Topic: JoyID - A passwordless wallet - page 2. (Read 575 times)

Also who is to be held liable in the case of a compromise?

When it comes to non-custodial wallets, I am not too comfortable but in cases where there is no exception, one has no option but I'm most concerned.

If we can get a feedback on how to recover private key/phrase, it will be okay.

Don't get me wrong, I mean that implementing fingerprint locks and facial recognition as wallet security is not safe enough from environmental risks. It's good if you also have PIN as an option.

So where is the private key/mnemonic stored and retrieved for recovery? As per my understanding the private key cannot be eliminated whne generating a new wallet.

Thanks for your detailed response.

I would like to know more about the recovery process (which I believe is not available yet?) and how secure it is. and how difficult it is for someone (a hacker) to gain access to your wallet from either your device, or on another device since from my understanding, this whole passkey process uses your hardware, meaning even with your fingerprint/faceID, your wallet cannot be recovered elsewhere, but how would that work if you lose access to your phone?

I read the FAQ, but maybe you can give more details on all of that?

Thank you for introducing Joyid to the Bitcoin Forum. I'm Cipher, the founder of JoyID, and I'm delighted to be here to discuss our new solution to wallet technology. Allow me to provide some insights into the mechanics of this innovative wallet.

First and foremost, it's crucial to highlight that JoyID is a non-custodial wallet. Our server never hosts your keys or any form of key shards. With JoyID, you retain 100% control over your private keys.

Furthermore, our wallet doesn't directly access your biometric information. While it does utilize the system's biometric verification feature, the wallet only receives the system's response in the form of an ECDSA signature. It remains entirely unaware of how you choose to identify yourself -- whether through Face ID, fingerprint recognition, or a PIN code.

Our technology leverages Passkey, a standard supported by the FIDO Alliance and widely adopted by modern devices. It utilizes a dedicated hardware secure chip to generate and manage asymmetric keys, enabling secure signature and verification services right on your device. Passkey is compatible with a range of operating systems, including iPhone, Android, Windows 11, MacOS, and Linux. Passkey makes JoyID a wallet with the secure level between software wallet and hardware wallet.

By combining these technologies with account abstraction (which maps multiple devices/keys to a single account) on Nervos (a UTXO PoW + RISC-V VM chain), we've created a wallet that's non-custodial, passwordless, mnemonic-free, and doesn't require installation. It also prioritizes biometric security. Our wallet is permissionless, chain-agnostic, and offers instant onboarding feature (10s to create a wallet and never lose). It's a game-changer for the crypto world.

And as a Bitcoin advocator and hodler, I'm working on the following features to benefit Bitcoin community.

- Bitcoin support, with air-gapped wallet feature, working
- Lightening network support, planning
- RGB support, planning
- Nostr support, already supported

Feel free to ask me anything about JoyID, thanks.

On the main page, I saw their animated image explaining the security system using fingerprint and facial recognition. Do they actually implement this?Afaik, it is a very weak security method. They also have a recovery mechanism with some means that I think (tentatively suspect) that backups of privatekeys or mnemonic phrases are (also) stored on their side.

My conclusion is that this wallet actually goes against the security standards of crypto wallets in general.

First, I would like to start by saying that I'm not affiliated with this project in any way.

It's just a project that I have been keeping an eye on for some time because I found it to be interesting, and they just officially launched on the main net a few hours ago, so I thought I'd share[1][2].

The app is a non-custodial multi-coin wallet (currently only supports Ethereum, Polygon, and the Nervos network) but should support BTC, SOL, and other coins later.

Unlike other wallets, this wallet uses passkeys. You don't need an email, a phone number, seedphrase, or any of that. See here for more info[3].

I'd like to hear your thoughts on this? I just started using it and will make sure to post updates as they add more features and coins.

EDIT: Moved this to the wallet software board, as the developers are now supporting Bitcoin (SegWit, Taproot) and working on a Bitcoin layer 2 solution (RGB++).

[1] https://joy.id/
[2] https://docs.joy.id/guide
[3] https://joy.id/faqs