Blog

Creating a User-Friendly DApp Crypto Wallet: electronic signature and identity

Here, in there previous article I have started a discussion about a perfect crypto wallet.

Let’s continue this time let’s go ahead and try to expand on the idea.

There are often different target user groups for fiat and crypto wallets. Crypto wallets are typically designed for more technically-minded users who are comfortable with the complex concepts and jargon of blockchain technology. Fiat wallets, on the other hand, are designed for a wider audience who may not be as familiar with financial and technological terminology. This can impact the design of the UI/UX, as crypto wallets may require more education and explanation to help users understand how to use them effectively. And IMHO it’s a mistake.

Here are three things that crypto wallet developers could consider:

  1. Improve user onboarding: Many crypto wallets assume that users have a certain level of technical knowledge, which can make the onboarding process confusing or intimidating for new users. To address this, wallet developers could work to improve the onboarding experience by simplifying the process and providing more detailed explanations of how the wallet works.
  2. Streamline the user interface: Crypto wallets can be complex, with many different features and settings. To make wallets more user-friendly, developers could work to streamline the user interface by removing unnecessary features and making it easier to find the most important ones.
  3. Enhance security features: One of the main concerns that people have with crypto wallets is security. To address this, wallet developers could enhance the security features of their wallets and make it more visible to users. This could include adding two-factor authentication, making it easier to back up private keys, and implementing stronger encryption.

It worth it. Blockchain technology is actually a Fintech and should be managed as true Fintech.

Yes, blockchain technology is considered a fintech because it is being used to transform the way financial transactions are conducted. Blockchain is a digital ledger that uses cryptography to secure and record transactions in a decentralized and immutable manner. It allows multiple parties to securely and transparently share data without the need for intermediaries, such as banks or other financial institutions.

In the financial industry, blockchain is being used to develop new and innovative solutions that are more efficient, secure, and cost-effective. For example, blockchain-based platforms are being developed for cross-border payments, trade finance, identity verification, and insurance. Additionally, blockchain technology is the foundation of many cryptocurrencies and digital assets, which are being used as a means of payment, investment, and store of value.

Of course, blockchain technology is not only Fintech. It’s more.

Three examples where blockchain is not fintech are:

  1. Supply Chain Management: Blockchain is being used to create more transparent and secure supply chains, which can help reduce fraud, counterfeiting, and waste. This is not fintech because it does not directly involve financial services or transactions.
  2. Healthcare: Blockchain is being used to securely store and share medical records, track the supply chain of drugs, and develop new pharmaceuticals. This is not fintech because it does not directly involve financial services or transactions.
  3. Real Estate: Blockchain is being used to streamline real estate transactions, including property title transfers, lease agreements, and financing. This is not fintech because it primarily involves the transfer of physical assets, rather than financial transactions.

But even more…

Electronic signatures created with Blockchain keys can be legal in the European Union (EU) under the eIDAS Regulation, which provides a legal framework for electronic identification, authentication, and trust services in the EU.

According to the eIDAS Regulation, electronic signatures can be considered legally equivalent to handwritten signatures, as long as they meet certain requirements. Specifically, the regulation recognizes three types of electronic signatures: simple, advanced, and qualified.

Simple electronic signatures are the most basic type of electronic signature and can be created using a range of methods, such as a scanned signature or a typed name. They are legally binding but offer the lowest level of assurance of the signer’s identity and intent.

Advanced electronic signatures are created using a cryptographic process that links the signature to the signer’s identity and provides evidence of the signer’s intent. To create an advanced electronic signature, the signer must use a qualified electronic signature creation device or software that meets certain technical standards.

Qualified electronic signatures are the highest level of assurance and are equivalent to handwritten signatures in terms of legal validity. They are created using a qualified electronic signature creation device that meets the highest technical standards and is certified by a qualified trust service provider.

Ethereum-like keys can be used to create advanced electronic signatures, which can be legally binding in the EU under the eIDAS Regulation. To ensure that the signature meets the requirements of the regulation, it may be necessary to use specialized software or services that are certified as qualified trust service providers. It is important to note that the legal validity of electronic signatures may also depend on the specific laws and regulations of each EU member state.

