原文(英uk)The Future of Web3 Logins Is…Email and Password?!
2022-02-04 22:08:36
By Ivan Manchev, Communications Manager at Ambire
One of the challenges before wider adoption of crypto and DeFi is key management. Surprisingly enough, the web2 concept of email login can solve it – even in a non-custodial way.
On Seed Phrases
- Alone 2. Glare 3. Purity 4. Inner 5. Liar 6. Wire. …. ???
Do you remember the first time you were asked to write down a seed phrase? Perhaps you were confused:
- Why write this on paper instead of just pasting it in Notes?
- Will you need to write all this stuff to “login” to Web3 apps every time?
- Can you change those words to more familiar ones?
- Ugh, can’t they just ask for a password or something?
Seed phrases are not that bad but they look super weird if you have no idea how cryptography works. And most people have no idea how cryptography works.
Right now, 99% of novice Web3 users come with Web2 experience stemming from years of using email/password as authentication for accounts and apps. And while crypto companies and wallets are doing their best to educate users, confusion seems to be inevitable and opening countless opportunities for the always-lurking scammers.
Just try out this experiment – google “Curve” or “Aave” or “Uniswap” and hit the first Ad result. Try connecting and you will experience the most common social engineering scam involving seed phrases – websites mimicking Metamask and asking misled users for their seed phrases. (Actually don’t do that – at least don’t write your seed phrase, please!)
This is happening all the time and 2021 was an awesome example of the outstanding problem. With the rising popularity of NFTs, a lot of new users joined the crypto party last year. Some of them were lucky enough to buy a Bored Ape Yacht Club NFT and see it appreciate 1000x in price… only to have it stolen because of poor wallet key management.
Then why are we still using seed phrases instead of passwords?
Unfortunately, common Ethereum addresses are unlocked with a private key – a long string of text. If you own your key, you can do whatever you want with your address. You either keep your key in a file and import it to unlock a wallet, or you use the seed phrase mnemonics. There is no way to introduce a password instead of the private key…
…Okay, there is a way actually, but at the cost of full control over your wallet. Some services keep the private keys for their users and let them use passwords for unlocking their wallets. This enables onboarding but breaks one of the core principles of decentralization and it’s not much different from how traditional services work. The service you are using can cut your access at any given moment.
But what if I told you that there is actually a way to unlock your wallet with email and password, while keeping your key?
Here come smart wallets
Smart wallets have been discussed a lot in the past: you may have heard of a similar concept called “account abstractions”.
Basically the idea is that each Ethereum account will be a smart contract, which opens a lot of opportunities to enhance the crypto UX. For the purpose of this article we’ll focus on key management.
Rather than using only one cryptographic key to secure an account, smart wallets allow multiple keys to be utilized using certain rules. For example, you may set up an account to be controlled by 2 keys, one of them being your mobile device and the other your Trezor hardware wallet, with the mobile device having limited permissions and daily spending, while the Trezor is unlimited. Or you may set up so-called social recovery by allowing a multisig controlled by your closest people to recover your account.
Put in simple words, smart wallets are smart contracts that can be controlled by more than one cryptographic key – this “decentralizes” access to the wallet and enables different setups in which you can change the login user experience.
As you might have guessed at this point, one of them is using email and password.
How to build a non-custodial smart wallet with email and password registration
We already know that a smart contract wallet can be controlled by two or more keys. When creating Ambire Wallet, we decided to build on this feature and enable email/password registration without compromising the user’s ownership of the account.
Ambire implements traditional authentication with an email and a password like Web2 apps. This authentication mode is non-custodial: it works via an on-chain two-key multisig. Оne of the keys is stored in the browser storage and is encrypted with the user’s password, and the other key is stored on our backend via a hardware security model (HSM).
You can’t access the funds using only one of the two keys, for example if you’re an attacker who successfully compromised either a user (e.g. via malware) or the HSM.
However, a recovery procedure can be started with one key only. The recovery procedure is a timelocked change of one of the two keys. If the recovery procedure was unintended (e.g. initiated by an attacker), any other key holder can cancel it. But if it was initiated legitimately (e.g. if you lost one of the two keys or you forgot your password), you can just wait for the timelock, and you’ll have access to your account back after this.
To summarize, email/password accounts are multi-signature wallets, that unlock:
- When 2 signatures are supplied – used in normal mode of operation; or
- When 1 signature is supplied, but with a timelock; used for password recovery, or in case the Ambire backend becomes unavailable.
The second key is normally unlocked by a confirmation code specific to (derived from a hash of) the transaction, but other authentication methods such as OTP 2FA or FaceID can be used.
An additional benefit of this model is that the second key can enforce extra security rules like spending limits and checking for malicious contracts or calls (e.g. infinite approvals to EOAs). Since those rules are checked off-chain by the HSM, they can be easily modified or enhanced. Furthermore, sophisticated checks can be performed at no extra gas cost, enabling use of AI or ML in the future.
If you are curious to learn more about this, you should check out the Ambire Wallet’s security model.
How it’s going
We released Ambire Wallet in December after two months of rapidly testing our security model. More than 45,000 users registered eversince and guess what – majority of accounts are controlled by email and password. At the moment we are working on releasing a mobile version of the wallet for iOS and Android in the first half of this year. This will be the true test of the email+password registration model as we expect to attract people who have no previous Web3 experience.
If you are interested in trying Ambire Wallet, head to https://www.ambire.com/ and create your account in less than a minute.
元ソース