Problem: New burner accounts are always created with a random keys and address, stored on the browser.
That causes many drawbacks:
Users need to be aware of their accounts' vulnerabilities, export, and store keys securely.
If the browser data is cleaned and the private key is lost, the account and assets are also lost.
Recovering one address requires the technical ability to dig into a block explorer and find the deployment transaction.
Increases support occurrences from users who don't know where their keys are and/or lost their accounts
Terrible user experience
We don't want to expose players to another security risk and we don't want players to lose assets.
From one seed phrase, Ethereum and Starknet wallets always create the same account address sequence wherever they are recovered. Understanding the importance of their seed phrase and storing them securely is something every user needs to understand and be comfortable with before starting to interact with on-chain games.
Proposed Solution
I propose implementing Deterministic Burner Accounts, from a a seed and an index, similar to Ethereum and Starknet wallet accounts.
Obviously, we don't want access to players' seeds and keys! This is the proposed workflow:
Request player to sign a specific message, known by the game developers
The signature is never stored or displayed to the player.
Feature Request
Problem: New burner accounts are always created with a random keys and address, stored on the browser.
That causes many drawbacks:
We don't want to expose players to another security risk and we don't want players to lose assets.
From one seed phrase, Ethereum and Starknet wallets always create the same account address sequence wherever they are recovered. Understanding the importance of their seed phrase and storing them securely is something every user needs to understand and be comfortable with before starting to interact with on-chain games.
Proposed Solution
I propose implementing Deterministic Burner Accounts, from a a seed and an index, similar to Ethereum and Starknet wallet accounts.
Obviously, we don't want access to players' seeds and keys! This is the proposed workflow:
The solution I'm working on includes:
create()
methodgenerateKeysAndAddress ()
methodAlternatives
None, currently we can only create random burner accounts.
Related Code
Additional context
No response
If the feature is accepted, would you be willing to contribute it?