SmartVault - smart contract wallet with worry free recovery, and Dapps

Hi everyone,

I’m Hashme-san! I have been working on blockchain DeFi tech for 3+ years, and previously founder of a blockchain startup. I’m excited to contribute to the Harmony ecosystem. I’m here to tell you about this exciting project I’m working on. It’s called SmartVault, a contract wallet designed with worry-free recovery by using your Google Authenticator 5- consecutive token codes as recovery, which means you don’t have to worry about writing key phrases, remembering password, email phishing, or sms hijacking.

Full list of features:

  • Worry-free recovery: No worry about key phrases, passwords, device loss, email phishing, sms hijacking. Recover with 5 OTP tokens which means entering 30 digits code, providing you security of 100bits+ of entropy.
  • Harmony Name Service: Just like domain registration, register yourself an easy name to lookup your wallet and share with your friends.
  • HRC20/HRC721/HRC1155: Fully supported HRC20, Non-Fungible Tokens (ERC721), and Multi-token Standard (HRC1155).
  • Spending Limit: Protect your wallet by capping spending limits and requiring 2FA OTP wallet verification.
  • Social Guardians: Take your wallet security to the next level by requiring multiple devices you own or friends & family to authorize over spending limits, and recovery.
  • Smart contract without the hassle: Self-sufficient. You don’t need native wallet (like metamask or CLI) to sign transactions to use it. We designed meta transactions which can be relayed, and deduct fees from your wallet when it is successful.
  • Activate your wallet with a simple deposit: Using counterfactual wallet EIP 1014, we can generate your “future” wallet before it is created, and safely deposit into the address any amount, from anywhere (even exchanges like Binance, Coinbase, etc).
  • Fully Upgradeable: Smartvault has built-in upgrade functions. As there are more features like staking, DEX added, simply upgrade with all the new features without moving your assets, and still keep the same address.

You may be asking, Why contract wallet?

Metamask, CLI, and other native wallets are “External Owned Accounts” (EOA), controlled by private key, which represent single point failure such as loss, or hacking. Exchange wallets are protected only by your password and limited to how it interacts with Dapps. On the other hand, contract wallet security can be composed to your specific needs in terms of what kind of security you need, who can access it, your spending patterns, lock and unlock mode – all on the blockchain.

Contract wallets are difficult to use! How about SmartVault?

Contract wallets have always been difficult to use because you need to know how to interact with them as contracts. We built a relayer around it so you don’t need metamask or CLI to sign transactions. There are webclient + CLI available. The wallet is self-sufficient like other native wallets…

What kind of academic research is behind this project?

We were inspired by Ivan’s SmartOTP paper which leverages a merkle tree to prove that a) the user knows the current OTP code and b) the code belongs to a given authenticator secret. We adapted the idea into an Argent-like wallet, and functions with Google Authenticator. More background information in Github wiki

How is it different from polymorpher/one-wallet?

Both projects are inspired by the same SmartOTP paper. The main difference is one-wallet authorizes each transaction by verifying the OTP code provided from the user, whereas smartvault assigns an owner-key to sign for the wallet, and that owner-key can be changed out when you initiate the recovery process with the Google Authenticator. Think of it smartvault like a smart lock which you can reprogram the lock with a new pin (private key) as long as you know the master code (google authenticator).

Has the code been audited?

It is currently undergoing a security audit by Slowmist.

What’s next?

Dapps, Dapps, Dapps!

How can I help?

  • Create your wallet at! :pray::pray::pray:
  • Report issues to GitHub
  • Try our CLI wallet on yarn global add @hashmesan/smartvault
  • Read our Developer guide on wiki
  • Share with other communities
  • Share with your friends
  • Share on social media

awesome wallet. thanks for your post about it. while trying on testnet, I was getting this error, any idea? I have 100 ONE deposited, but still.

"\"Transaction: 0xdc9ac6b093c930bcc14b29ce03f3e56b1d699c6d52a10a94f0c52af6897d452f exited with an error (status 0). Reason given: NOT ENOUGH FOR FEES.\\n Please check that the transaction:\\n - satisfies all conditions set by Solidity `require` statements.\\n - does not trigger a Solidity `revert` statement.\\n\""

probably relay contract is out of funds? Harmony Blockchain Explorer

1 Like

Can you send like +1 ONE into your wallet and try again… There’s some rounding issue on client side. The ENS keeps charging these long precision numbers :frowning:

1 Like

made it to the wallet now. but sending ONE is stuck at “Submitting…(wait)” step.

I tested on testnet3 and testnet0, both works for me. Can you grab the console logs and share with me?

Integrating with Dapps!

1 Like

Hi, I’m developer participating for hackathon.

Now, I’m trying to run my own relayer and building development network.
But I got error when I search name of wallet.

Do you have any idea to fix it??

And I got error from relayer side in the docker container.

yarn run v1.22.4

$ node -e 'require("./index.js").server()'

Listening on port 8080!

(node:28) UnhandledPromiseRejectionWarning: #<Object>

(Use `node --trace-warnings ...` to show where the warning was created)

(node:28) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see (rejection id: 1)

(node:28) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.


      throw err


Error: PollingBlockTracker - encountered an error while attempting to update latest block:

Error: connect ECONNREFUSED

    at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1141:16)

    at PollingBlockTracker._performSync (/app/relayer/node_modules/eth-block-tracker/src/polling.js:51:24)

    at processTicksAndRejections (internal/process/task_queues.js:97:5)

Emitted 'error' event on Web3ProviderEngine instance at:

    at safeApply (/app/relayer/node_modules/safe-event-emitter/index.js:70:5)

    at PollingBlockTracker.SafeEventEmitter.emit (/app/relayer/node_modules/safe-event-emitter/index.js:56:5)

    at PollingBlockTracker._performSync (/app/relayer/node_modules/eth-block-tracker/src/polling.js:53:16)

    at processTicksAndRejections (internal/process/task_queues.js:97:5)

error Command failed with exit code 1.

info Visit for documentation about this command.

I have done

  • running ganache-cli locally
  • setting .env file

Resolver is a function in the ENS. I have a prepackaged ganache with the contracts deployed (see wiki: Github/ Developer Guide on Development workflow).

tar xvf ganache-db.tar

If you have other issues, you can reach out to me on discord: Quoc#8381 ; Thanks for checking out this project.

1 Like


I sent friend request on discord, so please check it.
my discord name is juntaro#7462

1 Like

ViperSwap now fully integrated with SmartVault

ViperSwap provides a good example how to build your dapp (see viper.js and viper_helper.js). For purpose of hackathon and until we have 3rd party support, you can mirror what ViperSwap is doing for your project.

Demo video shows swap between ONE → Token, Token → Token, and Token → ONE.

Creating a wallet, error message #86 and #87
““missing argument: coder array domain (count=2, expectedCount=3, code=MISSING_ARGUMENT, version=abi/5.4.0)””

Restore walllet #87

Cant obvious find wallet due to failure #86
Anyway I sent 20 One to your suggested addres, Please return :slight_smile:

How can I get my money back when the wallet creation failed. Guess this is the reason why program cannot find my wallet.
I named my wallet, and transfered 20 ONE. I have Google F2A active. Transaktion shows on Harmony Explorer.
Please return my money so I can try create new wallet :slight_smile: