A Self Custody Solution For Blockchain Domains
The Unstoppable Team
Cryptocurrency has a long way to go before it’s easy for anyone to use. The typical user experience for interacting with blockchain apps involves:
- Using a browser plugin
- Needing to make multiple transactions just to use basic features on the site
- Transaction failures because you didn’t pay a high enough fee
- Constant fear of losing your private keys
We want the user to be able to interact on our site without plugins or uncertainty around transactions, all while maintaining complete control of their keys.
We are implementing a self custody solution that uses smart escrow & optional mobile key backup.
The key features of this system are:
- Unstoppable Domains NEVER has access to your private key that controls your blockchain domains
- Blockchain domains are stored on a smart contract, and controlled by the private key of the owner of the domain
- Unstoppable Domains NEVER has the private keys of any of your linked cryptocurrency addresses. If you add a BTC, ETH, and LTC address to your domain, you only input your PUBLIC keys. Any crypto sent to these addresses is still controlled by the private key associated with those addresses
- Optionally, you can download a mobile app to store a backup of your private key on your phone
How does it all work? We are building on the work of others. Here’s a short list:
Warp Wallet — Easy Brain wallets with key stretching and salting for security
Moonlet — Blockchain agnostic HD wallet
Deco Netowork — Smart escrow
Generating a secure brain wallet key like warp wallet
On our site, the user is asked to create a private key in order to manage their domains. When you enter a password — use a strong password!!! — a private key is generated. We use salting and hashing similar to Warp Wallet. The private key is generated on the client side in the browser, and is never sent out of the browser. Unstoppable Domains can not access it. Once the user session is terminated, the key is wiped from the browser memory. Each time the user logs in and wants to interact with their domains, they are required to enter their password to generate the key. The key does not persist.
Extending this key to work across multiple blockchains
We then extend the warp wallet key generation technique using a similar method that moonlet wallet uses — enabling the single seed key to be used as a source of entropy for the generation of keys on many blockchains. This means that a user only needs to have one key. It also means that it’s super important to back up that key safely. This design makes it easy to manage domains across multiple blockchains. See below diagram from Mastering Bitcoin for an example HD wallet- this can be extended across blockchains as in Moonlet’s post.
Smart Escrow (like Deco Network)
When the private key is derived, it exists only within the user’s browser for the current browsing session. Once the private key is in the browser, the browser interacts with the blockchain powered by user actions. From the user’s point of view, they are just clicking on buttons in an application they’ve signed into. In the background, Unstoppable pays the blockchain fees and ensures all blockchain transactions are processed. Each action performed by the user requires verification of their private key, and gets broadcast to the smart escrow contracts running on the blockchain.
Extending Smart Escrow to Allow for Mobile Backup
Finally, we are building functionality into the smart escrow contracts that allows the user to have a backup key. This works by asking the user to download a backup app to their phone. The phone then generates private key(s) using the HD key generation method discussed above. The private keys are stored on the phone.
On the smart escrow contract, a function is enabled that allows the user — using their own private key — to designate a secondary backup address. The user logs into the phone app and signs a transaction that is then broadcast to the blockchain network. At this point, the private key, locally stored on the phone device, is now the backup key. And in the case where the user forgets their primary key password, they can use this backup key to recover their blockchain domain names.
That’s it! The above components together produce a system where users have control over their domains, but are still able to easily manage them without worrying about browser plugins, transaction fees, or losing their private keys.
The Unstoppable Team