Hey all - I'm Roneil, one of the cofounders of Audius. We built Hedgehog to solve a specific pain point we faced - how can we get non crypto-native / non-technical users to sign up for a decentralized app? Current onboarding flows using Metamask and other alternatives were too cumbersome, time-consuming, and restrictive for our needs. We needed a way to generate a wallet on behalf of a user without them even knowing crypto was operating behind the scenes.
Hedgehog lives in your front end Javascript code. A user enters a username (or email) and password, which is used to secure a set of encrypted auth artifacts that are generated client-side and stored in the browser’s localStorage / on your (the application developer's) server. In this way, the encrypted auth artifacts can be retrieved and consumed on secondary devices without centralizing custody and control of the private key.
If the centralized server hosting the keys goes down, users can continue to access their wallet on the devices they already have. If the centralized server is compromised or operated by bad actors, the resources required to decrypt a stored auth artifact would be immense. However - this is why we recommend using Hedgehog only in low-to-no financial value use cases.
This approach is not without tradeoffs - but for the right use-cases we believe this will provide a needed alternative.
Assuming you've seen that project, how does Hedgehog compare?
Do you have recommendations on handling the initial funding of a wallet, especially for your target market of non-technical users? (after they have the wallet, how do they obtain ETH or other tokens to get started?)
We haven't seen that before, looks cool! The approach may be similar, but we packaged Hedgehog as a standalone / documented library to be consumed directly by developers. In looking briefly I wasn't able to ascertain how the private key is stored / propagated between devices in his model so it's hard to comment more precisely.
The approach we've taken at Audius on initial funding is to avoid funding the wallet entirely - we use EIP-712 signatures combined with a trustless transaction relay service that pays gas / submits EIP-712 signed transactions on-chain on behalf of users. In this way, the user wallet never holds any tokens but is still used to secure access to their account. We'll be open-sourcing our contracts and infrastructure code soon, but here's a good public example of this model in action: https://github.com/hellobloom/core/tree/master/contracts
That said, other folks may decide to use Hedgehog differently - perhaps you integrate with something like Wyre (https://www.sendwyre.com/) to help users fund their wallet client-side without knowing that crypto is there.
Probably late summer / early Fall! Want to make sure the developer experience is high-quality at time of open-sourcing, but we're testing now / onboarding artists in a private beta.
Very similar from a meta-transaction standpoint, but ours is simple and centralized (albeit trustless due to the tx signing model). This is much cooler!
Hey Roneil, I'm really new to crypto development and I'm having a hard time finding crypto communities for developers (the one who builds stuff). I've checked out eth's forum but it's not really developer focused, it's too general.
Where do you usually hang out? I would like to learn more about building crypto stuff and would like to participate in a community. Can you point me in the right direction?
Thank you!
PS: I have completely no idea what Audius is about, but it sounds cool. Good luck!
Hi there! Unfortunately I haven't found any high-quality online communities of crypto builders - most of my connections to other folks building are offline / irl. Would encourage you to attend local developer groups to get to know others in the space!
There are tons of helpful resources online though, as lots of folks write tutorials and other things. Googling most problems you face will yield good results.
Oh wow that's really unfortunate. I met some crypto people locally but almost all of them are trading focused. I also attended some "blockchain events" but most of them are just people shilling their coins/how to become a better trader.
Maybe I haven't tried hard enough finding the builders.
Thank you Roneil, and good luck on your endeavors!
Sorry to hear that - I've had good experiences in the past at Hackathons and other developer-focused events rather than general "crypto" or "blockchain" events.
It looks very cool. Just skimming the documentation, there isn't anything on how to perform actual wallet functions, or whether encrypt/decrypt data using public/private keys is available (which is something I'd find super useful!). Am I missing it, or is it just a matter of looking through the code?
Thanks for making something as cool as this open source!
Has there been any thought as to how the REST API + database side of this could be replaced with ipfs/swarm? I'm not sure how it would work, and there would likely be additional trade-offs, but it would be nice if the "D" in DApps could be retained in full.
There has! This could be a great approach - eg. a network of folks committed to supporting users in this manner could operate IPFS nodes that re-pin the encrypted keys.
We are also thinking about offline ways to share the key such that the centralized side is not required - eg. a QR code displayed on one device and scanned by another to propagate the wallet. This creates a problem if a user loses all of their devices though.
I'm part of the team that develops the Embark Framework and it would be awesome to rehash our decentralized Reddit tutorial using a fully decentralized Hedgehog.
As for the QR code getting lost, that's a good point, but the user could always be encouraged to make a physical copy and keep it in a desk drawer, and/or store it electronically somewhere else (e.g. Dropbox or 1Password) "just in case".
Maybe hit us up via GitHub or Gitter or Twitter if/when Hedgehog provides a fully decentralized option/s (as discussed above). At that point I think the Embark team would be really excited to leverage it in a new or refreshed tutorial series.
Awesome job! I love that you are addressing the UI/UX challenges of non technical users. Have you considered some type of integration with Keybase's social proofs and paper seed QR code for cross signing and revoking keys? I'm part of a research cohort hosting a month long series of workshops and hackathons on making emerging Web3 capabilities more accessible, at NYU ITP Camp in NYC in June. Perhaps we can play around with something. Will dive into the code for inspiration. Thanks for this great project!
We did not want to require use of Keybase to use our dapp Audius, though I could see it making a lot of sense to offer a keybase integration as a potential option.
FWIW, Audius still supports Metamask too - web3 is all about giving users choice from our perspective.
Right now Hedgehog is specific to the Ethereum account model (eg. POA network and others use this too), but there's no reason the approach couldn't be extended to work with other chains.
You could replace the use of 'ethereumjs-wallet/hdkey' with any other chain wallet library if it is compatible with the BIP-39 style HDWallet structure. Bitcoin and many other blockchains have compatible libraries that could be substituted easily!
There is not - this is the biggest deficiency of Hedgehog today. Without centralized custody of keys, it's not possible to have someone prove their ownership of a given key to a centralized party in order to unlock it. The key is encrypted, so the application provider nor anyone else can decrypt it without the user's username/password combination. This tradeoff is both a good thing and a bad thing in our view.
That said, there is a mechanism for changing your password if you are already signed in.
We are considering some mechanisms for fallbacks, eg using a threshold cryptosystem with multiple private keys and a 1 or 2 of n requirement, such that if a user forgets the way to generate one of the n keys they may still remember a way to generate the other(s). If you're curious, more on these schemes here: https://en.wikipedia.org/wiki/Threshold_cryptosystem
We feel these tradeoffs make sense to enable more mainstream adoption of cryptocurrencies, but they are tradeoffs; for certain types of applications the cost of losing control of an account is too high for this approach to make sense.
Hedgehog lives in your front end Javascript code. A user enters a username (or email) and password, which is used to secure a set of encrypted auth artifacts that are generated client-side and stored in the browser’s localStorage / on your (the application developer's) server. In this way, the encrypted auth artifacts can be retrieved and consumed on secondary devices without centralizing custody and control of the private key.
If the centralized server hosting the keys goes down, users can continue to access their wallet on the devices they already have. If the centralized server is compromised or operated by bad actors, the resources required to decrypt a stored auth artifact would be immense. However - this is why we recommend using Hedgehog only in low-to-no financial value use cases.
This approach is not without tradeoffs - but for the right use-cases we believe this will provide a needed alternative.
Happy to answer any questions you all have!