The Ethereum community stumbled upon a solution to a long-standing problem on the Internet: single sign-on.
The Web2 service requires users to create a new username and password combination for each new service, but web3 overturns this script: users can have their username, profile data, and security authentication method, and use the same in multiple services. An account.
I call it using Ethereum login.
The Internet does not have a built-in user authentication and identification model. IP addresses identify devices, not people; DNS is never used to name people, but to name services.
But the service department needs to know who you are. So they created the username and password paradigm. It works very well, especially for tech-savvy people, but there are some problems that we all know: people reuse weak passwords and cause registration fatigue (“Do I have to create another account to use this service?” ), not to mention mentioning hacking and data dumping (haveibeenpwned.com). Finally, each account is isolated from other accounts.
A new social media network is emerging? Compete better to get your favorite username.
In the past decade, a popular solution is social login. You may already have Google, Facebook, Twitter, etc. accounts, so why not use one of them to log in? This seems to be a win-win situation: users do not need to create a new account, and service providers do not need to manage username and password systems for their users.
Although improved, social login still has some obvious shortcomings. It cannot be neutral because it relies on private companies-these companies become the point of failure of the system, and we don’t even want private companies to win out and have access to the entire Internet.
What we need is a neutral, decentralized, secure, user-controlled username and authentication protocol, all services can be used.
To have a decentralized single sign-on system, you need three things: 1) a widely adopted standard for user-generated private keys, 2) tools that enable people to easily manage these private keys, and 3) decentralization The naming and configuration file data storage system.
Everyone’s private key
Bitcoin has made progress in solving the first and second problems. Bitcoin uses public/private key pairs to allow users to control their Bitcoin. Ethereum does the same with Ethereum accounts.
The high value of cryptocurrencies, especially the practicality of the Ethereum ecosystem, fully motivated two things for the first time: one is to allow a large number of people to obtain private keys, and the other is to allow an industry to develop to help people manage their private keys. (We call it a “wallet”).
Although there is still a lot of room for improvement, in recent years, we have seen explosive growth in private key management innovation: think about hardware wallets, MetaMask , WalletConnect, social recovery, etc.
In other words, the cryptopunk ideology of privacy and freedom has not been able to convince people what to do for decades, while cryptocurrency incentives have done it in just a few years. Once you have obtained the private key for holding cryptocurrency and using Ethereum dapps, you can use the same private key for other things, including signing messages for authentication.
Solving Zooko’s triangle
The key pair can be automatically generated by the software, but to have a human-readable username, do you need a trusted third party to store it somewhere and manage the namespace?
This is Zooko’s triangle: This triangle indicates that the naming system cannot be decentralized, secure, and human readable at the same time.
Blockchain solves this problem. Namecoin was launched in 2011. As its own blockchain, it was the first attempt to use blockchain technology for decentralized naming, but it has never been widely adopted. However, ENS was released as a dapp on the Ethereum blockchain in 2017 and has been successfully adopted as a web3 standard.
Users can register an ETH name on ENS without touching a single centralized service (you can also import a DNS name you already have to use on ENS), and then use their Ethereum account to host it.
Then, you can use your ENS name as your portable web3 username, store personal data such as avatar images, use it to simplify cryptocurrency payments, and even build a decentralized website.
You can use this now
This is not just an idea, this is the current standard in web3. Do you want to use dapp? Connect your wallet, it can use your ENS name as your username.
Please note that although some dapps just let you connect to your wallet, other dapps will also require you to sign a message. In the former, you only need to connect the wallet to a web application running locally in the browser. In the latter, you are verifying your identity with the server of the service-which one the service requires you to perform depends on the needs of the service.
Examples include Uniswap, Showtime, Aavegotchi, Cryptovoxels , OpenSea, SnapShot, Etherscan, etc.
This already exists elsewhere
Of course, single sign-on is not a new idea, yes, there have been many attempts.
The key thing to understand is that the use of Ethereum login has naturally evolved into real-world use. It was not created by the committee in a vacuum and then launched as a solution that no one wanted. It has been used in web3.
I don’t think the traditional username and password system or social login will disappear anytime soon. But using Ethereum to log in has become a standard in the evolving web3 ecosystem, and the needs of a large number of web3 users will cause web2 services to add this as an option to their current services. If users want to use their Ethereum account and ENS username and personal information anywhere, they can.
The essential difference from the existing options is that it is credible, neutral and user-controlled.
Ordinary users cannot manage private keys
Worried that users cannot access their online accounts?
What if they lose access to cryptocurrency?
The cryptocurrency industry already has a higher motivation to solve these problems. Therefore, a large and highly competitive industry has been established around simply making it easier for ordinary users to manage their private keys or “wallets”.
The fact that we can use these same private keys for authentication is a pleasant side effect.
What about privacy?
As far as blockchain is concerned, privacy is indeed an issue.
Although technologies such as zero-knowledge proofs and mixers can help here, the best thing a person can do now is to have multiple Ethereum accounts: at least one is public-facing and at least one is private (e.g. for your Main storage).
Please note that you can easily generate a new Ethereum account, if you wish, the ENS name can be a pseudonym.
You are just paying for Ethereum and ENS
This is not the case: Ethereum is where almost all dapp innovation occurs, and ENS has more ecosystem support than all other blockchain-based naming protocol attempts combined (and tripled).
ENS mainly relies on donations from the Ethereum Foundation, and all funds raised from ETH name registration are used for multi-signature in the Ethereum community.
So far, most of these funds have not been used, with the only exception being the donation of $700,000 to Gitcoin Grants. The plan aims to finally provide funding for the long-term development of ENS, the ENS ecosystem and even the development of the Ethereum protocol, but we will wait and see.
Once you get used to the web3 model of having a portable account and username, the old web2 sandbox username and password model really starts to look outdated and even annoying.
I think we will regard the era of isolated usernames and user-generated passwords as a bizarre period of the early Internet. “Users will make their own private keys for each service-you call it a password? Incredibly, people actually survived!”
Ethereum finally realized the neutral and decentralized Internet single account we always wanted. This is a huge breakthrough in itself, although it seems small compared to everything else Ethereum does!
Let us continue to build.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/ethereum-single-sign-on-builds-web3-0-opens-the-era-of-ens/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.