As part of Dr. Karl Kreder’s lecture at the Ethereal Summit on “Killing the seed phrase: Crypto’s biggest UX challenge”, the previous speaker made the point.
For years, people have been told not to write their passwords for security reasons, Itamar Lesuisse, CEO of the Ethereum portfolio Silver, highlighted. Now, many crypto companies are asking people to write their start sentences, a combination of random words that can be used to recover access to funds.
It’s kind of a bonker, agreed Kreder, co-founder and vice president of hardware engineering at GridPlus, a hardware and software company that creates portfolios and other products to store digital assets.
GridPlus got its start as a blockchain-based electricity utility with the goal of reducing costs for its customers by cutting out middlemen. (He currently has about 3,000 customers in Texas, said Kreder.) Because they deal with average customers, they needed an easy way to integrate them into a system that bypasses the bank.
The opening sentences weren’t going to cut it. According to Kreder, “It is very difficult for me to explain a starting sentence to my parents: how it is used, why it is used and how to cope with it.”
Cards, however, are already regularly used in digital commerce and most people are familiar with them – there are credit cards, debit cards and gift cards. Why not use one in an original way?
“A starting sentence is subject to what I like to call a” sock drawer attack, “” said Kreder, echoing Lesuisse’s statement. Users can benefit from the best hardware security in the world, but at the end of the day, hackers can enter if they find the starting phrase in their sock drawer or, more likely, on their desk.
A SafeCard, however, is like a debit card that can sign blockchain transactions. This allows for two layers of security. First of all, there is a PIN code, which, again, is a familiar item that people can remember without writing. Second, GridPlus has added additional security to the card called PUF, a function physically impossible to clone. Kreder described it as an “electronic snowflake” unique to each card.
The downside, of course, is that such a card – at this point – has to be used with the GridPlus hardware network which is paired with both a smartphone and a GridPlus server. This will not cut it on the mobile wallets that Argent builds, although Lesuisse et al have their own workarounds.
But small advances count. “The objective of the ecosystem should be to expand the user base with minimal centralization, thereby increasing the utility and therefore the value of the token,” said Kreder.
Now, if Ethereum can just fix the scalability, we’ll all be ready to integrate all of these new Texas users.