How should a Bitcoin app authenticate its users?
@joshua has recently been advocating Bitcoin-native user authentication - essentially some kind of challenge/response mechanism where a user signs the response with their wallet. Powping itself I think uses this kind of model.
https://coingeek.com/logging-in-with-bitcoin/
I like this idea, but truth is there is nothing like a standard for this, so apps implementing this approach need to do it wallet by wallet - effectively creating a hard dependency on a 3rd-party wallet, and limiting their users to those of the supported wallets. And we should remember what users like @satoshidoodles are telling us about this experience:
https://powping.com/posts/9b2dfc27d1223f71504ec09dad57321238a9449e5ef7779b036bade0768376c4
If we force users to log in with Money Button and/or Relay, are the accessibility trade-offs worth it? Is the humble username and password really dead?
How should a Bitcoin app authenticate its users?
@joshua has recently been advocating Bitcoin-native user authentication - essentially some kind of challenge/response mechanism where a user signs the response with their wallet. Powping itself I think uses this kind of model.
https://coingeek.com/logging-in-with-bitcoin/
I like this idea, but truth is there is nothing like a standard for this, so apps implementing this approach need to do it wallet by wallet - effectively creating a hard dependency on a 3rd-party wallet, and limiting their users to those of the supported wallets. And we should remember what users like @satoshidoodles are telling us about this experience:
https://powping.com/posts/9b2dfc27d1223f71504ec09dad57321238a9449e5ef7779b036bade0768376c4
If we force users to log in with Money Button and/or Relay, are the accessibility trade-offs worth it? Is the humble username and password really dead?