Audius, a decentralized and open-source music streaming service currently in private beta, has announced the launch of Hedgehog to improve the user experience for low financial value use-case decentralized applications (DApps).
Hedgehog is an open-source, client-side Ethereum wallet that uses a username and password and does not prompt users to confirm transactions. It allows users to interact with DApps just like they would any other website, no extensions required, without centralizing control of private keys.
“MetaMask continues to make the most sense in cases involving significant sums of money, but we believe Hedgehog will provide an important alternative choice for those focused on user experience and adoption.”
Why Hedgehog?
Below is a common set of steps for a user new to crypto to onboard (using MetaMask):
- Install MetaMask
- Set up MetaMask, write down your wallet seed and store it in a safety deposit box (does anybody do this?)
- Sign up for Coinbase, including full KYC/identity verification
- Buy ETH
- Send ETH to your MetaMask wallet
- Now go back to the DApp and sign up…
For some DApps, the abandon rate at the “Install MetaMask” step of their signup flow is over 90%.
By combining Hedgehog with EIP-712 signatures and a transaction relaying service to pay gas on behalf of users trustlessly, as was done at Audius, the onboarding flow turns into only 1 step:
- User signs up with username (or email) and password
Users never need to see that crypto is involved, but are still able to participate in the benefits of a decentralized network.
When Not To Use Hedgehog
High financial value use-cases are not a good fit for this type of approach. For cryptographers and security-minded folks reading this, you will understand that there’s no free lunch, and to achieve this improvement to usability Hedgehog does not prompt users to approve transactions. As a DApp developer, you must understand these tradeoffs before choosing to integrate Hedgehog.
DApps using Hedgehog should also consider supporting 3rd-party web3 providers, as was done at Audius, giving users an upgrade path or an alternative if they would rather not give up transaction signing control. Hedgehog is designed to give users another choice, not take away the ability for users to choose how they interact with web3 products.
The Audius team absolutely does not recommend using Hedgehog in situations like these: Decentralized Lending, Banking DApp (Store-of-Value), Prediction Markets.
If a DApp involves moving around significant sums of money, then the tradeoff in security is most likely not worth it. Hedgehog’s primary improvement to end-user experience is by hiding the wallet and not forcing users to confirm transactions – the opposite of what you’d want when moving money around.
How Does It Work?
Hedgehog lives in the front end Javascript code. A user enters a username (or email) and password, which is used to secure a set of encrypted auth artifacts that are generated client-side and stored in the browser’s localStorage and on the application developers’ server. In this way, the encrypted auth artifacts can be retrieved and consumed on secondary devices without centralizing custody and control of the private key.
“With Hedgehog, we’re excited to open up the benefits of decentralization to the rest of the non-crypto world. Our hope is that in the future, millions of people will be using DApps without even knowing crypto is operating behind the scenes.”
For more details, check out the Hedgehog website and Github.