Integrating a contract based wallet into your Dapp.
Back in February, I wrote a blog post titled “Trend shift of wallet technology at #ETHDenver”.
TLDR; The rise of the competitive cross chain is shifting the trend from third party wallet app to embeddable wallet SDKs. Contract based wallets (Gnosis Safe, Universal Login, Argent, Abridged , Monolith, etc) especially provide additional values such as multi device authentication and meta transactions. I have been working with multiple providers since then and today I am pleased to announce one of the first integrations with Authereum.
It’s still in the super alpha stage so that we created a special endpoint at http://authereum.kickback.events .
To stress test their new platform (and promote more people to RSVP), Authereum guys added 10 “giveaway” RSVP on “The year of DAOs:Moloch rises” event using their account. If you happen to be in Osaka on 6th October, there is a real opportunity to try this shiny new login method.
Once we try out for a few weeks and iron out any issues, then we will merge into our main site.
Authereum is relatively new in this space. I only heard about it during ETHNewYork hackathon when Authereum guys came to ENS judging panel to show sample integration with Kickback. Similar to Universal Login, it uses ENS as an identity (hence qualified for ENS prize). The big difference is that Authereum is more narrowly focused on authentication and hence everything fits as a Web3 provider, making one of the easiest contract based accounts to integrate into your Dapp site.
Having said that there are a few things you have to take into account so I will briefly guide you through (in combination with my recent experience of deploying Orochi DAO part of which is built on top of Abridged SDK).
1. Allowing a contract account to sign a signature
Using digital signatures for account authentication is popular among Dapps (as seen in Crypto kitties). This is trivial for normal accounts but it is not for contract based accounts because contract accounts do not have a private key that allows them to generate a signature. Instead, there is EIP 1271 a standard way for any contract to verify whether a signature is valid on the contract’s behalf.
The Authereum team packaged up the standard into a npm package, so you can use it to verify on your server side, providing a consistent interface across Externally Owned Accounts (EOA) and Contract based accounts.
2. Allowing users to take basic wallet actions
Once the user is logged in, the user occasionally needs to do things which may not necessarily be related to your Dapp, such as topping up ETH via payment providers or sending the remaining ETH to another account. You don’t want to build a wallet UI so better to delegate to the account provider. Both Universal Login and Authereum agree to put a small icon next to our logged in profile so that the user can access to their wallet interface.
The alternative approach would be to fully integrate the wallet UI capability into your Dapp. Orochi DAO (the collective sponsorship DAO for Devcon 5 side events) took this approach with integrating with Abridged SDK so that it can show the most used wallet functions (approve the new device, send ETH/DAI, etc) alongside with Dapp related functions (such as “Rage Quit”).
3. Integrating with one wallet or many?
This is not specifically related to contract wallets but rather related to any embedded wallets (including Portis and Fortmatic). How many embedded wallets should you be integrating?
When users use Metamask or mobile wallets (Status, Trust Wallet), the Dapp developer doesn’t have to worry too much about wallet integration. In case of many embedded wallets, each Dapp has to integrate them one by one (even if each integration is one line of code).
This is still a big problem yet to be solved. In the ideal scenario, we would like to outsource the heavy lifting work to Wallet Connect or BlockNative which provides consistent ways to connect to different wallets even though the wallet scene is evolving so fast that they may not have integrated with the wallet you have in mind. The Authereum team is also taking an integral part on ENS login initiative which just came out of the ETHBerlin hackathon.
If you decide to support multiple embedded wallets, then you have to consider adding “Log out” button. Kickback currently does not have the button because users can simply log out from Metamask and it will kick out the user automatically. However, that’s not always the case for all the embedded wallets. In the worst case scenario, the end users have to clear storage cache by themselves to switch wallets which is not nice user experience. Authereum guys also initiated the conversation of standardising it.
4. Encapsulating the notion of gas.
Volatile gas prices are a known pain when interacting with Dapps. I have seen so many users who failed to RSVP because the transaction was never confirmed.
Metamask now has “Speed up” button where you can replace the pending transaction with the new transaction with the higher gas prices though it is still one of the advanced techniques only the seasoned Dapp users are aware of.
Some contract wallet providers (such as Authereum) implement “Transaction spectrum signing” to abstract gas away from the user while still finding a good gas price without risking stuck transactions.
5. Sending ETH to a contract account
When a user creates an Ethereum account, the first thing it has to do is to top up a small amount of ETH. I was surprised that my transaction from Metamask kept failing.
This is because Metamask assumes that you usually send to EOA which has known fixed gas cost of 21,000 but the gas cost of contract based accounts is slightly higher. This is something out of your control but you need to educate to your user to increase the gas limit.
Summary
In this blog post, I shared some tips and design considerations when integrating with contract based wallets. The majority the integration work was done by the Authereum team for Kickback and Odyssy for Orochi DAO so hat off to both teams.
