Introduction to Mobius DApp Store

The Mobius DApp Store is an open-source, non-custodial platform that makes payments in cryptocurrency to decentralized apps easy.

This new and innovative architecture empowers developers and entrepreneurs to accept crypto-based payments in their apps and businesses.

Being non-custodial, Mobius never holds secret seeds for users or developers. Any tokens spent are directly sent between the user and the developer - Mobius never touches the money or takes any fees.

A big advantage of the Mobius DApp Store over centralized competitors such as the Apple App Store is significantly lower fees (around $0.000001, purely for transacting on the Stellar network), compared to 30%, for in-app purchases.

Here we'll implement the Bid Coin utility token, this most critical part of Phase I for and the native Stellar Lumen assets that will be in use withinb the DApp.

“The vast majority of developers do not create their own web framework such as Ruby on Rails or their own database server such as PostgreSQL. Instead they use one of the existing web frameworks or database servers to save time. Blockchain based governance will follow the same model and be offered to developers by Mobius via standard protocols and APIs that they can use to facilitate token based voting... cont.”

Mobius White Paper mobius_20171108's DApp will use BID tokens (BIDS) for bidding instead of voting.


  1. When the user opens an app in the DApp Store, it requests a challenge transaction from the application.
  2. The challenge transaction is a payment of 1 XLM from and to the application account. It is never sent to the network - it is just used for authentication.
  3. The application generates the challenge transaction on request, signs it with its ownsecret seed , and sends it to user.
  4. The user receives the challenge transaction and verifies it is signed by the application's secret seed by checking it against the application's published public key (that it receives through the DApp Store). Then the user signs the transaction with its own secret seed and sends it back to application along with its public key.
  5. The application checks that challenge transaction is now signed by itself and the public key that was passed in. Time bounds are also checked to make sure this isn't a replay attack. If everything passes, the server replies with a token, then the application can pass it to the user to "login" with the specified public key and use it for payment (it would have previously given the app access to the public key by adding the app's public key as a signer).


The primary way you interact with the Stellar network is through your account(s). Accounts are identified by a public key and saved in the ledger.

Every Stellar account has a public key and a secret seed . The public key is always safe to share—other people need it to identify your account and verify that you authorized a transaction.

The secret seed, however, is private information that proves you own your account. You should never share the seed with anyone. It’s kind of like the combination to a lock—anyone who knows the combination can open the lock. In the same way, anyone who knows your account’s seed can control your account.

User accounts in the Mobius DApp Store are generated from a 24 wordmnemonic phrase in browser that users save somewhere safe. From this 24 word phrase, an infinite number of accounts can be generated. Users have two types of accounts:

Each user has a primary user account that they must fund with lumens initially to cover the account minimum balance and transaction fees.

The user can then send MOBI (OR, in our case, Bid Coin Tokens called "$BID's") to that account, or buy $BID with the $XLM (Lumens) on that account within the DApp Store UI.

For every application the user accesses, a new user account is created using the application ID of the DApp and the user’s mnemonic phrase. A user can deposit $BID's on those accounts from their primary user account .
  • The primary user account
  • Their user account for each DApp


After the user completes the authentication process, they have a token. They now pass it to the application to "login", which tells the application which Bid Coin user account to withdraw BIDS from (the user public key) when a payment is needed.

For a web application, the token is generally passed in via a token request parameter. Upon opening the website/loading the application, it checks that the token is valid (within time bounds, etc) and that the account in the token has added the app as a cosigner so it can withdraw $BID from it.

Features + Descriptions

“What's a DApp using an "oracles powered blockchain" architecture for bidding capable of anyways?”

Qualify Anonymous Bidders via Oracles

Credit, Knowledge, Net Worth, Age and More

Blockchain oracles allow for some unique things to happen which render high degrees of control over the bidder pool that enters/participates in the bidding activities.

Allow your bidders to remain anonymous, while preventing for example, any bidder that does NOT have a particular minimum average bank balance, or minimum credit score, etc.

