As secure client-side bitcoin wallet Dark Wallet looks set to reach its funding goal, a competitor has emerged – and is already shipping.
The product, which is a reworked version of now-defunct project Rushwallet, features two tabs: a bitcoin wallet and a secure messaging system.
Launched by Anthony Di Iorio, CEO of Canada’s Bitcoin Alliance, the wallet can automatically locate any bitcoin addresses contained within a web page. Thus, users can make payments automatically, without cutting and pasting.
Di Iorio, who aims to replace Instawallet, an online wallet which was known for its ease-of-use, but also for its security flaws. Instawallet closed following a hack back in April.
Kryptokit's founder wanted to provide similarly simple service, albeit one that avoided storing a user’s private keys centrally. Thus, Kryptokit's desktop wallet was designed to store bitcoin addresses locally.
As a Chrome extension, the Kryptokit wallet is an open-source project. Users can create their bitcoin addresses by moving their mouse around the screen. This, along with a random number generator, creates each user's address.
The system also has another tab, for secure messaging. This uses GPG (the open-source version of the Pretty Good Privacy protocol developed by Phil Zimmerman) to secure messages between its users.
Users generate a GPG key from within their wallet, but they can also import them from elsewhere. The GTG key can be used to encrypt messages that are sent to other Kryptokit users.
One of the disadvantages of this system, for now at least, is that it isn’t possible to email non-users of the software.
However, one of the benefits is that there’s no SMTP (Simple Mail Transfer Protocol) header to worry about. SMTP, used for routing email around the Internet, is a notoriously leaky protocol that divulges lots of information about senders.
Integration with conventional email systems is something that Di Iorio hopes to introduce in time, using an Open PGP encryption system called Mailvelope.
Other future features may also include a social networking service to unite the wallet’s users, and a password management system to store login credentials for other sites. This system would only store them on the user's local desktop machine, however.
No server-side storage
GPG-encrypted messages reside on Kryptokit’s servers until they are collected by the recipient, says Di Iorio. After that, they are deleted.
"Let's say the government wants to take down our server. They can take it. It's all encrypted and they wouldn't be able to see anything. This is why I say it's all NSA-proof," Di Iorio said, adding that GPG keys and bitcoin private keys are never stored on his central computers.
But where does this leave the Dark Wallet service?
There are some key differences between Kryptokit and Dark Wallet. One feature that the Dark Wallet team is reportedly discussing is a trust-less mixing service.
Dark Wallet project representative Amir Taaki did not respond to a request for comment from CoinDesk yesterday. However, at the time of writing, the company’s crowdfunding project had almost reached its $50,000 goal and looked likely to succeed, with a week to go.
But Di Iorio pointed out that the project was far behind Kryptokit, in terms of development, he said:
Curiously, however, there is some overlap between the two projects.
Like Di Iorio, Vitalek Buterin, a key participant in Dark Wallet, is based near Toronto. Buterin has also conducted a code review for Di Iorio, to help ready Kryptokit's project for its release.
In the world of non-profit bitcoin wallets, it appears many teams are united by a common goal: making bitcoin simple to use, so that its users can help take it into the mainstream.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.