Quick background on Argent

You can skip this if you know us already, but for those that don’t, here’s some context for the questions.

We’re a smart wallet with the ease of use and security of the best new bank apps — without the bank. Only you (not us, not anyone else) can access your assets. You can earn interest with Maker and Compound in a tap; and enjoy peace of mind by locking and unlocking, recovering without a seed phrase, and setting a daily transfer limit.

Our security model is based on ‘Guardians’. A Guardian can be any other Ethereum account (your hardware wallet, or a friend, for example). They help you with specific security actions (like recovery) but never have access to your funds.

Now, on to the questions.

Let’s start with the toughest. They get to the heart of why we exist.

1) Security & Decentralization 🔒

What if Argent disappeared? Or Apple kicked you off the App store?

We’ve built Argent to be fully non-custodial and censorship resistant. The ultimate test of this is being able to disappear completely without any loss of assets to users. This is a crucial contrast with centralized wallets/exchanges.

We cover the two possible scenarios:

If our App is removed from the Appstore: This does not impact existing users as the App would still be on your phone and you can keep using it. See other question in the AMA The extreme scenario where Argent, the company, suddenly disappears, including our infrastructure: We have built the Argent Emergency Kit just for that. You can sign a transaction on your phone but submit it to the blockchain through any other wallet such as MEW or Metamask. The emergency kit is live on iOS, and should be ready next month latest on Android.

What if a dictatorship comes after you?

We’ve put ourselves in a position where we cannot harm users. How?

We’re non-custodial: we can’t take users’ funds even if we were taken over by a malicious actor We’re censorship resistant: users can move their funds even if our infrastructure is taken down. We limit the data we hold on users (email and phone only), which is why we plan to enable wallets to be created without a phone number, we target this for Q2 latest. The email will stay but it’s very easy for users to create new private emails with service such as protonmail.

What parts of Argent are centralized now?

The main component of the Argent wallet that is centralized is the relayer. However, the relayer is fully non-custodial as it cannot tamper with a transaction and we make it possible to not use the relayer through the Argent Emergency Kit. To further decentralise the relayer we are considering options such as connecting to the Gas Station Network.

We also have a centralised backend but its only purpose is to orchestrate certain flows between users and improve the user experience. However, by design the clients do not need to trust the backend, and all these flows can be achieved by interacting with the blockchain directly.

The Argent Guard Service can also be considered centralized but it’s not part of the wallet. It’s just a service that we offer to people for convenience and they can easily opt out. The overall Guardian model is fully decentralized since any Ethereum account can act as a guardian.

Should the Parity hack affect my view of all smart contract wallets?

The Parity hack was less of a problem with working with smart contracts in general than it was for issues specific to how they approached it, perhaps due to the fact that a wallet wasn’t their core product. While it won’t comfort those affected, it did act as a serious wake-up call to all the smart contract-based projects founded in the three years since — not just wallets.

In our case, for example, we only push to production code that has been reviewed and tested internally AND audited by external auditors. There is no exception to that rule.

Wallets based on smart contracts are no different than wallets based on client software running in your web client or firmware running in your hardware wallet. In the end they are all software/firmware manipulating financial assets and they need to be the result of the best development standards and processes. At least with smart contracts the code is public and available for everyone to inspect.

Has Argent been audited?

Yes, all our smart contracts go through external audits before we deploy them on mainnet. You can find the audit reports here.

On top of that we run a bug bounty program, and our smart contracts are public and open-source to ensure maximum scrutiny.

How and where is the seed generated, stored? how is the seed restored by a Guardian (technically)?

The seed (in our case the private key) is generated and stored locally on your phone. By design it never leaves your phone. On your phone it is encrypted with (a slow hash of) your PIN and if available the Secure Enclave, then stored in the local Keychain (the most secure element of you phone).

Since the private key never leaves the phone it cannot be restored by your Guardians. But what your Guardians can do is collectively define a new private key as the legitimate owner of your wallet. This is only possible because Argent is a smart-contract wallet.