I'm one of the founders of SimpleID. As a Web3 app developer, I have first hand experience hand holding users through the complicated on-boarding process. I built Graphite, a popular dApp, using traditional Web3 auth and I just recently cracked 10K users after 2 years...
The status quo today expects users to navigate pop-ups, install extensions, and of course manage their 12-word key phrase! What I've learned is that people don't really care about decentralization. They should, but they don't — at least not yet. What people do care about is protecting their data privacy and convenience.
Therefore, we built SimpleID, a suite of developer tools that lets you easily on-board users to Web3 apps. If your users are tech-savvy and want a 100% truly decentralized solution, you're probably not going to be very interested in SimpleID. And that's OK. We want the other 98% of people to actually use dApps, and have that "ah ha" moment about what data ownership truly means.
Our solution is all about choice — we don't force you into any specific blockchain, identity, or storage provider. At login, users automatically get wallets (Ethereum, Bitcoin), DID (ENS, Blockstack), and storage (IPFS, GAIA). We also plan on supporting other protocols, and more importantly hope to get rid of passwords all together!
It seems that your demo page (.../demo) is broken (it's 404ing with a NoSuchKey).
Anyway, I'm wondering if your solution helps users who forget their password? (Though I notice your initial comment says something about "get rid of passwords all together.)
Love what hedgehog is doing! However, we are cross-platform and never expose the users master private keys to the developer. When a user logs in to an app, only the app specific key pair is delivered on auth.
We've been moving fast trying to get SimpleID in as many hands as possible, but we absolutely want to support other blockchains. More in-depth Ethereum support is next up, then we want to look at adding support for blockchains like EOS, Steem, and more. It'd be great to get feedback from others on what blockchains to support!
It absolutely does. All we store is an encrypted version of the user's master keychain (the 12-word seed phrase we're trying to eliminate). We can't access that keychain without the user's consent. The user is emailed a copy of this encrypted keychain and can take it with them to any service that supports bip39 seed phrases.
We chose this method because it requires trust of just one entity (the lambda end point we provide) rather than trust of each app that might interact with SimpleID's SDK. If the seed phrase is generated client-side within an app, that developer could hold onto that seed and use it maliciously.
Identities created through SimpleID can be used across multiple apps, so it's important to us that developers are only able to access data specific to their app (i.e. app-specific encryption keys).
Wow. So good to hear that an this just rekindles my faith on the steem blockchain. And it will really be awesome having simpleid support steem.
If you don't mind, you could do a review campaign of simpleid on steemhunt for proper awareness to the steem community. A review that could reach over 9 million followers of various channels.
Nice site and solution. I clicked 'run' on the Examples page and at first I thought it was broken but then after about 20s it produced output--might want to drop some initial output that tells users to wait or something.
Thanks! And totally agree. We talked about this leading up to this launch and went back and forth with it. The runkit example you see on the site is using the actual production Node SDK because we want developers to literally be able to copy and paste the code. So we also want to make sure the console output is appropriate for all environments. We'll find a balance though.
Sure! SimpleID is giving developers access to protocols that let users store their data and control their data. When you do this, you are not managing the data on behalf of the user, they are managing it themselves. That is inherently compliant.
I've been using blockstack and your app, graphite, sometimes. But I've allways thought creating a Blockstack-Id is too 'nerdy' for normal friends of mine so they cannot use a whole list of good apps based on blockstack.
I hope the more apps will use your SimpleID sign-on the more non-technical friends of mine can use blockstack-based apps.
Yes! This is one of the top things on our priority list. We will be completely removing the need for passwords and switch to one time use passwords and 2FA.
You can sign up for our slack on our website and we'll keep you updated :)
31 comments
[ 2.9 ms ] story [ 84.3 ms ] threadThe status quo today expects users to navigate pop-ups, install extensions, and of course manage their 12-word key phrase! What I've learned is that people don't really care about decentralization. They should, but they don't — at least not yet. What people do care about is protecting their data privacy and convenience.
Therefore, we built SimpleID, a suite of developer tools that lets you easily on-board users to Web3 apps. If your users are tech-savvy and want a 100% truly decentralized solution, you're probably not going to be very interested in SimpleID. And that's OK. We want the other 98% of people to actually use dApps, and have that "ah ha" moment about what data ownership truly means.
Our solution is all about choice — we don't force you into any specific blockchain, identity, or storage provider. At login, users automatically get wallets (Ethereum, Bitcoin), DID (ENS, Blockstack), and storage (IPFS, GAIA). We also plan on supporting other protocols, and more importantly hope to get rid of passwords all together!
[1] Demo: https://www.simpleid.xyz/#examples
[2] Sign up for free: https://www.simpleid.xyz/#app
Anyway, I'm wondering if your solution helps users who forget their password? (Though I notice your initial comment says something about "get rid of passwords all together.)
We are working on a solution where you never have to set or remember your password
Or is that off base? How would you contrast your security and functional approaches to what they're doing?
https://hedgehog.audius.co/
Let me know if you have any other questions :)
Try getting Google to let you do that ;)
Is the seed created and encrypted on the client or the server?
Identities created through SimpleID can be used across multiple apps, so it's important to us that developers are only able to access data specific to their app (i.e. app-specific encryption keys).
I just remembered I saw this once on steemhunt too, a Steem based product curation platform.
If you don't mind, you could do a review campaign of simpleid on steemhunt for proper awareness to the steem community. A review that could reach over 9 million followers of various channels.
You can learn more about it https://review.hunt.town/i/106
Maybe you want to collaborate with arkane.network for payment/wallets.
I hope the more apps will use your SimpleID sign-on the more non-technical friends of mine can use blockstack-based apps.
Thanks.
Are there any plans to support a second factor during login process, for example a one time token?
You can sign up for our slack on our website and we'll keep you updated :)