In a recent development on July 3, the Aptos blockchain unveiled a novel web-based wallet application devoid of traditional keys, utilizing ZK-proofs for user authentication. Dubbed “Aptos Connect,” this innovative wallet facilitates user interaction with decentralized applications via a Google login, bypassing the need for hardware security modules, passkeys, or a multiparty computation framework.
Aptos Connect revolutionizes Web3 integration by enabling users to swiftly create and oversee Aptos blockchain accounts with a single click through their Google login, thereby obviating the necessity for private keys and ensuring a fluid experience within the developer’s application. This is achieved by employing the OpenID Connect (OIDC) standard alongside zero-knowledge proofs to associate social logins with blockchain accounts.
Visual representation of the Aptos Connect wallet. Courtesy of Aptos.
The concept of using a Google or Apple ID for login purposes is not unprecedented in the realm of cryptocurrency. Protocols such as Magic Labs’ “Magic Links,” Web3 Auth, and Coinbase’s Smart Wallet have previously implemented similar features. Nonetheless, Aptos Connect aspires to offer comparable ease of use without the need for users to engage with an email link, input a passkey, or depend on a multi-party computation network.
Related Article:
Emerging Technologies Poised to Enhance Crypto and Web3 Wallet Usability
In lieu of the conventional methods, users can simply activate the “Continue with Google” option and choose a Google Account to access their wallet. Aptos has indicated that support for Apple ID is on the horizon, presenting an alternative for those who prefer not to utilize Google.
Snapshot of the Aptos Connect app login interface. Source: Aptos.
Developer documentation reveals that the creation of this app was facilitated by the Aptos Improvement Protocol 61 (AIP-61), which permits transactions to be validated via the JSON Web Tokens (JWTs) employed by Google, Facebook, Apple, and other login services. ZK-proofs are strategically used to conceal the identities of both the user and the login provider, thereby preventing the exposure of the Google ID linked to any specific Aptos account.
Aptos has expressed confidence that the new wallet could pave the way for “a new generation” of cryptocurrency enthusiasts. Aptos Connect’s security is entirely reliant on the user’s Google account to safeguard assets. Consequently, users are cautioned that a breach of their Google account could result in the loss of their cryptocurrency holdings: “Should the OIDC account (e.g., Google) be compromised, all associated keyless accounts tied to that OIDC account would be at risk.”
Despite this, some users might find this level of risk acceptable, considering the widespread dependence on Web2 login providers across the internet’s software landscape.
The past year has seen a surge in the Web3 sector’s efforts to develop wallets that are more user-friendly. In June, Coinbase introduced its smart wallet app, enabling users to establish a new wallet with a Windows Hello passkey. Similarly, in July 2023, Eco launched the “Beam Wallet.”
From the Magazine:
Is a Financial Crisis Looming Over Crypto’s Bull Market?