top | item 31577866

(no title)

yeah for auth is a blockchain even required? it's pretty much just asymmetric crypto at that point isn't it?

I think the 'web3' way would make it worse wouldn't it? like metamask relying on centeralized service to query the blockchain

I guess a real benifit I could see would be being able to use a blockchain to revoke your keys somehow but that's not how metamask and web3 stuff seems to work right now

discuss

tehlike|3 years ago

Metamask can sign data, which would help you prove the user has the private for a given public key. You do not need the blockchain.

The chrome extension to cryptography would help - but we have FIDO that does exactly that (and webauthn i guess).

throwme_123|3 years ago

Indeed that is possible, the problem is all the greedy corporations that want to suck all our data, so they can't simply trust the signed messages of Metamask and want instead to implement layers of poor software for their profit

throwme_123|3 years ago

Metamask relies on whatever RPC you give it, including your own node if you want

The asym crypto is enough for proper authentication, but decentralized apps generally are built to use it, without relying on centralized data. A message signature being verified by a stateless service is all that is required

Could do without web3, but the practice of predatory web giants and smaller startups is to exploit the users so they don't do that