I'm one of the founders of SimpleID. As a Web3 app developer, I have first hand experience hand holding users through the complicated on-boarding process. I built Graphite, a popular dApp, using traditional Web3 auth and I just recently cracked 10K users after 2 years...
The status quo today expects users to navigate pop-ups, install extensions, and of course manage their 12-word key phrase! What I've learned is that people don't really care about decentralization. They should, but they don't — at least not yet. What people do care about is protecting their data privacy and convenience.
Therefore, we built SimpleID, a suite of developer tools that lets you easily on-board users to Web3 apps. If your users are tech-savvy and want a 100% truly decentralized solution, you're probably not going to be very interested in SimpleID. And that's OK. We want the other 98% of people to actually use dApps, and have that "ah ha" moment about what data ownership truly means.
Our solution is all about choice — we don't force you into any specific blockchain, identity, or storage provider. At login, users automatically get wallets (Ethereum, Bitcoin), DID (ENS, Blockstack), and storage (IPFS, GAIA). We also plan on supporting other protocols, and more importantly hope to get rid of passwords all together!
Love what hedgehog is doing! However, we are cross-platform and never expose the users master private keys to the developer. When a user logs in to an app, only the app specific key pair is delivered on auth.
It seems that your demo page (.../demo) is broken (it's 404ing with a NoSuchKey).
Anyway, I'm wondering if your solution helps users who forget their password? (Though I notice your initial comment says something about "get rid of passwords all together.)
I've been using blockstack and your app, graphite, sometimes. But I've allways thought creating a Blockstack-Id is too 'nerdy' for normal friends of mine so they cannot use a whole list of good apps based on blockstack.
I hope the more apps will use your SimpleID sign-on the more non-technical friends of mine can use blockstack-based apps.
Wow. So good to hear that an this just rekindles my faith on the steem blockchain. And it will really be awesome having simpleid support steem.
If you don't mind, you could do a review campaign of simpleid on steemhunt for proper awareness to the steem community. A review that could reach over 9 million followers of various channels.
Nice site and solution. I clicked 'run' on the Examples page and at first I thought it was broken but then after about 20s it produced output--might want to drop some initial output that tells users to wait or something.
Thanks! And totally agree. We talked about this leading up to this launch and went back and forth with it. The runkit example you see on the site is using the actual production Node SDK because we want developers to literally be able to copy and paste the code. So we also want to make sure the console output is appropriate for all environments. We'll find a balance though.
Yes! This is one of the top things on our priority list. We will be completely removing the need for passwords and switch to one time use passwords and 2FA.
You can sign up for our slack on our website and we'll keep you updated :)
It absolutely does. All we store is an encrypted version of the user's master keychain (the 12-word seed phrase we're trying to eliminate). We can't access that keychain without the user's consent. The user is emailed a copy of this encrypted keychain and can take it with them to any service that supports bip39 seed phrases.
We chose this method because it requires trust of just one entity (the lambda end point we provide) rather than trust of each app that might interact with SimpleID's SDK. If the seed phrase is generated client-side within an app, that developer could hold onto that seed and use it maliciously.
Identities created through SimpleID can be used across multiple apps, so it's important to us that developers are only able to access data specific to their app (i.e. app-specific encryption keys).
We've been moving fast trying to get SimpleID in as many hands as possible, but we absolutely want to support other blockchains. More in-depth Ethereum support is next up, then we want to look at adding support for blockchains like EOS, Steem, and more. It'd be great to get feedback from others on what blockchains to support!
Sure! SimpleID is giving developers access to protocols that let users store their data and control their data. When you do this, you are not managing the data on behalf of the user, they are managing it themselves. That is inherently compliant.
I'm one of the founders of SimpleID. As a Web3 app developer, I have first hand experience hand holding users through the complicated on-boarding process. I built Graphite, a popular dApp, using traditional Web3 auth and I just recently cracked 10K users after 2 years...
The status quo today expects users to navigate pop-ups, install extensions, and of course manage their 12-word key phrase! What I've learned is that people don't really care about decentralization. They should, but they don't — at least not yet. What people do care about is protecting their data privacy and convenience.
Therefore, we built SimpleID, a suite of developer tools that lets you easily on-board users to Web3 apps. If your users are tech-savvy and want a 100% truly decentralized solution, you're probably not going to be very interested in SimpleID. And that's OK. We want the other 98% of people to actually use dApps, and have that "ah ha" moment about what data ownership truly means.
Our solution is all about choice — we don't force you into any specific blockchain, identity, or storage provider. At login, users automatically get wallets (Ethereum, Bitcoin), DID (ENS, Blockstack), and storage (IPFS, GAIA). We also plan on supporting other protocols, and more importantly hope to get rid of passwords all together!
