaps (starting and ending with assets on Namada) using Ethereum DEXs as the DEX backend (perhaps an existing aggregator), for any token supported by Namada and Ethereum
• Track their portfolio and shielded swap history

This would be !

Hi Chris!! Are progressive web apps acceptable, or are only native apps accepted?

Mmm I think for this one it would have to be a native app, I expect proving times, shielded sync speed, and general UX can be made much better with a native app than with a PWA. Using React Native or something is fine though.

hey @cwgoes, refreshing this topic, since i think @GE.Tnso’s team is well positioned to achieve this bounty with https://namadawallet.com/

re: milestones

1. how how strict are you about the need to open source it? curious about your reasoning

re: bonus milestones

2. is it enough to integrate an existing digital credit card? like could the debit card be an existing integration, like Payy or Osmosis’ card? not quite sure i know what you mean by “generate a virtual card”
3. we don’t have access to ethereum without the mainnet upgrade. could this be demonstrated with the Housefire testnet in meantime? this one seems pretty tough, btw!

I added this requirement for two reasons:

• so potential users of the app can audit the code (or ask someone else to do so), and be confident that their assets will be secure

• so third parties could build on and improve the application

The first is more important than the second – if there’s a good reason not to open-source, and there’s another way users can verify that the app is safe to use, I’m open to relaxing this requirement.

What Osmosis and Payy (despite the branding) do card-wise is not particularly privacy-preserving, since there’s a single card which is tied to your (real name) identity, and which you use for all transactions. Payy allows you to fund this card with (somewhat) shielded transfers, which is nice, but the card itself is not really any more private than if you just used e.g. Osmosis’ card and funded it from a shielded pool elsewhere (such as, potentially, Namada). This is why I suggested a “virtual card” type integration where users could generate new cards on demand that would be anonymous and unlinkable to each other. Such virtual cards do exist (or I have seen them before), but I do not know how difficult this kind of integration is in practice. I’d be willing to relax the requirement to something more like what Osmosis and Payy do, but the card still has to be integrated into the app (a button to “unshield to Osmosis” is not enough, for example).

Hmm really? Once the connection is there it doesn’t seem any more difficult than Osmosis shielded swaps to me, at least in principle, and the Uniswap APIs are extremely well-documented – it should actually be easier than Osmosis, since for Osmosis Heliax had to write some custom CosmWASM logic, Ethereum is easier to program.

re open-source, while the work done by tnso is super nice, I am skeptical towards their reluctance to open-source. I hope we will keep emphasizing the open-source nature of our community for both the reasons stated above.

just adding some reality here. “fully private virtual cards you can generate on demand, all unlinkable from each other” this doesn’t exist on visa/mc rails. technically trivial, legally impossible. any issuer must kyc the user and will see that all those virtual cards belong to the same identity. that breaks the whole privacy model.

low-kyc / prepaid options also don’t solve it limits are tiny, providers are unstable, and these schemes die as soon as a regulator blinks. building a product on top of that is pure duct tape.

what is actually possible today: shielded funding + normal kyc on the issuer side + disposable vcc. but privacy only exists on the funding side, not on the spending side. basically an upgraded version of what payy/osmo already do.

if the goal is real payment privacy, it has to move outside visa/mc entirely: shielded funding → internal balance → merchant payout through a proxy/aggregator.

thanks, cc @cwgoes