This design exploration was inspired by Gigi’s talk at the Baltic Honeybadger Conference in 2022 titled, Cryptography is not enough.
Bitcoin finds its strength cryptography.
When you create a bitcoin wallet, a bunch of extremely large random numbers are generated.
Those numbers are then hashed, minified and translated into a twelve word sentence, which we call a seedphrase.
Depending on the wallet you use, it may also be called the secret phrase, recovery phrase, or backup phrase.
In pursuit of a better UX, attempts have been made to obscure the seedphrase or to get rid of it entirely.
For example, many wallet apps give the user the option to save their private key in the cloud and authenticate it with a username and password.
This is sometimes referred to as “account abstraction.”
But depending on how exactly it gets implemented, account abstraction usually compromises to some degree on user privacy and it always places trust in a third party.
☝️ Argent is often cited as a good example of account abstraction.
It gives users two ways to save their private key:
Option 1: Save it to iCloud and authenticate with biometrics. Very convenient, but Apple holds your private key.
Option 2: Use several guardians. This leverages a technology called Shamir Secret Sharing (SSS), which breaks the private key into multiple keys, a certain threshold of which must be authenticated to reconstitute the whole private key. Not very convenient, but it gives the user max flexibility to design a custody setup that suits their exact needs.
☝️ The Binance Smart Chain wallet also uses SSS for account abstraction.
On BSC wallet, guardians are called “authentication factors.”
They work the same way as on Argent, except the user does not get to chose where the key shares are stored:
Share one is saved to the Torus Network, which is authenticated using Google oAuth
Share two is saved to the BSC chrome extension client, same as how metamask stores the private key
Share three is stored with Binance and authenticated with username and password
The nice thing about this is that it uses familiar patterns like username/ password and oAuth. And so the user can recover their passwords through Google or Binance.
However, there are some drawbacks:
This implementation of SSS is unique to the BSC wallet. A wallet created in this fashion is not going to be compatible with any other wallet if BSC wallet were to go away
Connecting with google gives the provider (in this case Binance) access to the personal ID info associated to that google account. This will be a non-starter for many crypto users
The third key share is saved to a BSC server. So one more major dependency on Binance
I think there may someday emerge a method of account abstraction that is both user friendly and preserves all the benefits of self custody, but it’s clearly a tough nut to crack.
In the meantime, what if we were double down on the seedphrase?
What if instead of trying to hurry the user through it, or presenting them with large, skippable blocks of text that explain it, we design an experience that sparks their curiosity.
Here, I came up with some visuals that represent the technical concepts behind the seedphrase and tried to expose some of the magic going on under the hood.
Step 1: I started out by studying this calculator:
Mnemonic code converter, by Ian Coleman
Step 2: I ordered the calculator functions into a linear series of steps
Step 3: I tried to visualize an elliptic curve
Entropy is a tricky thing to visualize. My first idea was to draw an elliptic curve, but I could not get it to animate the way I wanted in Figma. I ended up punting on this idea and going with a kind of glitchy static to represent an infinite field.
Entropy values must be sourced from a strong source of randomness. That means flipping a coin, rolling dice, shuffling a deck of playing cards, or running an algorithm that sources the randomness for you.
A quote from a book, a song lyric, a street name, or even mashing the keys on your keyboard will not be random enough. True randomness requires a source.
Non-custodial bitcoin wallets have that tool built in. They generate the randomness that produces cryptographically secure keys.
Keys that would take the most powerful computers we have centuries to crack.
To understand your odds of being able to guess your friend’s seedphrase, imagine if the entire known universe was covered one meter deep with uncooked rice. And your friend’s seedphrase was one single grain of rice. –Gigi
Step 4: I did some math
128 / 32 = 4 *3 = 12
To generate a 12 word seedphrase, a random hexadecimal string of 128 bits (1s and 0s) is divided into 11 groups of 11 bits, plus one group of 7.
Each of the 11 bit chunks codes to a number between 1 and 2048, which maps to one of the words on the BIP39 word list.
The last group of 7 bits is a checksum, which is a small block of data derived from another block of data for the purpose of detecting errors.
The checksum also maps to a word on the BIP39 word list, which gives you your 12th word.
Step 5: Visualize the math
Simulating the numbers being poured into the view from the bottom took and lot of trial and error, but I’m happy with how it turned out.
In the next iteration, I might try something different for the raw binary.
Step 6: Prototype
I originally wanted to come up with a neutral/ generic visual style so it could be more readily applied to any wallet app.
But after looking closely at all the wallet apps on my phone, I changed my mind. Wallet apps have very unique styles, there is nothing generic about them.
Some visual design highlights:
The color palate is only three colors
The font (Lato) is friendly for the conversational UI in the beginning, and aIso looks good huge
It can be easily customized for different apps
Tap to play prototype:
(if the embed plays too slow, click the “Visualize Cryptography” link in the header to open figma in new tab and it should play at normal speed)
Conclusion:
I’m planning to enter a few hackathons to see if there are any non-custodial wallet projects that might like to use it.
I also plan on continuing to iterate the concept and would be happy to work with any wallet app team that might be interested in using all or part of this for their seedphrase backup flow.