UniPass Brings Internet Cryptography Infrastructures to the Blockchain
UniPass brings the cryptographic infrastructures of the Internet into the blockchain world, making an easy-to-use and secure crypto account for users new to crypto.
UniPass public beta test has been successfully completed, thank you for your support and participation.
During the beta test, we received many questions from users: “Why do I need to forward email to register for UniPass?” “Is it safe to use UniPass on a webpage?” … In this post we will explain what makes UniPass low barrier and high security from the cryptography scheme used by UniPass.
Internet Cryptographic Infrastructures Used in UniPass
There are several internet cryptographic infrastructures used in UniPass: SubtleCrypto, WebAuthn, and DKIM of email:
SubtleCrypto
SubtleCrypto is the original Web Crypto API, a relatively mature and long-standing infrastructure that is a W3C standard.
It has the advantage of being secure enough that it can only be invoked under HTTPS. At the same time, it can generate private keys that cannot be exported, it is used as an object in indexedDB, it can be used but cannot export the private key, thus ensuring that the private key will not be lost. Most importantly, it is very compatible with Modern Browsers (WebKit / V8), WeChat Browser, miniApps (except IE).
WebAuthn
WebAuthn is Web Authentication API, a relatively young protocol, which was born in 2019.
It has the advantage of being more secure, and most of its security is provided by the operating system or the underlying hardware. It supports Face-ID, Touch-ID for IOS, Touch-ID for Mac, fingerprint for Android, Windows Hello for Windows, including fingerprint, face swipe function, etc., and FIDO U2F authenticator.
UniPass combines SubtleCrypto and WebAuthn, two cryptographic infrastructures that work together and complement each other.
DKIM of email
The full name of DKIM is DomainKeys Identified Mail, which as the name implies is an email authenticated by domain name and key. Mail is actually a protocol, and the mail services we all use now are built according to the email protocol.
By putting a public key of RSA in the domain name of the mail service provider, and at the same time the service provider will attach a signature field to the mail when it is sent out, and then verify whether the signature is sent by the recipient. In this process, the sender is verified and the content of the email is tamper-proof.
UniPass operates, manages, and restores UniPass crypto accounts via email by verifying the DKIM signature of emails on blockchain.
What UniPass Brings to End-users
Fundamental security
At this stage, users who want to have their own crypto account have to download an APP or install a plug-in in their browser, and there are questions about the security of the APP and plug-in, but these questions do not exist in UniPass.
UniPass uses SubtleCrypto infrastructure, so users can get native level security directly on the website, at least the security guaranteed by the underlying browser. With the WebAuthn infrastructure Users can also get hardware level security.
At the same time, users do not need to download APP or install plug-ins, just use the web page, that is, users can achieve web page smooth access to any blockchain applications through UniPass.
User-friendly experience
Managing seed words has always brought extra-work for users. Although many wallets can do “account + password” quick recovery, users still think this process is hosting their crypto accounts on a wallet and they need to make sure of the security of the wallet.
In UniPass, Users use emails to register crypto accounts, of which they can fully control and manage, no public and private key pairs are required.
UniPass uses the cryptography of emails, and the correctness and authenticity of emails can be verified in the smart contract, not a third-party forged email, which can be understood as a secondary verification capability at the smart contract level, and the secondary verification capability through emails, coupled with the ability of account abstraction, to achieve some crypto accounts that are more in line with common user habits and more secure accounts.
UniPass has developed an crypto account scheme through email cryptography —— Social Recovery, which is considered to be the best crypto account scheme for ordinary users.
The process of creating an crypto account is not much different from registering for a forum, and there is no password to remember. Creating via email also allows users to reduce the risk of losing their accounts, since the seed and private key do not exist and cannot be lost. The user uses a device where the private key is not derivable, the security is very high, and once the device is gone and wants to add a new device or remove an old one, the user only needs to do it through email.
Human-recognizable account name
Using an account abstraction scheme keeps public and private key pairs separate from usernames and addresses, a recognizable account name that lays a foundation for crypto identities. Eliminates the need for users to save or remember a hexadecimal address.
Easy to manage
UniPass can do ACL support internally. ACL, also known as Access Control List, can assign different permissions to different key environments. It can also be more adaptable to complex and diverse usage environments. We can support various devices, cell phones, U2F of FIDO, and we can also support Ledger, a hard wallet commonly used in blockchain.
The advent of blockchain has brought a new way of life. Everyone uses cryptographic identity to socialize and even build meta-universes out of it. What UniPass has been doing is to make it faster, safer and easier for users to go to the metaverse.
About UniPass
UniPass is multi-chain unified crypto identity, the carrier for the concept of ‘a person’ in Metaverse. With UniPass’s unique Non-custodial Email-based Social Recovery solution, you can take full control of your crypto identity with a keyless experience. You can also authenticate multi-chain addresses and even social accounts cryptographically, making your identity verifiable and more valuable.
🔶 Come here for a pleasant exchange👇
🔶 To learn more, please visit the links below👇
