How to improve UX of on boarding in ethereum with Meta transactions and universal logins.
Talk given at Devcon, Status Hackaton, DEFI summit and ECF Alumni
5. 1 × a × b × … × y × z > 1
One user is exposed
to your app
User exposes
other users
Life or death
6. 1 × a × b × c × … × w × y × z
Write down my
what?
What is this?
Blockchain
what?
I need to
install what?
Why do you need
my passport
photo??
Ether what?
Wait three
days?? Was do you mean
I can’t forget my
password?
8. “average” users…
don’t care about ether
don’t care about your token
don’t care about backing up private keys or seed phrases
don’t care about your browser plugin
don’t care about your gas price or transaction costs
don’t care about your KYC
just want a normal username and purchase stuff with
their credit cards like normal people
own multiple devices and expect them to be in sync
9. Bad solutions
New ether account for every app (bad user experience)
Type your private key to login (being deprecated!)
Use our sleek proprietary ether login service (NOOOO)
18. Did you miss something?
NO mention of ether
NO hex strings
NO passwords
NO QR Codes
Incremental security as user needs it
User just deployed a multi-factor self-
sovereign smart-contract-controlled identity
and didn’t even know it!
20. Every app has its own private key
User doesn’t need to see it or back it up, keep it on the device or
app as safely as possible. Don’t keep any funds on it.
21. Funds are stored in a proxy contract
The contract accepts signed messages from these authorized keys,
telling it to move funds or execute functions (meta-transactions).
Contract is identified with a ENS name instead of the address
0x84e924C5E04438D2c1Df1A981f7E7104952e6de1
bobby.myawesomeapp.eth
22. Messages are executed by relayers
Each app can have one or more relayers, that will pay the ether to
execute the transaction. The relayer can either be paid on-chain
by the contract in tokens, or off-chain via other incentives
0x84e924C5E04438D2c1Df1A981f7E7104952e6de1
bobby.myawesomeapp.eth
23. Extra recovery keys
Backups are done via keys generated for the purpose, that might
be kept cold and can only be used under specific circumstances.
Contract can allow more creative recovery solutions, like
deadman’s switches or social recoveries.
0x84e924C5E04438D2c1Df1A981f7E7104952e6de1
bobby.myawesomeapp.eth
24. Counterfactual contracts
Contract address is known before it’s deployed, so it can
be claimed in multiple chains/shards and only be
deployed after funds have been deposited
❌ Mainnet (not deployed yet)
✔ Rinkeby (deployed)
✔ App side chain (deployed)
25. Authorization terms per key
each key can either be part of a simple multisig,
or call a more complex contract with will control
which types of calls it can be used for
❌ Cannot add other keys (1 of 4)
✔ Can send N ether per day
✔ Can make function calls
26. More security as you install more apps
Cross-compatible usernames
Users do not need ether
More business models
Better for users
Better for apps
28. bit.do/universal-login
Let’s build the best
onboarding on the web
Also thanks to Marek Kirejczyk (ethworks), Justyna Broniszewska (ethworks), Kyle Briant
(boomerang), Ricardo Schmidt (status), George Spazov (limechain), Shine Lee (wetrust), Martin
Köppelmann (gnosis) and countless others whose contributions made all this possible