头图

We are the generation that has been favored by the Internet. We have seen countless Internet hotspot projects as we grew up. With the dividends of the times such as traffic, we have made great strides, becoming unicorns, and even the dominant player in specific scenarios today. For example, Internet giants such as Tencent, Alibaba, and Pinduoduo. In the environment of the Internet blowout, we may feel ambivalent after investing in the blockchain field.

On the one hand, I marvel at how fast the blockchain is growing. This month, liquidity mining, next month, algorithmic stablecoins, and later NFT, NFT and DeFi, and GameFi. Various new tricks continue to emerge. It makes people feel fresh at any time.

But on the other hand, reality is also skinny. In addition to seeing the ups and downs of the market, we also know that there are very few participants who actually use dApps. The pomp of liquid mining for a few weeks and days, and soon after a while, such scenes have become commonplace.

Blockchain seems to allow us to see the outline of the future, but everyone has no bottom line. When will we see the large-scale implementation of public chain applications and acquire real users like Internet products? I think, here we have a clear, but not easy to implement answer, that is: We must make blockchain products and users no distance.

 
 

Why look for non-explosive products on the blockchain?

 

It is still difficult for us to see a well-recognized "explosive product" of the blockchain. The author believes that there are many reasons, and everyone may have their own version. Here, I tried to combine my own blockchain experience to sum up a blockchain explosive formula:

explosions = smooth x high frequency applications x new traffic

From the past to the present, the use of the product is smooth, there are enough attractive scenes, and the group of people who are attracted can be found. In fact, these points are indispensable. However, on the blockchain, it is currently difficult to have explosive products that attract new users for a long time.

In the blockchain circle, we can often see an abnormal phenomenon: assets that have been bought on exchanges, we may not have really used the products behind them, like many people who bought UNI, but it has never been used After Uniswap, many people have been speculating on coins for three to five years, and they may not have used MetaMask to play any DeFi or NFT. There are more currency holders than real users. This may be completely contrary to the logic of the external Internet world. Taking stocks as an example, it is impossible for a C-end project with more shareholders than users to exist.

Behind this weird phenomenon, there is a very important reason, that is, the user threshold of Even if I am a user who wants to use DeFi, the creation of a wallet and the preservation of private keys are already a big obstacle for many users, not to mention slow transaction speed and how to pay the handling fee to be reasonable. Wait.

One pit after another, one hurdle after another, the logic of using the wallet alone is enough to kill users. Even if there are wealth effects or other high-frequency incentives behind the application, it is difficult to impress new users. . To put it in an unpleasant but realistic sentence, it is that for users, in terms of experience, mnemonics, private key storage, and plug-in wallets are not too "advanced" experiences, but the use of blockchain The necessary evil of the product.

smooth user experience of 16114ce0089d81 is a prerequisite and necessary condition for products to produce explosive products. 16114ce0089d82 is a test of blockchain product people’s technical understanding and empathy for user pain points. If you use the context of the Internet, in fact, behind the smooth experience is a kind of technological innovation, which will promote new scenarios and new user groups into the world of blockchain products.

 
 

Today, UniPass redefines the wallet

 

Today, if blockchain products can reduce the threshold of use as much as possible, for example, like ordinary Internet products, through email verification and fingerprint recognition, blockchain accounts can be generated and used to enter any dApp, then the blockchain world The pattern may continue to rise one level.

At this time, a Game Changer appeared, that is, the UniPass Lay2 team.

Today UniPass redefines the user's entry into the blockchain world-wallet. This is a product polished by the Lay2 team after years of iteration. Of course, the product is also gradually evolving. Their understanding and implementation of wallets may have subverted our previous impressions of blockchain non-custodial wallets:

1. The wallet does not necessarily require users to write down complicated mnemonic words

In UniPass, any signature verification can allow users to easily create blockchain accounts in various ways without losing security. This is not only a test of the wallet's ability to achieve, but also the compatibility of the public chain. On UniPass, you can see that the step of writing down the mnemonic phrase does not need to exist. Instead, the public and private keys generated by the existing Internet signature verification tools are used.

