Building an offline ussd algorand wallet

Dear Algonauts,

My name is Celestino, I am on Algorand trying to build a couple of applications. I hail from Nairobi, Kenya in East Africa. One of the application’s requirements is that it is able to work offline, and send transactions offline or at least with the most minimum bandwidth of internet, or no internet at all. It leverages what we call USSD technology, it is an old telecommunications service that is really popular south of the Sahara, this is because it is very simple to use and still enables one to access normally online services but in an offline manner.

Since I am building an application for users south of the Sahara, it is hard to imagine not implementing USSD technology, especially for my dapp’s MVP. Of course as it scales, we can have a mobile app for it, but again an Android app that has offline mode.

So, that said, let me get straight to the matter. So, due to this app’s USSD requirement, I met with a couple of members in the Algorand Community and Foundation, whereby I shared with them the need for a USSD offline Algorand Wallet. With this USSD offline wallet, developers in Africa would easily and cheaply build dapps on Algorand that solve problems in their communities. Actually, one of the popular dapps on Algorand from Africa mostly uses USSD for their solution, they go by the name of FlexFinTx, you probably heard of them. However, their USSD component is not open-source and reproducible for Algorand developers, and Algorand developers would actually have to build their own.

Even so, if we built our own Algorand USSD offline wallet, it is a challenge to decentralization. In fact, someone asked me, “How would you run a blockchain node on a feature phone?” So, just yesterday an idea came to me of how it would happen.

zk-Snarks is the solution. So here it goes, we should have an open-source USSD wallet connected to an Algorand node via zk-Snarks. This would enable these light clients i.e feature phones, to sync with the Algorand Network without having to run full nodes. I wonder if this is a viable mechanism on Algorand, I would love your feedback.

It could be a Layer-1 solution or a Layer-2 solution, not so sure about this. However, I checked several blockchains out there, and one of them ingeniously syncs small devices like mobile phones using zk-Snarks. I would love if I could hear from Algorand Researchers if this is possible on Algorand, and on developers on how it could be achieved in the most cost-effective way.

Creating a USSD offline wallet would be really beneficial to the Algorand community and technology, by making Algorand accessible to day-to-day Africans, growing the community, and making Algorand get used to architect real-world solutions.

I had earlier shared my reasons and other research material on the Algorand Discord, and I also have google docs showcasing the impact of enabling USSD technology to work on Algorand(actually any blockchain). Basically, anyone would have offline and secure access to making transactions on Algorand and still access Defi, send money and do everything without internet, just pressing buttons on his/her 10$ feature phone. Thank you.

Sincerely,
Celestino Kariuki

Have you seen www.a-wallet.net ? the source code is here: GitHub - scholtz/wallet

The wallet data is stored in your browser database in mobile or desktop device. I believe that it complies with what you call the USSD… It is stored offline until you turn on the internet. If you turn on the internet you can do the transactions, or make the app calls or whatever you want…

Btw, you can receive transactions any time … even when your wallet is offline… you just have to share your account address with one you want to receive the transaction… You can print out the account address qr code, or you can prepare the transaction qr code for an asset (USDT) for example…

1 Like

It is a good idea to propose a wallet that would work on feature phones.

To my knowledge, no Algorand wallet actually is a node. Instead, they use an external node service that they trust. zk-SNARK and compact certificates may be used to reduce this trust. But since current wallets are ok with this, I think it would be simpler to use the same model for an USSD wallet.

Using zk-SNARK will most likely definitely much more complex for the phone than just using an external node.

Note that if your phone is offline, it cannot read the blockchain nor post any transaction. (It can possibly sign an IOU and transfer it to someone else, but this is a different story - this can easily be partially handled with smart contracts, knowing that such IOU may not be successfully settled as without online access to blockchain, you cannot prevent double spending - blockchain is exactly what prevents double spending!)

And if your phone is online, using an external node is much less demanding than using zk-SNARK.

Do you know if any blockchain has USSD wallets?

1 Like

@fabrice , hello Fabrice, I have taken a lot of time in responding back, apologies, but during that time, I have done some research and, as you asked, I know on Celo Blockchain some parties do have offline USSD blockchain wallets, though they sync with mobile phone numbers, and sometime back I remember you citing how phone numbers are insecure, so I got pretty worried if it is the way to go. Maybe we need some innovation in the telecommunications sector as well around mobile phones, so that’s something else. However, I am still thinking that maybe there is a way to do transactions offline, but I am still exploring. @scholtz , thanks for your proposal, but the problem to be solved was sending an ASA fully offline.

After investigating on our side, it looks like USSD wallets would necessarily be custodial, as to our knowledge USSD does not allow to run any code on the smartphone.
Security would indeed rely on the phone number security and USSD security that looks very far from the security you have using a smartphone. (In particular, SIM swapping is a known techniques to bypass 2FA for example.)

