As a Storj DCS (formerly Tardigrade) customer, I’m thinking it would be very nice to be able to log in Storj DCS satellites with an Ethereum address.
It would still be possible to login with your email address. Ethereum address login would be just another way to login.
Executive summary
The main idea of this proposition is: propose another, more convenient and private way for the end-users to login (but still keeping the standard log-in feature aside). Just as it is possible for some applications to either create a new account on this specific application’s database or login with Google (SSO social log-in) .
This feature would be based on “Sign-In With Ethereum (SIWE)” implementation.
In a nutshell, SIWE feature brings:
for the user: convenience (better user experience), privacy, security
for Storj Labs: greater popularity as a Web3 major actor, easier way to attract users and maybe easier/cheaper way to manage its customers identity (the last point would need a little bit more study).
Why this feature?
SIWE feature is just the new way to do SSO but in a way more secure, confidential fashion compared to Social Log-in. In my own situation, I find Google Sign-In very convenient but avoid to use it especially because I don’t want to give some of my Google Account Information to a third party. And Google has enough power on the Internet, right? We don’t need to give them more…
This log-in method has several advantages:
Better user experience:
With this feature, the user wouldn’t need to register (yet another) account. If he has an Ethereum wallet, then he’s able to log-in quite instantly to Storj DCS. No need to think about a new password (or re-use the same one…), to comply with a new password policy. And this kind of Web3 SSO may become the new universal SSO even for Web2 in the coming years (just a personal opinion).
The beauty of this feature is that you can even generate several identities based on the same seed-phrase (~ your Web3 password) and use it in any compatible website. SIWE already allows any Ethereum wallet owner to log-in instantly to any Web3 application.
This feature is also very convenient for people who already have some STORJ tokens. Indeed, if you login with your Ethereum wallet and already have some STORJ tokens, you cna spend them right away. No need to send your funds to Storj Labs ahead of time (which would require extra gas costs, extra steps, etc.).
Increased security: Since this new form of identity is based on cryptography, it is way more secure than current authentication method. Why? Because:
Your “password” is natively secure. It would actually be a passphrase of 12, 24 or even 36 words.
Neither your identity nor your password are stored on a server. Everything stay local, even when signing-in or loging-in.
Storj popularity: it would reinforce the Storj position as a major Web3 application. Since Storj is marketed as a Decentralized storage platform, it would definitely make sense to be able to use a decentralized identity.
Concerns and how to address them
I know that this proposition may raise some concerns. Here are the suggestions on how to address these concerns:
Ability/necessity for Storj to provide information for legal issues ( e.g. the user uploaded criminal pictures ): different solutions could be found to address this concern:
We could totally add a safeguard by forcing the user to give (and validate) his email address before being able to upload anything. But once again, an email address could be useless since it is easy to create a temporary one or just not answering emails. Though, it is possible to retrieve the real owner by using the IP used by the client, etc. Using Sign-In With Ethereum wouldn’t change anything on this possibility, it would still be possible to have the criminal’s IP address.
Have the “Sign-in With Ethereum” user sign a user agreement statement with the private key of the wallet address. The user agreement statement might even include the user’s email address, if necessary for legal purposes.
Crypto is still too complicated and needs mass adoption : I would answer that it is an optional login-in feature (the user doesn’t have to use it if he prefers the old way). Not all users would have to it (as they don’t have to use Google Log-in ).
Ability to get in touch with the customers : if the user has an issue and wants for support, he will find a way to get in touch with you. But anyway, I understand that Storj sometimes needs to send communications to its end users. There are other ways to do it (even though it would require extra devs):
Message on the Dashboard
Notification feature in the Storj client that the customer would need to configure in the Storj configuration file. The notification could use pushbullet notifications, email (using the customer email address as the expeditor), etc.
Connecting a metamask wallet would easily allow for payment as well as prevent username/password rainbow attacks and/or poor password storage or salting in the web server’s database.
So for a login I only need to know your wallet address? Really? Or are you willing to give away your private key?
As long as it is your private key you will have to pay the transaction fees anyway. Sure you could give storj your private key and let them execute the transaction but it would still be you that has to pay the fee.
I think connecting through Metamask is secure. You would need to unlock your wallet in order to be logged-in the Tardigrade satellite WebGUI. You don’t have to give your private to anyone. It works exactly the same way for a lot of decentralized applications (such as uniswap)
but then you could also generate a seed or a hardware wallet as login password. It would give you the same security and protection against rainbow attacks. You don’t need to login with a wallet. You can have the same security right now.
The authentication mechanism requires a new nonce and new signature with each login. The only individual who can create the signature is the wallet user. If the web site DB is popped, the attacker only get wallet addresses or hashed of wallet addresses… which are useless without the private keys… which never leave the authenticated user’s wallet.
It’s very different than using a username/password database for authentication. The server doesn’t store anything that’s useful to an attacker. However, if a user loses their wallet somehow, the website has no method to retrieve the account. So, some websites offer both methods of authentication.
The satellite doesn’t store your password. It only stores the hash of it. Just use a random 24 word seed and the attacker will be unable to find it even if you reveal the hash of it.
The hashes are salted. An attacker would not be able to even tell if you are using the same password for several other sites.
I would also add that it is a very convenient way to login since you don’t have to register before using it.
If you have a wallet address, then you are already able to access Tardigrade (and use it if you have enough STORJ).
However, the hash could have collisions … or be incorrectly salted… or be a hash found in a rainbow table.
Login with Metamask prevents all of those possibilities. There is no method to authentication without control over the wallet’s private keys… which are kept in the user’s wallet and secured locally encrypted with the wallet’s local password.
Yes, you were right about the fees. But I keep thinking it is a nice way to login and it avoids registration process. Even if registration process is easy and quick, it can be a barrier. All Ethereum wallet holders would be able to use Tardigrade, just like that!
I also think this way of login would allow other features such as being able to easily pay in other tokens (even in Ether) by implementing a uniswap feature into Tardigrade. For example, the user pays in Ether and the amount is automatically swapped for STORJ and then sent to Storj Labs. Of course, the fees would be paid by the customer.
No, No and No. You can verify the hashing method we are using. That is the advantage of open source.
Again you can have the requested level of security right now. You just need to choose a secure password. I have generated myself a 500 char password just to see if there is any restriction. It worked just fine and gives me even a higher security than metamask.
Coinpayment could do that right now. This service comes with additional fees that we would like to avoid.
Nope. We need an account to receive a payment but if we would allow you to pay with ETH you could do that with any wallet. You don’t need a coinpayment account.
Same for STORJ payment ofc except that we wouldn’t need to enable the coinpayment exchange for that.
