Re: [Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address
Using a bitcoin address repeatedly is something we're trying to move away from. This is indeed a flaw of the proposed protocol. However it really depends in the end of the usage : you could use an auth just once, to redeem a good you paid, or multiple times if this makes a sense (mining pool app for instance). And using a bitcoin address as a persistent identity key feels like the wrong direction to me. What would be really the difference between artificially create a certificate for identity and selecting one address for identity? Better to use something like client certificates, the FIDO alliance's (new!) specs: http://fidoalliance.org/specifications/download ... or Steve Gibson's proposed SQRL system: https://www.grc.com/sqrl/sqrl.htm The proposal is nothing more than sqrl scoped to Bitcoin keys. If one of those systems gets critical mass and actually starts being successful, then I think it would make sense to specify a standard way of using a HD wallet's deterministic seed to derive a key used for the FIDO or SQRL systems. This could be a very interesting approach. But I think the system which would get critical mass is the one which would be implemented into major Bitcoin wallets. Why adding another app or software when you already have all you need? On Fri, Apr 4, 2014 at 9:22 AM, Eric Larchevêque ela...@gmail.com wrote: What I'm trying to achieve, is to have a very simple way of authenticating yourself with one Bitcoin address from your wallet. For most of the people using Bitcoin, their wallet is on their phone. The UX is clear and simple : 1. click on connect with Bitcoin (the audience is normal people) 2. flash the QRcode with your wallet (blockchain.info, mycelium, ...) 3. accept the authentication request (same style than OpenID or Facebook connect) 4. user is autologged and identified by the chosen Bitcoin public address It makes sense only if major wallets are supporting the protocol. If you need to install a plugin or download a third party software, no one will do it. I see only benefits for the entire ecosystem, and if I'm working on such a proposition it is because I really need this feature. Of course, it can be done without a BIP, I just need to convince wallet developpers one by one to implement the feature. But I thought it was much better to start the official way, so all wallet could easily find and implement the same authentication mechanism. Bitcoin and website authentication are unrelated problems I respectfully disagree. Many services require your Bitcoin address, and to do that they artificially request an email/password to store it. This is not about authentication as an identity (as I'm Eric Larcheveque), but as in I'm proving to you that I control this address. Without such a standard protocol, you could never envision a pure Bitcoin physical locker rental, or booking an hotel room via Bitcoin and opening the door through the paying address. Eric On Fri, Apr 4, 2014 at 3:08 PM, Mike Hearn m...@plan99.net wrote: This comes up every few months. I think the problem you are trying to solve is already solved by SSL client certificates, and if you want to help make them more widespread the programs you need to upgrade are web browsers and not Bitcoin wallets. There are certainly bits of infrastructure you could reuse here and there, like perhaps a TREZOR with a custom firmware extension for really advanced/keen users, but overall Bitcoin and website authentication are unrelated problems. On Fri, Apr 4, 2014 at 2:15 PM, Eric Larchevêque ela...@gmail.com wrote: Hello, I've written a draft BIP description of an authentication protocol based on Bitcoin public address. By authentication we mean to prove to a service/application that we control a specific Bitcoin address by signing a challenge, and that all related data and settings may securely be linked to our session. The aim is to greatly facilitate sign ups and logins to services and applications, improving the Bitcoin ecosystem as a whole. https://github.com/bitid/bitid/blob/master/BIP_draft.md Demo website : http://bitid-demo.herokuapp.com/ Classical password authentication is an insecure process that could be solved with public key cryptography. The problem is that it theoretically offloads a lot of complexity and responsibility on the user. Managing private keys securely is complex. However this complexity is already being addressed in the Bitcoin ecosystem. So doing public key authentication is practically a free lunch to bitcoiners. I've formatted the protocol description as a BIP because this is the only way to have all major wallets implementing it, and because it completely fits in my opinion the BIP process category. Please read it and let me know your thoughts and comments so we can improve on this draft. Eric Larcheveque ela...@gmail.com
Re: [Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address
The goal of writing a BIP seems to be to get lots of different wallet authors to write lots of code for you - but I *am* a wallet author, and I don't think that's the right way to get traction with a new scheme. I started without a BIP and the feedback I got is that I should to a BIP. We cannot write all the code for all the wallets ; this is after all a communauty project. However we have and we will propose bounties for each wallet to support natively the protocol. For instance the TREZOR guys would have to support your new protocol otherwise if I paid my hotel bill with my TREZOR I couldn't open the door when I got there! But they probably have better things to be doing right now. Yes you are right. But if the concept of authenticating yourself gets traction, they will probably do it. The key difference between just generating a client certificate and using a Bitcoin address is that the client certificate is something that is used *specifically* for identification. It leaves no trace in the block chain, so no weird privacy issues, it doesn't matter how you manage your wallet, and you don't have to persuade lots of people to support your idea because it was already done 10 years ago and basically every browser/web server supports it. My view on this is mainly about the UX and the fact everyone in Bitcoinland has a wallet. It's a approach leveraging this fact, with the possibility to build interesting apps combining address auth and the blockchain. I understand the problems related to multisig, contracts etc, There is no such thing as a from address in a transaction, however many services still take first tx as the return address. People will always find way of building and doing stuff (cf the message in the blockchain debate). Some reasons client certs aren't more widely used boil down to: 1. People like passwords. In particular they like forgetting them and then having friendly people assist them to get it back. Client certs can support this use case, but only if apps are checking the identity in them and not the key. 2. The UI for managing client certs in browsers is pretty horrible. There's little incentive to improve it because of (1). 