Proof-Of-Concept: Using Aptoide App to Purchase In-App Items With AppCoins

AppCoins is an open and distributed protocol for mobile app stores (GitHub). It will drastically improve and speed up advertising, in-app billing and app approvals, using blockchain and smart contracts technology. In this article, we are not going to focus on adversing nor app approval, the focus will be on in-app purchases.

As a proof-of-concept, we developed a sample app (GitHub) based on the Aptoide App Store (GitHub), which allows the users to purchase in-app items using AppCoins. The sample app uses the AppCoins lib, which can be found here.

Let’s suppose the following scenario: a user would like to buy gems in a game and pay with AppCoins. The flow would be:

1. User opens the game.
2. User clicks to purchase gems.
3. An Aptoide dialogue is displayed, showing the game and the cost of the gems in AppCoins.
4. User confirms the purchase.
5. In case, the payment is successful, a message is shown and the user jumps back to the game, where it can confirm the acquisition.

This is the flow from the user point of view. Please, check this flow in the following video:

From the technical point of view, when the user clicks on the buy button, it initiates a transfer of AppCoins from one party to another, in this case, from the user to the game company. This transfer requires a minimal number of details to build the transaction object:

1. the destination wallet address
2. the amount of AppCoins that will be sent to the destination address

So, on the Android device, a transaction object with the information is created and signed. To sign the transaction object, we used the private key associated with an Ethereum wallet/account of the user. It is important to notice that the raw transaction does not have the source address, however this can be inferred from the signature. More information about transactions on Ethereum please check here.

Once we have the transaction signed, we send this raw transaction to the network for processing. For security issues, only the raw transaction is transmitted to the network, no private keys are shared. In order to send the raw transaction, we used the Etherscan Ethereum Developer API (Etherscan api documentation), more precisely we call:

Our lib calls the previous endpoint:

Using the Etherscan API, we wait for the confirmation of the transaction. The Ethereum network is responsible for confirming and validating the transactions on the Ethereum Blockchain. Every 5 seconds we call:

This allows us to check the status of the transaction. On our sample, the average time to receive the transaction confirmation is less than 1 minute.

Once we get a confirmation that the transaction was mined, and consequently committed into the Ethereum blockchain, we inform the user that the transaction was successful and we update the user’s balance, calling:

The user can now check his new balance in the Aptoide app and move back to the game, where the purchase started.

The communication between the Aptoide app, Etherscan and the Ethereum blockchain can be summarised in the following diagrams:

One of our major concerns was safety and potential attack vectors. In the case that somebody (man in the middle) can intercept the transaction and prevent it from reaching the network, the sender of the transaction will not suffer any consequences, because the transaction is signed, so manipulation cannot occur. Plus, the transaction will not reach the Ethereum blockchain. Therefore, Ethereum clients will never withdraw AppCoins from the sender wallet/account.

Scalability is another one of our concerns and depends on the Ethereum blockchain.

The cost of creating and sending a signed transaction is negligible, however confirmation times are blockchain specific, sometimes it can take too long. We are currently studying other solutions, such as Plasma, Raiden and µRaiden (more information). These solutions promise to deliver near instant payments.

Current solution uses the Etherscan.io API to communicate with the Ethereum network, so a third party service available is required. In order to mitigate this, we could run our own endpoints to connect to a geth client for instance.

This sample was only a proof-of-concept and we were able to successfully achieve our goal: using Aptoide app to purchase items and pay in AppCoins in a reasonable amount of time. As mentioned before, we are investigation other possibilities and trying to improve the purchase time.

About Aptoide

Aptoide was founded in 2011 and has its HQ in Europe and offices in Singapore and Shenzhen. With over 200 million users, 1 million apps and 4 billion downloads to date, Aptoide is a community based platform that reinvents the app discovery experience through a social environment, tailored recommendations and the opportunity for users to create and share their own playlist of favourite applications and games.

About AppCoins

AppCoins is a new cryptocurrency that all Aptoide users can earn and spend inside app stores. Once the protocol is implemented, AppCoins can be adopted by any app store, regardless of the operating system. The protocol creates a new shared ecosystem among all app stores, powered by the blockchain. AppCoins is to become the new universal language of the global app economy.

About the ICO

To raise funds for the new cryptocurrency venture, Aptoide launched an ICO (Initial Coin Offering) pre-sale on November 6th, 2017, opening up 20% of the total number of AppCoins to investors. During the pre-sale phase, members of the Aptoide community and other exclusive groups got the chance to buy the first AppCoins. Even though the first stage of the AppCoinsICO was a whitelisted pre-sale open to eligible investors in the Aptoidecommunity only, we managed to exceed all expectations and surpassed all pre-sale ICO goals, by raising a total of $1.5 Million USD, 3,539.99 ETH and 16,353,786 APPC tokens distributed, providing AppCoins the launchpad required to revolutionise the App Store Economy.