Thinking in Jade Wallet
This article will introduce some of our thoughts on the product when designing Jade Wallet, and answer some of the user’s questions on the use of the product.
Synchronous VS Asynchronous
When a user signs a transaction using Jade Wallet, multiple people are required to be online at the same time to complete the multi-party computation for the signature, which is “synchronous”. For those who have used Copay or Gnosis Safe, this may be questionable, as both Copay’s multi-signature mechanism for BTC and Gnosis Safe’s multi-signature mechanism for ETH are “asynchronous” and do not require multiple people to be online at the same time.
It is true that in some scenarios, “asynchronous” is better than “synchronous”, for example, for a multinational team, it may be difficult to meet the condition of requiring members to be online at the same time due to different time zones. But “asynchronous” actually implies a condition: the timeliness of the transaction is not important, for example, an ordinary transfer transaction, as long as the final transfer to the target address is enough.
What if the transaction is time-sensitive? For example, if a Swap operation on Uniswap, the price of the transaction pair is likely to be volatile, and if the time interval between multiple member authorizations is large and the price fluctuates beyond the slippage setting during that period, eventually this transaction will fail even after it is broadcasted, but the miner’s fee will still need to be paid.
In addition to the possible timeliness of the transaction itself, the miner’s fee also fluctuates. The Gas Price of ETH can vary greatly over time, and the longer the interval, the more difficult it is to estimate. Assuming “asynchronous” processing, if the Gas Price goes up when the last member signs, it may take longer than expected to confirm the transaction; if the Gas Price goes down, it means an overpayment of the miner’s fee.
It is our design theory to “try to eliminate the need for users to consider the various scenarios that a transaction may face”. While “synchronous” is limited in some scenarios, it produces predictable results for the user compared to “asynchronous”.
Jade Wallet uses Multi-Party Computation (MPC) for the purpose of managing assets by multiple people, which is the core functionality of Jade Wallet guaranteed by cryptography, with the ownership of the assets completely under the control of the user.
Beyond this, authorization for certain functions is implemented by a centralized server, such as authorization to recover key sharing and reject orders.
After a member has requested a recovery of keyshare, it is necessary to wait for all remaining members to agree before proceeding to the subsequent recovery steps.
Any member has the right to veto an order, i.e. if a member clicks “reject” on the “Order Details” page, the order is no longer valid.
In addition to the common network request timeout, Jade Wallet has a special timeout mechanism for certain aspects. Assuming that a member drops out during the signing process, the timeout mechanism should ensure that other users can also exit the current process in time. At the same time, the timeout mechanism should prompt the user to complete the operation to be done as soon as possible.
Based on the above design principles, after entering the process of creating a wallet or transaction signature, the operation should be completed within 2 minutes under normal circumstances. Beyond this time it indicates that an abnormality has occurred, and the App will jump to the transaction failure page and prompt an error message. For transaction signature, there will also be a 1-minute countdown when confirming the transaction, and users need to confirm the transaction within this time to avoid other members waiting too long.