Report: Dapp UX (un)conference

Dietmar Hofer
Aug 20, 2018 · 10 min read

We were invited (thanks for that!) to participate in the “DAPP: UX & Adoption” (un)conference, which took place on June 30th in Prague.
Nejc (our designer) and me participated in the name of lab10.

I took quite a lot of notes which I hereby try to postprocess into a report which — as usual — has the goal of being contextualized documentation, mainly for myself and other lab10 members.
It is incomplete, subjective and also mixes in personal thoughts and opinions.

Parity Signer

Maciej Hirsz presented Parity Signer and how it integrates with MyCrypto.
He claimed that currently crypto wallets are often artificially restricted to specific networks and that “users don’t read warnings”.
Parity Signer allows “upcycling of phones” — it can basically turn old mobile phones into secure hardware wallets / keychains. I like that!
One of the unsolved issues is key recovery.

WalletConnect

Pedro Gomez of WalletConnect explained what problem they were trying to solve and was very open to feedback.
WalletConnect is about connecting Desktop Dapps to mobile wallets. It aims at establishing a common standard for how to do this.
Pedro showed Balance Manager as an example for such an integration.
He mentioned the current dominance of Metamask as a problem, because it’s not very portable and difficult to integrate with.
In general, “cross platform is hard”. Having to copy around seed phrases is a bad solution both usability and security wise.

WalletConnect doesn’t try to replace other wallet solutions, but to define a standard way for how they can interact with Dapps. It proposes a design which adds a bridge server and a push server to facilitate user friendly interaction between Dapp and mobile wallet — described more in-depth in this technical documentation.
Like infura, developers can use existing infrastructure of WalletConnect or choose to operate the server components themselves — everyhing is open source.

From a user perspective, the connection between a Dapp and a mobile wallet is established by scanning a QR code with the mobile device. This creates a session which is valid for 24 hours — which means that during that timeframe signing requests will be delivered to the mobile device via push notifications. Only after such a session has been closed or timed out is a new QR code scanning needed.
They are working on using deep linking in order to also make such integrations work between mobile Dapps and mobile wallets.

I imagine that a user journey like envisioned here could be built using WalletConnect, without close coupling of the Dapp (here: an imaginary Patreon which allows Streem based subscriptions) and a specific wallet.

In the context of WalletConnect, there was also mention of Alex van der Sande’s vision of “Universal Login” — the key observation being that a keypair managed by a mobile App (wallet) is useful not only for managing crypto assets, but also (and probably even more so) for managing digital identities.
My understanding is that the efforts behind DID Auth (so far a kind of brainstorming and information collection process which precedes a possible standardization process) go into that direction.
This developments are crucial for ARTIS and the development of the Minerva application.

We also briefly discussed the issue of recovery, Tenzorum being mentioned as an example for social recovery.
Key recovery/recovation is one of the big challenges of crypto systems. Without central database owning accounts, there’s no “forgot password”.
This is what the crypto paradox is about:

The crypto paradox (by Alex Van de Sande)

Experience Design

Next came Nik Page, a local (Prague) UX professional being dragged into the crypto space by curiosity (my understanding).
For me, this was the key presentation of the day. It felt like an intrusion into a filter bubble, delivered by a guy not only with a professional UX background, but who had personally experienced the rise of the Internet and was thus able to put the whole topic into a much larger context (an aspect which also makes talks of Andreas Antonopoulos so powerful). Besides, Nik delivered his talk in an entertaining and pretty blunt way — I liked it and recommend everybody reading this to spend the ~1 hour for the full version (thanks for publishing!).

Emotion is a crucial aspect of UX according to Nik.
It’s important to understand what the target audience knows, fears, loves.

He tells the story of Internet adoption.
In 1990, the Internet had about 2.7 million users. Back then, SF Net was a big thing. Later came AOL which with the punchline “It’s free and easy” managed to attract a first big wave of technically not so savvy users.
He concluded that mass adoption was mostly driven by entertainment, with the adult segment being a central driver…

… and added that he currently doesn’t see how this could also become a central driving force for Blockchain technology (he either doesn’t know about projects like Spankchain or doesn’t believe them to be viable).

Fast forward to 2018: “what is downloading?” (relating to the fact that nowadays most UIs abstract away even the concept of downloading).

Then starts Nik’s ramble about the state of UX in “crypto” as of 2018.
He begins by emulating the hypothetical user journey of a newbie trying to start using a typical Dapp. It starts with figuring out how to buy some Ether needed to make transactions — which he claims will end up on coinbase.com for most.

This is where googling “buy crypto” will likely lead you

The omnipresent price charts — he argues — will create a perception of Ether being a kind of “investment vehicle”, something like Apple shares.
This however will backfire when an application asks for permission to spend Ether for a transaction. Because, so Nik argues: “I don’t give people access to my Apple shares to register for a conference” (referencing to his user journey for registering to the “Block Party” preceding the event).

In general, Nik complained a lot about how most existing “crypto UIs” shift the burden of understanding and handling key management (and security more in general) to the user. Quote: “Only masochists want responsibilities without incentive.”
As an example he showed this screenshot…

Example for how not to do it according to Nik

… and tried to explain how an average user would react to that:
“SignUp” is a concept Internet citizens are familiar with and have an expected procedure for. This screen departs from it, which is confusing.
“Wallet Password” will likely be the first information a visitor processes. For a user familiar with the concept of “crypto wallet”, this will trigger the association of responsibility, the fear of losing everything when making a mistake, instilled by all the big red warning dialogs of wallet UIs.

This is how MyEtherwallet welcomes you

So, when confronted with that SignUp form asking for a “Wallet Password”, a lot of visitors will just leave according to Nik.

