fio-wallet (keosd) scalability discussion

Owned by Eric Butz
Last updated: Mar 23, 2022
3 min read

Tracks research and discussions related to: https://fioprotocol.atlassian.net/browse/WP-485

Related

Overview

An exchange partner that issues keys for every user recently ran up against a limitation of the keosd wallet where you can get errors with only 30K+ users. This was fixed with some server tuning, but it opens the larger question of whether FIO should have a solution for key storage and, if so, what that would be.

fio-wallet (keosd)

  • keosd is a key manager service daemon for storing private keys and signing digital messages. More information can be found at: https://developers.eos.io/manuals/eos/v2.0/keosd/index

  • keosd also defines a secure enclave for signing transactions created by cleos.

  • FIO renamed keosd to fio-wallet, but kept most functionality the same.

  • eosio documentation clearly states that keosd is intended to be used by developers only.

Questions

  1. What do you think of the use of keosd as a production wallet for exchanges?

  2. Should FIO support keosd as a production wallet? This would require us to build up some expertise since Wallet technology is not a core compentency of the dev team and there are many other organizations that already do that very well.

  3. An alternative is to document that keosd is a wallet that can be used for development and to support clio calls and any use in production beyond that is out of our hands. 

Possible directions

Update keosd to support the FIO use case

  • Leverage eosio community to patch keosd (Is this a common problem across the community?)

Use a different wallet for FIO key storage

  • Would require research and testing.

  • Most practical solution would probably be to partner with an existing wallet.

  • Not sure FIO should be taking on the role of recommending a specific wallet for key storage?

  • It is likely that different exchanges will have different requirements for key storage.

Build our own key storage solution

  • Not currently in our technical wheelhouse.

Enable memo field for FIO Token transfer

  • EOSIO somewhat avoids the key storage issue by supporting a memo field that exchanges can use to route deposits.

  • This idea has been explored and would be difficult to implement.

Document that fio-wallet (keosd) should not be used for production

  • Leave key storage decisions to the wallets and exchanges.

  • Optional: Research how other exchanges are storing keys and document best practices.

12/1/21 Steering Committee Discussion

Attendees: David, Paweł, GP, Luke, Ed, Adam, Ben, Emilie, Ash, Eric

  • Regarding possible directions:

    • Update keosd to support FIO

      • May be the path to take, but requires a better understanding of the issues with keosd and whether they can be fixed

    • User a different wallet

      • Also may be a path to take, but would be a secondary path to using/fixing keosd.

    • Build our own key storage solution

      • Probably not a good path since FIO is not a wallet-focused group. Could be outsourced though. It would be better to leverage an existing wallet if possible.

    • Enable memo field for FIO Token transfer

      • There are still issues when using memo fields where users neglect to enter the memo, etc.

      • Recommend first researching how other eosio chains handle key storage at exchanges. If memo field is widely used it may be worth pursing.

      • Even if memo field is used, there is still the question as to where the exchanges store their keys.

    • Document that fio-wallet should not be used for production and do not offer support.

      • Not an option since FIO wants to ensure that exchanges using keosd are supported and does not want to risk delisting from those exchanges

  • More research needs to be done to determine what that support looks like: