Let’s Stop Kidding Ourselves — Little Old Lady in Peoria Is Never KNOWINGLY Going To Use a 64 character Hexadecimal Key
A bitcoin private key is 64 hexadecimal characters. It looks like this (SAMPLE DO NOT USE): E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262
The corresponding public key is (SAMPLE DO NOT USE):
An XRP private signing key looks like this (SAMPLE DO NOT USE):
The corresponding public XRP key is (SAMPLE DO NOT USE): 0351BDFB30E7924993C625687AE6127034C4A5EBA78A01E9C58B0C46E04E3A4948
An Ethereum private key looks like……one gets the point. By definition, ALL crypto assets require both a public key and private key in order to store, spend, and receive them. And of course, it is the very nature of the one-way transformation from private to public key that is a foundational technology for any crypto ecosystem. Finally, use of private and public keys offer relatively strong security for end users — no one can possibly access one’s account WITHOUT one’s private key.
If the private key is stored in cold storage (i.e., offline), then it is not “hackable” by anyone on the internet. No one can get at one’s private key unless they physically get access to it. And unlike fiat, even with this deeply secure ownership, anyone can SEND crypto assets via the recipient’s public key. In order to SPEND the crypto assets however, one must have their private key available, almost always done via a digital wallet — either a hardware or software application on PC or phone.
And of course, it is much more complicated than that — typically a user opens an account using a set of seed words that can “represent” the private key that then must be stored. A user has to choose and configure a wallet in order to spend the crypto assets. And /or a user has to scan a QR code with his or her phone to spend it (after printing it out for safekeeping); or to send the address to someone else.
This is incredibly cumbersome. It is made even more so by the accompanying stress (“if I lose this key, I lose my asset!”). And what drives this stress is unlike every other service consumers are currently trained to use — email, banking, shopping, there are no recovery options. No number to call, no ability to reset password, no ability to show up in person with identification. Once the private key is gone, it is gone. That is not an situation mainstream consumers are trained to handle.
As a an example, there is no doubt that one of the key factors driving Coinbase’s incredible success has been their ease of use — sign up, go through KYC, simply buy and sell crypto using name, password and MFA such as Google Authenticator. And yes, there IS a password reset and recovery option. Even while using Coinbase, however, in order to transact outside of the cryptocurrencies they support one is copying and pasting public keys and probably using digital wallets.
So compare this to buying on any site online —one simply puts in name, address, phone, credit card information — and boom — one has completed a transaction. At many sites, after an account has been created, all other information is stored and it is literally one-click to get a transaction done — as highlighted at the gold standard of ecommerce, Amazon.
For cryptoassets to go mainstream — to be used widely by consumers in transactions — using them will need to be as simple as buying something on Amazon or sending cash via PayPal or Zeille. For cryptoassets to go mainstream, public and private key management and manipulation must be completely invisible to the end user.
All the ICO white papers and concepts out there that talk about consumers receiving, buying, spending cryptocurrencies require a new set of technologies and thinking in order to make these key management issues invisible. This is completely analogous, for example, to https:// — the mainstream consumer may see the “lock” icon on their address field of their browser (if they are smart they look for it) — but has no idea what https is, how it works, and how it protects them. That is where the industry needs to take private and public key usage.
How to do it? There are several potential approaches. One method would be a combination of smartphone app and QR codes; require scanning of these codes either online or in-person with every transaction; the smartphone app would include wallet technology to handle private key signatures. To make keys truly invisible however, the formation of accounts and issuance of keys would have to be completed as part of the app download and sign-in process. The required scanning of QR codes at every transaction is cumbersome and doesn’t compare well to current flows for consumers. On the other hand, as multi-factor authentication continues to gain traction, these flows are not so different. Today, however, this clearly would be worse than any current ecommerce site from a customer perspective.
Another approach would be a new type of hardware wallet — a smart device a consumer would keep on their person, similar to their house keys, that includes the ability to store and use private keys. If coupled with other technology on a PC, phone, or in a store similar to NFC and Apple Pay, this could theoretically be used seamlessly by consumers to execute transactions. This would require development and roll out and adoption of a new set of standard technologies to interact with these digital wallets. Insurance products would likely emerge to provide instant backups to digital wallets in case one was lost or stolen. This scenario does not exist today.
A third approach would work, today, but would be antithetical to many of the clarion calls of crypto: “decentralized!” “no central authority!” The reason is the only way to make private and public key usage completely invisible, today, is to centralize storage of the keys in a secure environment that a consumer can access in the exact same way they currently access Amazon or Zeille; ie a username and password, ideally coupled with multi-factor authentication. This approach has historically been fraught with risks — the Mt. Gox theft was enabled by a centralized unsecure set of keys that were hacked and subsequently stolen.
Fortunately, technology has evolved to the point where such an approach is feasible. Using multi-factor authentication for consumers (here is write up done by my co-founder on this topic) in conjunction with current technologies such as Vault by Hashicorp, FIPS 140–2 hardware security modules , AWS CloudHSM, Key Management Services offered by major public cloud providers, and best practices on security management (rolling keys, etc.), it is possible to create a secure cloud based environment to completely enable a crypto project for consumers where the technology is invisible.
In summary, to drive mainstream adoption and use of crypto technologies, they must be made invisible to the end user. Today, the only option to make that happen is to use a centralized environment using best practices to store and manage private keys.