Sign In With Ethereum Is Coming

The dangers of letting Facebook control your online identity are obvious. One alternative would be to use your Ethereum wallet instead and let you control your own data.

Over the past few weeks, Facebook has come under fire from the press and the US Congress for a practice that is hard to consider evil. In essence, the company allegedly knew for years that its algorithms were directing users to harmful content in various ways, but did nothing about it because changing means losing money.

If you've ever used your Facebook account to log into other online services, you've helped the social network make your online experience more toxic, even if you're not a user yourself. Or maybe you do the same using Google or Apple identity services. All involve major trade-offs – such as the possibility of your data being shared with US intelligence.

This is one of the major problems of the internet today. While the inherent anonymity of the 'net is definitely a good thing, it makes users of ID-dependent tools slaves to major centralized identity providers, and abuse seems inevitable. Blockchain developers have long talked about developing a “decentralized” identity standard to save us from the dangers of Big Login, and at least one significant step towards that future seems imminent: Sign-in With Ethereum is coming.

It sounds like it: the standard way to use an Ethereum wallet you own as an identifier across various services. If your first thought is, "my name isn't even attached to my ETH wallet," that's the point: Using a cryptographic marker as an identity means the user, not the identity provider, has complete control over what information is associated with him. Finally, you will be able to decide, for example, whether certain services require your name, proof of your age, or a glimpse of your ETH balance. You don't have to send all that information to every service you use.

The standard is being developed by Spruce Systems, founded by former ConsenSys staff, which won the latest development RFP from the Ethereum Foundation and the Ethereum Name Service. The initial goal was simple (always a good sign, in my book).

“We started with an identity that wasn't that serious, not that strong,” said Spruce co-founder and CEO Wayne Chang. “Because we want to be tested in battle. In the short to medium term, it's more like social media credentials tying their Twitter handle to the blockchain… We don't want to provide [know your customer] credentials yet to buy millions of dollars in financial securities,” although that's a possibility down the road.

Apps for this early iteration, according to Spruce, are more likely to include lower security uses such as content gating for non-eligible token holders (NFT). Ultimately, though, by integrating secure off-chain storage, Sign-in With Ethereum (let's call it SIWE) can also offer “powerful” options like government IDs. Users will be able to control access to that data on a case-by-case basis and delete or separate it at will.

One of the significant hurdles for SIWE is the inherent risk of reusing any identifier, especially addresses that could possibly be easily linked to wallets used for financial activity. While the idea of ​​using multiple or single-use wallets as a security measure is familiar to crypto users, it may be a bridge too far for normal people, at least for now – another reason SIWE started small.

By David Z. Morris

David Z. Morris is CoinDesk's Chief Insights Columnist. He has written about crypto since 2013 for outlets including Fortune, Slate, and Aeon. He is a former academic sociologist of technology with a PhD in Media Studies from the University of Iowa. He holds Bitcoin, Ethereum, Solana, and small amounts of other crypto assets.