Beyond the private key: building a Blockstack hardware identity keychain

Ryder prototype
Blockstack authentication diagram
  • Be portable. The current authentication model is rather finicky when it comes to bringing your identity with you. The master private key is stored in the Blockstack Browser and using your identities on different devices is not straightforward. Granted, you could bring your seed phrase with you, but that is rather dangerous. What if the computer you are entering your seed phrase into has a key logger installed, for example?
  • Be easy to use. Hardware devices add a layer of complexity to an already complicated system. Signing in should be as straightforward as possible for non tech-savvy users. It should be as easy as plugging in the device, unlocking it, and approving the sign in.
  • Be secure. No private key should ever leave the device. The user can then sign in on any machine without having to worry about identities being stolen.
  • Type 1: optionally requires bridge software and exports the app private key to the application to support the current Blockstack JS model. The app private key and optionally the owner private key leaves the hardware keychain.
  • Type 2: requires bridge software, but the bridge receives the app private key and performs crypto operations on behalf of the application after approval has been given by the user. The app private key leaves the hardware keychain.
  • Type 3: the app interfaces with the hardware directly. No bridge software is required and all crypto operations are performed by the hardware. No private keys ever leave the hardware keychain. (A barrier could be crypto performance when streaming large files to it.)

Moving forward

--

--

Marvin works at the Stacks Foundation to bring about the user-owned internet and is a co-founder of Ryder, the first identity hardware wallet of its kind.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Marvin Janssen

Marvin Janssen

Marvin works at the Stacks Foundation to bring about the user-owned internet and is a co-founder of Ryder, the first identity hardware wallet of its kind.