Upgrade to Pro — share decks privately, control downloads, hide ads and more …

UX for Key Management

UX for Key Management

Shuichi Nagao

November 29, 2019
Tweet

More Decks by Shuichi Nagao

Other Decks in Technology

Transcript

  1. UX for Key Management Shuichi Nagao | Co-founder of Credify

    [email protected] Updated 11/2019 blockchain.tokyo 29th, Nov, 2019 1
  2. About Me Shuichi Nagao @Tokyo/Ho chi minh @ngo275 2019 ~

    Co-founder 2017 ~ 2018 Software engineer 2016 ~ 2017 Software engineer 2
  3. User pains around key management Users have to understand what

    mnemonic is. There are many ways to manage your private key. Users have to understand what wallet is. Key sharing between mobile and web is hard. Memorizing mnemonic is too demanding. 20
  4. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 22
  5. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 24
  6. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 25
  7. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 26
  8. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 27
  9. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 29
  10. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 31
  11. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 32
  12. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 33
  13. <Desktop web app> Sign TXs on Google Chrome (Brave) Extension

    (e.g. MetaMask) Sign TXs on a mobile wallet app Sign TXs on a hardware wallet Import Mnemonic / Keystore File to the app <Mobile web app> Sign TXs on a Dapp Browser app (e.g. TrustWallet, MetaMask) Sign TXs on a Key Management app Import Mnemonic / Keystore File to the app <Mobile native app> Use a private key stored in this native app Redirect to Key Management app, and sign TXs on it, redirect to the Dapp native app again How to sign tx with your private key 35 It’s not seamless at all!!
  14. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure Easy Easy 43
  15. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure Easy Easy Easy 44
  16. Ideal UX No mnemonic No friction between web and mobile

    No need to learn Secure Easy Easy Easy Easy 45
  17. Cloud KMS Use Case 49 Signed Tx Key Access Request

    Sign Private Key Cloud Function Cloud KMS SMS/Password based session This process is volatile Secure Key Manager Interface is same as non-Dapps
  18. Pros & Cons No MetaMask, nor Wallet apps to use

    Dapps. Easy and simple UX can be achieved Same interface as familiar web/mobile services 50 Pros Cons We need to trust GCP/AWS If users deal with a big amount of money, this will be uncomfortable Custody, or exchange wallet is not suitable
  19. Conclusion Dapps need users. Dapps impose complex key management on

    users. Cloud KMS can make Dapps easier and simpler. 51