I’m not sure the target audience would be into this. This is a browser extension, that as far as I can tell is closed source, that handles the most sensitive information. Who are they? Why should I trust you with the keys to my life? At a time when Apple, Microsoft, Google, Meta are talking about eliminating passwords…
If I knew anything about security (which I do), I would never trust a browser extension.
> I’m not sure the target audience would be into this.
Our philosophy is to round over the sharp edges of Web3 and make it far more accessible and safe for somebody new to exploring the world of crypto.
> Why should I trust you with the keys to my life?
Social logins like Google or Apple offer really frictionless ways to onboard to an app that you want to use...but the data ultimately under the care and control of Google or Apple. Vessel is non-custodial, we don't own the keys, and the attestations, like verified email addresses and phone numbers, that you can choose to share with apps when you sign up are only verified by us once, after that they are held totally within your Vessel passport and you are free to share them, or not, with whatever app you'd like.
But you own the extension and the passport so really, it’s not mine, it’s yours, for the pilfering and exfiltration to other sources.
A browser extension has a vast amount of data at its fingertips. Browsing history, logins, protocols, machine access, etc. You may say you’re non-custodial yet in one line of code in your close source extension, you would be custodial. I can’t trust an extension. I will not ever trust an extension.
I want web3 to be accessible. I want some of the claims you make to be true. I just can’t, in good conscience, support a browser extension considering the history of security with them. I’m not alone.
I'm not seeing any concrete reasons for why I would want to install this plugin.
The Internet doesn't require a passport. I can already "Make any transaction on the internet safely" with PayPal. Etc and soforth.
For me to install it I would need to see some examples of things I can't do now, or at least sites that I can use Vessel on in a way that enhances the experience.
Vessel itself might not be a good example but there are other 'web3' wallets ([0] [1] [2]) that allow for authentication and digital payments that are, in my opinion, an order of magnitude easier to use than PayPal, etc.
If you're really interested in experimenting with this type of interface, I would recommend installing one of the more established wallets, like Temple [0], and using it to explore various websites in this space, like FXhash [3], Versum [4] or Objkt [5].
Happy to put some minimal funds in your wallet if you want to really explore, just DM me.
> allow for … digital payments that are, in my opinion, an order of magnitude easier to use than PayPal, etc.
Genuine question, what friction do you experience with PayPal that is so bad that something can become an order of magnitude easier? I use a password manager to fill in my PayPal creds if I want to pay with PayPal and it is very easy for me.
I don't use a password manager, so I'm a bit at a disadvantage but, from what little I remember from others, the password manager basically lets you look up a password, put the username and password into a buffer so that you can cut and paste it. Not to mention that different password managers have different interfaces and interactions.
It's "easy" for me too, in the sense that I can just lookup the credentials I need to fill it in. The wallet extension allows for a more 'integrated' approach, where the website communicates to the web extension via some standardized interface (or some semblance thereof) to authenticate and authorize.
The point I'm making is that it's not about feasibility, it's about friction. These wallets allow for an experience with much less friction.
I notice a pattern when new technology like this comes around. There's a contingent of people who are used to the old system and they say "works for me" without understanding how much a barrier to entry the system they're using is.
As an experiment, try opening up an 'incognito' window and signing up for GMail, Twitter, Facebook or any of the other services (even trying to establish an account here on HN) without using your bank, your phone number or another email address. Now install a wallet extension (Temple, say) and try and log into one of the websites mentioned (fxhash.xyz, versum.xyz, objkt.com). This is a bit of an apples-to-oranges test as those services are for a different market, but hopefully you should get a sense for just how much easier it is to use those services, how much more integrated it is and what they're trying to accomplish.
Put another way, 'web3' wallets are doing what OAuth promised but couldn't fulfill. If we used one monolithic centralized service, like PayPal or GMail, then maybe these integration issues would disappear but since we have a variety of platforms, in my opinion, the only way to get "persistent" identity across platforms is to have something like a decentralized network and/or monetary system.
This is a very pretty site but I have absolutely no idea what holes in my life it is purporting to fill, never mind making me sorry it only works on Chrome when I'm a Safari user.
Is it a password manager that is also a "crypto wallet"? Why are there about four hundred things in the crypto world called a "wallet" anyway? Find some new terms, that one's getting really confusingly overloaded. It kinda sounds like it's got password manager functionality except then there's a FAQ that basically says "we want password managers to not exist" so I guess it's... not also a password manager? I can LeARN MORE about how my information is stored but this tells me absolutely zero about what a "Vessel passport" is and whether I can use it in a single place outside of expensive ugly monkey jpeg enthusiast circles? And if I was part of those circles, how do I know this isn't just a scam to steal those expensive ugly monkey jpegs anyway?
