Out of Gas: We’re Shutting Down UniLogin

Alex Van de Sande
Sep 18, 2020 · 6 min read

UniLogin is out of gas.

Not necessarily out of money, but the current Ethereum gas market, the rise of DeFi, and new browser standards have changed the game significantly enough that we don’t see a way forward with the project.

UniLogin started two years ago with a vision for a Universal Login standard for Ethereum, a way to onboard new users to Ethereum directly from the browser, using smart accounts and abstracting away all the gas. While the idea was very well received by the community (we packed the second largest stage at Devcon 2018), we made some bets on a few assumptions that turned out to be untrue.

Incorrect Assumption #1: Browsers could be counted to store low value secrets

We knew localstorage had a lot of issues: a malicious browser extension can access all your browser info, a DNS attack could be used to phish users, etc. Our strategy for that was to push users towards multisigs: every time you logged in from a different browser or device we would add another key, meaning that if one of them was stolen, the others could be used to prevent or limit any harm. We could even add further security by making stronger requirements for larger amounts (e.g., to move anything over $20 you need to install a phone based app).

But we didn’t expect to be caught in a fight between Internet giants. Localstorage, cookies, and any sort of client side memory is widely used and abused by marketers to track users across the web. Some browser vendors (most prominently Apple) are fighting back by being more aggressive on their memory wiping policy, including erasing all memory if the user doesn’t visit a site in 7 days. As a result we (and ironically, a lot of privacy preserving “burner wallet” websites) simply can’t rely on that method anymore.

As a result, we had to change our roadmap to include signing in via email. We thought it would be the least invasive of the authentication methods (e.g., compared to social media sign in) but it did mean that now we would be hosting (client-side encrypted!) our users wallets. It also significantly altered our flow, since we wanted the only identifying information for the user to provide to be an ENS name.

Incorrect Assumption #2: Scalability wouldn’t be a problem

This turned out a deadly assumption: as soon as we had our email sign-in solution ready, gas fees on Ethereum made the whole process unworkable.

Step 2 of onboarding flow: send $133 to the miner

UniLogin is particularly sensitive to gas prices because before onboarding any users we were deploying on their behalf a new multisig wallet, registering an ENS name, and sometimes using our relayer to add a Dai transaction. After that, every new sign-in on a different device required a new on-chain transaction (to add a new key) and every transaction would be a bit more expensive due to the relayer. Some days the whole process of onboarding a new user was costing over $130! Meaning you could buy a hardware wallet for the price of signing up on our app.

We don’t consider this to be a temporary problem. Even if the gas situation improves and makes the cost of user onboarding 10x or even 100x better that would still be a deal breaker for many mainstream applications with millions of users.

Incorrect Assumption #3: Ethereum is meant for everybody

The result is that it’s quite hard for someone to build a system right now as the One Universal Account. For the foreseeable future (which is very short in crypto!) I expect that a lot of interesting use cases will migrate to xDAI, and that some stark/rollup solution will be the basis of a trading-specific chain.


One more direction we considered would be to do a full pivot into a L2 defi focused wallet or a sign-in solution only for a smaller set of products in xDAI. However, this would be almost a restart of the project and so we decided simply to return the remaining cash to investors and then go on the next opportunity.

The wallet market was very hot two years ago, and now that yield farming is the new hot thing, wallets are going through a natural consolidation. Portis is now ShapeShift. Fortmatic is now Magic and is focused on passwordless signups. Argent (which I consider to be the closest implementation of the original vision I had for Universal Logins) announced their login SDK at EDCON 2020, but haven’t deployed it yet. Also a shoutout to our friends at Authereum which are still working hard on figuring this gas thing out!

Because we always used the open philosophy of putting users in charge, we can’t actually shut off access to user wallets, because they are actually just a standard gnosis safe. We will continue running relayers at least until the end of the year to facilitate users migrating their interfaces and funds elsewhere. If after that you still need some help feel free to contact marek@ethworks.io and we will help you figure out what you need.

Whats next?

For me personally it was quite an adventure. I travelled to many places, met a lot of great, lovely, beautiful, intelligent, inspiring people, stepped out of my comfort zone, had great conversations with VCs, founders, and builders of all walks of life and did things I had never done before. I’m thankful of everyone who I met in this road and hope to see you soon on whatever my next step is.

So long and thanks for all the fish.

Our team, from left to right: Natalia, Alex (behind), Albert, Marek, Jarek, and Justyna. Not pictured: Brantly, who greatly helped communications.


The best user onboarding solution for Ethereum dapps.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store