Sending blockchain value in a decentralized manner is anything but user friendly. Incoherent public addresses, man in the middle hacking risks on those addresses and errors in sending can cause a complete loss of funds. Blockchain usability is one of the major blockers to mainstream adoption.
Imagine a random person on the street learning what it would take for them to actually pay for something with cryptocurrency. The complexity of incoherent 34+ character public addresses, and the risk of lost coins associated with an error in sending given the inherent irreversible nature of blockchain, together with the lack of clear and understandable confirmation, is much more than the everyday person can comprehend.
Not to mention the security risks around holding and sending the crypto they own coupled with the increasingly sophisticated hacking attempts that plague the industry.
The current process for transacting in cryptocurrency is simply too complex, too risky and too uncertain for mass adoption of crypto in payments as well as for use as utility tokens. For crypto to achieve mass adoption and utilization for the decentralized transfer of value, this must change.
Lost Coins
Along with being decentralized, irreversibility and immutability are considered some of the greatest strengths in blockchain protocols. But those very features mean that the process of sending and receiving crypto in a decentralized manner needs to be easier, more accurate and more secure than sending fiat — because there is nobody to help you fix a problem and no recourse to reverse a transaction.
Yet, today, the process of sending and receiving crypto is not even as user friendly as sending fiat currency — let alone better. Complicated public addresses already lead to large volumes of failed transactions where the wrong address is used. Worse yet, on some blockchains like Ethereum, sending to a lost address can result in a complete loss of those funds which end up locked up forever in the wrong public address. It has been estimated that at least millions of dollars of Ether alone have already been lost due to incorrect public addresses.
If we’re to see everyday people eventually using cryptocurrencies for purchases, paying bills, movement of utility value on a network, etc., not only must the public addresses be abstracted away from the user; similar to how web users never need to see an IP address but also more intuitive and easy-to-use workflows must be implemented. And these must work identically across all tokens or coins from within the users’ wallet for them to be truly user friendly. Users will not stand for different workflows for different tokens/coins which would be akin to different websites conforming to different HTTP and DNS standards.
Fiat v Crypto Workflow
When you go to the checkout counter whether at a physical store or online, the payment process starts by the seller summarizing what you have bought, telling you how much you owe and the type of currency you are expected to pay with. You pay securely at the same place (e.g., register or website) where you receive this confirming information and receive a payment confirmation promptly.
With crypto, you have to ask the seller where to send the payment and are then provided a public address (via text or QR code on a screen or in an email or other electronic message). You then have to log into your wallet, go to “send”, enter the type and amount of crypto and either enter the public address or scan a QR code. Hopefully you got that all correct and you click “send” and hope it all worked because it will take a while to get a confirmation.
For seamless user friendly workflow, users need to receive a payment request directly and securely into their crypto wallet complete with amount and data on what they are paying for. I know some of you might be asking, “what about BIP70?” which allows a bitcoin payment request to be pushed from a website right into a crypto wallet that accepts BIP70. This should solve the problem, but sadly it does not. First, this only works for Bitcoin. Second the payment request passes no information on what is actually purchased into the wallet to ensure accuracy. And further, the information is passed unsecurely as open text creating significant hacking risk through man in the middle attacks.
Man in the Middle Attacks
Blockchains are highly secure, but the devices used to interact with them are still prone to compromise. For a decentralized payment or use of utility token to be consummated, the public address of the receiving party is sent today via unsecure channels. Earlier this year, we saw the discovery of sophisticated malware that trawls computers and replaces copied public addresses with the criminal’s own addresses, meaning that coins can be unwittingly sent elsewhere if they’re copied from sites/emails/messages. These types of “man-in-the-middle” attacks will only accelerate as crypto gains more traction.
Even integrations of features like BIP70 or QR codes for Bitcoin payments channel requests in plaintext, and do not mitigate these risks as they are subject to man in the middle attacks. A virus on a computer can potentially change the public address being pushed by a BIP70 payment request or modify the QR code being displayed thereby easily tricking the user into sending payment to the wrong address. Only a secure and easy to use method for transmitting the public addresses will solve this problem.
What Needs to be Done
It’s fairly obvious — digital cash has enormous potential, but the ‘human layer’ is where it’s lacking. User experience should be an utmost priority in the coming year. If recent news is anything to go by, we’re on the right track as a new alliance of wallets and exchanges are pursuing a protocol to solve these usability problems. The protocol they are launching would create human readable public addresses that work identically for every token/coin. It would also create a decentralized and secure way to transmit public addresses from one secure wallet to another including secure request for payment functionality complete with metadata describing the purpose of the payment such as an order cart.
Much work remains but while 2017 was the year of irrational exuberance and hype and 2018 the year of despair and disillusionment… let’s hope that 2019 is the year we get down to the real business of blockchain including fixing the huge usability problems that face the technology.
About The Author
A former dot com entrepreneur and 11+ year venture capitalist, David Gold is CEO of Dapix, Inc which has launched the Foundation for Interwallet Operability (FIO) and FIO Protocol.