[1] Demo: https://www.simpleid.xyz/#examples
[2] Sign up for free: https://www.simpleid.xyz/#app
It looks like similar functionality to Hedgehog but with hosting as a service, and extra functions added.
Or is that off base? How would you contrast your security and functional approaches to what they're doing?
https://hedgehog.audius.co/
Love what hedgehog is doing! However, we are cross-platform and never expose the users master private keys to the developer. When a user logs in to an app, only the app specific key pair is delivered on auth.
Let me know if you have any other questions :)
It seems that your demo page (.../demo) is broken (it's 404ing with a NoSuchKey).
Anyway, I'm wondering if your solution helps users who forget their password? (Though I notice your initial comment says something about "get rid of passwords all together.)
Great catch! I pushed the demo up to netlify and it should work now
We are working on a solution where you never have to set or remember your password
I haven’t explored your technology or solution yet, but I can say that your website is great looking and clear! Keep up the good work!
Thanks! We went back and forth on the site design for a while. We actually just released the new website last night.
I've been using blockstack and your app, graphite, sometimes. But I've allways thought creating a Blockstack-Id is too 'nerdy' for normal friends of mine so they cannot use a whole list of good apps based on blockstack.
I hope the more apps will use your SimpleID sign-on the more non-technical friends of mine can use blockstack-based apps.
Thanks.
Thanks Jonathan for the kind words, we hope more people can start using the amazing apps being built on Ethereum, Blockstack, EOS, etc.
Web 3.0 and its complex nature of on-boarding the non tech savvy ones. A tool like this is indeed needed.
I just remembered I saw this once on steemhunt too, a Steem based product curation platform.
Steem is such a cool project. That's definitely high up on the priority list for us to support!
Wow. So good to hear that an this just rekindles my faith on the steem blockchain. And it will really be awesome having simpleid support steem.
If you don't mind, you could do a review campaign of simpleid on steemhunt for proper awareness to the steem community. A review that could reach over 9 million followers of various channels.
You can learn more about it https://review.hunt.town/i/106
Awesome! Will do. Thanks for this, and sorry for the slow reply!
Nice site and solution. I clicked 'run' on the Examples page and at first I thought it was broken but then after about 20s it produced output--might want to drop some initial output that tells users to wait or something.
Thanks! And totally agree. We talked about this leading up to this launch and went back and forth with it. The runkit example you see on the site is using the actual production Node SDK because we want developers to literally be able to copy and paste the code. So we also want to make sure the console output is appropriate for all environments. We'll find a balance though.
And a second thought since recently a lot of discussion about 2FA / two factor authentication has happened:
Are there any plans to support a second factor during login process, for example a one time token?
Yes! This is one of the top things on our priority list. We will be completely removing the need for passwords and switch to one time use passwords and 2FA.
You can sign up for our slack on our website and we'll keep you updated :)
I like the convenience .. and that you can still use your account on other services that support bip39.
Maybe you want to collaborate with arkane.network for payment/wallets.
Thanks Friedger, do you have a person we can talk to there? Would love to start a conversation with them!
Pretty cool idea, but does this solution actually give users ownership of their identity?
It absolutely does. All we store is an encrypted version of the user's master keychain (the 12-word seed phrase we're trying to eliminate). We can't access that keychain without the user's consent. The user is emailed a copy of this encrypted keychain and can take it with them to any service that supports bip39 seed phrases.
Try getting Google to let you do that ;)
> All we store is an encrypted version of the user's master keychain
Is the seed created and encrypted on the client or the server?
We chose this method because it requires trust of just one entity (the lambda end point we provide) rather than trust of each app that might interact with SimpleID's SDK. If the seed phrase is generated client-side within an app, that developer could hold onto that seed and use it maliciously.
Identities created through SimpleID can be used across multiple apps, so it's important to us that developers are only able to access data specific to their app (i.e. app-specific encryption keys).
The seed is generated on the lambda, encrypted client side and stored in our database.
Didn't see this on your site, but is there a roadmap for future support (i.e. EOS or others)?
We've been moving fast trying to get SimpleID in as many hands as possible, but we absolutely want to support other blockchains. More in-depth Ethereum support is next up, then we want to look at adding support for blockchains like EOS, Steem, and more. It'd be great to get feedback from others on what blockchains to support!
Great looking stuff :)
Thanks! Here's hoping it can take off and help introduce people to web3.
FAQ is saying " You are automatically GDPR compliant". Explaining more can you this?
Sure! SimpleID is giving developers access to protocols that let users store their data and control their data. When you do this, you are not managing the data on behalf of the user, they are managing it themselves. That is inherently compliant.