I get it.
In order to implement this feature, maybe we could add some safeguards such as forcing the user to provide and validate his email address (without it, it would be able to do anything else on the website).
What do you think?
I get it.
In order to implement this feature, maybe we could add some safeguards such as forcing the user to provide and validate his email address (without it, it would be able to do anything else on the website).
What do you think?
There are websites like below just used for signup and confirmation.
The current and traditional login system doesn’t address this issue anyway.
Having an email address to pass on to somebody upon request is surely convenient for Storj but certainly not required by law or to run the service.
We saw https://www.opacity.io/ who are advertising exactly this, to collect no personal information at all.
My view would be that Storj which always mentions the privacy character of its service and how important zero trust is, probably should offer a way to sign up/log in such a way too.
And we will exchange private information over blockchain, when you would need a support or if we would need to contact you for legal reasons?
You Always can make in account prefirences, email addres needed valey, for account need to be files, but login with blockchain
So, the email address will remain there anyway I suppose.
If you read carefully initial post, it is asked to make second way to login parallel with email.
As always All concentrated also around relevant information, but forgot main idea.
For me the problem with it in the fact, that this wallet is not used anyhow. So this is a little bit disconnected from the context.
If you do not use a wallet there why do you use it to authenticate? For me it looks a little bit weird.
You have a key from the door (login and password) but you prefer to enters via window from outside on the second floor.
Make sense. 20 chars
Sorry I don’t get your point.
Why do you say that the wallet is not used anyhow? The user could totally use a wallet currently and use it to login. Actually, this is exactly how crypto users use their wallet: they store tokens, they login to applications and they send transactions from it.
The main idea of this proposition is still: propose another, more convenient and private way for the end-users to login (but still keeping the standard log-in feature). Just as it is possible for some applications to either create a new account on this specific application’s database or login with Google (SSO social sign-in).
The “Sign-In With Ethereum” function (let’s call it this way since it is the official name of the project which aims to standardize this feature on Web2) is just the new way to do SSO but in a way more secure, confidential fashion. In my own situation, I find Google Sign-In very convenient but avoid to use it especially because I don’t want to give some of my Google Account Information to a third party. And Google has enough power on the Internet, right? We don’t need to give them more…
Also, it would reinforce the Storj position as a major Web3 application. Since Storj is marketed as a Decentralized storage platform, it would definitely make sense to be able to use a decentralized identity.
@Alexey, let me explain how concerns could be addressed:
Thank you!
I made the first post as a wiki and now you should be able to update your proposal. Could you please add this useful explanation to there?
Addendum to your post…
The signature process is off-chain but publicly verifiable by anyone.
These signature statements are now being used by multiple DeFi websites such as 1inch and paraswap.
See this randomly found news article on 1inch:
https://thedefiant.io/1inch-geofences-usa/
Anyone can try it out here:
Thanks!
I updated the first post and re-arranged arguments a little bit
I will update it on an ongoing basis.
Hi @Alexey !
We’ve been talking about this proposition for while and, even if it has only 2 votes at the moment, I noticed that it raised some good discussions and maybe change some minds.
If this interest was confirmed by other community members, what would be the next steps for this proposition?
Thanks!
Hi!
I do not have any information and did not see any work items regarding this feature.
The next step usual is writing a blueprint and publish it in this forum and as a PR (storj/docs/blueprints at main · storj/storj · GitHub).
Are you interested to contribute it @jeremyfritzen?
Sure I want to contribute!
I’m gonna take a look at what is required in this blueprint. I’m not a developer, even if I have some basic coding knowledge.
Sure I want to contribute!
Great. There is a template for new blueprints, but it’s not required to strictly follow it if other sections would make more sense.
If the change is simple enough, a simple prototype may also help to show the proposed behavior.
As we discussed above, I would keep the registration as it is today, but you can introduce a new field for Ethereum public key / address in the user table. And a new endpoint can handle the new type of login if a message is properly signed on the ui.
I recommend to use GitHub - storj/up: Docker-compose files for running full Storj network locally, it is a docker-compose file generator which makes it very easy to start a full Storj cluster locally. ui / binary can be bind mounted if you would like to replace the released version with a local one.
@jeremyfritzen It depends on my time, but I am considering to start a blueprint. Please ping me if you are still interested, and we can do it together…