NxtVault is an open source Android application, which stores your Nxt passphrases encrypted in isolated secure storage. You will never need to enter your Nxt passphrase again, and you will no longer be at risk of viruses or keyloggers infecting your machine. Not only is it encrypted but Android’s security sandbox prevents other processes on your device from accessing the apps’ isolated storage.
After three bad attempts at entering your pin you will be locked out for 1 hour. Another bad attempt and you are locked out for 24 hours. Another bad attempt and the application will wipe out all of its data and shut down.
NxtVault is built on top of Jones’ “Jay Framework”, a javascript library created to interface with the Nxt network using dynamically discovered public nodes, allowing for the creation of our first suite of Nxt thin clients that don’t rely on a single developers centralized server!
Let’s make this even simpler:
For every web transaction, NxtVault pops up and displays a detailed report of exactly what the transaction intends to do, giving you a chance to review and then either confirm or deny it. The goal of the developer isn’t hard to grasp: ‘To have every third party web application support this type of transaction’.
NxtVault can be downloaded here: https://play.google.com/store/apps/details?id=jay.nxtvault
Using NxtVault with JayClient
NxtVault supports the ability to scan a qr code of a JayClient transaction.
Read more about the Jay Client.
Jay includes http://jnxt.org/jayex/ which enables you to watch and trade your Nxt assets from a web browser; transactions are secured by the Jay framework and/or NxtVault.
Jones:
JayEX is allowing for a Nxt AE trading with the security of the localhost NRS client, the inspiration of SecureAE, and the chart ideas and layout idea from Poloniex.’
The full Nxt NRS Client is available at http://jnxt.org/nxt/ as a website (and a downloadable .zip to host locally, if you prefer). Update: The jnxt.org site and the Jay Client + framework is no longer maintained. The source code can be downloaded from https://github.com/jonesnxt/
Sign in with your Nxt account, not your secret passphrase.
Send your tx’s by scanning the qr code with NxtVault, or sign it with the Jay localhost client on your desktop.
Nxt Android apps on top of NxtVault
NxtVault developer, mr_e, writes:
Other Android applications can raise an intent to NxtVault to request for it to sign and broadcast transactions on it’s behalf. I have created an API so that Android developers can create third party applications that are not required to be open source, nor will you need to worry about trusting them with your passphrase!
NxtVault can handle both signing the transaction, and broadcasting the transaction to light nodes that are detected on the network, in a decentralized way.
I hope that this will unleash a whole new suite of trustless android apps.
The NxtVault source code has been reviewed by Jones. https://github.com/mr-e-/NxtVault
To integrate NxtVault, you need to implement its intents (i.e. the messaging objects used to request an action from another app component).
There are three key intents you can raise for NxtVault to pick up:
nxtvault.intent.action.REQUESTACCOUNT (request an access token along with the users nxt address – this will pop up nxtvault allowing the user to select an account to share)
nxtvault.intent.action.SIGNANDBROADCAST (signs transaction and broadcast – will pop up a transaction summary screen allowing user to confirm)
nxtvault.intent.action.SIGN (signs transaction and returns bytes to calling application – will pop up a transaction summary screen allowing user to confirm)
An example of how to raise these intents and respond to their results is located in the code base here:
https://github.com/mr-e-/NxtVault/tree/master/nxtvaultClientLib/src/main/java/com/nxt/nxtvaultclientlib/nxtvault
You can add nxtvault client lib as a library to your project. This gives you a JavaScript interface for all jay calls, as well as the code to raise the correct intents.
Click on the link below for the Jay interface and look at the test wallet to see how they are called: (the jinterface is using interop with javascript and will allow you to make any NRS request to a public node. With this you can make calls to getAccount, getAsset etc without needing a centralized server of your own)
https://github.com/mr-e-/NxtVault/tree/master/nxtvaultClientLib/src/main/java/com/nxt/nxtvaultclientlib/jay
For more info + to talk to mr_e:
https://nxtforum.org/general-discussion/unveiling-the-new-nxtvault-secure-account-management-for-android-devices!-beta/new