How to make an electronic signature created with Ethereum-keys have the highest level of assurance

To make an electronic signature created with Ethereum-like keys have the highest level of assurance — qualified electronic signature — under the eIDAS Regulation in the EU, it would need to meet the requirements for a qualified electronic signature. The requirements for a qualified electronic signature are as follows:

  1. It must be uniquely linked to the signatory
  2. It must be capable of identifying the signatory
  3. It must be created using means that the signatory can maintain under their sole control
  4. It must be linked to the data to which it relates in such a way that any subsequent change to the data is detectable.

To meet these requirements, a qualified electronic signature must be created using a qualified electronic signature creation device (QSCD) that meets the highest technical standards and is certified by a qualified trust service provider (QTSP).

A QSCD is a hardware or software device that is used to create electronic signatures and meets specific security requirements, such as tamper-proofing and protection against unauthorized access. A QTSP is a trusted third-party organization that provides services related to electronic signatures, such as certification, time-stamping, and verification.

By using a QSCD that meets the technical standards and a QTSP that is certified to provide qualified trust services, an electronic signature created with Ethereum-like keys can achieve the highest level of assurance under the eIDAS Regulation.

How to get this kind of certification?

To obtain certification for a qualified electronic signature creation device (QSCD) or a qualified trust service provider (QTSP), you would need to follow a certification process set by the national supervisory body in the European Union (EU) member state where the device or service is offered.

The process for obtaining certification may vary from one member state to another, but generally, it involves the following steps:

  1. Preparation: The device or service provider prepares the necessary documentation and undergoes testing to ensure that it meets the technical standards and security requirements set by the eIDAS Regulation.
  2. Evaluation: The supervisory body evaluates the device or service against the technical standards and security requirements, including the conformity assessment procedures and technical specifications set out in the regulation.
  3. Certification: If the device or service meets the technical standards and security requirements, the supervisory body issues a certificate of conformity, which allows the device or service provider to offer qualified trust services.

Once certified, the QSCD or QTSP can provide qualified electronic signatures or other qualified trust services in any EU member state. It’s important to note that the certification process can be lengthy and may require significant resources, including time and financial investment. However, certification can help to establish trust and provide assurance to users that the electronic signature or other electronic trust service is reliable and secure.

Tech part

The cryptography used for qualified electronic signatures (QES) and the keys used in the blockchain such as Ethereum are based on similar underlying cryptographic principles, but there are some key differences between the two.

  1. Purpose: The purpose of cryptography used for QES is to create a secure electronic signature that is legally binding and can be used for transactions that require a high level of assurance. On the other hand, the purpose of cryptography used in the blockchain is to create a decentralized, trustless, and secure network for transactions and data storage.
  2. Key Management: In the case of QES, the private key used to create the electronic signature must be kept securely and only accessible to the signer. The key may be stored on a smart card or other secure hardware device that meets the requirements for qualified electronic signature creation devices. In the blockchain, private keys are used to sign transactions and must be kept securely to prevent unauthorized access to the funds.
  3. Validation: QES must be validated by a trusted third party, such as a certification authority or a trust service provider, to ensure that the signature meets the requirements for a qualified electronic signature. In contrast, transactions on the blockchain are validated by the network participants themselves, using a consensus mechanism such as proof of work or proof of stake.
  4. Algorithms: The algorithms used for QES and the blockchain may differ based on the specific requirements and use cases. For example, QES may use digital signature algorithms such as RSA, DSA, or ECDSA, while the blockchain may use hash functions such as SHA-256 or Keccak-256.

In summary, while the underlying cryptographic principles used for QES and the blockchain are similar, the specific requirements and use cases for each technology result in some key differences in terms of key management, validation, and algorithms.

To use a private key from a blockchain wallet to create a QES that is compliant with the eIDAS regulation

It is possible for a private key obtained from a blockchain wallet to be used to create a qualified electronic signature (QES) if the private key is managed in a secure and compliant manner and if it is validated by a trusted third party (TTP) that is authorized to issue qualified certificates. However, there are some practical challenges and considerations to be aware of.

