var TRINITY_TTS_WP_CONFIG={“cleanText”:”Logging in with Bitcoin.u23f8I presented on u201cBusiness sensibilitiesu201d in the Bitcoin SV DevCon last July 19, where I discussed some tips and techniques on starting up a Bitcoin business.u23f8I received some negative feedback on my assertions:u23f8https://twitter.com/Rob_GCC/status/1284861162564313088u23f8These assertions are not ideological, but about technical benefits, economic sensibility and user friendliness. While I did make bold statements, these are backed up by the Bitcoin whitepaper, features of the ledger, useru2019s feedback, and Satoshi Nakamoto himself, aka Craig Wright.u23f8I have referenced the below snippet of the whitepaper many times:u23f8As an application developer, the less information I need to collect from my users the better. The amount of information we must provide to online stores today is absurd. These data points are typically no less than the following:u23f8 tFull nameu23f8 tShipping addressu23f8 tBilling addressu23f8 tPhone numberu23f8 tCredit card detailsu23f8 tEmail addressu23f8All this is required just to purchase some batteries from Amazon. The more information online services collect the greater risk they carry, the more data they must secure, the more their operations will cost and the more likely a user will not use their service.u23f8In an article from 2007, Co-Founder of StackOverflow.com Jeff Atwood complains about this issue:u23f8The Nielsen Norman Group has recommended against this practice since 1999:u23f8Given that Bitcoin presents less risky and more streamlined alternatives, why would we forego that and insist on rebuking criticisms of websites for over two decades?u23f8For example, RelayX does not require any user details or registration to begin. Once downloaded, I can immediately start transacting in Bitcoin and use other applications seamlessly.u23f8https://twitter.com/liujackc/status/1268469516742193153u23f8This solution is possible because of the cryptographic signature framework provided by Bitcoin. If users can sign a message proving ownership of keys, an on-chain reputation, transaction history and control of a certain amount of funds, this is all the detail the application needs. While we still lack identity solutions, this process is a great first step in pioneering how users will interact with the ledger.u23f8This example highlights the next questionu2014if the barrier to entry to applications can be this low, why build your own, proprietary in-application wallet?u23f8This adds to development time, increases complexity and delays release to market while adding yet another loophole potential users must jump through before using your application. Additionally, developers have an increased security risk, open an attack vector, and require a support avenue in case of lost funds.u23f8To be clear I am not recommending against building a walletu2014I am criticizing developers who choose to build a wallet only for their application. If wallets exist that support more than one application, that wallet is already (and will always) more useful than any app-specific one.u23f8While the Internet has seemingly existed forever the technology is still quite young in the scope of human history. I believe we have not yet discovered the best solutions, given the disastrous consequences of its poor security that have unfolded from hacks, identity theft and overt fraud.u23f8Craig Wright at the 2020 Thecryptodefi.Com Conference in London spoke about the web of trust model we have today (timestamped link below):u23f8https://youtu.be/nASiBsNfYz0?t=561u23f8Google, Twitter, and Facebook have built technologies that are useful but I believe their time is coming to an end. The security model and features of the Bitcoin ledger will either bankrupt these entities or force them to join.u23f8See Blockbuster vs. Netflix for an example of how that turned out (h/t to T.K. Coleman).u23f8Their OAuth and 2FA (2-factor authentication) systems are preferred by users, but simply kick the can of responsibility from web platforms to the giant tech companies.u23f8As a friendly reminder, this is what those u2018secureu2019 technologies give you:u23f8Despite all this, if Bitcoin developers still intend to force users to login with an email and/or username/password, build their own custom wallet and (god forbid) run a u2018full node,u2019 I look forward to how those applications fare in the market.u23f8″,”headlineText”:”Logging in with Bitcoin”,”articleText”:”I presented on u201cBusiness sensibilitiesu201d in the Bitcoin SV DevCon last July 19, where I discussed some tips and techniques on starting up a Bitcoin business.u23f8I received some negative feedback on my assertions:u23f8https://twitter.com/Rob_GCC/status/1284861162564313088u23f8These assertions are not ideological, but about technical benefits, economic sensibility and user friendliness. While I did make bold statements, these are backed up by the Bitcoin whitepaper, features of the ledger, useru2019s feedback, and Satoshi Nakamoto himself, aka Craig Wright.u23f8I have referenced the below snippet of the whitepaper many times:u23f8As an application developer, the less information I need to collect from my users the better. The amount of information we must provide to online stores today is absurd. These data points are typically no less than the following:u23f8 tFull nameu23f8 tShipping addressu23f8 tBilling addressu23f8 tPhone numberu23f8 tCredit card detailsu23f8 tEmail addressu23f8All this is required just to purchase some batteries from Amazon. The more information online services collect the greater risk they carry, the more data they must secure, the more their operations will cost and the more likely a user will not use their service.u23f8In an article from 2007, Co-Founder of StackOverflow.com Jeff Atwood complains about this issue:u23f8The Nielsen Norman Group has recommended against this practice since 1999:u23f8Given that Bitcoin presents less risky and more streamlined alternatives, why would we forego that and insist on rebuking criticisms of websites for over two decades?u23f8For example, RelayX does not require any user details or registration to begin. Once downloaded, I can immediately start transacting in Bitcoin and use other applications seamlessly.u23f8https://twitter.com/liujackc/status/1268469516742193153u23f8This solution is possible because of the cryptographic signature framework provided by Bitcoin. If users can sign a message proving ownership of keys, an on-chain reputation, transaction history and control of a certain amount of funds, this is all the detail the application needs. While we still lack identity solutions, this process is a great first step in pioneering how users will interact with the ledger.u23f8This example highlights