#FundMyDapp - Submission Rules

Fund My Dapp

Competition Rules
1.All Dapp MVP’s submitted must be new projects,the development team owns all rights to the Dapp. It will submitted in the same format as a CR suggestion.

2.The development team is required to use Github for development. Progress can be validated for funding purposes.

3.All Dapp’s must utilize one pillar of Elastos technology.

4.The community voted winning Dapp idea’s will have 6 weeks to submit their MVP. Payment will be as follows:

At the end of the 1st week the dev team will receive 500 ELA
At the end of the 3rd week the dev team will receive 500 ELA
At the end of the 5th week the dev team will receive 500 ELA

5.If certain standards of productivity are not met ,the competition admin has the right to withdraw funding.

6.All Dapp MVP submissions will then be considered for the final selection ,of which the top 3 MVP’s will receive extra funding between 500 & 1500 ELA.

Before you will be able to submit your dapp or vote, you will need to download the Elephant Wallet from Google Play or IOS App Store. https://elephantwallet.app/

The voting rules:

  1. One DID can vote three proposals.
  2. The wallet must has more than 10 ELA.
  3. The Top three proposals will win the ELA reward.

Reply to this thread with your submission formatted with CR suggestion format. Dapp teams must provide an Abstract, Goal, Motivation, Implementation Plan, Team, and Relevance for the Dapp idea.

1 Like

Decentralized Two-factor Authenticator - a 3rd Generation 2FA

Abstract:

  • a more secure mobile 2FA, an improved version of authenticators like Google Authenticator or Authy that will solve problems that the current Second Generation 2FA cannot.

Goal:

  • To provide a decentralized solution for the current 2FA problems
  • Implemented by websites and banks that use the old 2FA system
  • To promote Elastos technology and ecosystem
  • To compete with the current centralize 2FA apps

Motivation:

  • The current 2FA apps (Authy or Goggle Authenticator) have major security issues that can’t be solved by the current 2FA system:
    1. Centralized Storage (Authy) - Hackers can tap into that storage and steal user data
    2. Website holds the secret key - which can compromise the security
    3. Phishing Scams - where hackers can create a fake site, and accept even wrong OTP and able to login or steal user information
    That’s what the Elastos 3rd Generation 2FA dapp will solve:
    1. Decentralized Storage - Elastos HIVE
    2. Secret keys are stored and encrypted, and will only be decrypted and used inside the smart contract
    3. To prevent Phishing scams: first, the site will show the OTP and will be validated INSIDE the user app thru blockchain
    With this dapp, we aim to improve the current 2FA system and replace it on current websites and even bank apps. It will hopefully showcase what Elastos can do.

Implementation:

  • 1st week: develop smart contract
  • 2nd week: add backend and storage* support with API calls
  • 3rd week: create front-end design with QR scanner and implement DID system
  • 4th week: add the implementation logic and code for websites
  • 5th week: testing and debugging
  • 6th week: MVP finished
    *HIVE is the planned technology to be used, but it is not currently available nor stable. To show the viability of this dapp project and develop an MVP, a centralized storage solution will be used. When HIVE is publicly available and stable, it will be implemented immediately.

Team:

  • John M. : Mobile App Developer with more than 6 years of experience, knowledgable in server-side programming and web app development.

Relevance:

  • While designing the system, and searching for related projects, there’s one with the same implementation and goal, the currently proposed dapp is inspired by this project: Hydro Raindrop
1 Like

Sounds good.
Is it compatible with google 2FA?

1 Like

Thank you! Sadly not. The initial plan and design was to just provide a simple dApp Authenticator using TOTP and COMPATIBLE with the current 2FA system, HIVE Storage, Keys are provided and validated using smart contract, and not on the websites. But the bigger problem that this system faced is Phishing scam, so I decided to change the whole system and propose a more secure 2FA system. I will add the graphic presentations to better understand this proposal when it’s available, I’ll update this post and the topic