UX for Key Management

UX for Key Management Shuichi Nagao | Co-founder of Credify
[email protected] Updated 11/2019 blockchain.tokyo 29th, Nov, 2019 1

About Me Shuichi Nagao @Tokyo/Ho chi minh @ngo275 2019 ~
Co-founder 2017 ~ 2018 Software engineer 2016 ~ 2017 Software engineer 2

Using Dapps is very difficult for beginners, isn’t it?? 3

Can you remember the first time you used Dapps? 4

Binance Dex 5

Binance Dex 6

Which option should I take?? 7

Binance Dex 8

Binance Dex 9

Binance Dex 10

What is mnemonic?? 11

CryptoKitties 12

CryptoKitties 13

What is MetaMask?? 14

CryptoKitties 15

How do I use this app on my mobile?? 16

MetaMask 17

Shit…!! I lost my private key!! 18

There are many pains around key management. 19

User pains around key management Users have to understand what
mnemonic is. There are many ways to manage your private key. Users have to understand what wallet is. Key sharing between mobile and web is hard. Memorizing mnemonic is too demanding. 20

The root cause is signing TX is too complex. 21

<Desktop web app> Sign TXs on Google Chrome (Brave) Extension
(e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 22

<Desktop web app> Sign tx using MetaMask 23

<Mobile web app> Sign tx using mobile wallet app (TrustWallet)
28

<Mobile web app> Sign tx using Key management native app
30

<Mobile native app> Sign tx using Key Management native app
34

(e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 35 It’s not seamless at all!!

Dapps are exclusionary services due to their complexity. 36

We need to simplify the UX. 37

Ideal UX No mnemonic 38

Ideal UX No mnemonic No friction between web and mobile
39

No need to learn 40

No need to learn Secure 41

No need to learn Secure Easy 42

No need to learn Secure Easy Easy 43

No need to learn Secure Easy Easy Easy 44

No need to learn Secure Easy Easy Easy Easy 45

70 million smartphones are lost every year. 46

Can we trust device security? 47

What if we use AWS/GCP Key Management Service? 48

Cloud KMS Use Case 49 Signed Tx Key Access Request
Sign Private Key Cloud Function Cloud KMS SMS/Password based session This process is volatile Secure Key Manager Interface is same as non-Dapps

Pros & Cons No MetaMask, nor Wallet apps to use
Dapps. Easy and simple UX can be achieved Same interface as familiar web/mobile services 50 Pros Cons We need to trust GCP/AWS If users deal with a big amount of money, this will be uncomfortable Custody, or exchange wallet is not suitable

Conclusion Dapps need users. Dapps impose complex key management on
users. Cloud KMS can make Dapps easier and simpler. 51

UX for Key Management

UX for Key Management

More Decks by Shuichi Nagao

Other Decks in Technology

Featured

Transcript