One of the biggest pain point for users in ethereum:
- users don't want to think about ether
- users don't want to think about backing up private keys or seed phrases
- users need to set up 2 factor authentication to be secure
- users want to be able to have a simple identifiable username
- users want to be able to pay for transactions using what they already have on the system, be apple pay, xbox points or even a credit card
- users want to use the same username accross multiple devices in a trustless manner
- but we don't want to train users to type their private keys in multiple places as it increases the likelyhood of a phising scam
How can we do that today?
Bob downloads status. First screen just says: “type your ethereum id”. No signup/login. No long process with 12 words. Bob types “bob” and the app completes “bob.status.eth”. It says “We will create your identity. It costs $0.50 but we are running a promotion and giving you this and other 50 transactions for free”. Bob clicks yes, and soon has his own id set up where he uses his status identity to play with criptofishes.
Bob later downloads mist in his computer, where it asks the same. Bob types “bob.status.eth”. The app says “we found that this identity exists. We will send a confirmation to add it here”. Bob clicks yes and his phone chimes with a message from status, saying “Someone is trying to log in your identity from a computer. Is that you?” Bob accepts it.
Now he is logged on as bob.status.eth and when he logs on criptofishes, he sees all his precious little fishes. He then sells one fish he created for some dai dollars. Bob doesn’t know what ether is.
When bob logs into status and creates an account, status will clone an identity contract for him and register that on their ens subdomain. Status is paying the gas for this transaction, but it only does it because it can verify that the user indeed is using a new phone, and status trusts apple’s deviceID information. It creates an ethereum key on the device, and adds it as the main key on the identity, along with a secondary key owned by status (which has limits on what it can do).
When Bob logs into Mist, it also creates a new ethereum key. These keys don't need be written down, in fact they should never leave the device if possible and are only backed up with the whole system. Mist uses that key to sign a whisper message asking to be added as one of the signers of bob.status.eth. Status receives this message and prompts the user for confirmation. If it agrees, then the local key will be used to sign a new message that it sends to status servers, authorizing an addKey transaction with that particular account. Status receives the messages and executes the transaction, paying ether. It doesn't receive anything for it, because it allows 50 free transactions for each new user, trusting that these are real apple ID users.
Now the bob.status.eth identity has both mist and status accounts as "authorized signers". Using Mist, bob then wants to sell a criptofish, so it signs a whisper message saying so. But unlike Status, Mist doesn't have a central server that pays ether for others, so it relies on a series of nodes. In the message of the fish sale, besides the data required for a normal ethereum transaction, it also authorizes the identity to pay 0.001 dai for whoever deploys that transaction. It's sent via whisper to all listening nodes, where one node reads it, checks that the identity has the right bytecode and that executing the transaction will cost less than 0.001 dai. It pays a low gas fee, and gets the dai in exchange.
This model changes the way users interact. Instead of using keys as a way of storing ether and paying for transactions, they instead use it mostly to send whisper messages authorizing them. A new network of nodes receives these whisper transactions and each independently makes a decision on either to publish them or not, based on whitelists of accounts (for instance a node can have a list of subscribers) or by checking the token it offers. Some nodes might accept only their own tokens, others will accept any token widely excahnged.