Title: Towards More Conversational Wallet Connections: A Proposal for the
Hello Ethereum Community,
I’m reaching out following my presentation at the Devconnect 2023 Istanbul UX Unconference. For those who couldn’t attend, I plan to share a video of that talk shortly. The focus of my presentation, and the reason for this post, revolves around reimagining how wallet connections could be more conversational and user-centric in the Ethereum space.
I’m here not just to propose an idea but to initiate a dialogue about how we can collectively enhance user interactions within our ecosystem. The concept I’m about to introduce is very much in its infancy and open to evolution, especially with insights from this community.
The Core Challenge
Our current model of initiating connections by exposing a user’s public address has several drawbacks, including vulnerability to phishing and the pressure on application developers to maintain complex indexing infrastructures. This system tends to favor well-established assets, creates barriers for newer entries, and has been tending wallets towards more and more centralized infrastructure to try to combat scams and add readability to an interaction pattern that is inherently unreadable and prone to excessive disclosure.
One way to improve user coherence and reduce reliance on centralized infrastructure is to put the site connection back in the user’s hands, and empower them to issue “session keys” for the dapp connection. These interactions can be explored if we first have a standard method for contract accounts to issue arbitrary session permissions (which can hopefully grow and evolve as an ecosystem).
One way session permissions can be issued is by giving a site a mechanism to request the type of asset it needs to proceed, and then giving the user an ability to select the set of assets/permissions that they want to share (requiring additional deliberative steps for the user, and reducing the risk of confirmation-fatigue).
To address these issues, I propose an abstract Solidity interface named
redeemDelegation. Here’s a preliminary look at the interface. It’s very much a draft, and meant to start conversation:
function redeemDelegation( address onBehalfOf, TxParams calldata txParamsToCall, bytes authorization ) public;
The intent behind
redeemDelegation is to enable contract accounts to adopt diverse authorization logics, thereby allowing for tailor-made and user-directed authorization when connecting to websites. This approach diverges from the current norm of websites dictating transactions, sometimes through obscure allowance methods, and could reduce the dependence on centralized infrastructures.
Envisioning Diverse Applications
redeemDelegation, we could explore various innovative models:
The Powerbox/File-Picker Approach: This model would enable sites to request specific permissions, with users having the freedom to select assets and set boundaries for site interactions. This not only empowers users but also eases the burden on developers.
AI/LLM-Enabled Interactions: Imagine users specifying authorization terms in their own language, and AI models translating these into tangible authorization parameters. This could make for a more intuitive and user-friendly experience.
A Collaborative Journey Ahead
This concept is not just about a new interface; it’s about rethinking our approach to user interactions in the Ethereum ecosystem. It requires not only new code but also new ways of thinking and building.
I look forward to your thoughts, critiques, and suggestions. Let’s collaboratively explore how we can make wallet connections more secure, intuitive, and user-friendly.
Thank you for your time and consideration.
Dan Finlay, MetaMask