The Ethereum community has accidentally solved a major problem of the Internet: Single Sign-On

"Sign-In w/ Ethereum" is the future of login for *every app on the Internet*, crypto-related or not

Not just an idea, it's already the norm for web3 & will spread

warning long🧵👇
1/
First, what is "Single Sign-On"?

It can mean different things depending on context, but here I mean:

*an average person having one username and password/authentication method that works across all services*

2/
The Internet has no personal username/authentication system built-in

IP addresses change & are based on device/location, & DNS was never really meant to be a personal username system

But services need to know who you are. So each created their own username/password system😬

3/
We all know what happened
- ppl re-using weak passwords written on post-it notes
- sign-up fatigue ("i have to create *another* un/pw?")
- hacks + data dumps 👉 haveibeenpwned.com

Yes, ppl can use password managers etc, but this doesn't happen in practice

4/
One solution in the last decade has been Social Sign-On.

You probably already have an account w/ Google, Facebook, etc, so why not just sign-in w/ that to new services?

Users don't have to create *yet another* un/pw, & new services don't have to manage it - win/win!

5/
While an improvement, Social Sign-On has a few problems

1) It depends on a few big corps

Do users really want Google to control their un/pw for the whole Internet?

And do smaller services really want to be at the mercy of these big corps?

6/
2) It's inherently fragmented

- un/pw controlled by a big corp can never be "neutral"

- "which social account did I use for this service again?"

- we wouldn't even *want* one company to win out

7/
3) Ppl still have weak passwords

If you're signing in to everything with your Google account, your security for everything now depends on the strength of your Google account password, and most people use weak passwords (tho 2FA can help here)

8/
Ethereum Sign-In is a new paradigm

First, Ethereum is giving average ppl computer generated public/private key pairs w/ systems in place to securely connect them to services

Cryptocurrency incentives are finally doing what cypherpunk ideology couldn't

9/
Your Ethereum private key is your super secure password that *you* control. No central service required to make it work. Just sign something w/ your private key.

You generate it on your own device, and no service anywhere ever has to have your private key.

10/
Ppl need good UIs for storing/using their private key. This was the achilles heel of cypherpunks/PGP

This is another thing crypto incentives are improving
- hardware wallets
- @MetaMask
- @WalletConnect
- social recovery
etc

LOTS of work still needed but it's getting better
11/
Second, you need a human-readable username

Key pairs can be computer generated, but don't usernames require a central service to store this info?

This is Zooko's Triangle: naming systems can't be decentralized, secure, *and* human-readable... right?

en.wikipedia.org/wiki/Zooko%27s…
12/
Blockchains solved this trilemma. Namecoin (launched in 2011) was the first attempt at this, but never got adoption

But @ensdomains, launched in 2017 & built w/ smart-contracts on Ethereum, has successfully gotten wide adoption as the web3 standard 👉 ens.domains/#home-ecosystem
13/
Users can register a .ETH name on ENS w/o touching a single centralized service & then hold custody of it themselves w/ their Ethereum account

It's your web3 username, simplifies payments for any crypto, and can even point at a decentralized website, all with one name

14/
Put all of this together and you have a decentralized self-custody username system for your Ethereum account

No corporation or centralized system involved in this entire set-up, user (not corp) owned

therefore **credibly neutral** (this is key)

15/
This is better for users:
The *user* controls their account/username & can use it anywhere that adopts Ethereum Sign-In. No more annoying "land rushes" for usernames on new platforms

& better for services:
They don't have to manage a un/pw system or depend on Google/Facebook
16/
This isn't just an idea, this is *already* the web3 sign-in model

You sign-in to a dapp by "Connect"-ing your Eth wallet. Many then use your ENS name as your portable username. E.g. @Uniswap, @tryShowtime, @aavegotchi, @SnapshotLabs

More: #ens

17/
Wouldn't it be great if your single account for the Internet also had an avatar & other profile info?

That's where ENS text records come in. Not widely adopted yet, but an upcoming redesign of the ENS Manager will put the option of setting up these things front-and-center

18/
But wait, what if you don't want a single account for the Internet? You definitely should keep certain activities separate.

No sweat: you can have as many Eth accounts as you want w/ different ENS names

And your ENS name can be your actual name or a pseudonym, your choice👍
19/
FYI, when using Ethereum Sign-In you may be confronted w/ something like this 👇

At first it looks like Social Sign-In fragmentation but it's not. These are competing wallet UIs that *all use the same basic Eth account sys*

You can import your Eth account into other wallets
20/
An amazing thing about this is the Eth community did not set out to create a new decentralized neutral Single Sign-On sys

2 unrelated things came together: connecting your Eth wallet to use dapps + ENS originally for crypto payments (still does this!)

21/
And that's why I expect this will succeed

No "consortium" is artificially trying to force this on ppl. It's not over-engineered in committees out of touch w/ users & services

It's being developed open source & adopted organically by users & services b/c it's useful

22/
Once you've gotten used to the web3 model in which you own your portable account & username, the old web2 sandboxed username/password model starts to seem... antiquated

"Connect Wallet is the only way i want to sign in ever again"👀

23/
I say:

Down with a mess of accounts with weak user-generated passwords and sandboxed usernames owned by big corps (web2)

Up with secure private keys and portable usernames owned by users (web3)

It's the Internet as it always should have been

24/
Want to get a portable web3 account?

