Aptos launches keyless wallets that use ZK-proofs to verify identities

    05 Jul 2024
    59 Views

    According to a July 3 announcement, the Aptos blockchain has launched a web-hosted keyless wallet application that uses ZK-proofs to verify users. Called “Aptos Connect,” the new wallet allows users to connect to decentralized applications using a Google login without needing hardware security modules, passkeys, or a multiparty computation network.

    According to the announcement, Aptos Connect “simplifies Web3 onboarding by allowing users to create and manage Aptos blockchain accounts in one click with their Google login, eliminating the need for private keys and providing a seamless experience within [the developer’s] app.” It does this by using “the OpenID Connect (OIDC) standard and zero-knowledge proofs to link social logins to blockchain accounts.”

    Allowing users to log in with a Google or Apple ID is not a new idea in crypto. Several wallet protocols already do this, including Magic Labs’ “Magic Links,” Web3 Auth, and Coinbase’s Smart Wallet. However, Aptos Connect claims to provide the same convenience without requiring users to click an email link, enter a passkey, or rely on a multi-party computation network.

    Instead, users simply push a “Continue with Google” button and select a Google Account to log into their wallet. Aptos claims that Apple ID integration is “coming soon,” which will provide an alternative for users that do not want to use Google.

    According to developer documents, the new app was made possible by Aptos Improvement Protocol 61 (AIP-61), which allows transactions to be authorized through the JSON Web Tokens (JWTs) used by Google, Facebook, Apple, and other login providers.

    ZK-proofs are used to disguise the identity of the user and login provider. This prevents blockchain data from revealing the Google ID associated with a particular Aptos account.

    In its announcement, Aptos claimed that the new wallet may help to onboard “a new generation” of crypto users:

    “By leveraging familiar web2 login flows, Aptos Connect makes it easier than ever for builders to onboard a new generation of users into the world of blockchain with just one click, no private keys needed.”

    Aptos Connect relies entirely on the security of the user’s Google account to secure funds. For this reason, the documents warn that if a user’s Google account is hacked, they may lose their cryptocurrency: “If the OIDC account (e.g., Google) is compromised, all keyless accounts associated with that user’s OIDC account will be vulnerable.”

    Even so, the documents claim that some users may be comfortable with this risk, as “all the software on the Internet” currently relies on Web2 login providers.

    Over the past year, the Web3 industry has been increasing its focus on developing consumer-friendly wallets. In June, Coinbase rolled out its smart wallet application, which allows users to create a new wallet using a Windows Hello passkey. Eco offered a similar product, called “Beam Wallet,” in July 2023.

    Source: https://cointelegraph.com/news/aptos-keyless-wallets-zk-proofs-verify-identities

    Leave a Reply

    Your email address will not be published. Required fields are marked *