2. The wallet is not necessarily only one way to generate the key

Behind the wallet are countless dApp applications. The wallet must be used by someone to make sense. The application hopes that users from all directions can use my dApp. Therefore, wallets that access dApp can open different doors. To welcome users from different entrances, this is a major point. In this regard, UniPass is also more diverse in its login options than ordinary wallets. In the long run, Internet R1, RSA, Bitcoin, Ethereum K1 or hardware wallets can all generate blockchain accounts on CKB.

3. The wallet does not have to be an operation interface that the user is not familiar with

A sense of security is a prerequisite for users when using a product. The more familiar the interface is, the more confident users can use it. In the past, users may be very unfamiliar with MetaMask or other mobile wallets as an entry point. Of course, let alone the interface that allows him to log in through a hardware wallet, this is even more a fantasy. In fact, blockchain accounts can be directly generated on Internet pages that many users are familiar with.

4. The wallet does not necessarily require users to download an App or plug-in

In the past few years, in the blockchain circle, everyone has subtly developed a concept: for dApps, a wallet is a plug-in or a mobile app, and users must rely on this "extra" downloadable plug-in wallet when using the dApp. , Or we can open our dApp in the browser where we "extra" download the wallet. In fact, these have brought many unnecessary steps for users, because one more path means that the product has rejected a batch of users.

But in UniPass it is different. The picture below is the interface of UniPass wallet. We can find a very special point: the wallet is in the form of a web page. We can open UniPass wallet in any web browser regardless of whether it is on a computer, mobile phone or tablet.

▲ The Wallet can be opened separately or embedded in the login pop-up window of any dApp. Source: UniPass & Mibao

Then you may ask, how can I create a Nervos wallet account in this wallet? 16114ce0089f16 You only need to create a set of account passwords that belong to you, and you can generate a At the same time, it can also be placed on the login page of any dApp. presents the login entrance in the form of a pop-up window. In this way, the wallet is not a plug-in or mobile app that you need to download, but when you want to use it. Any developer can prepare the entrance for you.

This is not bragging, nor is it magic. Of course, it is impossible to happen in the process like a wallet on a public chain. When you give it your email address, it is a stupid act of sending you a plaintext private key. The reason why UniPass can bring a smooth user experience is the crystallization of the careful conception of the Lay2 team and the open cryptographic verification system of Nervos CKB.

 
 

The secret behind the black magic of UniPass

 

What is the secret of the black magic behind UniPass? This depends on the underlying virtual machine that Nervos can support various cryptographic primitives, the Cell model with unlimited unlocking rules, and of course Lay2's sophisticated architecture design for UniPass.

Regarding the feature that Nervos can flexibly support various existing signature algorithms without requiring users to create a new set of wallets, I don't think I need to go into details. You can refer to some past articles to understand the principle. Here, I would like to highlight that, even with flexible bottom, UniPass must also have enough sophisticated design, it allows users to have a smooth block chain experience, this Lay2 is how do it?

 

Two-tier structure: make the wallet pervasive and safe

 

Security is the key to the wallet’s uncompromising and unwillingness. A wallet with insufficient security is like an airplane with a hole in the window, which can fall apart at any time, even the luxurious A380. However, the user experience is very important. Therefore, in UniPass, a lightweight wallet, there is an exquisite two-layer architecture to protect the security of the key and take into account the convenience of use.

The two-tier architecture of UniPass is shown in the figure below, which consists of MasterKey and LocalKey:

UniPass authorization and the way to interact with
  • UniPass account in the first time

MasterKey is the real public-private key pair of this wallet. It can be any signature algorithm, including the RSA algorithm supported by the end-to-end encryption tool Subtle Crypto for general web browsers. Blockchain players are more familiar with Ethereum and Bitcoin. The signature algorithm, of course, can also be a hardware wallet or even Yubikey.

Therefore, we can know that at the MasterKey level, UniPass gives great activity to support various signature algorithms, allowing users to use the keys of various existing facilities as their own Unipass keys. Generally speaking, UniPass has preset that users do not have any facilities, and can directly generate a set of own public and private keys through Subtle in the web browser. is also prepared for advanced cryptocurrency players and Degens. Methods.

