[HN Gopher] Ethereum community has solved a major problem of the...
___________________________________________________________________
Ethereum community has solved a major problem of the Internet:
Single Sign-On
Author : throwkeep
Score : 67 points
Date : 2021-06-11 18:43 UTC (4 hours ago)
(HTM) web link (twitter.com)
(TXT) w3m dump (twitter.com)
| Imnimo wrote:
| There are a lot of downsides to "Sign in with Google", but I am
| generally willing to accept them because I think I could recover
| my account if I lost my password. I'm not _certain_ I could do
| so, because we 've all read plenty of horror stories about
| Google's customer support. But I don't think I could recover an
| Ethereum private key. I'm sure there are esoteric ways of doing
| this. But ultimately what I want is the comfort that if worst
| comes to worst, there is a human somewhere on the planet who can
| reset my password for me. They might be hidden in a nigh-
| impenetrable labyrinth of automated emails, but they exist, and I
| could get them to help me if I make enough of a fuss on Twitter.
| bluebirdfirewin wrote:
| That would be a step in the good direction. But the DID should be
| preferred as it will enable much more features.
| whoknew1122 wrote:
| So the Director of Operations of ENS Domains says Ethereum has
| solved an extremely solved problem and one of the cornerstones of
| that solution is... wait for it... ENS Domains. Gotcha.
|
| I also take issue with:
|
| >Ethereum is giving average ppl computer generated public/private
| key pairs...
|
| 'Average' people aren't into crypto. And the average computer
| user doesn't know how to use asymmetric keypairs.
|
| Anyone want to try to explain asymmetric keypairs to mother-in-
| law who's in her 70s and needs help applying Windows patches? I
| sure don't. And I spend my days in SAML and OAuth world.
| chrischen wrote:
| What is this hypothetical "average" person, and if you aren't
| one (presumably) then how do you know what they are?
| whoknew1122 wrote:
| I work in support for AWS's security services, which includes
| both web auth and encryption services. I deal with plenty of
| IT professionals every single day that don't have a solid
| grasp on concepts like "don't attach your private key to a
| support case".
|
| If IT professionals--who are presumably above average in IT
| knowledge since it's what pays their bills--don't uniformly
| understand how to handle asymmetric keys, what hope do most
| non-professionals have?
|
| Do I know the exact profile of what the average computer user
| is? No, but I'd bet a paycheck that it doesn't include using
| crypto or private/public keys.
| saba2008 wrote:
| > an average person having one username and
| password/authentication method that works across all services
|
| It's a bug, not a feature. It's people throwing away their
| privacy for convenience. It's proverbial dancing piggies.
|
| Problem with global-scale SSO is not corporations, that control
| shared identity. It's shared identity itself.
|
| Distributed SSO is as good idea, as eco-friendly vegan huffing
| solvent.
| anyfoo wrote:
| Yeah, SSO does not seem to be a problem inside e.g.
| corporations. The SSO solutions I've encountered there work
| rather well, and nowadays employees authenticate not much more
| than once or twice a day to get access to everything.
|
| SSO outside of such closed realms, i.e. in the open Internet,
| rather only seems to be a "problem" because people don't want
| to adopt it. Instead, password managers are the solution that
| won. The Twitter thread mentions "No sweat: you can have as
| many Eth accounts as you want w/ different ENS names", but if
| you end up having one (or more, see throwaway accounts on
| Hacker News) accounts for each site anyway, why go through the
| trouble with public/private keys, when the random shared secret
| in your Password Manager works so well?
| pixel_fcker wrote:
| > nowadays employees authenticate not much more than once or
| twice a day to get access to everything.
|
| Unless you have multiple devices, in which case it feels like
| you're logging in constantly
| [deleted]
| ska wrote:
| It's odd this thread doesn't mention the sovereign self identity
| (SSI) efforts, DID Auth, etc. Folks who have been working in this
| area for years at this point and have some traction.
| arcticbull wrote:
| The issue with placing your identity on the blockchain is if
| someone gets your keys they become you. That's not a useful
| construct.
|
| Not your keys, not your life sounds _awful_.
