Shulou(Shulou.com)06/01 Report--

This article mainly analyzes how to make Ethernet Square DAPP users recover the lost private key related knowledge points, the content is detailed and easy to understand, the operation details are reasonable, and has a certain reference value. If you are interested, you might as well follow the editor to take a look, and follow the editor to learn more about "how to make ethernet DAPP users recover the lost private key".

On Ethernet Square, the private key is used to access accounts, sign messages, and so on. Once you lose access to the private key, you will lose access to all funds stored in the account. How is this different from losing your credit card password? You can't ask the bank to give you a new password because there is no bank in Tai Fong. Your funds are still credited to your address on the blockchain, but you cannot withdraw them.

The accounts and dapp services on the eTaifang block chain are designed to be decentralized, and no one keeps the access code on your behalf.

Services that store your private keys in a database can access your funds at any time, just like banks, which is the opposite of what the etheric Fong community is trying to achieve.

So, how do we coordinate the decentralized invocation requirements of ethernet and the needs of users for support services?

For decentralized service providers, as a financial custodian also has a strong legal meaning. Our own case: DAPACT is building a credit service platform based on existing loan agents in low-income countries. We define ourselves as a software company, a legally registered platform that provides plug and play technology to local lenders.

Access to user funds will make us a financial services provider rather than a software company, which means that we will be reviewed by local financial regulators. This will eventually translate into a requirement for some kind of banking licence and capital deposits in every country that has DAPACT.

In pure DAPPS services, once you lose your private key, there is absolutely no way to re-access your funds. Users need to be careful to back up their recovery passwords to a safe place. The most effective way is to write the password three times and put the hard copy in different places.

Some users often lose or do not back up this passphrase at all. This is a major issue for all DAPPS developers, especially for DAPACT, because we are dealing with people who don't know much about technology. Therefore, it is necessary to provide recoverable solutions for our users.

Users must be provided with a private key recoverability solution suitable for their understanding of the decentralized system.

Such recoverability solutions should follow the following three criteria:

External feature: the decentralized service provider cannot access the private key.

Customizable: users should be able to understand and configure recovery options even if the private key is lost.

Security: there should be no easy way to hijack another person's account through the recovery option. Only the person who actually owns the account can restore the account.

Existing solution

The following is an overview of the solutions being implemented, improved or explored by user experience designers in the Yitaifang community, starting with the latest launch.

Multiple signatures

Multiple owner n is allowed to be set for a multi-person signed wallet. If less than n owners are required, the remaining owners can replace the owner if they lose access. However, this solution requires at least 3 owners or owner devices (transactions require 2 confirmations) and a high degree of trust between owners.

Mnemonic

Mnemonic words (also known as seed phrases or passphrases) are a series of words that can derive a private key from cryptography. Users need to back up their own memory and ensure its security so that the private key can be regenerated if it is lost.

This recovery option is standard for Tai Fong addresses and wallets. Mnemonics has become a well-understood mechanism among advanced DAPPS users, but less knowledgeable users should have different choices. Memorization is as safe as the place where they are kept. Written on a piece of paper, they will be exposed to fires, floods, theft and other disasters.

Biometric data

One possible solution for the industry is biometric data such as fingerprints, iris scanning or face recognition. Biometric data cannot be "lost" like passwords on paper. If Apple and Samsung have invested so much money in biometrics, it must be a great solution, right?

The problem with this option is that once a person's biometric data is made public, it can no longer be used to protect an account, because you can't really change your fingerprints like changing passwords or switching accounts. As face recognition becomes mainstream, and there is even an OpenCV-based repo protocol on Github, this possibility becomes more and more credible.

Another disadvantage of biometrics is that different fingerprint sensors can become quite blurred and do not exactly match-for example, if a user cuts himself.

Restoration of social relations

Users can identify a group of friends who can restore access to their account on their behalf (that is, each of them has a signature that can be combined to grant access to the account). The account owner is replaced only if all friends agree.

The biggest problem with this solution is that groups of friends can work together to steal access to the account from the owner, even if the owner does not ask them to do so. This is why ideally, team members should not know who else is in the group.

Wechat has successfully implemented some kind of social recovery scheme that allows password recovery: when a user loses a password, Wechat requires the user to select a person from a large list of contacts. Knowing that Wechat contains reasonable bank information is undoubtedly a good clue for DAPPS.

Standard KYC program

Similar to the way modern banks execute KYC programs on new customers, users can identify themselves to KYC providers in order to regain funding. However, the user needs to perform a process that has been set up so that the provider knows the identity behind the address.

This solution has been used for token exchange operations such as nimiq. KYC validation is usually handled by a third-party provider such as IDNOW, which is costly and somewhat violates the blockchain principle.

Paralysis certificate

This new concept is also known as time lock recovery and last resort recovery. If access to the account is lost, it can be marked. In addition, people marked as "lost" may deposit a deposit. Now start a period of time after which the account will be replaced. During this period, the owner of the actual account can prove through the transaction that the account is not actually lost. If so, the attacker will lose the deposit transferred to the account.

As more and more designers enter the blockchain space, people hope that a great mind will come up with a killer user experience for password key management. Or who knows, maybe a middle-aged historian came up with some old knight tricks to get the golden law of safety.

Currently, according to our three standards (externality, customizability, security), many solutions (or their combinations) show good potential. Once the community agrees to an acceptable recoverability solution, there is a need to consistently adopt a common design language and standardized best practices throughout the ecosystem so that DAPPS users can get used to the recoverability model.

About "how to let Ethernet Square DAPP users recover the lost private key" is introduced here, more related content can be searched for previous articles, hope to help you answer questions, please support the website!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.