Versions Compared

Old Version 2

changes.mady.by.user Pawel Mastalerz

Saved on

compared with

New Version Current

changes.mady.by.user Pawel Mastalerz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

The FIO dApp product has been renamed Dashboard. This page has not been updated.

Solutions for account creation/log-in and signing

In order to support most of the recommended functionality, users will need to sign-in to the dApp and transactions made by the dApp need to be signed by the private key which owns the FIO Address. The following is a list of considered approaches. Multiple of those may be considered.

Solution

Description

Log-in

Sign transactions

Pros

Cons

User/name password

Duh!

Status
colourGreen
titleYES

Status
colourRed
titleNO

  • Common model for all sites

  • Yet another log-in

Using password to generate and/or encrypt and store private key or seed phrase

The user will simply create a password and that password would be used to encrypt seed phrase which would then be stored by the dApp.

This approach is used by:

Status
colourGreen
titleYES

Status
colourGreen
titleYES

  • User friendly

  • Risk if website is compromised

Import seed phrase or private key

Allows a user to import FIO Private key or seed phrase into dApp

Status
colourRed
titleNO

Status
colourGreen
titleYES

  • Enables users of FIO integrated wallets to access dApp functionality

  • Risks if site is spoofed.

Using 3rd party oauth

Users will be able to log-in using other accounts, such as Google, Facebook, Twitter, Coinbase, etc.

Status
colourGreen
titleYES

Status
colourRed
titleNO

  • User friendly

  • Connections may be further utilized to enhance the experience:

    • Twitter handle may be tied to FIO Address

    • Coinbase public addresses may be automatically mapped to FIO Address

Using private key or seed phrases on every interaction

The private key or seed phrases would be generated on site and the user would be required to write them down as they would not be stored on the server. Every time the user wanted to sign a transaction they would have to copy/paste the private key or seed phrases.

This is considered a very unsafe practice, as it susceptible to MITM attacks. There are however sites that use this approach today such as Coinbase Commerce and MEW (though they discourage it strongly).

Status
colourGreen
titleYES

Status
colourGreen
titleYES

  • Not user friendly

  • Considered unsafe

Scatter/Anchor

Both wallets support signing of FIO transactions and may be easily enabled as wallets to generate and store FIO private keys

Status
colourGreen
titleYES

Status
colourGreen
titleYES

  • Supports existing partner

  • Requires the use of specific wallet

Wallet Connect

Wallet Connect is an open source standard for “connecting” wallets with web dApps for the purpose of signing transactions. It supports many wallets, including Trust, Coinomi, Atomic, Infinito.

It is primarily being used for Ethereum dApps, although Bianance Dex used it to connect with Trust wallet. FIO Chain signing would have to be “enabled” by each of the wallets implementing and some wallets (i.e. Trust) have indicated the yare not interested in enabling other chain

Status
colourGreen
titleYES

Status
colourGreen
titleYES

  • Wallets would have to customize Wallet Connect for the FIO Chain

  • Limited number of wallets support Wallet Connect

Portis white label

Status
colourGreen
titleYES

Status
colourGreen
titleYES

Browser plug-in

A browser plugin would store FIO Private keys and sign transactions, akin to MetaMask

Status
colourGreen
titleYES

Status
colourGreen
titleYES

  • Familiar workflow for those using MetaMask

  • Requires development and maintenance of a browser plugin across different browsers.

  • Even though this model is currently used by Ethereum DeFi, it is not particularly user friendly for the masses.

Example of Anchor Authentication

Here’s an example of how this mechanism currently functions between bloks.io and Anchor Wallet. The example is for voting, but it would work the same way for any transaction.

Widget Connector
overlayyoutube
_templatecom/atlassian/confluence/extra/widgetconnector/templates/youtube.vm
width560px
urlhttps://www.youtube.com/watch?v=fHtnBz4qBbA&t=82s
height315px

Use cases

  1. As a new user, I want to create an account on a FIO website to access FIO services.

    1. Options:

      1. Email and password

        1. Verify email with a link (does not prevent Sybil attack)

        2. generate a seed phrase after account creation

      2. Generate seed phrase

        1. collect email later

      3. Login with Anchor by Greymass (must already have a FIO account)

        1. limitation: only proves control of one FIO account

      4. Login (or install) a browser plugin

        1. A plugin will allow for multiple FIO private keys

        2. collect email later (or as part of the installation of the plugin)

    2. Additional considerations

      1. Ask for phone number and verify it with a code?

      2. Ask for social handles (twitter, telegram, instagram, etc)?

  2. As a FIO website user, I want to purchase custom FIO domain for myself

    1. Provide a nice domain search functionality

      1. Suggest alternative available domains

    2. Purchase with FIO tokens (offer a discount?)

      1. Show how to obtain FIO tokens (ChangeNOW, BitMax, etc)

    3. Purchase with BTC, ETH… via registration website (or embed it directly as part of the app)

  3. As a FIO website user, I want to create a FIO address for myself

    1. Select a domain

      1. Show available public domains

      2. Offer purchase for a custom domain

      3. Use your own custom domain

    2. Select a FIO username on a domain

      1. check for availability

    3. Pay with FIO or via the registration site (see domain purchase flow above)

  4. As a FIO website user, I want to purchase custom FIO domain for someone else

    1. Same as above, but provide education on how to obtain someone’s FIO public key

      1. Enhancements:

        1. Ask for a FIO address, lookup the public key

        2. Email address lookup (see separate user story)

  5. As a FIO website user, I want to purchase a FIO domain and some FIO addresses for someone else

    1. This is currently tricky because the domain is set to private when created so only the domain owner can then register addresses on it after creation. One solution would be to create the domain and addresses and then transfer them after the fact, but we need address transfer for that to work.