Pick an Eth wallet: ethereum.org/en/wallets/fin…

Get ETH (sometimes built into wallet, otherwise use a service like Coinbase)

Get an ENS name: app.ens.domains
(Choose which is your username by setting reverse record at My Account)

/end
@AdityaVSC @ProductHunt you could be the first significant web2 service to add this option

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with brantly.eth

brantly.eth Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @BrantlyMillegan

22 May
I think it's likely #Bitcoin settles into being an OG crypto collectible, & it's already farther down that road than ppl realize

This isn't a terrible fate & it can even be a great investment (collectibles can be!). But its highest ambitions are unlikely to happen

Here's why 👇
First, I don't think people realize how much the narrative around "what Bitcoin is" or is trying to accomplish has contracted over the years.

I hardly consider it the same project that it was just a few years ago.

Of course this is fine! Things evolve, but...
...noobs need to know that only a few yrs ago:

- programmable money / smart contracts
- low fees as desirable
- NFTs
- digital currency for everyday purchases
- "it'll copy innovations in other chains"
- heck, even issuing tokens

these were all explicit narratives *for Bitcoin*
Read 12 tweets
21 May
🚨THIS IS NOT A DRILL🚨

Dear squatters of elon.eth, elonmusk.eth or technoking.eth: THIS IS YOUR CHANCE

If that's you, PLEASE DM me *ASAP*. Can explain privately what's going on

You'd earn huge social capital giving it for free, but we ARE willing to pay a *fair* price for it
If you don't want to DM on Twitter, you can also email me at brantly@ens.domains. Time is of the essence here.

FYI, this is not a honey trap, I'm Dir of Operations at ENS (see ens.domains/about), I can assure you this all legit, and you can remain anon if you want. 👍
Read 5 tweets
21 May
Sign of the times:

For some prospective ENS hires, I checked their Twitter for their ENS, plugged it into Etherscan to get their txn history, & asked them abt projects they'd used.

Txn history is the new social media: ppl will check, & what's there can help (or hurt) you!
You can prove that you have been involved in certain projects, to what extent, and when.

Again, this can cut either way depending on what it shows: this can give additional credibility (power user of legit projects) or damage it depending on what it shows.
Reminder: If you put your ENS on Twitter, you're making the history of addresses associated w/ it now associated w/ you.

This isn't necessarily bad, this can be good, but just be aware

FYI you can have multiple Eth accounts for different uses to keep things separate if you want
Read 6 tweets
3 May
One of the most significant side-effects of the rise of crypto is we're *finally* giving everyone a public/private key pair

What cypherpunks had tried unsuccessfully to do for yrs w/ ideology is happening w/ crypto incentives

This has *far* reaching consequences

warning long🧵
First off, public-key cryptography (PKC) is one of the most imp innovations of the 20th c. yet most ppl haven't heard of it.

en.wikipedia.org/wiki/Public-ke…

It's so powerful that when it was created in the 1970s the US govt classified it as a military weapon!

en.wikipedia.org/wiki/Export_of…
And they weren't wrong. It's extremely powerful.

For all of history previously, if you wanted encrypted comms, e.g. between a general his troops far away, you first had to share the secret solution to your code

(eg "move every letter in the message up 7 places in the alphabet")
Read 20 tweets
26 Apr
One of the most powerful but under-used features of @ensdomains so far is *reverse resolution*. 🔁

This enables a key component of web3: portable usernames, and more.

I think this may actually be ENS's most used feature long-term.

Here's how it works & how to use it 👇

1/
First, terms:

*Forward* resolution (FR) is what you normally think of w/ ENS: enter a name & it resolves to data like a crypto address

Name 👉 data

*Reverse* resolution (RR) is opposite: start w/ an Eth address & look up to find the ENS name linked w/ it

Eth addr 👉 name

2/
If FR makes it easier to *input* a crypto address, RR makes it easier to *read* an Eth addr.

This is useful b/c Eth addresses are public & get displayed in many places.

**Anytime a UI might display an Eth addr, it should do an RR lookup & show the ENS name instead/also.**

3/
Read 13 tweets
21 Apr
The ENS of [non-Ethereum chain] is ENS.

This won't make sense to you if you think ENS is just .ETH names for Ethereum addresses. ENS does have that, but it's also *far* more.

Let me explain 👇

1/6
First off, even tho ENS runs on Ethereum, you can store *any arbitrary info*.

ENS can support any arbitrary crypto address & is already in many multi-coin wallets. ens.domains/#home-ecosystem

Here's an example of an ENS name w/ lots of crypto addresses: app.ens.domains/name/brantly.x…

2/6 Image
For a blockchain to be supported in ENS, it just needs to be in our address encoding lib.

It currently supports 110 of the top chains; feel free to submit a PR to add a new blockchain, we'll accept as long as it doesn't greatly increase library size

github.com/ensdomains/add…

3/6
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(