First, not all blockchain wallets or private keys may meet the technical and security requirements for a qualified electronic signature creation device (QSCD), which is the type of device that is required for creating a QES under the eIDAS regulation in the European Union. For example, the device must have specific features to ensure the confidentiality, integrity, and non-repudiation of the signature, and it must meet other technical requirements such as key length, algorithm strength, and key management.

Second, even if the private key meets the technical and security requirements for a QSCD, the user must also comply with the procedural and legal requirements for creating and using a QES. This includes obtaining a qualified certificate from a TTP that is authorized by a member state of the European Union, following the prescribed signature creation and validation procedures, and ensuring that the signature is legally binding and enforceable under applicable laws.

Is there already any startups which offers electronic signature based on blockchain keys?

Yes, there are several startups that offer electronic signature solutions based on blockchain technology and private keys. Here are a few examples:

  1. SignRequest: SignRequest is a Dutch company that provides an electronic signature platform using blockchain technology for secure and tamper-proof signatures. It offers different signature levels, including a qualified electronic signature, that meet the eIDAS regulation in the European Union.
  2. LuxTag: LuxTag is a Malaysian company that uses the NEM blockchain to provide a solution for document and product tagging with secure and immutable electronic signatures. It offers different types of signatures, including digital signatures and qualified electronic signatures, that can be verified on the blockchain.
  3. Blocksign: Blocksign is a UK-based company that uses blockchain technology to provide secure and tamper-proof electronic signatures. It offers different signature levels, including a qualified electronic signature, that meet the eIDAS regulation in the European Union.

These are just a few examples of startups that offer electronic signature solutions based on blockchain technology and private keys. There are many other companies and initiatives in this space, as the use of blockchain for electronic signatures and trust services is an emerging field with a lot of potential for innovation and disruption.

Electronic signature solutions based on blockchain technology may use public or private blockchains, or a combination of both.

Here are some examples:

Public blockchains:

  1. SignRequest: already mentioned, SignRequest uses the Ethereum public blockchain for its electronic signature platform.
  2. Blocksign: also mentioned, Blocksign uses the Bitcoin public blockchain for its electronic signature platform.

Private blockchains:

  1. LuxTag: LuxTag uses a private NEM blockchain for its document and product tagging solution.
  2. Guardtime: Guardtime uses a private Keyless Signature Infrastructure (KSI) blockchain for its electronic signature and trust services.
  3. BlockSeal: BlockSeal uses a private blockchain for its secure and tamper-proof document verification and electronic signature solution.

Hybrid blockchains:

  1. DocuSign: DocuSign, one of the leading electronic signature providers, the unicorn, has developed a blockchain-based solution called DocuSign CLM that uses a hybrid approach combining a private blockchain with the Ethereum public blockchain to provide secure and auditable agreements and signatures.
  2. OpenLaw: OpenLaw is a legal agreement platform that uses a hybrid blockchain solution combining a private blockchain with the Ethereum public blockchain to create, manage, and execute legal agreements with secure and verifiable electronic signatures.

What are perspectives of these industry?

The electronic signature industry based on blockchain technology has significant potential for growth and disruption. Here are some of the perspectives of this industry:

  1. Increased security and trust: Blockchain technology provides a tamper-proof and transparent way to store and verify electronic signatures. This increases security and trust in electronic transactions, which is important for industries such as finance, legal, and healthcare.
  2. Streamlined processes: Electronic signatures based on blockchain technology can help to streamline processes, reduce costs, and improve efficiency in various industries. This is because blockchain technology can eliminate the need for intermediaries, reduce transaction times, and automate processes.
  3. Regulatory compliance: Blockchain-based electronic signatures have the potential to meet regulatory compliance requirements, such as the EU’s eIDAS regulation. This is because blockchain technology can provide a secure and tamper-proof way to store and verify electronic signatures.
  4. New business models: The use of blockchain-based electronic signatures can enable new business models and revenue streams, such as the creation of new digital assets and the monetization of data.
  5. Interoperability: There is also potential for interoperability between different electronic signature solutions based on blockchain technology. This could enable seamless integration and communication between different systems and platforms, improving the overall efficiency of electronic transactions.

