Blog Article

The Importance of Key Management & Recovery


Denelle Dixon

Publishing date

Key management


Part I: SEP-30 for User-Friendly Apps

Key management and recovery represents one of the most discussed challenges facing our industry today. Many developers and businesses expect a lot out of users when it comes to transacting in cryptocurrency and managing their accounts – especially when compared to the average consumer's expectation or experience. The responsibility crypto-consumers are currently required to take on underscores the need to make blockchain technology more user friendly, simple, and familiar to drive towards greater adoption.

For Stellar, we’ve created a solution that puts these users' needs and expectations at the center of the product.

User Experience Today

When users open an account on Stellar today, they receive a 56-character key. Then, not unlike most other cryptocurrency products, users are often asked (somewhat shockingly) to write it down as a back-up for recovery. First-time users, wide-eyed, re-read the guidance to be sure they haven’t misread what is antithetical to everything they’ve ever learned as a digital citizen. “Writing down passwords is dangerous.” “It exposes you to risk.” But that’s often the best option users have when transacting in crypto.

Not to mention, it breeds skepticism in the security of transacting in this space, especially for regulators, when stories abound of lost keys. Whether a user misplaced where they wrote it down or lost their phone, users need a product that anticipates they are going to need help recovering their key at some point in their product experience. It is a problem we have to collectively overcome. Incorporating that into the way we design wallets is the first step.

Wallets as the vehicle for a good user experience

Key management is the core of what a wallet does. A wallet’s job is to hold your Stellar account by providing a few essential functions: store your key, protect your key, help you use your key to sign transactions, and prevent you from losing your key.

Wallets are important to simplifying the user experience. They can be the mask so that no user needs to see the blockchain underbelly. When you think about it, users don’t need to know how blockchain works – they just need to know that it works for them.

With that as a guiding principle, we’ve spearheaded a solution for Stellar developers to build user-focused wallets.

A More Familiar User Experience: SEP-30

SEP-30 is an ecosystem standard for non-custodial wallets that creates a seamless, user-focused solution for key management and key recovery.

Here’s the idea behind it.

We’ve leveraged a multi-sig feature of Stellar to create a non-custodial process where the user does not have to make the choice of either entrusting a single, third-party custodian to hold a backup key – and in the process give up sole access and control over their funds – or to be on their own to maintain a backup key. The user’s role here is simple. All they have to do is agree to the terms at sign-up. Those terms allow the user’s wallet to split the back-up responsibility between two third-party entities, giving them co-signer status together, without giving either of them custody or control over her funds.

So if a user loses their device or forgets their key, all she needs to do for recovery is authenticate herself with both third parties. Just like many email password recovery systems, she doesn’t have to write down a password to recover your account. She shows she is the right person by providing other proof of identity.

The Tl;DR point is that this process means a user doesn’t have to maintain a backup key on her own. In fact, a user doesn’t have to keep track of a key at all. SEP-30 allows the user to manage her entire account in ways that are familiar to her today in her other digital relationships, like through SMS or email verification.

All of this is about user experience, which drives adoption and growth. Investing in a good user experience is worth all of our time. Forrester estimates that every $1 invested in UX results in a return of $100.

SEP-30 and solutions for key management and recovery are essential to a good blockchain experience. They’ll drive adoption by showing users that blockchain is easy to use — and frankly, they don’t even need to know they are using blockchain at all. We believe that with a focus on user experience, we are going to bring blockchain into the mainstream.

Want to get a better understanding of key management and the behind the scenes of SEP-30? ‍

Stay tuned for the next blogs in this series: Key Management 101 and SEP-30 in Action.