| bluebirdfirewin wrote:
| Today when someone get a copy of your passport they become
| you. So I still prefer a private key.
| arcticbull wrote:
| They most certainly do not lol, not without some serious
| plastic surgery. If they wanted to avoid the plastic
| surgery route they'd have to update the details by proving
| them to a central authority who can verify the update.
| [deleted]
| ska wrote:
| Regardless of the pros and cons of various schemes, it's a
| strange omission.
|
| For what it's worth I think the whole effort is wrong-headed
| except in some pretty niche areas of credentialing, somewhat
| for reasons you allude to; but it's weird context to ignore.
| iSnow wrote:
| Revocation would still be possible, I guess. At least it
| should be possible to build a revocation flow on top of
| blockchain.
|
| I am not so sure this kind of authentication will really
| catch on - the UX of Metamask and other wallets is just
| atrocious for say my father.
|
| BUT I do happen to like to connect to a site just with my ETH
| wallet, it is much nicer than using username/password or
| handing over ALL your data to Google for the OAuth
| convenience. It's a bit sad that the web is no longer a place
| for people with basic tech literacy, I'd love to use my
| Ledger Nano everywhere.
|
| I also was really fond of Civic for KYC and stuff, but it's
| gotten awfully silent.
| schlotzisk wrote:
| That just sounds like OpenID with extra steps
| ChrisArchitect wrote:
| ha! good. OpenID yes
| arcticbull wrote:
| Is this really what people want? Seems strange that a single set
| of keys or a passphrase would grant you access to not only your
| wallet - all your money - but also all your online services.
|
| Am I missing something or is this just a fancy way of having a
| single password that gets you access to everything, and if
| compromised would be utterly devastating.
| rektide wrote:
| > But wait, what if you don't want a single account for the
| Internet? You definitely should keep certain activities
| separate.
|
| > No sweat: you can have as many Eth accounts as you want w/
| different ENS names
|
| https://twitter.com/BrantlyMillegan/status/14023881680418119...
| tptacek wrote:
| This is an extremely solved problem. Unless you have a
| dramatically interesting solution to the real hard problem,
| global account _recovery_ , ordinary home users are effectively
| tethered to their email accounts, because that's how you reset a
| login. Since you're doing that already, "Sign in with Google" and
| "Sign in with Apple" are perfectly cromulent solutions and likely
| to continue dominating.
|
| The actual last thing in the world home users want is an
| authentication system where credential loss is literally
| irrevocable.
|
| Meanwhile, the real market for Internet SSO is at companies, and
| one of the major reasons companies deploy SSO is to have policy
| control (particularly: onboard and offboarding) of who has access
| to what. A globally distributed authentication fabric is actually
| an anti-feature for those people.
|
| The actual last thing in the world corporate users want is an
| authentication system their IT department doesn't control
| absolutely.
|
| Part of what's happening with ideas like this, and the reason
| Internet identity has been such a tar pit for the last 20 years,
| is that there isn't one single service model for identity.
| Internet identity evangelists tend to overlook the fact that
| people have multiple identities on purpose.
| mondoveneziano wrote:
| > The actual last thing in the world home users want is an
| authentication system where credential loss is literally
| irrevocable.
|
| This is generally a concern I have about blockchain technology.
| What if it succeeds in its goal to play a major role in some
| sector, and something immensely important becomes attached to
| it.
|
| Mistakes happen. Both by humans and by computers. Software
| having bugs, hardware failing, bits randomly changing in RAM,
| are all obvious and commonplace. Mitigations exist (ECC,
| signatures...), but never along the whole chain. For example,
| BTC addresses might have checksums, but if the wrong row in a
| database deciding the address is selected in the first place,
| through human, software, or hardware error, that will not
| matter.
|
| Do we want to attach extremely important things to a system
| that is by design irreversible?
| fanf2 wrote:
| The main practical example is git. It does have some partial
| mitigations for fixing its historical record, for example the
| mailmap file for correcting names and email addresses. And, I
| suppose in the worst case a project could rebase its entire
| history to expunge illegal commits.
|
| Fortunately there's little chance of blockchain as in
| cryptocurrency succeeding outside the scammers and their
| marks.
