Alex Van de Sande presents Mist, the Ethereum decentralized app browser.
Help us steer the design of Mist by commenting on this thread!
Note that as of July 2015 Mist moved away from QML and is now a Meteor single page app bundled using Electron:
https://github.com/ethereum/mistAlso note that Mist is *not* part of the Frontier release, but instead will be featured as part of the Metropolis milestone.
Comments
Just a few image concepts I came up with, I have psd's if you're interested.. feel free to share the pngs
I suspect that an ethereum contract could be written to provide an escrow service for identity. If I need to recover my identity credential then perhaps I could submit some documentation (or make a personal appearance) and a small fee to the escrow service, they could verify it, email alerts to everybody involved, revoke the old identity, and issue a new identity. Perhaps identities could actually be pointers to identities (adding a layer of indirection) to make this work easily. I think this kind of escrow service is essential to make ethereum practical for the 98% of people who are not very careful about securing their identity. Otherwise it is very scary to read warnings like, "If you lose your identity then your account/contract is lost/broken forever." I think that kind of warning is a big problem for ethereum.
Yeah, wallet contracts are on my list of "things i'd like to make". For instance two-factor authentication could be done, without giving the second authentication much power. Could work with two ethereum accounts, one that controls, and one that merely verifies. The latter would only be able to delay it, so it wouldnt have much power over things.
A way that is more like 'recovery' might be something like the opposite. The 'recovery service' side could ask the contract to take over control, but the person with a client that uses the wallet contract sees that happen, and can prevent it. (It would be against accidental loss of wallet, not theft) Note that other mechanisms are available.. like just having a paper wallet, or having N-out-of-M verifications from family/friends. To be honest i like those better, i would rather in the future have holding private keys is a skill everyone should learn.
Of course, keeping track of your master key is essential so I really love the friends and family approach: a master key can create any number of sub keys and these can be joined together in order to recreate the lost master key. We can scale this to many uses like 2fa, or example maybe your local wallet never actually keeps the master key saved, instead it keeps just a one factor and you need to have a second authorization from a second device to do anything. In this sense a 2fa is just a 2 of N keys. You can then create a larger set of M of N for backup purposes for people you trust less: you need 3 family members, or maybe 10 colleagues in order to get the key back. The main concept is just that the master key should never be kept anywhere other than your safe and you'd use other means day to day.
This solves authentication. You can keep some basic information about yourself on the client (or on the cloud) an let this act as a custom signing message which basically says: "My name is Alex, this is my photo, this is my bio and here is my signature to prove I accept this site to have my profile". That would be, for the end user as simple as the one click login from facebook.