And even more: there are startups that are working on linking eID (electronic identity) with electronic signatures to create a more secure and streamlined digital identity solution.

eID is a type of digital identification that can be used to authenticate a user’s identity online, and it is often used in combination with electronic signatures to provide an additional layer of security and verification.

One example of a startup that is working on this area is Authenteq. Authenteq is a digital identity verification platform that uses blockchain technology to create secure and verified identities. The platform allows users to create a digital identity that is linked to their eID and other personal information, and use this identity to sign documents and conduct other online transactions securely.

Another example is BlockID, a startup that provides a blockchain-based digital identity and authentication solution that uses eID to verify the identity of users. The BlockID platform allows users to create a digital identity that is linked to their eID, and use this identity to sign documents and conduct other online transactions securely.

Overall, the combination of eID and electronic signatures provides a powerful tool for creating secure and trusted digital identities that can be used for a wide range of applications, from banking and finance to government services and healthcare. As such, we can expect to see continued innovation and development in this area in the coming years.

All the countries will continue to move to regulate the use of blockchain technology bacause of money laundering on blockchain.

It’s difficult to estimate the exact size of money laundering on blockchain because many illicit activities involving cryptocurrencies are conducted anonymously, making it hard to trace them. However, several studies have attempted to estimate the size of money laundering on blockchain.

Report by the United Nations Office on Drugs and Crime (UNODC): estimated that in 2019, between $800 billion and $2 trillion, or 2% to 5% of global GDP, was laundered worldwide. It’s unclear how much of this was laundered through blockchain or cryptocurrencies specifically, but it suggests that money laundering is a significant global problem.

According to a report by CipherTrace, a blockchain analytics firm, in 2020, approximately $10 billion worth of cryptocurrency was stolen by hackers, fraudsters, and other criminals. This includes money laundering activities such as “mixing” or “tumbling” of cryptocurrencies to make them untraceable.

While the exact size of money laundering on blockchain is uncertain, it’s clear that it is a growing concern for regulators and law enforcement agencies around the world. Many countries have introduced regulations aimed at preventing money laundering on blockchain, and blockchain analytics firms are developing tools to help track illicit activities involving cryptocurrencies.

It is important to note that while blockchain technology can be used for illicit activities, it is not inherently illegal. Like any other technology, it can be used for good or bad. The key is to implement regulations and best practices that can help prevent its exploitation for illegal purposes.

The European Union (EU) has taken several steps to prevent money laundering and terrorist financing on blockchain. Here are a few examples:

  1. 5th Anti-Money Laundering Directive (AMLD5): In 2018, the EU adopted AMLD5, which included provisions requiring member states to regulate virtual currency exchanges and custodian wallet providers. The directive also introduced requirements for customer due diligence, risk assessment, and reporting of suspicious transactions.
  2. European Blockchain Partnership (EBP): The EU established the EBP in 2018 to support the development of blockchain technology in Europe. The partnership includes member states, the European Commission, and other organizations, and focuses on using blockchain for public services and improving compliance with EU regulations, including AML regulations.
  3. European Blockchain Observatory and Forum: The EU established the European Blockchain Observatory and Forum in 2018 to monitor and analyze the development of blockchain technology in Europe. The observatory provides information and analysis on blockchain, including its use for AML and other purposes.
  4. EU Blockchain Initiative: The EU launched the EU Blockchain Initiative in 2019 to promote the development and deployment of blockchain technology in Europe. The initiative includes a range of projects and activities focused on areas such as digital identity, supply chain management, and data sharing, which could help prevent money laundering and other financial crimes.

Conclusion:

Despite the increasing popularity of cryptocurrencies, a perfect wallet that offers both top-notch security and user-friendly interface is yet to come. Cryptocurrency wallets should offer a similar experience to electronic money wallets like PayPal or Skrill in terms of easy access and smooth interface. Moreover, a perfect wallet can also have a built-in electronic signature and eID features. By having these features, users can verify their identity and sign important documents with ease, making cryptocurrency transactions more streamlined and accessible for a wider range of users. As the cryptocurrency industry continues to evolve, we can expect that the development of a perfect wallet is a high priority for many companies, and we may see significant improvements in this area in the coming years.