  • LocalKey

LocalKey is the key that the client will actually come into contact with. The password that the user enters when logging in to UniPass or Secret Wallet is actually using LocalKey. The advantage of this is that we can ensure that the MasterKey private key is not exposed for too long in a networked environment. At the same time, we can use the MasterKey to authorize and sign the LocalKey. We can also use the keys generated by the Subtle and WebAuthn supported by the LocalKey to replace the MasterKey. Key.

In this way, we can ensure that when ordinary users interact with the , 16114ce008a0cf we will not expose the user's MasterKey key directly to the use environment. At the same time, because the LocalKey can be stored in the IndexedDB memory in the device, and its private key cannot be exported, it is possible to maintain a good experience of continuous login without revealing the key.

 

Transaction verification

 

If anyone is interested in the security of keys and wants to know more about it, I think UniPass's transaction verification is worthy of in-depth discussion. In UniPass, since MasterKey has authorized LocalKey, LocalKey can open this wallet. Here, the contents that need to be verified for transaction verification are:

  • MasterKey's public key and MasterKey-privKey's authorization signature to LocalKey-pubKey
  • LocalKey's public key and LocalKey's signature of the transaction

The authorized signature of the MasterKey and the signature of the LocalKey must be available at the same time to be able to use the assets of the account.

 

Where is your key kept?

 

You may be witty at this time thinking of a question, that is: if this is not a custodial wallet, then where are our keys stored?

In fact, this question can be answered at several levels. In the current temporary version, user MasterKey will be stored in the cloud server with strong password encryption, but only those who have the password can use it, that is, the user himself. At the same time, in the IndexedDB memory of the user's own device, the LocalKey that cannot be exported, the MasterKey-pubkey equal to the address effect, and the authorized signature of the MasterKey to the LocalKey are retained. In this way, we ensure the user's use and the security of the keys. According to the Lay2 team in the future, UniPass's MasterKey Keystore will also support users to download and keep them on their own.

 

How does the mailbox recovery mechanism work?

 

Next, some sharp-eyed friends may ask, what is the recovery mechanism?

Of course, the magic of authorization also worked. When we created an account, in fact, our MasterKey authorized two keys, one is our LocalKey, and the other is our mailbox.

DomainKeys Identified Mail (DKIM) is a set of e-mail authentication mechanism that provides the functions of digital signature and identity verification to detect whether the sender, subject, text, attachments, etc. have been forged Pretend or tamper with. Currently, most mailboxes, such as Gmail and QQ mailboxes, already have DKIM.

Through MasterKey’s authorization of the DKIM signature of the mailbox, we can let the CKB chain verify "whether the DKIM is issued by the designated mailbox and whether it has an authorized signature", so that we can transfer the assets of our own account. This is how we can recover this asset even if we forget the UniPass password, that is, if we lose the Key. When you forget your password, no one else in the world can help you save the public and private key information of UniPass non-custodial wallets. The only way we can rely on is to sign your initial registered email address, because UniPass has authorized this in advance The signature of the mailbox can unlock the lock of the cell.

Of course, there is also a safety mechanism behind this, which is the action of unlocking the lock through mailbox recovery. It takes about 48 hours to transfer these assets on the account to prevent someone from maliciously stealing emails and stealing assets. mailbox recovery is the subtlety of Lay2's UniPass design. It successfully allows hundreds of millions of people to use DKIM signatures for mailboxes that have never played a key role in any blockchain. This is the first time that it plays on the Nervos chain. The user's entrance, is the first time for Nervos and the first time that the blockchain field has been integrated with this Internet facility we are most familiar with.

LocalKey and encrypted will authorization

 

How can a person without a blockchain account receive a red envelope of blockchain assets?

 

red envelope was greatly created by the talented Rossum in the community

UniPass also has a red envelope function that allows anyone to take away your cryptocurrency assets. You can also use passwords and riddles to red envelopes. The assets in the red envelopes currently have NFTs, and even Fungible Tokens in the future.

When using UniPass's red envelope function, you may find it amazing. Why can we easily issue NFT red envelopes on the CKB chain?

answer to 16114ce008a43f is very simple, or magical authorization.