| mondoveneziano wrote:
| git does not have a distributed consensus algorithm,
| however, and does not rely on proof-of-work/space/stake.
| Whether a rewrite of history is accepted is up to every
| consumer of any repository individually.
| bl557 wrote:
| by that logic we would never drive cars, ride airplanes, go
| to space, etc
| mondoveneziano wrote:
| Let's ignore space, where currently the highly elevated
| risk is well known to the few participants. If we could
| undo car and plane crashes, we would do it. We cannot, and
| my question is whether we want to force the same property
| on accidents that we currently can safely undo.
|
| Another example: Let's assume ownership of a house is
| defined by a blockchain. Through a mistake, ownership of
| your house has been transferred to someone else, or lost to
| an address with no existing private key. Alternatively, you
| were in the process of buying a house when the same
| happened.
|
| Would you be happy with the outcome of this simple mistake
| being irreversible?
|
| If not, and if you think litigation should retransfer
| ownership to you, what is the value of an immutable ledger,
| if the house went to a malicious party who does not intend
| to perform the transfer on said ledger, or to an address
| without private key, making transfer not possible in the
| first place?
| _hyn3 wrote:
| Excellent points. Many real-world problems that people
| are seeking to solve with a blockchain are often not good
| fits for the unique attributes that a blockchain has.
| Many of these problems are best suited to continued
| centralized administration, or targeted improvements
| without changing the entire governance model.
| xur17 wrote:
| > Another example: Let's assume ownership of a house is
| defined by a blockchain. Through a mistake, ownership of
| your house has been transferred to someone else, or lost
| to an address with no existing private key.
| Alternatively, you were in the process of buying a house
| when the same happened.
|
| I've thought about this a lot, and I think the solution
| is to use something similar to "social recovery wallets"
| [0], but with a dao (group of people) as the recovery
| mechanism. Basically, assume that the blockchain has the
| correct owner, and require very strong proof to overturn.
| This has the advantage of making 99.9% of transfers very
| cheap, rather than 100% of transfers expensive as is now.
|
| RealT is a company that sells "tokenized" real estate,
| and they do something like this. They assume the
| ownership on the blockchain is correct, but you can
| contact them, and they can overturn ownership if you
| prove that it was stolen or transferred erroneously. I'd
| personally take this one step further and have a group of
| people in the community that oversee the process
| (basically a court, but a lot more efficient and
| transparent).
|
| [0] https://news.ycombinator.com/item?id=27477940
| mondoveneziano wrote:
| If the company in your example can be contacted to
| overturn ownership, essentially degenerating the
| immutability and irreversibility of the ledger to levels
| comparable of existing solutions, then what is the actual
| advantage of this not only inefficient, but inefficient
| by design method of bookkeeping?
|
| I find it hard to reconcile "99.9% of transfers very
| cheap" with the property that at least proof-of-work and
| proof-of-space actively rely on literally counteracting
| any effort at becoming more efficient.
|
| "Classical" distributed ledgers in databases are not
| already more efficient by several orders of magnitude,
| they are made more efficient through advancements of
| technology, and those efficiency gains are actively
| sought out by participants, given that they usually
| directly translate into profit through reduction of
| overhead.
| xur17 wrote:
| > If the company in your example can be contacted to
| overturn ownership, essentially degenerating the
| immutability and irreversibility of the ledger to levels
| comparable of existing solutions, then what is the actual
| advantage of this not only inefficient, but inefficient
| by design method of bookkeeping?
|
| Currently when you buy a house, you have to go through a
| decent amount of effort both in time and money to
| essentially determine "who owns this house, and are there
| any liens on it". By using tokenized ownership, you can
| get rid of this part. Yes, it's not ideal that someone
| can override the ownership, but it's setup in a way that
| requires extensive effort and documentation to do.
|
| Ideally the party that could overturn ownership wouldn't
| be a company, but instead would be an elected, large
| group of people that determined this. And maybe there
| could be a way to opt out or select an alternate
| override?