Auction off expensive fine wine or liquor confidently knowing that ALL bidders are at least 21; truly, the possibilities are endless.

Preventing Phantom/Shill Bidding

Only Real Bidders Bidding

Anonymous yes, but, the user agrees to let their identity be verified as "NOT" seller and "NOT auctioneer, in order to satisfy conditional entry to auction forum.

Even social media can be leveraged to further sanitize bidder pool, further ensuring there are no "arms-length" bidders.

Post win, every bid could be authenticated and STILL leave the bidders (indluding the winning bidder) in anonymity. Confidence for the Seller/Provider and comfort for the Buyer/Bidder.

Protect Bidder from Bidding Beyond Spending Power

Don't Over Spend! Easier to Say Than Do

Heat of the bid, numbers are flying, you MUST have that item! You're bid for bid, next thing you know you, you WIN! UH-OH, you realize that's MORE Than you can afford/have to spend!

Not with Bid Coin, you can connect different personal accounts, giving Bid Coin the power to protect you from yourself in accidentally over-bidding; Bid Coin will prevent your bid from even being sent, as EVERY bid can be tied to various conditions which must be satisfied in order for the bid to move from the bidder into the auction/bidding forum.

Protects Sellers From Buyer Payment Failure

Time To Relist or Resell That Item or Contract

The winning bidder can't afford the item/contract cost. Now you must relist and resell the item; this is costly both in terms of time and money.

BIDS prevent bidders from over bidding by leveraging bidder's personal financial account data in real-time, thus preventing in real-time, any bid from being executed beyond a bidders spnding power. KYC + Anonymity Intact = Auction Revoultion

Verify Authenticity, Exisitance and Origin of Item or Contract

Proof Living on the Blockchain

The item/contract is appealing or required; the only hangup is you're NOT sure if it's authentic and/or you do NOT know the seller/offering party, leading to an inability to proceed confidently with a bid.

Now, Bid Coin can qualify Auctioneers, Sellers and Contract Offering Parties, via their past performance and actual item proofs; this include the ability to view documents signed with a 256-bit Secure Hash Algorithm

Flag Suspicious POST-Winning Bid Award Activity

Flags Post-Win Suspicious Activities

One of the surest way's to catch missbehavior in a contract bidding forum, is AFTER it's awarded.

Large or frequent change orders are indicative of a bid being steered, where afterwards the Winning Bidder uses change orders to get to the project cost they were seeking, but couldn't have secured the win with. Leveraging blockchain, perpetually ensures a clean system by analyzing payment logistics even after winning bid.

Blockchain Smart Markets

“Blockchain Smart Markets are AUCTIONS harnessing blockchain technology that clear periodically. Transactions take place between distinct pools of smart contracts acting as buyer and sellers rather than bilaterally. Pools of oracles may also participate but are restricted to being sellers.

Decentralized smart contracts submit bids to buy and offers to sell data or services in a commoditized manner. The whole process is managed by an ‘AUCTIONEER’. Clearing the market usually involves the auctioneer solving complex mathematical optimization problems with arbitrary constraints periodically to maximize the gains from trade.

Smart markets are designed to reduce transaction costs significantly and eliminate externalities while allowing for competition not possible in more traditional settings. Smart markets allow for coordination between diverse smart contracts, which is usually only possible under monopoly conditions.This coordination ability is a natural complement to the blockchain world.
The use of cryptocurrencies and distributed ledgers allows for the implementation and operation of complex smart markets with ever larger number of participants.

The time period of smart markets is the time between successive instances of the market clearing. It may range from a few milliseconds to a few days. Markets include one sided forward auctions (demand only),one sided reverse auctions (supply only) and two sided auctions with supply and demand components.”

Mobius White Paper mobius_20171108's intended DApp will leverage Mobius's core architecture with various customizations allowing individuals a "point-and-click" ability to auction goods, contracts and services peer-topeer.