I tried many things for keys too. Definitely fun!
https://i.nostr.build/XtioDIh71BvNlVhm.png
Yeah I spent too much of my life trying to get the UX of decentralised identity key management to be human. I ended up deciding that I have to accept that key recovery is a requirement, which is what Farcaster does through Ethereum Rollups, and Bluesky does it with a centralized registry.
The idea is to start custodial, where the server actually has the keys, and you have a recovery key like in 2FA, but if you lost that, your provider can help you rotate your recovery key.
But in order for your provider not to rug you, we need a Blockchain (or a central registry) where the provider needs to publish the rotation request, given you opportunity to react and use your recovery key to fire that provider ... But if you don't react in a few days, the rotation is complete.
I think we can do that with Rootstock and I think we can do it in a way that scales to many billions and tens of millions in first year, and keep it light enough that hundreds of people can rund that service... But I am still trying to build it in my free time.
Once you have that, then you just login to your provider as usual, with passkeys or email and password or it may be even a physical service that you need to visit, whatever.
For example I can be the provider of my family members, and still they can still have full sovereignity when they feel ready, think of children or friends that don't want to be tech savvy on day one before the whole system proved it's worth.
In fact isn't that the experience in Bitcoin? Only when you have enough money that it is worth putting the work, that you start moving your funds to a more secure wallet.
The idea is to start custodial, where the server actually has the keys, and you have a recovery key like in 2FA, but if you lost that, your provider can help you rotate your recovery key.
But in order for your provider not to rug you, we need a Blockchain (or a central registry) where the provider needs to publish the rotation request, given you opportunity to react and use your recovery key to fire that provider ... But if you don't react in a few days, the rotation is complete.
I think we can do that with Rootstock and I think we can do it in a way that scales to many billions and tens of millions in first year, and keep it light enough that hundreds of people can rund that service... But I am still trying to build it in my free time.
Once you have that, then you just login to your provider as usual, with passkeys or email and password or it may be even a physical service that you need to visit, whatever.
For example I can be the provider of my family members, and still they can still have full sovereignity when they feel ready, think of children or friends that don't want to be tech savvy on day one before the whole system proved it's worth.
In fact isn't that the experience in Bitcoin? Only when you have enough money that it is worth putting the work, that you start moving your funds to a more secure wallet.
2🫂1
