Why Graphite Added SimpleID for Authentication

Full disclaimer: I am one of the co-founders of SimpleID, a project that started based on a need to solve the problem outlined in this article.

From the beginning, Graphite has been a Blockstack app, and it will continue being a Blockstack app. But there needed to be some changes to improve the user experience. The idea of users controlling their data was the thing that attracted me to Blockstack in the first place. But over time, the ability to attract users who weren’t deep in the Web 3.0 space already became increasingly difficult. One specific anecdote turned the tide and made me realize I had no choice but to find a different solution.

As I tried to build an enterprise SaaS business on top of Graphite’s base free plan, I spoke with numerous organizations. NGOs, law firms, health care businesses, and more. There was a clear need for data under the complete control of the user of the organization. There was a clear need for encryption in which the user or organization owned the encryption keys. What was not clear was that people and organizations were willing to shoulder any extra burden to get these benefits. One such burden is inherent in the decentralized web — key management. This burden, and the difficulty in understanding how to manage it, became obvious as I was onboarding an NGO with the goal of walking their organization through some of Graphite’s enterprise features. Instead, I spent 45 minutes walking one person in the organization through the process of creating a user account, writing down their 12-word seed phrase, saving it somewhere safe, and then explaining what that seed phrase was and what it enabled.

That was for one user. Imagine training a team of 15 or a team of 100. The organization stopped using Graphite shortly after that.

That experience solidified the need for a simple solution that gave people and organizations all the benefits they wanted with none of the extra burden. Decentralization enables the features in question, but we in the Web 3.0 space tend to look at the concept of decentralization as black and white. It’s either decentralized or it’s not. But the rest of the world doesn’t think that way.

Pieces of some process can be decentralized. Convenience can be centralized as long as there is a way to ensure continued access to identities, data, encryption keys, etc if that convenience layer goes away. This revelation led to the creation of SimpleID.

SimpleID is a custodial solution built on top of Web 3.0 protocols. In practice, what this means is that someone can create a decentralized identity (and in turn derive multiple identities across protocols) without having to manage complex seed phrases. It means that all the benefits Graphite has always offered are now possible with a simple username/password authentication system (and eventually the password portion of that equation will go away).

Here’s a comparison video showing signing up for an account at Graphite with the traditional Blockstack authentication vs. using SimpleID:

This experience, had it existed when I was trying to sell Graphite’s enterprise solution, may have helped me win business. Maybe it’s too little, too late for Graphite’s enterprise business, but it’s never too late to create a better experience for the people using the products you build.

For Graphite, this means asking users to remember (or save via password managers) a password instead of a seed phrase. This means creating a pathway toward account recovery (not yet available via SimpleID, but will be soon) where one didn’t previously exist. This means exposing the benefits of Graphite without asking people to step into a world they aren’t used to.

It’s time for us in the Web 3.0 space to meet users where they are. We need to stop asking them to come to us AND abandoned the software they currently use. SimpleID helps Graphite do that, and Graphite’s never going back.