Web 3 accounts: Just use the ETH address

This is the pure decentralized approach. There is no user record anywhere, and no private data.

How it works

The user has a web3 plugin, or is using a web3 browser. This plugin/browser has a ETH wallet built it. This wallet is storing the user’s private key locally.

When the user visits a ETH dApp, they can choose to unlock the wallet so that the application can see that the user is using a particular ETH address.

The dApp can now show the user all the public data for that address, and helps trigger any smart contract function calls.

There is no security or privacy layers since all the information shown is publicly visible to anyone looking at Etherscan.

Example: Augur

Example: WeTrust Staking Hub

In both examples above, the user is being asked to “connect” their MetaMask to the dApp. By agreeing, the user allows the application to look at the current active address in their MetaMask wallet, and update the interface to reflect what it sees. At this point very little security has happened. One can easily fool the dApp with any web3 address without having its private keys, and that’s ok, since again, the only thing the UI is showing is publicly available data.

When it’s time to interact with a smart contract, the dApp will trigger the function call with your current active ETH address, and only then will the user need to have access to the private key.

But there are some tradeoffs.

This is elegant and decentralized, but as product designers, this pattern lacks many tools we’ve depended on for user engagement.

Some examples:

We are limited in how and what we can store for the user before they commit to the blockchain (limited mostly to cookies and local storage, which is not completely reliable).

There is no obvious way for the dApp to communicate to the user

So if an Augur market you created is now in resolution mode, you need to remember to come back, or it may not get resolved. Or if there is a lot of activity that lowers the position of a cause you are staking on SPRING, WeTrust has no way to let you know to come back and consider staking more.

The lack of ability to communicate transactional data to the user made me realize just how much email has worked itself into the fabric of how I design user lifecycles for the products I work on.

Open question: If truly decentralized apps are to become mainstream, how will this be resolved? Will users naturally start hacking together their own reminder systems? Or will we come up with some localized reminder system? Perhaps web3 wallets can start having watchers for smart contracts it has interacted with before?