NxtVault is an open source Android application, which stores your Nxt passphrases encrypted in isolated secure storage. You will never need to enter your Nxt passphrase again, and you will no longer be at risk of viruses or keyloggers infecting your machine. Not only is it encrypted but Android’s security sandbox prevents other processes on your device from accessing the apps’ isolated storage.
After three bad attempts at entering your pin you will be locked out for 1 hour. Another bad attempt and you are locked out for 24 hours. Another bad attempt and the application will wipe out all of its data and shut down.
Let’s make this even simpler:
For every web transaction, NxtVault pops up and displays a detailed report of exactly what the transaction intends to do, giving you a chance to review and then either confirm or deny it. The goal of the developer isn’t hard to grasp: ‘To have every third party web application support this type of transaction’.
NxtVault can be downloaded here: https://play.google.com/store/apps/details?id=jay.nxtvault
Using NxtVault with JayClient
NxtVault supports the ability to scan a qr code of a JayClient transaction.
http://jnxt.org/jayex/ which enables you to watch and trade your Nxt assets from a web browser; transactions are secured by the Jay framework and/or NxtVault.
JayEX is allowing for a Nxt AE trading with the security of the localhost NRS client, the inspiration of SecureAE, and the chart ideas and layout idea from Poloniex.’
The full Nxt NRS Client is available at
http://jnxt.org/nxt/ as a website (and a downloadable .zip to host locally, if you prefer). Update: The jnxt.org site and the Jay Client + framework is no longer maintained. The source code can be downloaded from https://github.com/jonesnxt/
Nxt Android apps on top of NxtVault
NxtVault developer, mr_e, writes:
Other Android applications can raise an intent to NxtVault to request for it to sign and broadcast transactions on it’s behalf. I have created an API so that Android developers can create third party applications that are not required to be open source, nor will you need to worry about trusting them with your passphrase!
NxtVault can handle both signing the transaction, and broadcasting the transaction to light nodes that are detected on the network, in a decentralized way.
I hope that this will unleash a whole new suite of trustless android apps.
The NxtVault source code has been reviewed by Jones. https://github.com/mr-e-/NxtVault
To integrate NxtVault, you need to implement its intents (i.e. the messaging objects used to request an action from another app component).
There are three key intents you can raise for NxtVault to pick up:
nxtvault.intent.action.REQUESTACCOUNT (request an access token along with the users nxt address – this will pop up nxtvault allowing the user to select an account to share)
nxtvault.intent.action.SIGNANDBROADCAST (signs transaction and broadcast – will pop up a transaction summary screen allowing user to confirm)
nxtvault.intent.action.SIGN (signs transaction and returns bytes to calling application – will pop up a transaction summary screen allowing user to confirm)
An example of how to raise these intents and respond to their results is located in the code base here:
For more info + to talk to mr_e: