Medusa AdaWallet - is a free of charge community-driven project of a light wallet combining the best features of other existing offerings.
Medusa was the first ITN-compatible public wallet and was released before ITN Daedalus and ITN Yoroi. It worked more consistently and reliably during the "bloody ITN storms" that a lot of ITN users (both stake pool operators and delegators) might remember. We listen to our community, so Medusa's UX is more intuitive and simple than others. We are providing smart solutions and automatizations if possible to smooth all "corners" of UX for our users.
There is an old version at <https://adawallet.io,> but this version is no longer under active development, with the main focus now being on a new re-designed version, based on cardano-db-sync and Emurgo's serialization lib.
The new version has a well-researched and powerful security model.
Most web developers ignore major security issues for some reason. They:
- Store keys and sensitive data in public storage like localstorage or indexed db;
- Do keys-processing in the main browser thread;
- Even do not encrypt private keys;
- Don't care about 3rd party code injections in their code dependencies;
- Don't care about user's browser-extensions which inject their code to the page too;
- Asking users to type their mnemonic for each session;
- This is an unacceptable approach for finance software.
Medusa 2.0 does not have these issues, even at MVP stage. A lot of hard work went into achieving this, including researching, engineering, writing our own libraries and mechanics. It's not just yet another cardano-serialization-lib skin.
What makes Medusa different?
- Security features that are already implemented:
- Medusa doesn't store and operate keys within the main browser thread - unmanaged 3rd party code is not able to reach them;
- Medusa does not send or store any unhashed / unencrypted data;
- Medusa does not perform unnecessary loading of encrypted keys;
- Medusa uses it's own network-security layer to transfer your data, so even if your https is compromised, or you use some 3rd party proxy server, or you are connected to untrusted network, your data can't be read by anyone else;
- Passwordless "2FA" based login system designed in strict accordance with RFC 4226 requirements;
- There are no unmanaged code-dependencies;
- 100% anonymous — we do not collect any user-related data. No email, phone or password needed.
- There are no any analytics scripts.
UX features:
- User-friendly Daedalus-like UI, but only "like", not the same;
- It's transaction builder has the best tokens support implementation with special alignment system which solves the floating min/max sum problem when you add tokens to your transaction;
- There is a "send all" button for any asset with no headache related with "min ada held by tokens after bunch splitting";
- There are no errors like "I, machine, can't build this transaction because you, human, didn't count lovelaces properly. Yes, I can solve it, but I won't." We value your time. If something can be automated - it will be;
- Medusa is compatible with desktop browsers as well as their mobile versions;
- Our own megapools-proof pools-ranking model;
Some features we want to add:
- Sessions management;
- Ledger integration;
- OTP-keys re-generation;
- Optional 2FA-based approving for transactions;
- Smart tools like dust cleaning/utxo optimization;
- Contact book;
- API for 3rd party integrations;
- Real multistaking;
It's an already working product. There is no date of launch - you can already experiment with a working version of the wallet running on Cardano testnet network..
But..its still in development and testnet-only. But there are just a few steps before initial release.
Risk: At the initial release there will be no Byron wallets support;
Solution: Medusa 1.0 supports Byron and will be work for already registered users until v2.0 is supporting it too;