Sidekick is a new companion app that you can install on a secondary phone to authorize access to your Monero wallets in Monerujo. That way, as long as you keep that phone offline, it works as a do-it-yourself Bluetooth-powered hardware wallet.
If you want to watch Sidekick being presented by the cool guy behind it, check out this MoneroKon talk by @m2049r.
Also, check out the step by step tutorial here!
TL;DR elevator pitch:
- Free: no payments or subscriptions to use it.
- Open Source: code available for anyone to inspect.
- Safer: avoids signaling you out as a hardware wallet owner.
- Secure: encrypted Bluetooth communications and wallet files.
- Accessible: use your color touchscreen to operate it comfortably.
- Fair: provides access to very strong security to anyone with a basic smartphone.
- Green: a second life for your unused gadgets.
Why Sidekick
What happens when you have crypto and you fear losing it? You're one search away from finding hardware wallets. Borderline affordable and enticingly specific, they do one thing and they do it well: keeping your private keys away from the device that is connected to the wild internet, and therefore keeping a slew of hackers eager to steal your coins at bay. Looks like another problem easily solved by buying stuff, but…
Hardware wallets don't come without their own set of problems:
Many are not open source.
Which means that they are as secure as the companies behind them say they are. With the excuse of security, you're taking their word for granted. The whole point of crypto was to reduce trust, introducing it back isn't very appealing.
They are expensive.
Every person has his or her own concern threshold but with prices ranging from $60 to $200, hardware wallets don't make a lot of economic sense unless you have the equivalent to thousands of dollars worth of crypto saved. But remember that fortunes are relative: having $400 in crypto could be a very important savings amount for the vast majority of people out there in the world. Sad but true. It'd be great if we can provide a greater level of security to everybody, regardless of their purchasing power.
They may be difficult to get.
Many times, countries with low purchasing power have shitty postal systems and abusive customs regulations. That may very well make an imported hardware device 100% more expensive. It also signals you as a potential wealthy citizen in a jurisdiction that clearly is not friendly towards (at least) economic freedom.
Worst of all, they're risky.
You're telling the company you buy it from that you're a crypto holder, and likely not a poor one. You're telling the reseller. If you used a credit card you're telling the bank. You're telling the post office and your government. That's lots of people involved and lots of databases waiting to be leaked. It has happened and will continue to happen. Before you even think you don't pass for a crypto whale, think about how it looks from the outside: you had enough crypto years ago to justify purchasing a hardware wallet. An attacker wouldn't know (or believe) you spent it all during the last bear market in a rush of fear.
Therefore, Sidekick!
What if we could address those problems? Sidekick is a new app developed by the handsome people behind Monerujo, your trusted Monero wallet since 2017. It should be installed on a secondary phone and works as a companion to your normal main phone wallet, connecting to it via Bluetooth. As long as you keep the Sidekick phone disconnected from the internet, it should be almost as safe as any other Bluetooth hardware wallet. The reason for that "almost" caveat is that it's up to you to keep it offline or not.
What's the catch?
There's no catch. It's just a cool idea. It's not perfect either, there are tradeoffs just like everything in life: having kids may give you warm hugs and the relief of perpetuating your DNA at the expense of heaps of deprived sleep and financial hurdles.
Unless you can physically sever the antennas or something like that, you're trusting Android to really turn both mobile and wifi data when you ask it to. If that were the case, it should still be pretty safe, wallet files are very strongly encrypted.
But even if Sidekick can be considered less secure against a very, very sophisticated attack, it's more secure against much simpler attacks. I'm talking about targeted, physical attacks. You can thank privacy for that. Which brings me to…
Sidekick is safer
The Sidekick concept uses a commodity device that can be bought pretty much anywhere on earth, so it's inconspicuous (nobody knows what you have a phone for).
Sidekick is censorship resistant
Unless you can stop people from having phones, you can't stop people from using Sidekick. And it's very difficult to keep people from having phones.
Sidekick is cheaper
If you already have an old phone laying around somewhere it's basically free, but even if you had to purchase a second phone, you could buy a used and old-ish model for very little money.
Sidekick is pretty secure
Bluetooth is a wireless connection that could be tapped into, that is true. But it's encrypted and even if you break that, there's really no dangerous information being transmitted. An advantage of our approach is that since even an old phone is not that limited in memory, it can sign transactions and do all the crypto witchcraft in the Sidekick device. It doesn't need to share them with the hot device at all.
Sidekick is user friendly
Even the crappiest phones are Ferraris compared to most hardware wallets' specs. With Sidekick you probably get a big touchscreen that you can interact comfortably with, plus a lot of room to visually check important information like destination addresses. You don't need a master's degree in tiny buttons fingering, nor scroll through endless arrays of characters as if you were a stock trader from the 80s.
Sidekick is open source
You don't have to trust us. Sidekick's code can be audited by anyone, specially smarter people so we can discover and fix any potential problems. Sidekick itself is meant to be open. It can work with any Monero wallet that wants to implement it. You're not forced to use Monerujo to enjoy Sidekick.
Sidekick is even eco-friendly!
We're repurposing gadgets that you may have lying around in a drawer somewhere, no need to melt extra dinosaurs or dig up more bloody rare metals for this one.