fio-wallet (keosd) scalability discussion
Tracks research and discussions related to: https://fioprotocol.atlassian.net/browse/WP-485
Related
Overview
An exchange partner that issues keys for every user recently ran up against a limitation of the keosd wallet where you can get errors with only 30K+ users. This was fixed with some server tuning, but it opens the larger question of whether FIO should have a solution for key storage and, if so, what that would be.
fio-wallet (keosd)
keosdis a key manager service daemon for storing private keys and signing digital messages. More information can be found at: https://developers.eos.io/manuals/eos/v2.0/keosd/indexkeosdalso defines a secure enclave for signing transactions created bycleos.FIO renamed
keosdtofio-wallet, but kept most functionality the same.eosio documentation clearly states that keosd is intended to be used by developers only.
Questions
What do you think of the use of
keosdas a production wallet for exchanges?Should FIO support
keosdas a production wallet? This would require us to build up some expertise since Wallet technology is not a core compentency of the dev team and there are many other organizations that already do that very well.An alternative is to document that keosd is a wallet that can be used for development and to support clio calls and any use in production beyond that is out of our hands.
Possible directions
Update keosd to support the FIO use case
Leverage eosio community to patch keosd (Is this a common problem across the community?)
Use a different wallet for FIO key storage
Would require research and testing.
Most practical solution would probably be to partner with an existing wallet.
Not sure FIO should be taking on the role of recommending a specific wallet for key storage?
It is likely that different exchanges will have different requirements for key storage.
Build our own key storage solution
Not currently in our technical wheelhouse.
Enable memo field for FIO Token transfer
EOSIO somewhat avoids the key storage issue by supporting a memo field that exchanges can use to route deposits.
This idea has been explored and would be difficult to implement.
Document that fio-wallet (keosd) should not be used for production
Leave key storage decisions to the wallets and exchanges.
Optional: Research how other exchanges are storing keys and document best practices.
12/1/21 Steering Committee Discussion
Attendees: David, Paweł, GP, Luke, Ed, Adam, Ben, Emilie, Ash, Eric
Regarding possible directions:
Update keosd to support FIO
May be the path to take, but requires a better understanding of the issues with keosd and whether they can be fixed
User a different wallet
Also may be a path to take, but would be a secondary path to using/fixing keosd.
Build our own key storage solution
Probably not a good path since FIO is not a wallet-focused group. Could be outsourced though. It would be better to leverage an existing wallet if possible.
Enable memo field for FIO Token transfer
There are still issues when using memo fields where users neglect to enter the memo, etc.
Recommend first researching how other eosio chains handle key storage at exchanges. If memo field is widely used it may be worth pursing.
Even if memo field is used, there is still the question as to where the exchanges store their keys.
Document that fio-wallet should not be used for production and do not offer support.
Not an option since FIO wants to ensure that exchanges using keosd are supported and does not want to risk delisting from those exchanges
More research needs to be done to determine what that support looks like:
Part 1 - Research other protocols.
Tracked in:
What are other eosio chains doing?
Do they rely on memo field, or another wallet?
How do they recommend exchanges handle large numbers of keys?
Part 2 - Document in more detail the issues with keosd and gather feedback from the community on the complexity of solving those issue. Would this be a complex endeavor?
Tracked in: