Usernames

I’d like to suggest / revisit a UX tweak for all Zcash wallets, and that is to add the ability to do FIO username lookups.

This would give users the option to use theirname@Zcash, and send to usernames. Why this works uniquely well for Zcash? If a username is mapped to a shielded Zcash address, the FIO username adds convenience without giving any information about a users balance or history.

Edge wallet already incorporates FIO lookups, as well as the ability to create FIO usernames and mapping. In Edge, in the send-to field, type paul@edge or eric@zcash, and the wallet queries the FIO blockchain and populates the address, instantly.

To give an example of why this might be important- in my business, I have many clients who pay on a regular schedule, but refuse set up electronic bank transfers. Why? It’s difficult. But, they will gladly use Zelle or Venmo to send payments. Sending to a name or email is good UX, and it’s easier.

The @ zcash FIO domain is publicly available, so anyone, today, can make a username using the @ zcash domain. joe@zcash, bobtrezor@zcash, 10zec@zcash, etc. You can do it in Edge wallet or at FIO’s web interface. I think it costs something like $2 to create an on-chain username.

7 Likes

I’ll look into this for Zenith!

2 Likes

Has Edge solved the synchronization problems to the Zcash node?

1 Like

I think they’re just waiting on the wallet sdks, so soon.

2 Likes

Yep! ENS also was kind enough to have included a zcash address line, from the beginning, too (currently transparent)! I don’t see why we don’t do both/others too.

/@zcash is probably too complex an ask, as ownership of the domain/trademark and liability would come into play.

Two things:

  1. This was one of the feature (creep) ideas the wallet team had for a production wallet. The hurdle was less the level of effort than the requirement of 3rd party APIs (and the constant audits that would cause).

  2. Badactors or just bad spelling could cause a loss of funds, so we brainstormed a way to use a memo-only tx to validate the other user before sending actual funds. It could dovetail into an address book very well. Petnames vs Nicknames was the next conversation.

Oh also, ETH’s soulbound token is an interesting topic for proof of ownership.

2 Likes

I totally agree about those costs and risks, like extra audits and phishing attempts. It would be a tradeoff to reach more users who can use the network. Maybe it’s not worth it on the core wallets, and let Edge and others experiment?

Maybe I’m underestimating most people, but If I can tell my business clients to send Zcash payments to mybusiness@zcash, and I know wallets support it, then I’m more likely to give them that option. With the status quo, I’m not giving them a long string of numbers and letters, or even a qr code, because I know 100% won’t do something that difficult (difficult for them).

The @ zcash FIO domain exists today. Users have made usernames on it. If there’s trademark violation, it should probably be addressed earlier rather than later. When Edge Wallet gets the new sdks, people will use @ zcash handles to send and receive. It’s on a blockchain, so I’m not sure how you shut it down.

When someone sends me ZEC, I’m more confident of their success if they type joebanks@zcash than if they type or copy/paste u1rgxr4aysulc3xz7ku4xpd7rfmthceu0kn7fg6ly062eegp2z3n6yfulkudwyutuap7asayeqek5e4lvlhrj5wqnspk0mr6xs9w39aac…rwv7jsxv6l28y6pvvme3zafvsyd6mk04c7zssxafjn8jj29lnt35lz5cw2gawvffhyjpxqa07l58gkmkqa35j9t…3zsmke9dj7. Misspellings would only go through if there is an associated misspelled username on the FIO blockchain, and the user fails to check the mapped address that shows up after typing the wrong name. It seems to me like fewer mistakes would happen.

ENS .eth names could be a good option too, but there might be confusion about if a user is sending on Zcash or on Ethereum, especially if there’s interoperability between chains someday. Unstoppable domains is another option.

1 Like

This amounts to a public directory of shielded addresses. At this moment, the protocol / wallets aren’t resistant enough to spam attacks. If you put your address out there, you will be exposed. It is relatively simple for someone to flood your wallet with small dust notes that will drastically slow down synchronization and that you will have to pay to get rid of (per zip 317).

6 Likes

Can’t wallets simply ignore dust transactions? I don’t see how it slows down synchronization, all txs need to be trial decrypted anyway

1 Like

That is correct and also the issue.

The wallets can’t ignore the dust tx until the work is done to trial decrypt, so in not compromising our privacy promise they have to process everything. Right now lightwalletd doesn’t know enough to filter for the wallet in question.

We could expose a viewing key or something to lightwalletd and viola! everything would be filtered and fast, but then our solution is no longer a technical victory over Monero et all.

Some of the wallets that “work better” have lightwalletd ignore transactions with a large amount of outputs (since this is how most dust attacks are done) but realistically the duster can just spend a wee bit more to send smaller ones. And if it’s targeted directly to you.fio or you.ens YEAH you can’t do much but get DDOSed then ignore it in the UI.

This is why the fee market concept seems like an obvious solution to a lot of people. And at least a next step try to me.

Hope this helps!

Sure, they need to decrypt dust txs (since they need to decrypt all txs), but then can throw them away. I don’t see how it impacts wallet performance.

As I said, at the moment the wallets are not spam resistant, they keep the dust notes and will maintain their merkle tree witness. They could be discarded but it is a form of spam filtering that some people are against. For example, what if the dust contained an important memo?

Ah great point, thanks.

I think wallets need to handle this scenario somehow, they shouldn’t update witnesses for dust notes but can decide to show their memo. They could show these memos in a spam folder, like emails do. With that you still allow accessing memo information but does not decrease performance.

1 Like

why not let users have a no spam setting; minimum money to be received is $5. plus a fee structure also stops spam. a minimum fee of say 25 cents per transaction (placeholder). it can vary by country.

1 Like

The Zcash Crypto Cruise offers a few payment options. Bitcoin, ETH, Zcash, Zelle, Venmo, Cash App, and Paypal. All, except Bitcoin and Zcash, are human readable, paid to a username. @madisonedge I’d be curious if after the 12 spots are reserved if you can disclose which payment options were chosen.

2 Likes

I am happy to disclose what payment methods were chosen after the event!

The captain has been in crypto for over 10 years - it’s awesome that he is willing (and prefers) to receive payment via crypto.

Will report back

5 Likes