[IMPACT]

Medusa AdaWallet - is a free of charge community-driven project of a light wallet combining the best features of other existing offerings.

Medusa was the first ITN-compatible public wallet and was released before ITN Daedalus and ITN Yoroi. It worked more consistently and reliably during the “bloody ITN storms” that a lot of ITN users (both stake pool operators and delegators) might remember. We listen to our community, so Medusa’s UX is more intuitive and simple than others. We are providing smart solutions and automatizations if possible to smooth all “corners” of UX for our users.

There is an old version at https://adawallet.io, but this version is no longer under active development, with the main focus now being on a new re-designed version, based on cardano-db-sync and Emurgo’s serialization lib.

The new version has a well-researched and powerful security model.

Most web developers ignore major security issues for some reason. They:

• Store keys and sensitive data in public storage like localstorage or indexed db;
• Do keys-processing in the main browser thread;
• Even do not encrypt private keys;
• Don’t care about 3rd party code injections in their code dependencies;
• Don’t care about user’s browser-extensions which inject their code to the page too;
• Asking users to type their mnemonic for each session;
• This is an unacceptable approach for finance software.

Medusa 2.0 does not have these issues, even at MVP stage. A lot of hard work went into achieving this, including researching, engineering, writing our own libraries and mechanics. It’s not just yet another cardano-serialization-lib skin.

What makes Medusa different?

• Security features that are already implemented:
• Medusa doesn’t store and operate keys within the main browser thread - unmanaged 3rd party code is not able to reach them;
• Medusa does not send or store any unhashed / unencrypted data;
• Medusa does not perform unnecessary loading of encrypted keys;
• Medusa uses it’s own network-security layer to transfer your data, so even if your https is compromised, or you use some 3rd party proxy server, or you are connected to untrusted network, your data can’t be read by anyone else;
• Passwordless “2FA” based login system designed in strict accordance with RFC 4226 requirements;
• There are no unmanaged code-dependencies;
• 100% anonymous — we do not collect any user-related data. No email, phone or password needed.
• There are no any analytics scripts.

UX features:

• User-friendly Daedalus-like UI, but only “like”, not the same;
• It’s transaction builder has the best tokens support implementation with special alignment system which solves the floating min/max sum problem when you add tokens to your transaction;
• There is a “send all” button for any asset with no headache related with “min ada held by tokens after bunch splitting”;
• There are no errors like “I, machine, can’t build this transaction because you, human, didn’t count lovelaces properly. Yes, I can solve it, but I won’t.” We value your time. If something can be automated - it will be;
• Medusa is compatible with desktop browsers as well as their mobile versions;
• Our own megapools-proof pools-ranking model;

Some features we want to add:

• Sessions management;
• Ledger integration;
• OTP-keys re-generation;
• Optional 2FA-based approving for transactions;
• Smart tools like dust cleaning/utxo optimization;
• Contact book;
• API for 3rd party integrations;
• Real multistaking;

It’s an already working product. There is no date of launch - you can already experiment with a working version of the wallet running on Cardano testnet network..

But..its still in development and testnet-only. But there are just a few steps before initial release.

Risk: At the initial release there will be no Byron wallets support;

Solution: Medusa 1.0 supports Byron and will be work for already registered users until v2.0 is supporting it too;

[FEASIBILITY]

Milestones:

1. Initial launch (april 2022);
2. Implementing 3rd Party API;
3. Implementing Byron support;
4. Implementing Ledger integration;
5. Closing Medusa v1.0;
6. Implementing extra features listed above;
7. Professional security audit;
8. Product support, extra localizations and users requests integration;

Medusa Wallet It’s a community-driven project. We listen to our users, their requests and suggestions and implement them. The old Medusa has about 1000+ users and we want to bring them a new product as soon as possible. You can accelerate this process.

1. Domain adawallet.io: $73.20 for a year (VAT included);
2. Servers: 1380 (4 units, 345$ for each for a year, VAT included);
3. $24k for the developer salary (2k per month for a year);
4. $8k for testers (on-demand based work for a year);
5. $2k for 3rd party services like translations and art(on-demand based work);
6. $10k for a professional security audit (last stage);

Total: $45453.2, but let it be rounded to $45000

Lead developer - me, Denis Kalinin aka @Fell-x27:

• Graduated Specialist of Computer Science and Digital Security;
• Medusa 1.0 developer;
• Cardano Ambassador;
• Developer experience: 15 years;

Tester#1 - Ruslan Soluyanov aka @soluyanov

• Pentest project manager (information systems security audit)
• Experience: 2 years
• IT experience: 9 years

Tester#2 - Greg B @homersapiens

• Graduated Bachelor of Computer Science;
• Developer experience: 19 years,
• including 2 years specifically in Automated Testing;
• One of co-founders of Koios Elastic API project (guild operators initiative).

Artist - Margarita Krokozyabra (https://www.artstation.com/krokozyabra)

[AUDITABILITY]

You can track project progress and news and ask us anything with our twitter: https://twitter.com/MedusaAdaWallet

Switching “test version” to “main version” and kind community cimments :)

It’s a re-trying of https://cardano.ideascale.com/c/idea/382444, It was rated well, but unfunded because of lack of funds in category;