What Web3 Identity Does Not Need


TL;DR – To create an open financial system around the globe, web3 must be accessible by all. This requires us to create an identity experience that is intuitive, forgiving, trustworthy, and combines the best of both web2 and Web3. The first step is to make it simple for anyone to claim an ENS username web3 for free. But there's still more to do.


By Alex Reeve, Group Product Manager, Identity

If you've used crypto, you've probably experienced the anxiety that comes from sending tokens or NFTs to intimidating 42-character addresses like 0x2133a64a3bE8B64827B26B08e166d0b478bd09D3. We partnered with Ethereum Name Service (ENS), to make it easier for users to claim usernames at "name.cb.id". This extension can be used by Coinbase Wallet.

We need to make sure that everyone can use the web3 in order to create an open global financial system. Web3 must be accessible to everyone by encouraging the adoption of a human-readable username standard. Anyone can now claim a "name.cb.id", a web3 username that anyone can use to send and receive crypto (instead 42-character addresses), to engage with others and as the basis of their web3 identity.

This milestone is important, but your username is only one part of your online identity. Before web3 can be used by billions of people, there are many other identity gaps. Web3 is promising at first, but it is not intuitive and lacks viable methods of assessing legitimacy and trust. These gaps can be filled by combining the convenience and security of web2 with web3's privacy, security, control, and control.

What is identity? What is identity? Why is it important?

Signing in to an account or creating an account for a product is using your identity to gain access. Identity is the way products and platforms represent people and manage access and authorization. It also helps to assess trust. Three core components of identity are:

1. Representation: How you are represented as a user (e.g. Your username and profile

2. Access: You must prove that you are the owner of this identity (e.g. Sign in to gain access to the product

3. Authorization: Based on your identity, determining which resources you have access to.

Today, web3 is by a wallet address or username such as nick.eth. You can access Web3 by using your seed phrase in order to set up your wallet or to recover your wallet access. You can access special communities, merchandise drops and more by using specific tokens or NFTs.

Isn't this already solved by web2?

Web2 companies have made significant investments in the development of easy-to-use identity products. The cracks in web2 identities are beginning to show. There is the need to manage multiple passwords and accounts; the constant spam; and the insidious loss of privacy, security and control.

Many people have traded privacy, security, or control for convenience. Web2's disadvantages are only discovered when there is a data breach, organizational overreach or loss of access. These events are now a part of our daily lives.

What is web3's role in ensuring its success?

Web2 identity and web3 identity have the same basic customer requirements. It's how they are met that is the difference. Web2 is centralized, which provides convenience and flexibility, but at the expense of privacy, security and control. Web3 is trustless, decentralized, and has usability gaps. Web3 must have both flexibility and usability. However, privacy, security, and control should not be compromised.

  • Intuitive. Users should be able to communicate with each other using human-readable usernames, rather than intimidating 42 characters addresses.
  • Forgiving. Forgiveness.
  • Trustworthy. People and apps need tools to show trust to each other.

Web3 Identity: Evolving

Web3 can address many of the flaws in web2. Crypto allows you to control your identity keys and ensure your security. Let's face it, web3 is daunting as it stands today. What can the web3 community do to make web3 more accessible to all?


A user's identity.

It is essential that we make it easy for users to create and manage portable, interoperable, user-readable usernames. These usernames can be linked to rich, customizable public identities, which can range from completely anonymous to fully public. Multiple identities should be possible for users in different contexts, such as work and gaming. One for work, one for gaming.


Tools that help you feel and stay safe.

Web3 is in violation of one of the most fundamental security laws, in that identities are susceptible to a single point failure: the recovery phrase. Identity theft can be caused by a compromised app, device, and/or social engineering attack. Multi-factor authentication (MFA), the most common web2 example, is required by web3. It can also protect all users.


Recover when something goes wrong.

We have all lost passwords at one time or another. Recovery phrases should not be expected to be any different. It is impossible to scale an ecosystem in which someone can lose their recovery phrase and be denied access to their livelihood. Users need ways to regain access. Multi-party computation (MPC), or social recovery, are creating more welcoming experiences that will encourage wider web3 adoption.


Signs of trust and legitimacy

Only governments can attest that passports work. Trustworthy parties must also attest to an identity's legitimacy in order for web3 identity to work. Users will require ways to collect, manage, and communicate "attestations" that verify their legitimacy and credentials. Apps will require ways to both verify and issue the legitimacy of a user’s identity and credentials.


Interoperability between web2 and Web3.

Users who are further along the adoption curve will not see any difference in the web2 and web3 concepts over time. Users will expect to be capable of seamlessly accessing both web2 and web3 from one identity. We need to make that possible. We must also provide users with a unique, chain-agnostic identity they can use across web3.

Web3 Identity Building

A strong team with the ability to build and iterate quickly will be required to create a web3 identity layer. It will often require local development and refinement before scaling internationally (and in a decentralized manner). Coinbase and other organizations such as ours must embrace this long-term vision right from the beginning: open source, open standard and close collaboration with others in the web3 ecosystem.

We must not lose sight of the promise of web3 identity. We must build web3 identity in a way that protects the privacy, security and control of users, while still being intuitive, forgiving and trustworthy.

This journey has been initiated with Verite and ENS to provide a free web3 ID (cb.id), and we will continue to expand our identity offerings. This is just the beginning of a new chapter in identity and web3 at Coinbase and the wider web3.


What Web3 Identity needs was first published on Medium's The Coinbase Blog. People are responding to the story by commenting and highlighting it.

—————————————————————————————————————————————————————————————-

By: Coinbase
Title: What Web3 Identity Needs
Sourced From: blog.coinbase.com/what-web3-identity-needs-54d5a7c1e198?source=rss—-c114225aeaf7—4
Published Date: Tue, 20 Sep 2022 18:00:35 GMT

Recent Posts
Latest Featured Posts
Latest News Posts