Web3Auth: The Next Frontier of Identity Infrastructure
Published January 12, 2022
By Anandamoy Roychowdhary, Augustus Ilag and Sidhant Goyal
In the world of Web2, nobody truly owns their own digital identity. Today, we log onto most internet services with a username and password combination, or a single sign on (SSO) powered by data stored on the servers of internet giants like Amazon, Microsoft, Google and Facebook. These companies are the “custodians” for the “keys” to your digital identity. In many ways Web3 is no different: the current standard of using seed phrases to manage your crypto wallet keys is infamous for being a profoundly terrible user experience. New users don’t know how to manage them and they are easily compromised on a technical level; that’s played a role in the loss of almost 20% of all bitcoin in circulation. This problem needs a new solution.
We have always been intrigued by the potential of secure multiparty computation (MPC) in Web3, so when we chanced upon Web3Auth, which was using MPC to solve for identity, we reached out hoping to learn more. Web3Auth was founded in Singapore in 2018 by Zhen Yu Yong and Leonard Tan. The first meeting with them left us impressed, especially with the audacity of their vision to fundamentally transform the whole notion of ownership and security of digital identities. As part of the Ethereum foundation, Zhen and Leonard participated in the creation of arguably the world’s most influential blockchain in its early days and were deeply grounded in the principles of decentralization – of giving the power back to the individual user. With Web3Auth, they set out to achieve two goals: (1) to develop a product that allows every internet user to create a non-custodial identity (owned by them alone, inaccessible to any 3rd party) and (2) to offer a seamless SSO-enabled passwordless authentication experience, returning simplicity and intuition to a broken process and creating a bridge between Web2 and Web3.
Web3Auth is creating the identity primitive for the web3 world in the short term, and possibly the most secure and viable identity primitive for the web2 world in the long term. The foundation of Web3Auth is the Torus Key Infrastructure that leverages Distributed Key Generation (DKG), a specific form of multiparty computation which ensures that a generated private key never exists in one place at the same time, and is in fact shared across a distributed network of nodes run by large stakeholders plugged into their backend Torus network, such as Binance, Coinbase, Terminal, etc. A user’s private key is split into three or more shares, the majority of which are owned and controlled by the user (either stored on the device or in the form of rarely used recovery phrases and passwords). The remaining share, attributed to the SSO provider, exists in sharded (distributed) form on the Torus node network. A simple SSO login triggers the automatic combination of shares to reassemble the user’s private key (typically from shares on their device and Torus nodes), delivering a seamless, passwordless authentication comparable to any best-of-breed Web2 service, just in a non-custodial and inherently more secure manner.
Web3Auth is currently available to users as a pluggable key generation and management infrastructure for decentralized applications (dApps) and wallets to power seamless user logins for both mainstream and Web3 users. Having spent three years innovating on technology, the company has scaled rapidly in the past year by integrating with over 200 applications and wallets including Binance Extension Wallet, Kukai, Keplr, Skyweaver, etc., securing over 4 million new user’s keys, and authenticating over 10 million user logins.
In an industry first, Web3Auth has recently embarked on a strategic partnership with Solana, one of the fastest-going blockchains on the planet, to develop native non-custodial identity infrastructure and serve the rapidly growing number of applications and users within its ambit. Partnerships with multiple other chains and ecosystem stakeholders are in the works, all oriented towards the end goal of eliminating the need for seed phrases and creating a sovereign, secure and self-owned internet.
In the light of this exceptional growth towards a compelling vision, we are excited to announce that Sequoia Capital India is leading a $13 million Series A in Web3Auth to power the next frontier of identity infrastructure. Web3Auth represents a step change in how digital identities are owned, managed and secured. It is a driving force towards a highly secure, non-custodial future with the user at its center. It is redefining a fundamental and extremely critical piece of digital infrastructure, identity, and in the true spirit of decentralization returning ownership (and power) to the end user. We could not be happier to be their partners on this journey. The ride so far has been a thriller, and we are pumped for what this special team will achieve next.