Industry standard

Seed phrases should no longer be the industry standard

Basic phrases: their time as an industry standard is over, says Zhen Yu Yong, CEO and co-founder of Web3Auth.

In my experience, crypto newbies and experts share a common gripe. Both camps tend to dislike the seed phrase, crypto’s tenacious industry standard for key management. Rookies find it difficult and unwieldy. Experts too, and they are particularly aware of the associated risks.

Basic phrases: distribution

For the uninitiated: a seed phrase is a single phrase, often as long as 24 words, that stores all the information needed to access or retrieve funds belonging to individuals on the blockchain. Seed phrases are a form of authentication. Wallets usually generate a phrase for a given user, who must write it down to keep it safe. The number one thing Web3Auth is to provide an alternative to the seed phrases.

Seed phrases are a simple way to handle a public or private key – think of it as a unique code used to sign transactions, prove ownership of a blockchain address and open your crypto vault – and to retrieve blockchain funds. They’re not inherently bad, per se, and they’re the current industry standard for key management. But they are not without serious pitfalls. On the one hand, they are difficult to memorize. Anyone with the seed phrase can access the associated funds – there is no way to restrict access to the owner of the funds.

Then there’s the obvious fly in the ointment: if you lose your seed phrase and lose access to your funds, you’re absolutely out of luck. Lost seed phrases led to 20% loss of bitcoin in circulation – a percentage that some analysts put at around $140 billion. Every other day in the crypto ecosystem, someone hears about their stolen or lost funds. Seed phrases are a single point of failure. If you lose it, have it spelled incorrectly, or if it’s stolen, it’s gone, along with access to your funds.

Boarding derails

Seed phrases also slow down onboarding for new users, who must first understand what it is and why they need it, then go through the build and registration stages before they can actually use it. encryption application they are in. to register. This unnecessary delay is off-putting to users who are hesitant about crypto, and it’s equally frustrating to even the most advanced users.

Every user needs a public/private key to interact with any crypto application or any Web3 application, just like you need a specific key or code to enter a vault . This is the non-negotiable part. But how that key is managed, derived, or represented is not. Encryption keys can be derived or represented as a seed phrase, but this is not required. As long as a key can live on a user’s front-end and a user can manage it very efficiently, they don’t have to manage a seed phrase. This is where we come in.

Old seed phrases, new growth

Web3Auth tries to replace the seed phrase. A seed phrase works like a master password: it must be entered exactly correctly (meaning there is a single point of failure) and anyone can use it at any time. Web3Auth, on the other hand, is similar to multi-factor authentication. We secure a user’s account by first dividing their keyboard into multiple parts, which we then store across a number of hotspots the user already owns.

Instead of writing a seed phrase, users choose which access points they want to use. This can be a social login like Twitter, their phone, backup email, and computer generated recovery codes of their choosing. These connections and methods are intuitive and familiar to users. And since there are multiple access points, there is no risk of losing all your crypto funds because you lost a seed phrase. If you choose to make your phone a hotspot and you lose your phone, you can still access your funds using another hotspot like social login or backup email. We are constantly developing these access point options. In each case, the goal is to make the login process as seamless and familiar as possible, ideally with an authentication interface (like Twitter’s login process) that they already use all the time.

By doing so, we not only bypassed this single point of failure with keyphrases, but we also reduced onboarding time. Web3Auth users can access their encrypted and Web3 applications through social logins and the device they are on. No need to dig up a seed sentence.

Drop Key Phrases

This improvement in form is good for all users and for the ecosystem itself. There is no reason for bitcoin to be “lost” – certainly not to the tune of $500 billion. The time of seed phrases as an industry standard is coming to an end thanks to its fatal flaw. And decentralized, intuitive authentication is the way to go.

Do you have something to say ? Write to us or join the discussion in our Telegram channel.

Warning

All information contained on our website is published in good faith and for general information purposes only. Any action the reader takes on the information found on our website is strictly at their own risk.