SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez nos Conditions d’utilisation et notre Politique de confidentialité.
SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez notre Politique de confidentialité et nos Conditions d’utilisation pour en savoir plus.
Talk on current state of user experience in dApps and challenges to make it mainstream. I discuss about the user flow for buying a cryptokitty, current DAUs for dApps and some proposals to address the challenges in private key management and key recovery
Current UX still very crappy
● Even before interacting with a dapp
○ Need to have wallet
○ Have Ether/other crypto-tokens
● No password recovery for wallets
○ Wallets susceptible to hacks
● No way to block fraudulent transactions etc. (like Banks)
Money! Money! Money!
Only speculators go through so many
ICOs have been the killer app - as it
introduced so many people to crypto
The promise of insane riches
● Only decentralised exchanges and gambling sites have highest usage
● Any dApp which are not for trading/speculation/gambling doesn’t have much
● Augur much hyped - only has ~50 DAUs
● dApp designs primarily for dev/geeks.
● Scares away normal people
● Users can't be expected to secure private keys/ mnemonic
phases when they are going on with their lives.
● All these complexities need to be abstracted aways
● Private Key Management
○ Need to have wallet
○ Need to have Ether in the wallet
● No simple ID system
● Key Recovery
Private Key Management
● Gnosis Safe
● WalletConnect - An open-source project that enables
desktop Dapps to interact with mobile Wallets.
● Shamir's Secret Sharing - Sharded private keys with
friends which enables authentication only when n-out of-m
keys are available
Identity/Biometric based mechanisms
● Based on Identity contracts
● Biometric based using fuzzy extractor
○ Suffer from privacy issues - biometrics can be extracted from public sources
○ more amenable to rubber hose attack - using coercion to obtain biometrics
● Using Iris scan to generate private key
What are the issues with tying private keys with Identity?
● Under the hood, mobile app, browser
extension and recovery keys translate
to four signers. Two of them are
required to make a transaction
● Creating a Safe wallet implies
deploying a smart contract on the
Ethereum blockchain. Simply need
to fund the address of your new Safe.
Reference : Gnosis blog
Gnosis Safe advantages
● The mobile app is the main point of interaction where all transactions are
● The browser extension acts as an additional security layer.
● All transactions done with the Safe also need to be confirmed by the browser
● The browser extension allows interaction with dApps via the web browser.
Now the same ID can
be used in new client
Source : Talk by Alex van de Sande
Reference: Universal Logins: First Demo
● No need to type or remember a password anywhere
● Instant login in multiple devices
● No need to download or install anything extra
● No single server with private data that can be attacked or leaked (but
beware of the public data you share on the blockchain)
● The user can take the account they created in one app and use it to login
in another app