the next questionu2014if the barrier to entry to applications can be this low, why build your own, proprietary in-application wallet?u23f8This adds to development time, increases complexity and delays release to market while adding yet another loophole potential users must jump through before using your application. Additionally, developers have an increased security risk, open an attack vector, and require a support avenue in case of lost funds.u23f8To be clear I am not recommending against building a walletu2014I am criticizing developers who choose to build a wallet only for their application. If wallets exist that support more than one application, that wallet is already (and will always) more useful than any app-specific one.u23f8While the Internet has seemingly existed forever the technology is still quite young in the scope of human history. I believe we have not yet discovered the best solutions, given the disastrous consequences of its poor security that have unfolded from hacks, identity theft and overt fraud.u23f8Craig Wright at the 2020 Thecryptodefi.Com Conference in London spoke about the web of trust model we have today (timestamped link below):u23f8https://youtu.be/nASiBsNfYz0?t=561u23f8Google, Twitter, and Facebook have built technologies that are useful but I believe their time is coming to an end. The security model and features of the Bitcoin ledger will either bankrupt these entities or force them to join.u23f8See Blockbuster vs. Netflix for an example of how that turned out (h/t to T.K. Coleman).u23f8Their OAuth and 2FA (2-factor authentication) systems are preferred by users, but simply kick the can of responsibility from web platforms to the giant tech companies.u23f8As a friendly reminder, this is what those u2018secureu2019 technologies give you:u23f8Despite all this, if Bitcoin developers still intend to force users to login with an email and/or username/password, build their own custom wallet and (god forbid) run a u2018full node,u2019 I look forward to how those applications fare in the market.u23f8″,”metadata”:{“author”:”Joshua Henslee”},”pluginVersion”:”5.7.4″}; |
I presented on “Business sensibilities” in the Bitcoin SV DevCon last July 19, where I discussed some tips and techniques on starting up a Bitcoin business.
I received some negative feedback on my assertions:
I certainly wont tell other people how to run workshops, but if it was actually about development, then devcon needs to stop making ideological statements when teaching programmers how to code on bitcoin. Cringing when i heard that. pic.twitter.com/bR50HA4eNg
— Rob (@Rob_GCC) July 19, 2020
These assertions are not ideological, but about technical benefits, economic sensibility and user friendliness. While I did make bold statements, these are backed up by the Bitcoin whitepaper, features of the ledger, user’s feedback, and Satoshi Nakamoto himself, aka Craig Wright.
I have referenced the below snippet of the whitepaper many times:
As an application developer, the less information I need to collect from my users the better. The amount of information we must provide to online stores today is absurd. These data points are typically no less than the following:
- Full name
- Shipping address
- Billing address
- Phone number
- Credit card details
- Email address
All this is required just to purchase some batteries from Amazon. The more information online services collect the greater risk they carry, the more data they must secure, the more their operations will cost and the more likely a user will not use their service.
In an article from 2007, Co-Founder of StackOverflow.com Jeff Atwood complains about this issue:
The Nielsen Norman Group has recommended against this practice since 1999:
Given that Bitcoin presents less risky and more streamlined alternatives, why would we forego that and insist on rebuking criticisms of websites for over two decades?
For example, RelayX does not require any user details or registration to begin. Once downloaded, I can immediately start transacting in Bitcoin and use other applications seamlessly.
Testing next version’s in-app browser @relayxio @twetchapp @BaemailMe Add your app https://t.co/kaM8qcemJf and coming soon to @Voltfinance pic.twitter.com/nQOB8LhR9R
— Jack C. Liu (@liujackc) June 4, 2020
This solution is possible because of the cryptographic signature framework provided by Bitcoin. If users can sign a message proving ownership of keys, an on-chain reputation, transaction history and control of a certain amount of funds, this is all the detail the application needs. While we still lack identity solutions, this process is a great first step in pioneering how users will interact with the ledger.
This example highlights the next question—if the barrier to entry to applications can be this low, why build your own, proprietary in-application wallet?
This adds to development time, increases complexity and delays release to market while adding yet another loophole potential users must jump through before using your application. Additionally, developers have an increased security risk, open an attack vector, and require a support avenue in case of lost funds.
To be clear I am not recommending against building a wallet—I am criticizing developers who choose to build a wallet only for their application. If wallets exist that support more than one application, that wallet is already (and will always) more useful than any app-specific one.
While the Internet has seemingly existed forever the technology is still quite young in the scope of human history. I believe we have not yet discovered the best solutions, given the disastrous consequences of its poor security that have unfolded from hacks, identity theft and overt fraud.
Craig Wright at the 2020 Thecryptodefi.Com Conference in London spoke about the web of trust model we have today (timestamped link below):
Google, Twitter, and Facebook have built technologies that are useful but I believe their time is coming to an end. The security model and features of the Bitcoin ledger will either bankrupt these entities or force them to join.
See Blockbuster vs. Netflix for an example of how that turned out (h/t to T.K. Coleman).
Their OAuth and 2FA (2-factor authentication) systems are preferred by users, but simply kick the can of responsibility from web platforms to the giant tech companies.
As a friendly reminder, this is what those ‘secure’ technologies give you:
Despite all this, if Bitcoin developers still intend to force users to login with an email and/or username/password, build their own custom wallet and (god forbid) run a ‘full node,’ I look forward to how those applications fare in the market.
New to blockchain? Check out Thecryptodefi.Com’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.