We wrote in a blog post in July that Nervos CKB is unique among public blockchains because of its support for Apple’s passkey feature. Passkeys are a replacement for passwords. They are designed to provide websites and apps a passwordless sign-in experience that is both more convenient and more secure. Passkeys are built on the WebAuthn standard, which uses public key cryptography and can also be called “synchronized WebAuthn credentials” for ease of understanding.
In the last part of that blog post, we mentioned what passkeys will bring to Nervos. We offered an example of a crypto wallet, saying that users might be able to create a Nervos CKB wallet using Touch ID or Face ID after installing the wallet app, and they only need to authorize with biometrics when creating transactions or interacting with smart contracts, which is highly convenient and safe.
Today, we are excited to introduce JoyID, a passwordless Web3 wallet initiated by Nervina Labs that will accelerate mass adoption of Nervos Network.
JoyID: A Passwordless Wallet For Everyone
Web3 is a hot topic these days. We see it discussed everywhere from the Ethereum community’s recent Devcon conference and other crypto conferences around the world to Twitter Spaces, Tiktok and every other social media platform. The future of Web3 is promising, but onboarding billions of people to Web3 is a tough task.
The current crypto infrastructure is not designed for mass adoption. We can use a crypto wallet as an example. Most crypto wallets are mnemonic phrase based, thus it is quite troublesome and even frustrating for a new Web2 user to securely store a 12-word or 24-word mnemonic on his/her own and he/she cannot capture screenshots or copy the mnemonics and store them online.
The crypto wallet is the gateway to the Web3 world. Thus, JoyID is designed to lower the threshold for mass adoption, making it a truly easy-to-use wallet for non-crypto users. Based on the FIDO WebAuthn protocol and built on Nervos CKB, JoyID is also a cross-platform, cross-terminal, password-free and mnemonic-free wallet. In other words, users do not need to create, use, or restore passwords or mnemonic phrases.
JoyID provides the following features:
✅ No password, no mnemonic, no email, no phone number
✅ Non-custodial, private keys never leave user’s devices
✅ Authentication with biometric sensor
✅ Arbitrary number of devices (private keys) for one account
✅ Social recovery
✅ Web page based, no installation required
✅ On-chain name, avatar, profile
✅ Does not rely on any centralized party
JoyID also supports the management of Nervos L1 assets (e.g. CKB, sUDT), CoTA rollup NFTs and other fungible tokens.
If everything goes smoothly, JoyID will launch on testnet in December and go live on mainnet in Q1 2023.
Technical Principles Behind JoyID
JoyID makes full use of the technology of WebAuthn, which has been fully supported by mainstream operating systems, including MacOS, Windows, Linux, ChromeOS, iOS, and Android. Webauthn allows a website to create a public-private key pair in the Trusted Execution Environment (TEE) on the user’s device, and uses the private key to sign transactions, with the guarantee that the private key cannot ever be leaked. During the signature authorization process, local authentication is performed through biometric identification or PIN code verification.
JoyID supports WebAuthn’s widely used signature algorithm — secp256r1 (P256), for signature verification. JoyID uses the CoTA extension on the Nervos CKB blockchain to register the public keys created by user’s multiple devices, which point to the same CoTA Cell ID, thus completing the task of the abstraction of a user’s addresses.
JoyID supports the display of a user’s profile, including the user’s name, avatar, personal description, etc. The profile data is stored on-chain in the format of CTmeta.
Nervos Network is a multi-layered blockchain platform powered by an incredibly secure layer 1 and an EVM compatible layer 2, a combination that provides a framework which enables developers to do what they do best, and remain focused on building.
On Nervos layer 1, there are no hard-coded cryptographic primitives at the consensus layer, only transaction sequencing. This provides flexibility for the Nervos CKB blockchain, as Web3 builders can use other advanced cryptographic primitives and even self-defined algorithms. In the example of JoyID, CKB allows dApps to support WebAuthn’s algorithms and realize a passwordless user experience.
There are no shortcuts to success for a public blockchain in such a changing environment. We may walk slowly, but we are on the right path. Time will tell that Nervos is a promising platform Web3 builders can rely on, and a place where their ideas can be transformed from fantasy into reality.
To stay updated on all things Nervos: