UPDATE: After user feedback we have made changes to the mockups and screenshots. These are outlined in italics in the main text.
Onboarding users to the IOTA platform…
Well we have to put our hands up here. The experience has been slightly lacking.
The underlying technology of IOTA is significantly different to other cryptocurrencies, which has resulted in some user confusion. IOTA has also attracted many users who are new to cryptocurrencies, who may not be fully aware of the different paradigm in cryptocurrency (vs fiat currency).
We aim to improve the experience with this UI refresh, and would like the onboarding process to set the correct tone. Our main focus is to educate users about the technology, and to ensure that the wallet is set up in the most secure (but still usable) way possible.
To achieve this aim, we will take a slightly paternalistic default approach to wallet setup. Although paternalism is not the usual approach in crypto, we feel that this will improve understanding and security in the medium to long term.
These are our initial thoughts and mockups for the onboarding process. This is a flow which we think may work well, but feedback would be gratefully received.
1. The initial welcome page
Yes, there is a wall of text, but we feel it is necessary to prepare users for the next few steps.
2. The beginning of the setup wizard
You can skip a few steps by choosing to enter a seed you have already created and stored. However many users will need to create a new seed. Users have typically had a poor experience of secure seed creation.
UPDATE: The information box has been updated following feedback.
3. Generating a novel seed
This screen initially displays only the GENERATE NEW SEED button. On clicking / tapping this, the 9 x 9 matrix of seed characters is generated and the instructions below it appear.
The user may then click on any character to further randomise it individually, or click on the GENERATE NEW SEED button to re-randomise the whole seed.
4. Saving the seed — Manual Copy
A significant number of users have a suboptimal strategy for storing their seeds. It is important to realise that if you lose your seed, you lose all your tokens! And that if you show your seed to anyone else, they can then use that seed to take all your tokens. Seed security is of great importance.
Therefore we offer 3 different ways to store the seed, starting with the most difficult (but arguably the most secure). We begin by encouraging users to manually write down the seed for maximal security. The seed is split into small manageable chunks to reduce transcription error.
UPDATE: We have added the checksum to this screen (though please note the checksum may change with any future change in hashing algorithm)
UPDATE 2: Arrow added and text altered to make it clear that the seed is read across the whole row (rather than in columns).
5. Saving the seed — Paper Wallet
In the next step, we allow printing of a paper wallet. In this screenshot above, we use an example (empty) paper wallet from: https://arancauchi.github.io/IOTA-Paper-Wallet/ which also allows for QR code generation.
The final decision regarding the choice / design of paper wallet has not been made.
UPDATE: We have added the checksum to the paper wallet (though please note the checksum may change with any future change in hashing algorithm) in this mockup. We may also consider taking off all mention of IOTA for further security.
UPDATE 2: We have added options to add/remove components (Logo, Receive Address).
6. Saving the seed — Copy To ClipBoard
Finally we allow users to copy the seed to the clipboard to paste into their password manager.
Please note that all password managers are not optimally secure — the most commonly used manager is KeePassX: https://www.keepassx.org/
To increase security, we only keep the seed in the clipboard for 15 seconds (which means you may have to recopy the seed to clipboard, if you take too long).
On clicking NEXT, the seed is also cleared from the clipboard. This stops users from just copying the seed into the next screen (and ensures that you have a copy somewhere).
UPDATE: We have added the checksum to this screen (though please note the checksum may change with any future change in hashing algorithm). Also we have increased the clipboard storage time from 15 seconds to 60 seconds after feedback.
UPDATE 2: The seed appearances have been updated to match the appearance on previous screens.
7. Entering Your Seed
This screen educates the user about the seed, and allows them to enter their seed. It also calculates a checksum from the seed (as seen in the current GUI wallet), and allows scanning of QR codes to input the seed.
At this point, we are nearly done with the setup process. The next steps revolve around local wallet passwords and 2 factor authentication, which will be discussed in another upcoming post.
We would appreciate your feedback on the approach so far. Please leave comments below if possible (as these are visible longer than Slack messages) but also feel free to contact us on Slack.
Navin and Charlie