|
| The point is that this system can be a ton more
| efficient, enable additional abilities (fractional
| ownership, instant, extremely low fee loans, etc), all
| things that the existing system does not allow. Yes,
| allowing ownership overriding isn't ideal, but I don't
| think allowing a group to override ownership in a
| transparent way completely negates all benefits of a
| system like this.
|
| > I find it hard to reconcile "99.9% of transfers very
| cheap" with the property that at least proof-of-work and
| proof-of-space actively rely on literally counteracting
| any effort at becoming more efficient.
|
| Ethereum will be moving to proof of stake in a year or 2
| (> $10B are locked up until this occurs, so I am very
| confident it will happen).
| mondoveneziano wrote:
| These are all plausible arguments for associating real
| estate ownership with a database. What are the arguments
| for this database being maintained by a blockchain?
|
| If you do not trust the authorities of the locality, e.g.
| the courts, to properly assign ownership and, more
| importantly, to defend your claim of ownership through
| further legal action, then how do you trust the
| blockchain implementation with its share of elected
| people and override mechanisms to do the same?
|
| > Yes, it's not ideal that someone can override the
| ownership [...] Yes, allowing ownership overriding isn't
| ideal, but I don't think allowing a group to override
| ownership in a transparent way completely negates all
| benefits [...]
|
| The assertion already is that mutability and
| reversibility are necessary and desired properties under
| the assumption that mistakes and mis-assessments happen,
| whether through human error or technological failure. The
| question is, what benefit does a blockchain bring over a
| regular database under this requirement?
|
| > Ethereum will be moving to proof of stake in a year or
| 2 (> $10B are locked up until this occurs, so I am very
| confident it will happen).
|
| I know proof-of-work down to the very detail, I have not
| yet looked at proof-of-stake. If proof-of-stake exists,
| and does not share the same problem of massive
| inefficiency (directly or indirectly), then I still think
| that a classical database solves these problems more
| easily, but I cease to care what solutions stakeholders
| choose. Proof-of-work, on the other hand, makes me and
| everyone else an unwilling participant in this scheme
| through unnecessary, and growing, consumption of energy
| and resources.
| xur17 wrote:
| I think we're both in agreement that a blockchain is just
| a glorified database. That said, there are advantages to
| a blockchain over a database:
|
| With a database, you can only do what the real estate
| ownership group lets you do / what their ui lets you do.
| With a blockchain, you can build things on top of it,
| fractionalized ownership, simple transfers, etc. It's
| basically a permissionless database that anyone can build
| on top of vs a database shoved in a closet at the county
| auditors that you can only use via their api and ui.
| bl557 wrote:
| Good points, and in response I would say that not
| everything needs to happen directly on chain. Just as an
| example there can be some company that develops an
| interface between the blockchain and the user that audits
| their code, insures themselves in the case of software
| bugs, and provides users with the ability to eject their
| assets from the platform. Maybe there are regulations
| that protect consumers against these problems.
| Crypto/blockchain UX is not even in the "command line"
| phase yet, we're still writing punch cards and feeding
| them into computers in my opinion :)
| _hyn3 wrote:
| Could you explain this a bit more; how does the
| logic/argument that the problems an immutable blockchain
| present in _this_ SSO scenario (namely, that it 's
| basically unfixable as a total system) follow that we would
| never drive cars etc if we continued in that line of
| thinking?
|
| Cars/planes/rockets seem to be fixable most of the time, or
| at least we would prefer them to be. (The last one is
| probably the least-easily fixable, and that is generally
| considered to be a negative attribute -- something to be
| mitigated, not celebrated -- and requires careful and even
| over-engineering because it's so hard/risky to fix a rocket
| in space.)
|
| Or, perhaps I am completely misunderstanding your point?
| bl557 wrote:
| The post i was responding to made the point - "do we want
| to attach extremely important things to a system that is
| by design irreversible?
|
| Human life is both extremely important, and the loss of
| it is irreversible, at least for now :). People generally
| seem to be willing to take risks for the sake of
| convenience.
|
| But in the end I believe we should be able to have our
| cake and eat it too - that is benefit from blockchain
| tech with safeguards preventing such scenarios
| simonmales wrote:
| Vitalk of Ethereum fame has an interesting concept how to
| make this less irreversible.
