🔑Web3 login

A Web3 login is based on a unique private key that cannot be guessed, which has the particularity of:

  • being both unique & decentralized (no central entity controls a database with logins & passwords),

  • enable user anonymity,

  • eliminate the risk of account piracy (viruses, social engineering, hacking),

  • limits support costs (loss of password, loss of 2FA, change of mobile phone or email, etc.).

⛓️‍💥Problems

Until now, blockchain-based identification technologies presented the major risk that the loss of a user's private key would be irremediable, limiting their deployment to cryptocurrency dudes.

There are now solutions: while guaranteeing from end to end that only the user is in contact with the private key, also enable it to be secured by digital services manufacturers who have pooled these standards of respect for user privacy within an alliance called FIDO.

The other major problem lies in the use of a wallet, which requires tokens of the blockchain used to pay for transactions. Here again, only insiders are able to obtain tokens to make their wallet usable once it has been created.

There is now a solution: replace wallets with decentralized software (known as "contract accounts" or "smartwallet") that allows a third party to sponsor the transactions it carries out.

🔑 Solution: Passkeys

Passkeys are an alternative to software (Metamask, Rabby, etc.) or hardware (Ledger, Trezor, etc.) wallets, made possible by the implementation of Fido consortium standards (Apple, Google, Meta, Microsoft, Samsung, etc.) to eliminate passwords.

Ideal authentication mode for your Web3 users:

  • account is not an app based login/password/2FA,

  • security is self-managed by the user, does not involve neither you or a regulated player managing their custody,

  • users' passkeys are stored at OS level (Android, iCloud, Hello, etc.) but encrypted like their passwords only accessible to them.

Passkeys + contract accounts is possible through the IBEX API using os driven challenge mechanisms.

Known limitations: Windows 10, hardware with old CPUs.

🗝️ Alternative solution: classical private key

Private key + contract accounts is possible through the IBEX API using any proof-of-private key mechanism. Your setup must be able to sign the challenge required by our API to declare the private key as a 1/1 signer on the Safe smartwallet we will deploy for your user.

However, this raises the question of the risk of retaining the private key, which can be diluted, for example, by splitting it between you and the user (known as social recovery).

The other option is a guardian service (multi-sig wallet) offered by IBEX SAFE.

PreviousWhat is IBEX?NextContract accounts