
Show HN: No more 12-word seed phrases - jhunter1016
https://www.simpleid.xyz/?s=hn&t=hn1
======
jhunter1016
I'm one of the founders of SimpleID. As a Web3 app developer, I have first
hand experience hand holding users through the complicated on-boarding
process. I built Graphite, a popular dApp, using traditional Web3 auth and I
just recently cracked 10K users after 2 years...

The status quo today expects users to navigate pop-ups, install extensions,
and of course manage their 12-word key phrase! What I've learned is that
people don't really care about decentralization. They should, but they don't —
at least not yet. What people do care about is protecting their data privacy
and convenience.

Therefore, we built SimpleID, a suite of developer tools that lets you easily
on-board users to Web3 apps. If your users are tech-savvy and want a 100%
truly decentralized solution, you're probably not going to be very interested
in SimpleID. And that's OK. We want the other 98% of people to actually use
dApps, and have that "ah ha" moment about what data ownership truly means.

Our solution is all about choice — we don't force you into any specific
blockchain, identity, or storage provider. At login, users automatically get
wallets (Ethereum, Bitcoin), DID (ENS, Blockstack), and storage (IPFS, GAIA).
We also plan on supporting other protocols, and more importantly hope to get
rid of passwords all together!

[1] Demo:
[https://www.simpleid.xyz/#examples](https://www.simpleid.xyz/#examples)

[2] Sign up for free:
[https://www.simpleid.xyz/#app](https://www.simpleid.xyz/#app)

~~~
rladd
It looks like similar functionality to Hedgehog but with hosting as a service,
and extra functions added.

Or is that off base? How would you contrast your security and functional
approaches to what they're doing?

[https://hedgehog.audius.co/](https://hedgehog.audius.co/)

~~~
prabhaav
Love what hedgehog is doing! However, we are cross-platform and never expose
the users master private keys to the developer. When a user logs in to an app,
only the app specific key pair is delivered on auth.

Let me know if you have any other questions :)

------
j0nathan
I've been using blockstack and your app, graphite, sometimes. But I've allways
thought creating a Blockstack-Id is too 'nerdy' for normal friends of mine so
they cannot use a whole list of good apps based on blockstack.

I hope the more apps will use your SimpleID sign-on the more non-technical
friends of mine can use blockstack-based apps.

Thanks.

~~~
prabhaav
Thanks Jonathan for the kind words, we hope more people can start using the
amazing apps being built on Ethereum, Blockstack, EOS, etc.

------
lemmybe
Web 3.0 and its complex nature of on-boarding the non tech savvy ones. A tool
like this is indeed needed.

I just remembered I saw this once on steemhunt too, a Steem based product
curation platform.

~~~
jhunter1016
Steem is such a cool project. That's definitely high up on the priority list
for us to support!

~~~
lemmybe
Wow. So good to hear that an this just rekindles my faith on the steem
blockchain. And it will really be awesome having simpleid support steem.

If you don't mind, you could do a review campaign of simpleid on steemhunt for
proper awareness to the steem community. A review that could reach over 9
million followers of various channels.

You can learn more about it
[https://review.hunt.town/i/106](https://review.hunt.town/i/106)

~~~
jhunter1016
Awesome! Will do. Thanks for this, and sorry for the slow reply!

------
nodefury
Nice site and solution. I clicked 'run' on the Examples page and at first I
thought it was broken but then after about 20s it produced output--might want
to drop some initial output that tells users to wait or something.

~~~
jhunter1016
Thanks! And totally agree. We talked about this leading up to this launch and
went back and forth with it. The runkit example you see on the site is using
the actual production Node SDK because we want developers to literally be able
to copy and paste the code. So we also want to make sure the console output is
appropriate for all environments. We'll find a balance though.

------
j0nathan
And a second thought since recently a lot of discussion about 2FA / two factor
authentication has happened:

Are there any plans to support a second factor during login process, for
example a one time token?

~~~
prabhaav
Yes! This is one of the top things on our priority list. We will be completely
removing the need for passwords and switch to one time use passwords and 2FA.

You can sign up for our slack on our website and we'll keep you updated :)

------
friedger
I like the convenience .. and that you can still use your account on other
services that support bip39.

Maybe you want to collaborate with arkane.network for payment/wallets.

~~~
prabhaav
Thanks Friedger, do you have a person we can talk to there? Would love to
start a conversation with them!

------
VanGoux
Pretty cool idea, but does this solution _actually_ give users ownership of
their identity?

~~~
jhunter1016
It absolutely does. All we store is an encrypted version of the user's master
keychain (the 12-word seed phrase we're trying to eliminate). We can't access
that keychain without the user's consent. The user is emailed a copy of this
encrypted keychain and can take it with them to any service that supports
bip39 seed phrases.

Try getting Google to let you do that ;)

~~~
mcdee
> All we store is an encrypted version of the user's master keychain

Is the seed created and encrypted on the client or the server?

~~~
jhunter1016
We chose this method because it requires trust of just one entity (the lambda
end point we provide) rather than trust of each app that might interact with
SimpleID's SDK. If the seed phrase is generated client-side within an app,
that developer could hold onto that seed and use it maliciously.

Identities created through SimpleID can be used across multiple apps, so it's
important to us that developers are only able to access data specific to their
app (i.e. app-specific encryption keys).

------
saag4dinner
Didn't see this on your site, but is there a roadmap for future support (i.e.
EOS or others)?

~~~
prabhaav
We've been moving fast trying to get SimpleID in as many hands as possible,
but we absolutely want to support other blockchains. More in-depth Ethereum
support is next up, then we want to look at adding support for blockchains
like EOS, Steem, and more. It'd be great to get feedback from others on what
blockchains to support!

------
doodlemania
Great looking stuff :)

~~~
jhunter1016
Thanks! Here's hoping it can take off and help introduce people to web3.

------
morten-oddvar
FAQ is saying " You are automatically GDPR compliant". Explaining more can you
this?

~~~
jhunter1016
Sure! SimpleID is giving developers access to protocols that let users store
their data and control their data. When you do this, you are not managing the
data on behalf of the user, they are managing it themselves. That is
inherently compliant.

