A fundamental Internet problem has unintentionally been addressed by the Ethereum community: The Single Sign-On “Sign-In w / Ethereum” is the future of login to any Internet app, crypto-related or not merely a notion.
What is “Single-Sign-On” ? It may signify much stuff according to context, but here it is an ordinary individual with a user name and password/authentication process that works across all services.
The Internet does not have a personal user name/authentication system and the IP addresses that are integrated fluctuate and are depending on the device and location. Each one built its own password/username system.
We all know what occurred – weak passwords on post-it notes are being re-used – sign-in fatigue (“I need to generate another username/password ?”). – hacks + dumps. – hacks + data.
Yes, there are people who can utilize password managers, etc, but in practice this does not happen.
Social sign-on was one option in the last decade. You presumably already have a Google, Facebook, etc account, so why not simply sign into new services? No other user name/word has to be created by users and no additional services must be managed — win/win.
“Social Signup” has several challenges while improving. 1) It’s a little large body depending. Do people really want the whole Internet to have Google authority over their username / password? And, are smaller services actually wanting this enormous body to be at the mercy?
2) It’s inherently fragmented – username /password controlled by a Big Corp can never be “neutral” – “which social account did I use for this service again?” – We wouldn’t even want one company to win out.
3) People’s passwords are still insecure. If you use your Google account to login into everything, your security is now dependent on the strength of your Google account password, and the majority of people use weak passwords (though 2FA can help here.)
Ethereum Sign-In is a revolutionary concept. To begin, Ethereum provides ordinary individuals with computer-generated public/private key pairs as well as methods to securely connect them to services. Cryptocurrency incentives are finally doing what cypher punk philosophy has failed to do.
Your Ethereum private key is a password that only you have access to. There is no need for a central service to make it operate. Simply use your private key to sign something. You produce it on your own device, and your private key is never required by any service.
People require effective user interfaces for storing and utilizing their private keys. This was cypherpunks/Achilles PGP’s heel. Hardware wallets — Meta Mask, Wallet Connect social recovery, and so forth – are another area where crypto incentives are developing. There is still a lot of work to be done, but things are improving.
Second, you’ll need human-readable username Key pairs, which may be created by a machine; however, don’t usernames necessitate the employment of a central service to hold this information? This is Zooko’s Triangle: naming systems can’t be decentralized, safe, and understandable by humans, can they?
This Trilemma was overcome because to blockchain technology. The first effort at this was Namecoin (introduced in 2011), but it failed to gain traction. However, ENS Domains, which was established in 2017 and is based on Ethereum smart contracts, has gained widespread acceptance as the web3 standard ens.domains.
Users may register a.ETH domain name on ENS without using any centralized services, and then manage it using their Ethereum account. It’s your web3 username, it simplifies crypto payments, and it can even lead to a decentralized website—all with a single name.
When you combine all of this, you’ll have a decentralized self-custody username system for your Ethereum account. There is no company or centralized system involved in this entire setup, and the user is not controlled by a corporation, therefore it is credibly neutral.