UX for Key Management

UX for Key Management

91d36c66b64ce58f3e749d9d921aae69?s=128

Shuichi Nagao

November 29, 2019
Tweet

Transcript

  1. UX for Key Management Shuichi Nagao | Co-founder of Credify

    shuichi.nagao@credify.one Updated 11/2019 blockchain.tokyo 29th, Nov, 2019 1
  2. About Me Shuichi Nagao @Tokyo/Ho chi minh @ngo275 2019 ~

    Co-founder 2017 ~ 2018 Software engineer 2016 ~ 2017 Software engineer 2
  3. Using Dapps is very difficult for beginners, isn’t it?? 3

  4. Can you remember the first time you used Dapps? 4

  5. Binance Dex 5

  6. Binance Dex 6

  7. Which option should I take?? 7

  8. Binance Dex 8

  9. Binance Dex 9

  10. Binance Dex 10

  11. What is mnemonic?? 11

  12. CryptoKitties 12

  13. CryptoKitties 13

  14. What is MetaMask?? 14

  15. CryptoKitties 15

  16. How do I use this app on my mobile?? 16

  17. MetaMask 17

  18. Shit…!! I lost my private key!! 18

  19. There are many pains around key management. 19

  20. User pains around key management Users have to understand what

    mnemonic is. There are many ways to manage your private key. Users have to understand what wallet is. Key sharing between mobile and web is hard. Memorizing mnemonic is too demanding. 20
  21. The root cause is signing TX is too complex. 21

  22. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 22
  23. <Desktop web app> Sign tx using MetaMask 23

  24. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 24
  25. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 25
  26. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 26
  27. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 27
  28. <Mobile web app> Sign tx using mobile wallet app (TrustWallet)

    28
  29. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 29
  30. <Mobile web app> Sign tx using Key management native app

    30
  31. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 31
  32. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 32
  33. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 33
  34. <Mobile native app> Sign tx using Key Management native app

    34
  35. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 35 It’s not seamless at all!!
  36. Dapps are exclusionary services due to their complexity. 36

  37. We need to simplify the UX. 37

  38. Ideal UX No mnemonic 38

  39. Ideal UX No mnemonic No friction between web and mobile

    39
  40. Ideal UX No mnemonic No friction between web and mobile

    No need to learn 40
  41. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure 41
  42. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure Easy 42
  43. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure Easy Easy 43
  44. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure Easy Easy Easy 44
  45. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure Easy Easy Easy Easy 45
  46. 70 million smartphones are lost every year. 46

  47. Can we trust device security? 47

  48. What if we use AWS/GCP Key Management Service? 48

  49. Cloud KMS Use Case 49 Signed Tx Key Access Request

    Sign Private Key Cloud Function Cloud KMS SMS/Password based session This process is volatile Secure Key Manager Interface is same as non-Dapps
  50. Pros & Cons No MetaMask, nor Wallet apps to use

    Dapps. Easy and simple UX can be achieved Same interface as familiar web/mobile services 50 Pros Cons We need to trust GCP/AWS If users deal with a big amount of money, this will be uncomfortable Custody, or exchange wallet is not suitable
  51. Conclusion Dapps need users. Dapps impose complex key management on

    users. Cloud KMS can make Dapps easier and simpler. 51