  6. As a FIO website user, I want to set my domain public or private

  7. As a FIO website user, I want to manually configure FIO address mappings for public blockchain addresses

  8. As a FIO website user, I want to see all my FIO addresses

    1. Ask for fio address

      1. Unauthenticated will be a “watch only” address

      2. Authenticated will allow for FIO Request creation, rejection, and approval (for supported tokens, if anyway)

    2. View information about each FIO address (see separate user story)

    3. Bundled transactions remaining

  9. As a FIO website user, I want to see my exchange deposit addresses (and balances if possible)

    1. Select supported exchange.

    2. Provide API key to access the exchange (include instructions and education on this)

  10. As a FIO website user, I want to renew my domain/address

  11. As a FIO website user, I want to transfer my domain/address

    1. (address transfer not currently supported on chain)

    2. provide education on how to obtain someone’s FIO public key

      1. Enhancements:

        1. Ask for a FIO address, lookup the public key

        2. Email address lookup (see separate user story)

  12. As a FIO website user, I want to set my domain public or private

  13. As a FIO website user, I want to see updates about the protocol

    1. giveaways I can participate in

    2. new features being rolled out

  14. (pending a co-op program) As a FIO Co-op member, I want to see how much money I’m making

    1. View FIOP balances

    2. View historical record of fees collected (also helpful for taxes)

  15. (pending a referral program) As a FIO referral participant, I want to see how much money I’m making

  16. As a FIO website user, I want to invite my friend to FIO via email

    1. Ask for email address, send an email

    2. Email includes a link to the website and a simple off chain entry in a database to keep track of who made the referral

  17. As a FIO website user, I want to send (or request) crypto to/from a friend via email

    1. See challenges outlined here: https://fioprotocol.atlassian.net/wiki/spaces/WP/pages/4063401/One-sided+FIO+transactions?search_id=d15d5bd2-6907-4e3f-9b55-cebd0156eee1

  18. As a FIO website user, I want to manage my FIO token balance through the site

    1. receive FIO tokens

    2. send FIO tokens

  19. As a FIO website user, I want to manage any crypto token through the site

    1. Much more challenging, but might be possible with an integration with Portis.

    2. ETH based tokens: integrate with metmask

    3. Ledger Nano supported tokens: Integrate with Ledger

    4. EOSIO based tokens: Integrate with Anchor

  20. As a FIO website user, I want to vote for block producers

  21. As a FIO website user, I want to vote for FIO board members

Additional Features and Functionality

As we explore additional features related to FIO (Wrapping, DeFi, Incentives, etc), a web-based dApp could provide a mechanism for onboarding users to the FIO experience, including a simple process to get their first FIO address via a basic login/password approach or a login with Facebook, Google, Twitter, etc approach, similar to how easy WAX Cloud makes it to get a WAX account. From this perspective, a web-based app focusing on FIO interactions might be useful in many different ways and expand from there to cover more features in the future. Examples include:

  • Keeping track of all your FIO Wallet names across multiple wallets (luke@edge, luke@stokes, luke@shapeshift, luke@infinitowallet, etc) and potentially showing (and allow for adjusting) mappings for these wallets (and potentially balances at specific times which is very useful for accounting, taxes, etc).

  • Keeping track of which FIO NFTs you own across multiple key pairs, including which ones have been wrapped and exist on other networks like ETH and where they exist now on those networks (are they on OpenSea? Are they connected to a specific ETH address, etc). For wraps, it could show outbound transactions you initiated or the history inbound transactions (from ETH to FIO, for example) you now control.

  • The date any FIO address was registered, how many bundled transactions it has remaining, a link to renew it / add more bundles, any other useful information on it (such as accumulated FIOPs, when we roll that feature out)

  • When DeFi integration begins to take shape, a page to report on the various tokens that have been locked up via messages sent via FIO and details on how to unlock them, etc. This could evolve into a full reporting tool on DeFi activities empowered by FIO with instructions on how to participate in other DeFi / CeFi opportunities using FIO.

  • Easy onboarding (create an account, register a FIO address or domain or both, transfer it somewhere else later)

  • More challenging: build something with actual wallet support starting as a web app and Anchor + MetaMask support. This would give us all EOSIO tokens, all Ethereum tokens, and Binance Smart Chain tokens. Using FIO might be a little clunky in that you’d sign FIO related actions with FIO-enabled Anchor and token transfers with EOSIO-enabled Anchor or MetaMask.

  • More challenging: build a reference implementation wallet (or work with a team already doing so, such as GP) that can highlight the best possible example of integration with FIO in a wallet experience. This can then be user-tested to improve it even further and eventually give it as the gold standard of what a FIO integrated wallet should look like. We can then user test against our existing FIO enabled wallets and see how they compare, ideally encouraging our wallet partners to make incremental changes towards the better experience we’ve demonstrated and supported with user testing data.

  • Use existing exchange APIs to map all deposit addresses for a user. Coinbase Example: https://developers.coinbase.com/api/v2#list-accounts This could be done with all exchanges (and crypto enabled APIs). This could end up being a sub component of the FIO Dapp.

Other documentation

https://drive.google.com/file/d/1mhoej8dDMhgPxphzrEhbkVW0BbiuMQfm/view?pli=1