Getting Started With Metamask's Official

Simplified Access to Cryptocurrency. MetaMask @Login- serves as a bridge between traditional web browsers and the decentralized web. By simply installing the extension, …

Now a days we if we log on to a simple site we just to check out Any-thing may be we don’t want to get affiliated to that website but we have to SIGN-UP to read its content. Many of these sitres are earning by selling the information we entered.Also some of these sites have a auto-subscribe feature so that if we don’t want any notification still get a mail from these sites which is very irritating.The solution to all these problems is not giving them the email address and still being able to login .And that is possible only through METAMASK

Present revolution

login using Facebook /google/ GitHub

Why is it preferred now a days?

  • No more cumbersome form-filling.

  • No need to remember yet another username/password pair.

  • The whole process takes seconds instead of minutes.

Problem With this system-

  • Since you are using these centralized sites to login it has all info and access about your activities on this site and is storing and may be abusing your data for wrong deeds .Hence major concern of data privacy.Making these MNC’s very-very powerful.

  • Has to take permission from google and all etc hence slower.

  • Mails and Newsletter from the site we logged in using google which creates a problem of spaming our Inbox and irritating sometimes.

Solution-Login Using MetaMask

What the Heck is MetaMask-

MetaMask is a browser plugin, available as the MetaMask Chrome extension or Firefox Add-on. At its core, it serves as an Ethereum wallet: By installing it, you will get access to a unique Ethereum public address, with which you can start sending and receiving ether or tokens.But there is more to it .It is also used to it .It is a web3 injection to our chrome browser.

You must be thinking it is something kind of blockchain tool with no utils to general public .But the login method i am going to show u can be used for this toll.This will save your privacy and save u from the wanted website mails.

Tech side of how it works-

  • You give a public address to using MetaMask account

  • The back-end generates a random nonce

  • Using the nonce the the person digitally signed the site to enter (by clicking SIGN IN)

  • Verification of signature

  • Security- prevent the user from logging in again with the same signature (in case it gets compromised), we make sure that the next time the same user wants to log in, she or he needs to sign a new nonce. This is achieved by generating another random nonce for this user and persisting it to the database.

Note- all this is done by the general overview and most highly secure method of JWT token.

How it Looks

Why use MetaMask-

Here’s a list of arguments why this login flow is preferable over both email/password and social logins:

Problems In The Present System-

  • Users need to have MetaMask installed: This login flow obviously doesn’t work without MetaMask or a web3-enabled browser. If your audience is not interested in cryptocurrencies, there’s a small chance they would even consider installing MetaMask. With the recent crypto-boom, let’s hope we’re heading towards a Web 3.0 internet.

  • Some work needs to be done on the back end: As we’ve seen, it’s quite straightforward to implement a simple version of this login flow. However, to integrate it into an existing complex system, it requires some changes in all areas that touch authentication: Signup, database, authentication routes, etc. This is especially true because each account will be associated with one or more public addresses.

  • It doesn’t work on mobile: This deserves its own section — read on.

Solved With Love By MetaMask

  • Increased security: Proof of ownership by public-key encryption is arguably more secure than proof of ownership by email/password or by a third party — all the more so because MetaMask stores credentials locally on your computer, and not on online servers, which makes the attack surface smaller.

  • Simplified UX: This is a one-click (okay, maybe two-click) login flow, done in a handful of seconds, without the need to type or remember any password.

  • Increased privacy: No email needed, and no third party involved.

Conclusion-

While the blockchain may have its flaws and is still in an infant stage, I can’t emphasize enough how this login flow could be implemented on any existing website today.

Last updated