I had the impression that there was quite some disagreement from the audience at this point. In fact somebody complained that asking for the password of an existing wallet was not what this page was about, as is clearly states in the one line of text on that page. But: People don’t read words!
This is something hard to grasp for a lot of developers: you cannot assume that a user/visitor knows something just because it’s textually communicated in that view. You can’t rely on text to get the message across! (I would add that this is true even when you put the text into a popup with a single button labeled “I did read and understand”.)

Related to this, Nik explained the concept of Hygienic UX aka “get rid of crap”:
We (designers/developers) need to worry about the security and design it away. We shouldn’t give users more responsibility than absolutely necessary, especially when we can not expect them to have a good understanding about all the implications of their choices. If we force that responsibility onto them (e.g. with UIs insisting to do things like memorizing seed phrases), many users will just go away and pick an alternative being less demanding if they can find any. Nik claims that “people don’t care about security”.

Here I would add that it’s not black and white. But some more pragmatism is indeed needed. Nik made a good example of not needing the security of a Swiss bank account for a crypto wallet holding just a few assets for everyday use. The risk of having to write off those assets in case of loss or theft would be an acceptable price for the convenience of not having any extra effort when doing frequent, small payments. Of course this should not happen without the user being aware of that risk in the first place.

I believe that user facing software should be as smart as possible and come with sensible defaults.
My ideal wallet for example should have a concept of different security levels which translate to different requirements and related inconveniences. It should bother me as little as possible (e.g. not ask for a password just to get started), but at the same time help me to not make stupid mistakes without noticing. E.g. if the security level increases due to added funds, and requirements for that level are not met (e.g. missing account recovery in place), the software should make sure I’m aware of that, e.g. by having a warning sign well visible in a related view and/or triggering a push notification telling me about the changed situation (this is to make sure I get noticed even if I never actively use the application).
But even then it should not force me to act. If I’m ok with a risk after having been warned adequately, that’s a choice I want to be able to make.
After all, it’s my choice how I set the trade-off between spending my time / cognitive capacity vs. minimizing the risk of losing some virtual assets.

Now, that all may sound like the desire to dumb down UIs instead of trying to educate users about new concepts. That’s not my intention and I think it’s also not what Nik advocates. In fact, at some point he also explained the concept of “unpackable levels of detail”. That is, UIs requiring only minimal knowledge, but allowing users to learn more and to make more choices whenever they feel like.

On one of the slides, Nik asks:
“Since we’re designing new things, what can we do better?”
My answer: get rid of passwords! Passwords are a constant source of bad usability. We should use the opportunity of having cryptographic keys for getting rid of them wherever feasible.

Nik also showed an example of a project doing an ICO having a hard time to communicate a consistent message, because doing an ICO often means selling an additional product to a different target audience. This reminds me a lot of what we experienced with ARTIS (which at the time of writing has canceled its planned ITO).

Ethfinex

Will Harborne presented Ethfinex, which according to him bridges centralized and decentralized exchange.
He reported that technical details like capitalization of Ethereum addresses (related to EIP-55) confuse people, often scaring them away to centralized services which hide such details.
Ethfinex is dev driven and open source. It has the goal of stakeholders (trading) taking over governance (which assets to list, fee structure, …).
Revenues are split 50/50 between the company and token holders, with the goal of making the company superfluous.

Ethereum adoption from the community’s perspective

Jerome de Tychy of Asseth communicated some interesting numbers:
Ethereum accounts for about 75% of all transactions of all blockchains. It has about 1 million active addresses. There’s about 16000 nodes and the community is looking for ways to incentivize running a node (EIP-908).
There’s a lot of Dapps, but on average just ~12 users per Dapp. Lists can be found on stateofthedapps.com and dappradar.com.
Jerome suspects that adoption is low because Dapps are too hard to use and proposed to introduce a kind of label for applications which are privacy respecting and which truly let users own what they bought.

My thought: Dapps have low adoption because most potential users don’t have the crypto assets needed to use them.

ENS is everywhere

Makoto Inoue talked about ENS.
He conjectured that most people would get ENS identities not by acquiring a root domain, but by getting subdomains which are free and easy to get. He mentioned Aragon and gitcoin as examples for such offers which he compared to services like Hotmail (free mailbox).
now.ens.domains is a service listing domains for which one can get subdomains registered.

He went on with some stats and mentioned ongoing efforts to integrate ENS and DNS by using DNSSEC (probably this). Tool for DNS(SEC) queries: dnsviz.net

Giveth and scaling challenges

Vojtech Simetka presented Giveth, a platform which connects givers and takers, enabling a Decentralized Altruistic Community (DAC) :-)
He also used the term liquid pledging, referring to the governance process inspired by liquid democracy.

Giveth struggles with the high transaction costs on the Ethereum mainnet and ended up deploying the contracts to a self-operated sidechain which is bridged to the mainnet by GivethBridge. App users get automatically funded with some sidechain ETH for transaction costs. Vojtech mentioned that swarm.city — having similar issues — is looking into using a similar solution.

My comment: this is exactly the kind of issues we want to help solve with ARTIS.

Raw Decentralized Data for Vegetarians

(I don’t know/remember why that title, it’s probably some kind of joke)

Vincent Choi presented reebo.io, a smart contract monitoring service.
He listed tools used in the background: Embark (contract development/deployment framework), Neufund (contract monitoring), Vulcanize DB (tool for building indexes and caches for Dapps, based on Postres) , Presto Ethereum Connector (SQL on Ethereum), Kundera (JPA compliant obect mapper), Rufflet (contract analytics: pull info from full node, write it to MongoDB, send graph to frontend for visualization).

Comparable/related services: amberdata, aleth.io, superblocks, chainalysis.

Finally, Vincent showed how to easily start tracking a contract on log.reebo.io (only on supported networks).

Misc

Additional collected links: