seanhart.eth | Disposable Signers

It's worth considering the Greek myth of Narcissus to grasp the dangers of being a glutton for one's own greatness. Narcissus, enticed by his own reflection in a tranquil pool, was unable to detach from his own mesmerizing gaze, enamored with what he had become. His conceit and inaction brought inevitable death.

For those in crypto, it's a poignant allegory: satisfaction with the status quo risks a similar stasis. Just as Narcissus was ensnared by his own reflection, the crypto community's frequent infatuation with its accomplishments often leads to the myopic desire to remain niche and make the difficult things in crypto intentional in order to gatekeep the clique. This small vision full of egoism stifles innovation and will lead to our failure in an ever-evolving, fast-paced technological world where changing the world requires capturing the mass market.

Key narcissism

For many years in the EVM (Ethereum Virtual Machine) world, actors on the blockchain are expected to create and manage a mnemonic or private key. This specific key is significant due to the general expectation that the history and identity of the public address is tied to this private key. Many protocols even utilize an address’ history to make decisions regarding user access to products and features.

Most popular wallet solutions that provide software and/or hardware to manage private keys also operate with the expectation that users retain their specific private keys provided to them. By now, users have been well trained to view specific mnemonics or private keys as their identities in crypto.

Even as the recent ERC-4337 standardization paves the way for novel wallet experiences, the ideology of indefinite keys remains, with smart contract wallet providers expecting users to create a private key (whether explicitly or implicitly) and retain that private key as owner of their contract wallet. The key and the user are viewed as one. This attachment drives poor security practices through the mishandling of keys or the retention of potentially compromised keys due to the immense friction of wallet migration.

A better way is right in front of us

Let’s talk about another common cryptographic use on the internet: SSL/TLS connections.

To use a simplified example, there are two cryptographic keys required to establish a connection between a server and a client.

The server retains a semi-permanent SSL certificate and associated private key for a period of time (perhaps up to a few years) before the key expires. This key is used to allow the client to pass secret information to the server to create a session key
A shared session key allows the client and server to pass private information both ways. The key is disposed of once the session is over

It doesn’t have to be this way

Most crypto wallets handle their private keys similarly to SSL certificates, but without a defined expiration date. In practice, many of these keys are retained for far longer than the typical lifespan of a few years for SSL certificates.

But with the advent of smart contract wallets, a distinction arises between the address defining the user (the contract wallet public address) and the address associated with the wallet owner.

With this new behavior, we should reference the wallet owner with a distinct term. Let’s call the wallet owner the “signer,” since the owner simply needs to sign User Operations that are executed as transactions by the wallet (in ERC-4337).

We can now manage signers like SSL session keys. We can change this signer as often as we please, as long as we update the owner address in the wallet, so the wallet recognizes the new signer as owner:

A signer for everything

Signers are not only disposable, but many signers can serve as owners for the same contract wallet. In this architecture, there is no longer any need for export and transfer of private keys. Not only are keys extremely temporary due to frequent key churn, but when another device is given access, a new signer is created and added as an owner by a preexisting contract wallet owner. Signers are now device-specific, temporary, and can be handled in a maximally secured way.

Just as Narcissus never achieved his true potential due to his shortsighted ego, mass market adoption is needed for Web3 to realize its full abilities. But Web3 will never overtake Web2 as the preferred digital solution if the user experience is worse, and private key management has been one of the largest roadblocks to this future. Disposable signers are game-changers in crypto, bolstering security and rendering keys invisible to the user.