3. Cross-device sync doesn't work very well. Apple are starting to tackle this with their iCloud Keychain Sync service but then of course, Apple has all your keys and you may well just sign in to things with your Apple account (if it were to be supported). Cross-device sync where the server *doesn't* get your keys is supported by Chrome for passwords, but not client certs, because (1) None of the above issues have any obvious fix lurking within Bitcoin. There is also the benefit of revocation with certificate and central authority. But, again, you already have a wallet and a Bitcoin address. So if you add a simple auth protocol, people will use it at no cost. Eric -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address
Why do you need it? Because you don't want to implement a login system? Very, very few websites are the sort of place where they'd want to authenticate with only a Bitcoin address. If for no other reason than they'd have no way to email you, and if you lost your wallet, you'd lose all your associated data. Well, the major difference is that you could sign up effortlessy to a service, and associate your email later. If more people sign up to more services, it's a good thing for the ecosystem. Without such a standard protocol, you could never envision a pure Bitcoin physical locker rental, or booking an hotel room via Bitcoin and opening the door through the paying address. In future there often won't be a simple paying address. For instance, if my coins are in a multi-sig relationship with a risk analysis service, there will be two keys for each input and an arbitrary number of inputs. So does that mean the risk analysis service gets to open my locker? Why? What if I do a shared spend/CoinJoin type tx? Now anyone who took part in the shared tx with me can get into my hotel room too? In a perfect world, you would pay your locker with a normal transaction. The same way you shouldn't play satoshi dice from a shared wallet. But your point is totaly valid, and I don't have answer to that except that I'd love to have a Bitcoin authenticated locker in our Bitcoin co working office. These are the kinds of problems that crop up when you mix together two different things: the act of paying, and the act of identifying yourself. You're assuming that replacing a password people can remember with a physical token (their phone) which can be stolen or lost, would be seen as an upgrade. Given a choice between two physical lockers, one of which lets me open it with a password and one of which insists on a cryptographic token, I'm going to go for the former because the chances of me losing my phone is much higher than me forgetting my password. All the tools you need already exist in the form of client certificates, with the advantage that web servers and web browsers already support them. The biggest pain point with them is backup and cross-device sync, which of course wallets suffer from too! Bitcoin users are normaly already paying some effort to securise and backup their wallets / keys. So it's just about leveraging that. I would myself pick a crypto locker, because I'm the kind of guy who Facebook connects and I follow the easiest path, even if it has long term costs :) Eric -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address
On Fri, Apr 4, 2014 at 4:56 PM, slush sl...@centrum.cz wrote: I'm cracking my head for many months with the idea of using TREZOR for web auth purposes. Unfortunately I'm far from any usable solution yet. My main comments to your BIP: Don't use bitcoin addresses directly and don't encourage services to use this login for financial purposes. Mike is right, mixing authentication and financial services is wrong. Use some function to generate other private/public key from bitcoin's seed/private key to not leak bitcoin-related data to website. I'm probably very naive, but the fact that the authentication key is your Bitcoin address was for me a great feature :) What are the risks associated of id yourself with a bitcoin address you plan to use on the website for transaction ? I mean, what is the difference between doing that, and id with a login/pass and add your bitcoin address in a settings field ? (knowing you could always find a mechanism to transfer the account to another bitcoin address if needed) Eric -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address
Hmmm, well TREZOR requires a web plugin. So if nobody installs plugins then we have a problem :) But regardless, actually like I said, you don't need a plugin. Browsers do it all already. With the keygen tag they even create a private key and upload the public part to be signed for you, it's seamless for the user. I wanted to give you a link to a demo site, but I can't find it anymore :( If you buy a TREZOR you will of course install the plugin :) What I mean is that normal people are lazy : if the solution is already in their hand they will use it, if they need to install/configure something, they won't do it. I'm not trying to propose a solution to solve the auth on the web, but to ease the sign up / login on the Bitcoin ecosystem websites and apps. More sign ups to new services (whatever the services) = more usage = expanding ecosystem = more global value to Bitcoin Wallets are a key element of the equation because : - everyone has one (desktop or mobile) - everyone (in theory) has already taken all steps to backup and secure their keys - id yourself with a Bitcoin address often makes sense on a Bitcoin related service Eric -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development