safe-react
safe-react copied to clipboard
safe-global
🔒 Safe App Passwords
Overview
Safe users tend to be more sophisticated in crypto and therefore are likely to have ownership of multiple Safes for different use cases and between groups of people/entities. By providing access via a password login to the desktop and mobile apps, users are able to separate their account access and Safe configuration through different passwords and improve the overall Safes' security.
Goals
Add password login to the Safe desktop and mobile apps to allow users to setup passwords for different Safe configurations. The concept is similar to how a user may want to access different wallets from the same hardware wallet using a BIP39 passphrase.
In the on-boarding and/or settings a user would have the ability to set a locally stored "Safe profile" which would locally store the name and password as a key-value pair. Once set, the user will have the option to login with those credentials or use the configuration of the app without any credentials set.
Requirements
- Feature: Multiple password logins for Safe app configurations.
- Implementation: Password is stored locally on the device (In secured element for Android + iOS). The implementation is similar to Ledger Live's desktop app in that it stores the app's password on the device rather than managing user account data on the server-side which introduces many unnecessary security risks.
- Platforms: Desktop and mobile apps
That's an interesting idea for sure. One part that is unclear to me is
allow users to setup passwords for different Safe configurations
How would that work? Do you expect to see different safes in your app based on what password you entered? Sorry if I'm missing something
Maybe we could even leverage your wallet instead of a password for this somehow. So that you can cypher and decipher your locally stored data/safe configuration with an off-chain signature? Just an idea, not sure if this is possible.
Thank you for the feedback @mikheevm. This question is useful to think through the user flow better. I'll update the OP above too.
How would that work? Do you expect to see different safes in your app based on what password you entered? Sorry if I'm missing something
In the on-boarding and/or settings a user would have the ability to set a locally stored "Safe profile" which would store the name and password as a key-value pair.
e.g., Alice is an owner of two Safes. One is her own Safe used for DeFi staking, and the other is for a startup she's a part of. When Alice sets up her Safes on her devices she adds one profile named "My DeFi" with a password and another named "StartupX" with its' own password. Once the key-value pair is saved to the app she'll have the option to login with those credentials, or login to the original Safe configuration with no profile name/password set.
@katspaugh, This is an interesting idea as it enforces the concept that the user physically has access to their hardware/software wallet address which is good. One downside is if someone wants to maintain maximum privacy, signing in with a device like the Ledger that has multiple addresses could expose multiple Safe accounts available to login to. It also may limit the ability to view Safe info in read-only mode if the access to the wallet addresses/cosigners are stored somewhere far away by design.
Whereas with a locally stored Safe name/password the user is in control of which Safe configuration they are viewing at any given time. A user may have 10 Safe Configuration or 1, and they decide which to expose upon login.
I see, thank you @AdamSHurwitz. I think we understand your idea better now. 👍