Idea for new payment protocol PKI

Summary:

The email exchange between Wendell and Mike Hearn discusses the potential of using a blockchain-based single sign-on (SSO) system. Wendell mentions exploring esoteric blockchain+signature-based SSO implementations as discussed by John Light and others. He has been using SSO for years using an X.509 private key in his browser with his public key referenced in his homepage. However, X.509 tends to use RSA, and bitcoin tends to use ECC for space reasons. Since bitcoin is a distributed ledger of public key / balance values, every key pair could become a wallet with millions of users. Mike Hearn notes that Mozilla Persona, an infrastructure for web-based SSO, works by having email providers sign temporary certificates for their users, whose browsers then sign server-provided challenges to prove their email address. However, Persona uses a custom thing based on JSON, not X.509, which uses a different type of encryption than bitcoin. Despite this, an implementation is likely to be quite easy. From the user's perspective, their wallet app would embed a browser and drive it as if it were signing into a website, but stop after the user is signed into Persona and a user cert has been provisioned. It can then sign payment requests automatically. For many users, it would only require one click, making it a more convenient option than obtaining a certificate for an email address from a certificate authority (CA). Hearn notes that while an SSO system is a classic chicken-and-egg setup, Persona runs various fallback services that allow anyone with an email address to take part. They also integrate with Google/Yahoo SSO systems. The intention is to do this until Persona becomes big enough to matter, at which point centralised struts can be removed, and the system becomes transparently decentralised. Overall, Hearn believes leveraging Persona would offer convenience for users, and the user experience is smart and professional.

Updated on: 2023-06-07T15:32:55.275394+00:00