I also like the "what sites does it work with" FAQ that takes about a hundred words to say "nobody yet".
What is this exactly? Because from your comments and skimming through the website it looks like a centralized crypto wallet but I’d be very happy to be wrong about that.
Hey there, this is actually a fully non-custodial, multi-chain wallet. We use some familiar Web2 patterns to derive the private key for the user, but it's fully non-custodial and never touches a remote server. Here's some more info on what we do under the hood: https://vesselpassport.zendesk.com/hc/en-us/articles/5616100...
Answer to "What sites does this work with ?" carefully gives no useful information at all.
"Keep both your digital identity and crypto assets in this secure browser extension" sounds like a very bad idea.
"Vessel does not hold or use any of your personal data and funds." but it sounds like the browser extension does hold it ? What distinction is being made here ?
Does Vessel give you any ability to interdict a site? Like let's say some time in the future a CEO decides to make an exception and kick off some undesirable site. Would you have to tell that CEO he's out of luck?
Hey HN, we here at Stytch (https://stytch.com/) are super excited to launch Vessel today! Vessel is a fully non-custodial digital passport and multi-chain crypto wallet. With Vessel, we’ve imagined what a passport for the internet would look like. We’ve combined the best of Web2 authentication innovations to simplify account creation and data provisioning with the power of Web3 wallet architectures, to condense authentication, identity (e.g. NFTs), and payments into a single browser extension.
Starting today, Vessel is now in public beta and anyone can download Vessel and start using it right away! This is a huge step for us in our mission to eliminate friction from the internet, and we’re thrilled to have you join us. We'd love to hear your feedback!
This is a type of project that will not go over well with the HN community.
It looks like Vessel is a web browser extension that acts as a cryptocurrency wallet. The key words here are 'cryptocurrency', 'non-custodial' and 'web3'.
Meaning, this is a wallet that you can access from your browser that will keep your private keys local to your machine (the 'non-custodial' part) and allow you to send and receive cryptocurrency as well as allow you to log into websites that allow you to authenticate via a local non-custodial wallet interface/extension.
Some alternatives in this space are Temple [0], Kukai [1], Spire [2], to name a few.
To all those asking "what does this offer", ask yourselves how easy it would be to log into a service like Google mail, Facebook, Twitter, Instagram, Flickr, PayPal, Tumblr, etc. without an established phone number, bank account, or extra email address. With 'web3' the authentication takes place through the wallet (via the browser extension and presumably standarized-ish API).
Once a wallet is setup, the login process is a click of a button. From my own personal use, it's night and day compared with doing the login dance for the various 'blue-chip' companies I log into (GitHub, GMail, Twitter). Instead of a username/password dance, I can just click 'verify' and be logged in to a 'web3' website.
The wallets have, presumably, a primary purpose of keeping your money, so they act as a kind of 'real world wallet', where you're not expected to keep too much money in it but you can use this money for online transactions with little friction. The idea being, purchasing digital services is much easier because the friction is so low.
For me, the main point is friction. 'Web3' wallets like this provide an order of magnitude less friction to use online services. Whether you agree or disagree with cryptocurrency, think it's not needed or scammy, the 'strong-man' argument for wallets like Vessel and others is that it offers an order of magnitude less friction to authenticate and to use digital funds for digital services.
Now, in particular, Vessel doesn't look to be all that open (as in libre/free/open source) so I would be hesitant to install this and would rather use one of the more established wallets that is libre.
Out of curiosity, what web3 services are there which aren't NFT e-commerce, or crypto exchanges, at the moment? It feels like we're at a stage where tools like this are preparing for a world which doesn't yet exist, but happy to be proved wrong. For now, if you're not interested in the former, the value isn't obvious.
Maybe this is a silly question, but how does this differ from something like a client certificate? Or is that all this is, but with the "authority" being some kind of blockchain thing instead of a company?
The 'certification' is coming from a decentralized network of computers running the blockchain and underlying cryptocurrency.
So, yes, exactly, the decentralized blockchain instead of a centralized company. The decentralized part, and the implication of a standardized API, access and communication, is one of the main features.
The equivalent here of a client certificate is the private keys generated on your machine and stored in your wallet, logging into a website using those doesn't involve a blockchain at all as far as I'm aware?
You've got the gist of it, this is like a client certificate + metadata about your and it's mediated by the blockchain and not a specific company or authority. Essentially your "account" anywhere is this.
If I knew anything about security (which I do), I would never trust a browser extension.