With the rise in popularity of ENS and NFTs, your blockchain wallet is increasingly becoming your web3 identity. The idea of having one web3 identity across all platforms is very powerful, but the sign-in flow is currently too technical and dangerous for most people.
Sign in with Ethereum is a great first step in this direction, but it has two big problems:
In a perfect world, this is a completely safe action. Sadly, we do not live in a perfect world and phishing runs rampant in the web3 space. Signing a wrong message even just once can have devastating consequences.
This is a big problem:
Since you need to sign a message in order to sign in, you are required to always have your wallet on you when authenticating with a service. From a security point of view, this is a very bad idea ($5 wrench attack anyone?).
Additionally, this rules out cold storage wallets from being used for authentication.
After a one-time setup, users can prove ownership of a wallet while leaving their actual wallet securely at home. In order to achieve this, we rely on the open standards of Verifiable Credentials, which allows us to craft a cryptographically verifiable proof that you are the owner of a wallet. This proof is then used during the authentication process instead of signing a message on the spot. This also means that there is no vendor lock-in with Hello3 as it’s all built on open standards. A full written specification of the protocol can be found at verifiableidentity.xyz.
UX is hugely improved as well. Signing in only requires scanning a QR code and one confirmation tap. You can check out the process in the 20 second video on our homepage.
Find the download links at our website hello3.io
Follow the onboarding steps in the app
Try out the signin flow over at example.hello3.io
Have a look at our docs over at docs.hello3.io. We have also created React bindings which make integrating Hello3 into your React app a breeze.
Please reach out to us on Discord with any questions!