Identity management is one of the core challenges of web development that’s never truly been solved to anyone’s satisfaction. On the user side, we landed in a place where Facebook, Google, Twitter and a handful of other large players provide a simplified sign-in process, in exchange for sharing some level of personal data with those companies and any company that connects to their OAuth Server. Developers are put in the position of choosing to integrate some or all of these sign-on solutions to reduce the friction of user acquisition and authentication.
Web3 further complicates user authentication and identity, creating a draconian onboarding experience for new users, who currently need to create and manage multiple wallets — depending on the blockchain underlying the Dapp (decentralized application) they want to connect to. Authentication is a process of copying and pasting one of those wallet addresses, or scanning a QR code from inside the wallet app on your phone, to access a Dapp in your web browser.
Login with Unstoppable aims to simplify the Web3 sign-in process, by replacing the need for using the hex address from every token wallet with a unique identifier in the form of an NFT domain. As Matthew Gould, CEO of Unstoppable Domains put it in an interview with The New Stack, “If we’re going to have 3 billion people on the planet sending crypto back and forth to each other, they’re going to need to use a name to make that a lot easier to do.”
What Is a Web3 Domain?
Web3 domains are different from a traditional DNS address, like amazon.com or thenewstack.io. Instead of providing a human-readable (and more memorable) set of characters as a stand-in for an IP address, a Web3 domain is a human-readable address that stands in for your crypto wallet. A 42 character hex string becomes something like thenewstack.crypto. When someone wants to send you ETH, they can simply remember that much shorter phrase as your wallet address.
As an authentication solution, the underlying technology behind Login with Unstoppable will look familiar to developers. Unstoppable is extending OpenID Connect (OIDC) with a wallet signature. This signature replaces giving Facebook or Google permission to share some portion of user account data with the application. Gould says, “This is one of the first functional sign-on services that is completely free to use and 100% controlled by users. It ties into the traditional Web2 technology stack with OIDC protocol, so that users can bring their Web2 off-chain data into their interactions in Web3.”
For the launch of Login with Unstoppable, on-chain wallet authentication is extended with the ability to pass an email address as an off-chain data point for any users who include that in their NFT Domain Profile. The goal is to include other off-chain data. Another example from Gould: “Tying info related to KYC or maybe credit information is very interesting for Decentralized Finance. There’s not an easy way for you to take KYC and keep it consistent across services. Wouldn’t it be great if there was a digital representation of that data that you could provisionally share with all those applications?”
Federating Dapp Logins
Login with Unstoppable isn’t the only solution attempting to federate Dapp logins. Wallet Connect is another player in this space, although Login with Unstoppable has a key difference in the ability to both authenticate Web3 and provide off-chain data. Building on OIDC should also help through extending an open standard.
Web3 is still in its infancy, with ConsenSys reporting 21 million monthly active users for Metamask (a leading cryptocurrency wallet) as of November 2021, so we are a long way from 3 billion people sending crypto to each other. To reach that number, developers are going to need tools like Login with Unstoppable that reduce key friction points to interacting with Dapps, and create a more user-first experience for engagement.
Lead image via Unstoppable Domains.