The Nucle and Arbor wallets have been vying for the premiere spot in the Chia ecosystem since inception. Nucle was seemingly the anointed wallet, given the blessing of the Chia team via the only Cultivation grant handed out (editor’s note: that has been publicly announced) and incessantly defended by top members of the Chia executive team. Arbor wallet was started by the Digital Farming Initiative, a scrappy upstart company headed by a CEO known by the name of BigButta. The wallet launched to much fanfare and was immediately embraced by the community. After a brief inspection of the code, community members detected flaws in the technical aspects claimed by the team, namely that mnemonic seeds never left the client and that all transactions were signed before submission to the blockchain. The team pulled the wallet, and circled the wagons to produce a new version of the wallet. Enter the 2.0.0 version of Arbor Wallet.
The first thing to note is that Arbor wallet does not do what it claims on the website. It says, in present tense that it supports CATs, it does not. Also Arbor wallet uses a 12 word mnemonic scheme rather than the Chia standardized 24 word scheme. This means that a wallet created with Arbor is not compatible with Chia light wallet and full node.
The Arbor Wallet is implemented using the Flutter framework. “Flutter is an open-source UI software development kit created by Google. It is used to develop cross platform applications for Android, iOS, Linux, Mac, Windows, Google Fuchsia, and the web from a single codebase.” This is a good choice for achieving a multi-platform implementation while keeping the codebase tight and reusable. The entire frontend codebase is published for inspection in the way that developers would expect to read it: https://github.com/Digital-Farming-Initiative/arbor-wallet. This is in stark contrast to the Nucle wallet which only publishes its backend.
When implementing a frontend using the Flutter framework all the important code lives in a single directory while the multi-platform bits live in a thin layer referencing the common code. The web, iOS, and android directories contain only code which glues the important pieces together for the specific platform. The rest of the code analysis will focus on lib and test.
Looking at test yields little of substance. This is disappointing. Good testing is critical for any quality software product and the DFI team wrote only one test that tests next to nothing. If there is a quality program at DFI it is an entirely manual effort.
The bulk of the efforts of the DFI live in the lib directory. Here we find one of the most astonishing things: the team has implemented or ported many critical libraries and functions into Dart. “Dart is a programming language designed for client development, such as for the web and mobile apps. It is developed by Google and can also be used to build server and desktop applications. Dart is an object-oriented, class-based, garbage-collected language with C-style syntax.” This was no small effort as many libraries needed to be ported or re-implemented to ensure the wallet could do local (on-device) operations. Unfortunately none of these functions seem to have tests associated with them. Whether a critical vulnerability exists in this code will likely hinge on whether the team got this port correct. There are implementations for both CLVM and BLS. BLS is the signature scheme used by Chia and has been touted as the main reasons for Chia’s slow adoption among mainstream exchanges. CLVM is the low level language invented by Richard Kiss and Bram Cohen for on-chain smart contract programming in Chia. “CLVM is the compiled, minimal version of ChiaLisp that is used by the Chia network. Chialisp compiles into CLVM.”
Digging deeper into the code we find the core functionality of the wallet contained in the file wallet_service. In application architecture design a service tier is where the important business logic is contained. Here we find the critical methods for wallet operation: createNewWallet, fetchBlockchainInfo, recoverWallet, fetchWalletBalance, fetchWalletTransactions, and sendXCH. Again we see nothing supporting CATs and importantly nothing concerning custom fees. Given the recent dust attack on the network this seems a glaring oversight. The wallet manages the mnemonic correctly and uses the private key to sign transactions appropriately before sending on to the backend API. The wallet also correctly claims and implements SPV. “Simple Payment Verification (SPV) is a technique described in Satoshi Nakamoto’s paper. SPV allows a lightweight client to verify that a transaction is included in the Bitcoin blockchain, without downloading the entire blockchain.”
Overall the 2.0.0 codebase of the Arbor wallet is truly open source, unlike Nucle. They get an A+ for transparency and the team is demonstrating considerable excellence in development. There are some flaws in the codebase and a few choices that could be considered dubious but overall they get a passing mark. If only their competition would do likewise.
