Deep Dive: Akita Wallet

We decided to become a wallet out of necessity. With Akita social having almost every interaction entirely on-chain, the experience would have been completely unacceptable with the current user flow for interacting with Algorand.

When we initially set out to build the social protocol, we thought it would require us to custody user funds and interact with the network on their behalf. Not ideal. We're passionate about self-custody and users having real control of their accounts.

Along the path of development, we learned about some fascinating properties of the AVM (the Algorand Virtual Machine) that would allow a smart contract to be limitlessly extensible. It turns out two unique properties of the AVM together can give smart contracts super powers: Atomic Composability and Rekeying.

Atomic Composability: All or Nothing

For those who may not know, Algorand has an entirely atomic group execution feature – think of it as "all or nothing" transaction groups. This means I can create groups of transactions that interact with contracts, and if any one of those transactions fail, the entire group will fail and won't execute any of those transactions. It's an insanely powerful feature and vital for the Akita Wallet to function.

The Power of Rekeying

Then there's Rekeying. It allows you to change the authoritative address over an account, which is extremely useful in an emergency situation where your private key is leaked or stolen. The hidden gem here is that even though a stateful smart contract doesn't have an associated private key, it can still be rekeyed. (Here's a really interesting tidbit: stateful smart contracts can still execute without control of themselves, as long as they don't submit transactions.)

Flash Rekeying: The Core Innovation

Combining these features results in the core of what makes the Akita Wallet possible: Flash Rekeying. This allows the contract wallet to temporarily give control to a plugin, execute some logic, and guarantee that at the end of the group it retains control over itself. This makes a smart contract wallet limitlessly extensible.

We have been working on polishing this approach tirelessly. We've gone through massive amounts of iterations, and we are extremely happy with the design and feature set of the Akita Wallet.

Building Layers of Security

There are several major layers of security for a system so dynamic and flexible. Let me walk you through them.

Granular Permissions

Baked into the contract itself are multiple layers of safety restrictions for any plugin you decide to install on your wallet. Installed plugins can't be called by anyone, only by the addresses you want to allow (even your own). If you do want to allow anyone, you can set it to the global zero address.

Every plugin installed has an expiration time – it could be 1 minute, 1 day, 1 month, 1 year, or until the heat death of the universe. You can also limit how frequently plugins can be called through cooldowns. Similar to your typical OS, some stuff should be 'admin only', like Account Recovery plugins.

We diverge from the ARC58 standard a bit when it comes to revocation. Every Akita Wallet has a revocation app whose sole permission is to remove plugins. To start, the revocation app will default to the Akita DAO.

Self-Delegation: The Future of Security

Most use-cases won't require just giving access to call a plugin from an address completely out of your control. We've developed several ways to further tighten security and provide user safety through self-delegations.

Embracing Passkeys

Passkeys are a new standard broadly being adopted by major software houses and businesses worldwide. It has been in development for years and is often espoused as the end of the email and password era. We believe passkeys are the future, and once again the AVM has a special feature that we can take advantage of to get some huge benefits.

We can derive a logic signature based account from the Passkey your device generates in its secure enclave. The private key is never exposed to the browser context, and you need a secure SSL connection with the site the key was created for to even request an authorization. This means you can install plugins that are siloed to a site and require your signature but crucially results in a much better user experience since you're not jumping between apps.

Live Session Keys: Convenience Meets Security

Live session keys offer another option for balancing user convenience with safety. Instead of associating the plugin install with a passkey, we create a multi-sig account for the plugin. It requires two signatures: one that the dapp signs and another that your browser signs in the background passively. This way the user doesn't have to give explicit authorization, but the plugin can only be used while the user is actively using the dapp.

Static Analysis: Catching Issues Before They Start

ARC58 has a straightforward but essential static analysis tool for our plugin ecosystem. Its job is simple but crucial: it examines plugin code to identify what kinds of transactions it can call and what asset transfers it might trigger. This gives users clear visibility into exactly what a plugin is capable of doing with their wallet.

Open Source Requirements: Transparency First

We believe in radical transparency when it comes to wallet plugins. That's why we have strict open source requirements for any plugin that wants to be surfaced within the Akita Wallet. Your code must be public, properly licensed, and well-documented. But it goes beyond just throwing your code on GitHub.

We require clean, readable code with clear documentation explaining what the plugin does and how it works. Each plugin needs to include comprehensive tests and examples of use cases. This isn't just about security – it's about building an ecosystem where developers can learn from each other and users can trust what they're installing.

Social Metrics: Understanding Plugin Impact

We've built a comprehensive social metrics system to help users make informed decisions about plugins, leveraging the same on-chain social infrastructure that powers Akita Social. Every plugin will have public metrics showing:

• Real usage statistics across different timeframes
• User ratings and reviews
• Integration popularity with different dApps

Since they're built on our social protocol, all these interactions and ratings are verifiable on-chain. Users can see genuine community sentiment, impact score and usage patterns. We surface this information directly in the wallet interface, making it easy for users to make informed decisions about what to install.

Plugin Generator: ABI-Driven Plugin Creation

We're working on a plugin generator tool that will streamline the process of integrating existing smart contracts with Akita Wallet. The concept is straightforward: feed it the ABI specification of an existing contract, and it will generate a plugin that can proxy those interactions.

This approach means that any contract with a proper ABI specification can be quickly made compatible with Akita Wallet. Rather than requiring developers to manually write proxy logic for their existing contracts, the generator will automate this process, ensuring consistent and reliable plugin creation.

Looking Forward

What started as a solution to improve our social protocol's user experience has evolved into something much more significant. By leveraging Algorand's unique features – flash rekeying – we've created a wallet architecture that pushes the boundaries of what's possible with smart contracts.

The plugin system we've built isn't just another wallet feature – it's a new paradigm for how users can interact with blockchain applications. Through careful design choices around security, transparency, and social trust, we're laying the groundwork for an ecosystem where innovation & convenience doesn't have to come at the cost of user safety.

As we launch this into the wild, we're most excited about the possibilities we haven't even thought of yet. We've built the foundation – it'll be up to the community to show us what's possible when you combine powerful contract primitives with a genuinely extensible wallet.