|
| Problem here is the hard work needs to be done at the
| beginning. E.g. picture your grandparent needing help using
| the below.
|
| As a power user, I like it.
|
| Social recovery wallets:
| https://vitalik.ca/general/2021/01/11/recovery.html
| bcmillegan wrote:
| Hey! Author of the thread here. Thanks for your comments!
|
| > This is an extremely solved problem.
|
| Not with the properties of Sign-In with Ethereum (SIE), which
| is single, user generated authentication credentials, a self-
| custody portable username in a naming system that isn't reliant
| on a trusted-third party, and that people are already getting
| for other reasons (to use Ethereum, so extra incentive to get
| set up, not just SSO incentive).
|
| > ordinary home users are effectively tethered to their email
| accounts, because that's how you reset a login
|
| Yep, and I don't expect that to change very much anytime soon,
| but there is a small but growing community of people tethered
| to their Ethereum wallets and ENS names and using those
| instead. Given the advantages and crypto incentives, I expect
| it to continue to grow. Note also that service can always re
|
| > The actual last thing in the world home users want is an
| authentication system where credential loss is literally
| irrevocable.
|
| Doesn't have to be. Depends on how your wallet provider works.
| There are already some wallet providers with social recovery,
| etc.
|
| Note two other key things:
|
| 1) Crypto incentives (unrelated to sign-in) mean that the
| private key management industry ("wallet" industry) is already
| highly incentivized to make it very difficult for people to
| lose access to their accounts (because then lost money). That's
| part of my point: private key management has never been good
| enough for average people, but crypto incentives have spurred
| on an massive industry to solve this problem. And while it's
| not solved (still needs improvement), it has improved rapidly
| in the last five years to be much better than ever before, and
| I expect it to continue to improve.
|
| 2) What I've described is just on the user side. If a web2
| service adopted this, they can always do things like require
| you provide an email address or other information, and they can
| still have a process for reassigning your account with them to
| a different Ethereum account.
|
| > The actual last thing in the world corporate users want is an
| authentication system their IT department doesn't control
| absolutely.
|
| Again, depends on what you want, you _can_ make it so that a
| third-party has access to all of your company 's employees
| Ethereum accounts.
|
| > Internet identity evangelists tend to overlook the fact that
| people have multiple identities on purpose.
|
| Yep. I don't expect this to replace everything else
| immediately, but I do expect overtime for this to become a
| ubiquitous option, such that a user could use their one
| Ethereum account everywhere if they wanted to. Also, re the
| need for multiple identities: as i point out in the thread, a
| person can generated as many Ethereum accounts and have as many
| ENS names as they'd like.
| jonplackett wrote:
| Anyone else wondering what cromulent means:
| https://www.merriam-webster.com/words-at-play/what-does-crom...
| DarmokJalad1701 wrote:
| The word reminds me of scones for some reason ...
| jonplackett wrote:
| I wondered if it was a reference to Oliver Cromwell who was
| known for his utilitarian manner.
|
| Scones sounds tastier.
| chrisweekly wrote:
| Thomas Cromwell is the historical figure "cromulent"
| triggers for me; the Wolf Hall trilogy is worthwhile
| historical fiction.
| anyfoo wrote:
| Weird. I knew the word already (though not for long), but
| as a non-native English speaker (German), it also always
| evoked pictures of scones, or in my case croissants, for
| me. Maybe because it sounds like "crumbling"?
|
| By the way, on a Mac you can just force press on any word,
| it gives a definition. Very useful.
| psanford wrote:
| The word 'cromulent' embiggens the smallest man.
| bcmillegan wrote:
| Hey! Author of the thread here. Thanks for your comments!
|
| > This is an extremely solved problem.
|
| Not with the properties of Sign-In with Ethereum (SIE), which
| is single, user generated authentication credentials, a self-
| custody portable username in a naming system that isn't reliant
| on a trusted-third party, and that people are already getting
| for other reasons (to use Ethereum, so extra incentive to get
| set up, not just SSO incentive).
