Create data encryption/decryption standard plus supporting APIs for wallets to implement

[ozyman42]

Motivation

Many potential applications might prefer to encrypt end user data via a public key the user controls rather than encrypting via a user's password (i.e. lastpass), as passwords are a poor UX compared to a web 3 wallet. Metamask currently is the only web 3 wallet I'm aware of which offers the ability to decrypt via private key. Ideally Solana wallets should support this, and ideally all the wallets would use the same algorithm for obtaining a public encryption key and the same asymmetric encryption algo too. In the linked EIP you see a proposal for wallets to offer an RPC for encryption via secp256k1 + ECIES.

Details

Relevant discussion in Ethereum: https://ethereum-magicians.org/t/eip-5630-encryption-and-decryption/10761/128
Metamask SDK:

• encrypt: https://docs.metamask.io/wallet/reference/eth_getencryptionpublickey
• decrypt: https://docs.metamask.io/wallet/reference/eth_decrypt/

Open related issue in Backpack coral-xyz/backpack#4241
Open related issue in Solana Mobile Seed Vault solana-mobile/seed-vault-sdk#144
Closed related issue in Solana web3 repo solana-labs/solana-web3.js#1367

[jordaaash]

Thanks! I'll drop some related links for now and follow up properly soon:

• Original Wallet Adapter issue proposing an encryption API: Add encryptMessage to WalletAdapter interface wallet-adapter#323
• Experimental Wallet Standard features encrypt and decrypt
• @valentinmadrid's PR to fix the Wallet Standard example using the experimental features: Convert Solana Ed25519 Keypairs for Use in TweetNaCl Box Encryption wallet-standard/wallet-standard#84
• @valentinmadrid's sRFC for encryption keypair derivation: https://forum.solana.com/t/srfc-00007-encryption-standard-for-solana-keypairs/65/7
• @vovacodes's sRFC for on-chain public key storage: https://forum.solana.com/t/srfc-00009-sign-in-with-programmable-smart-wallets-using-off-chain-delegates/104/9
• @buffalojoec's WIP program for on-chain public key storage: https://github.com/buffalojoec/keyring-program

[jordaaash]

At a high level, the current plan is:

• Add Joe's program to the Solana Program Library and deploy it. This program will allow any Ed25519 signer or PDA to create on-chain records of public keys they own. These may be used for various encryption and signing algorithms. This will let wallets determine keys that belong to users to negotiate encryption, and satisfy Vova's requirements for the Squads multisig wallet to be able to sign messages.
• If we're using an on-chain record for the public keys, we don't need to define how the private keys are derived or stored. Wallets may or may not use deterministic signatures as in Valentin's proposal, but the protocol for how to perform the encryption and decryption will be agnostic.
• Add some kind of encrypt and decrypt features to the Solana extensions to the Wallet Standard. This will allow wallets to express to applications their ability to use encryption and what algorithms they support. These may not look exactly like the experimental features we prototyped previously.
• Work with wallets to implement these APIs. This may involve providing them with some binaries and SDKs compiled from Rust for WASM/iOS/Android so they don't each have to implement various cryptographic protocols for the platforms they support.

[buffalojoec]

Hey @ozyman42 ! I just added some replies to the sRFC's Jordan linked and updated the Keyring Program with my latest commits, including a more detailed README.

I encourage you to comment in sRFC 00007 so we can rope in the folks on the thread, as well as sRFC 00009 if it's of interest to you!