The action of sending a red envelope is actually that after the user selects the NFT to be sent, we use the action of issuing a red envelope to sign and authorize a pair of keys under the chain, which can open the lock of the Cell where we store assets and transfer our assets. Therefore, the act of issuing red envelopes is actually an authorization. If your red envelope is a password red envelope, then we actually use this password or mystery to encrypt the Key, and the person who enters the Key can transfer this asset to your own UniPass account, which is why we are late The reason why we can't grab the red envelope is because we have already taken away the Key and transferred the assets in it.

, you may even find an interesting thing, that is, in this process (as shown below), 16114ce008a478 we only conducted a transaction on the chain, that is, let users who grab the red envelope The transfer of assets, and the red envelope is actually just an off-chain authorization for Key. can actually show the lightness of the Cell Model.


 
 

All users have to do is enjoy

 

above users need to understand, all users have to do is enjoy! Yes, for the average user, the content of my last part is basically nonsense. Because the user does not need to understand the principle, just enjoy it.

Users don’t need to be educated where they don’t need to use their brains. This may be the ultimate state of product design in any field. Just like I’ve heard an Apple executive say that Apple’s products do not require users to read instructions. The same is true on UniPass.

On UniPass, we will not see this wallet requiring users to understand the blockchain.

On UniPass, we will not see the wallet's "pre-use exam" for users.

On UniPass, what users have to do is to enjoy the convenience brought by blockchain technology and the right to manage their assets independently. Even though the above-mentioned technical architecture is complicated, the steps presented to the user can basically conform to the user's existing habits and experience, allowing the user to directly manipulate the mailbox at hand, or WebAuthn's biometrics and other tools , Began to play with the blockchain dApp. I think this is what UniPass wants to do.

Of course, UniPass does not stop there. In the future, it can be combined with many Internet pages, and it can also be combined with many blockchain infrastructures and applications. We can foresee that in the future, dApps no longer require users to download plug-in wallets, and users no longer need to download wallet apps. Instead, they can directly connect to the UniPass SDK through the dApp to generate the blockchain directly on the web page of the PC or mobile terminal. At the same time, you can directly use Unipass as a log-in certificate on traditional web pages, such as forums and so on.

In this way, we can see that more assets that used to be stored on centralized servers in the Internet, such as forum points, can become assets that users can hold themselves. As shown in the following diagram, users who do not have a wallet in the future will have the opportunity to log in directly with UniPass on the dApp. Traditional Internet websites, such as forums, can also open other decentralized usage scenarios for users through UniPass. The current user account already has the ability to receive assets, and at this time, the user does not need to change their usage habits. Under such circumstances, point-to-point value delivery such as red envelopes and the application of social attributes can also take this opportunity to open a window.

Any dApp in the future can provide a convenient entrance for users who do not have a blockchain wallet, source: Curve.fi (for illustration only)

Any Internet webpage can use this entry to open the

In the end, after eliminating unnecessary user barriers, we will see that the blockchain and users no longer have a distance. Any scenes with new traffic and high-frequency applications on the Nervos chain will be available under technological innovation infrastructures such as UniPass. , To provide users with a better experience, and to ensure that users who actually exist in this scenario will not be excluded because of technical barriers. At this time, the road to the full implementation of the blockchain has taken a step forward, and the day of the arrival of the block chain's explosive product has therefore come closer.

 
 

1. For this article, I would like to thank Stitch and the prefect of Lay2 team for their tireless advice and sharing of technical details. Without them, there would be no such content and a pleasant learning process.
2. UniPass is a very fast iterative product. There may be updates and iterations in content and design at any time. All architecture and content are subject to real-time updates by the Lay2 team.

 
 

highly recommended

 

On August 4, Zhixian, the founder and CEO of low-threshold encrypted identity UniPass technology implementation in the public class on the chain. Friends who have not had time to watch the live broadcast can view the video replay on station B:


NervosNetwork
241 声望870 粉丝

这是 Nervos 唯一官方 SF 号。在这里,你能了解到关于 Nervos 的一切,enjoy.