|
| > ordinary home users are effectively tethered to their email
| accounts, because that's how you reset a login
|
| Yep, and I don't expect that to change very much anytime soon,
| but there is a small but growing community of people tethered
| to their Ethereum wallets and ENS names and using those
| instead. Given the advantages and crypto incentives, I expect
| it to continue to grow. Note also that service can always
| require a user to also provide an email address, it just
| wouldn't be used for authentication.
|
| > The actual last thing in the world home users want is an
| authentication system where credential loss is literally
| irrevocable.
|
| Doesn't have to be. Three things on this point:
|
| 1) Depends on how your wallet provider works. There are already
| some wallet providers with social recovery (multisig under the
| hood), etc.
|
| 2) Crypto incentives (unrelated to sign-in) mean that the
| private key management industry ("wallets") is already highly
| incentivized to make it very difficult for people to totally
| lose access to their accounts (because then lost money). That's
| a key part of my point: private key management has never been
| good enough for average people, but crypto incentives have
| spurred on a massive industry to solve this problem. And while
| it's not totally solved (still needs lots of improvement), it
| has improved rapidly in the last five years to be much better
| than ever before, and I expect it to continue to improve.
|
| 3) What I've described is just on the user side. If a web2
| service adopted this (not aware of any right now, it's pretty
| much just web3 services that use it), they can always do things
| like require you provide an email address or other information,
| and they can still have a process for reassigning your account
| with them to a different Ethereum account.
|
| > The actual last thing in the world corporate users want is an
| authentication system their IT department doesn't control
| absolutely.
|
| Again, depends on what you want, you _can_ make it so that you
| have access to all of your company 's employees Ethereum
| accounts.
|
| > Internet identity evangelists tend to overlook the fact that
| people have multiple identities on purpose.
|
| Yep. I don't expect this to replace everything else
| immediately, but I do expect overtime for this to become a
| ubiquitous option, such that a user could use their one
| Ethereum account everywhere if they wanted to.
|
| Also, re the need for multiple identities: as I point out in
| the thread, a person can generated as many Ethereum accounts
| and have as many ENS names as they'd like, using their real
| name or pseudonym, or whatever they'd like.
|
| Anyway, sorry for long comment, thanks for engaging!
| fossuser wrote:
| > "Part of what's happening with ideas like this, and the
| reason Internet identity has been such a tar pit for the last
| 20 years, is that there isn't one single service model for
| identity. Internet identity evangelists tend to overlook the
| fact that people have multiple identities on purpose."
|
| Urbit's approach seems pretty good for this? They use Ethereum
| to manage ID ownership/transfer, but they generate pseudonymous
| IDs by default (the user can decide if they want to connect
| them to their real name). They also have a small, but non-zero
| cost making them not really economically viable for mass spam -
| people hold on to them and develop reputation with them.
| There's a lot to like about that model (I think it solves a lot
| of these issues while also not having the IDs entirely owned by
| one company).
| [deleted]
| mattbee wrote:
| There were loads of vendor-neutral identity ideas that all fell
| flat because nobody wants to sign up just for an identity.
|
| This one is hilariously complicated; the thread ends with this
| call to action:
|
| _Want to get a portable web3 account?_
|
| _Pick an Eth wallet:https://ethereum.org/en/wallets/find-
| wallet/_
|
| _Get ETH (sometimes built into wallet, otherwise use a service
| like Coinbase)_
|
| _Get an ENS name:http://app.ens.domains_ * (Choose which is your
| username by setting reverse record at My Account)*
|
| It's that easy!
|
| I think the author underestimates how little most people care
| about their weak passwords, or centralised authentication.
| ChrisArchitect wrote:
| the continued annoying arrogance of these crypto people, claiming
| things are just 'web3' all of a sudden because they've built some
| crazy thing that seems to be outside the mainstream.... but then
| posting stupid twitter threads (seriously, use a fucking blog
| post) claiming they've solved identity, while ignoring all the
| world SSO and SSI people have been doing/real work/tackling
| issues and dealing with how real world people actually deal with
| (successfully/not so successfully) with these things and the way
| users ended up with today password managers/email still the
| internet's killer app/ID thing.
|
| sigh.
___________________________________________________________________
(page generated 2021-06-11 23:01 UTC)