That being said, if I understand correctly, a lot of banking in Africa is done through USSD. Having an Algorand USSD application that allows transferring a specific token (ASA) may be as secure as these banking applications and may provide more transparency than those applications.

@fabrice, yes, for the most part, banking and mobile money institutions in Africa use USSD to enable the transfer of money offline. However, even in these cases, it’s mostly centralized, cause it’s telecommunications companies that manage these infrastructures, and even for the banks that do this, they end up partnering up with telecommunication companies. Of course, we should try as much as possible to be decentralized, secure, and fast at the same time, which is Algorand’s aim.

I shared a couple of additional info and resources on Discord but I think I should share them here as well, so as to keep track. So, I have some friends, who are Kenyan as well, and are working on a USSD on/off-ramp but on the Celo Blockchain. Have a look at their open-sourced middleware: GitHub - KotaniLabs/kotanipay: Middleware technology connecting USSD applications to blockchain networks.< . It’s mostly node.js and Solidity

I also had this idea shared on Discord:

What if we do an ALGO SIM Card with a feature phone for it?

It could help to enable the transfer of ALGO and Algorand assets fully offline

Or maybe I do a Sim Card and enable inbuilt ALGO Assets tx functionality, and something to replace how phone numbers work

Also, I came across a blockchain project called NEM and they make each account have its own blockchain, maybe each of these accounts could have a copy of their own blockchain, and it remains offline and comes online only during a needed audit.

As a good reference, here is a mobile money app called Mpesa that allows anyone to send money, Kenya shillings(digital fiat) in its case, but on offline mode as well: https://play.google.com/store/apps/details?id=com.safaricom.mpesa.lifestyle

I think the compromise is in security, but to be honest, I still don’t have this part tackled, do you have any ideas? @fabrice , thank you.

Hello @fabrice, I still think it is worth the necessity to build an offline USSD Wallet for Algorand because it will increase user adoption. For security issues, is there still a way that I can use compact certificates for this to evade SIM Card Swapping or how do you think that can technically be solved? Thank you.

As long as the phone cannot do cryptography (which is my understanding of feature phones), unfortunately, you would not be able to verify compact certs on the phone.
Furthermore, it is unclear to me how compact certs can help in this specific case, in the sense that compact certs reduce needed trust. But current wallets do not use compact certs and rely on a trusted node anyway.

So eventually, @fabrice , it will just be centralized?

Also check this out @fabrice : security - USSD secure or not? - Stack Overflow, there is a suggestion that if done on a smartphone, then there still can be a form of encryption if we run the USSD in an Android Application

Yes, I don’t see any other solution if the phone cannot make cryptography unfortunately.
As centralized as an exchange can be.

If you have access to a smart phone, I think you can do much better. For example, you can have the key on the smartphone and send the signed transaction to USSD if you don’t have full Internet access.
In other words, you can use USSD as a very limited access to Internet, to access an API service for Algorand. From there, you can essentially replicate the full features and security of the normal Algorand Wallet. No custodian necessary.

1 Like

Hello @fabrice, really grateful for your help in clearing out my technical understanding on this, I am working on a whitepaper on the project and wanted to include special gratitude to you for this, let me know if you are open to this. Here is the whitepaper: JASIRI protocol - Google Docs. I didn’t want to look like a spam bother, so I wanted to make sure I get your consent on this and share with you the overall work. Thank you.

1 Like

Hi Celestino could we link up

Hello @Ahmed, sure, which medium do you prefer ?

Hello @fabrice , is there any info on the light client feature that comes with state proofs. From my understanding, it could make the offline wallet much secure and safer, as well as prevent double-spend problems or hacks. Third party servers can work but it is too expensive and it wouldn’t be able to have users own their wallets and transactions.

For offline wallets on feature phones, state proofs won’t help as feature phones cannot run any cryptography of use.

For offline wallets on smartphones where USSD is used for communication instead of Internet, then we could imagine using state proofs. That being said, all the main wallets I know of anyway just connect to some node they trust. Taking Pera Wallet and replacing Internet connection to a node with USSD + signature should give you similar security as the original Pera Wallet from my understanding. State proofs would be a bonus.

Hello @fabrice , so, trying to understand this, running a node locally is not really a must on Algorand because decentralization on Algorand happens via holding ALGO tokens and not running a node like the conventional blockchain necessitates so, am I right? Meaning that even without state proofs it doesn’t matter that much cause someone can rely on Purestake APIs for example.

Hey @Celestino_127 let’s connect, interesting topic your addressing here. You have telegram or what’sapp?