General · · 5 min read

Human Keys, bringing a human touch to private key generation.

Imagine you have a bank vault where you store your most valuable assets. Now, picture the bank handing you a single, irreplaceable key and saying, "If you lose this, you lose everything." No backup, no recovery process.

Human Keys, bringing a human touch to private key generation.
Imagine you have a bank vault where you store your most valuable assets. Now, picture the bank handing you a single, irreplaceable key and saying, "If you lose this, you lose everything." No backup, no recovery process.

This is the challenge with seed phrases in crypto wallets. While wallets have evolved from simple blockchain interfaces to feature-rich applications with advancements in key management, recovery and programmability. Yet, users still face the challenge of managing private keys themselves or entrusting them to centralized custodians even in non custodial set up, both of which carry risks.

Wallets are designed for everyday use, but wallet compromise is an everyday reality.

In this article, we explore the evolution of key management, the challenges of securing private keys, and how Holonym’s Mishti Network, along with our onboarding wallet, Silk, tackle web3’s onboarding problem. By leveraging familiar, human-friendly attributes to create Human Keys, we make key management intuitive, eliminating the need for complex, unsafe and centralised mechanisms altogether.

Taking Control: Direct Key Management

Public Key Infrastructure (PKI) started with privacy-conscious individuals and has since become a mainstream tool for secure web interactions. It's now an everyday part of life, used in banking, emails, VPNs, and more. The complex cryptography behind PKI is usually hidden from users, meaning they don't have to deal with it directly, as trust is placed in central authorities. This setup has allowed PKI to become widely adopted, but  it also means users have limited control over their digital identities and must trust centralized entities.

PKIs built on blockchain enables direct key management by users and offers a decentralized structure for trust that solves single points of failure. In PKIs, public and private key pairs are used for secure communications: you keep one key private (secret) and share the other (public) to sign transactions and authenticate digital interactions.

Private Keys don’t have Spare Keys

Non-custodial wallets are built around public-private key pairs, where the private key is randomly generated and linked to a secure seed phrase. This seed phrase, a human-readable backup, serves as the anchor for your private key recovery. It holds everything together—your crypto assets, NFTs, identity, and even future airdrops; so if you lose your private key, you lose access to everything tied to it. There’s no spare key, no backup mechanism.

Users presently adhere to several key management practices such as key rotation (regularly changing your keys), using cold wallets (offline storage) and multisig wallets (requiring multiple approvals for transactions). Managing private keys requires high diligence; the hack of password manager Lastpass, where 150 private keys (estimated loss of $35 million) were stolen from individuals who are privacy conscious and deeply integrated into the crypto ecosystem, brings to light the difficulty to keep your wallets safe. If sophisticated users can fall victim, how can the average internet user manage their on-chain interactions without overwhelming complexity?

Moving away from seed phrases, Wallet-as-a-Service enables Web2-like onboarding with social logins and passkeys, while leveraging account abstraction for social recovery, 2FA, and distributed keys through MPC or SSS, where keys are fragmented and encrypted to improve usability and security. 

These and other methods often solve one problem by creating another—sacrificing security for usability or making usability a barrier to security. Favoring usability over security or vice versa is a dangerous compromise to have and a difficult dilemma to solve. 

Familiar Keys to Digital Authentication 

In the web2 world, personal attributes like biometrics, email addresses, passwords, social logins, and security questions have become the go-to methods for authentication and account recovery. Their widespread use is largely due to their user-friendliness and familiarity. Over time, these methods have evolved into what we now see as intuitive aspects of our digital identity, further validating their adoption.

It's important to be aware of how these identifiers can be used for online tracking and potentially shared with third parties, sometimes without the user’s full understanding. While they make accessing digital services easier, they also open the door to privacy concerns.

Human Keys: Private Key Generation with a Human Touch  

Building on the themes of familiarity and usability, why not use these attributes to derive private keys, instead of random seed phrases. These sources could include biometrics, passwords, security questions, Social Security Numbers and other personal identifiers that people are already accustomed to using. 

But, these sources are low entropy data sources not suitable for private key generation. To ensure private keys are secure against brute force attacks, they need to have a high level of entropy—256 bits of randomness. 

Holonym’s Mishti network with the use of threshold Verifiable Oblivious Pseudorandom Function (tVOPRF) takes a low-entropy input, like a password, and transforms it into a high-entropy output, suitable for generating a secure private key. Private computation, collision-resistant mechanisms and use of Zero Knowledge Proof (ZKP) for verifiability keeps personal inputs private and prevents them from being traced back.

Key generation explained here.

Comparing Human Keys to Other Solutions

To fully appreciate the value of Human Keys, it's useful to compare them with existing key management solutions:

Traditional PKI: They rely on centralized authorities to manage keys. While effective, this centralization introduces risks such as single points of failure and loss of user control.

Blockchain-Based PKI: Decentralized PKI systems give users more control but often require them to manage complex private keys, prone to get lost. 

Custodial Wallets: Custodial wallets simplify key management by holding private keys on behalf of users. This introduces centralization, making users dependent on the custodian's security measures.

Human Keys: Human Keys are intuitive to derive, making public key infrastructure usable for everyday users on any devices or decentralized applications. Human Keys are more secure than counterparts by using 2PC, explained here. 

Use Cases: Real-World Applications of Human Keys

Human Keys can be used to sign and authorize any transaction, and creates zero knowledge identity proofs for legal personhood and sybil resistance. More use cases explained here. 

These keys have the potential to unlock human digital rights by addressing real world needs. They facilitate permissionless, borderless, peer-to-peer payments and private identity proofs—tools that can shape civic infrastructure, coordination mechanisms, digital and financial inclusion. In regions where censorship or surveillance prevails, Human Keys can empower users with the above functionalities of blockchain. 

For example, stablecoins used to hedge unstable currencies in emerging markets showcase the tangible impact of crypto. By simplifying access, Human Keys can make open financial systems and private identity available to everyday users.

Onboarding Masses

The phrase "onboarding the masses" is frequently thrown around in the crypto space, yet the reality is that onboarding remains a significant challenge. The complexity and friction involved often push users toward centralized custodians, where they don’t have to worry about managing keys or funds themselves.

Try Human Keys with Silk

Holonym has built Silk, a human friendly wallet with instant onboarding is your gateway to try Human Keys first hand. Create your Human Keys using web accounts or biometrics on Silk, secured by 2PC MPC, resilient against single points of failure. Use it as a universal account across apps, and for developers, integrate Silk’s embedded wallet for a native app experience free of cost.