Hedgehog is alternative to Metamask that manages a user's private key and wallet on the browser. It exposes a simple API to allow you to create an authentication scheme to let users sign up and login to their wallet across multiple browsers and devices. hedgehog.audius.co.
With Hedgehog:
- 😍 Users can make accounts in your DApp with a username + password.
- 😱 Users don't have to worry about private keys, no mnemonics.
- 🔏 You can build systems that fund users' wallets, sign transactions, but never control those wallets directly.
- 🌇 You can focus on building your business logic, rather than managing wallets.
npm i --save @audius/hedgehog
Check out our full technical docs and api how-to.
For a quick browser-side demo, look no further. For a full end-to-end auth demonstration, see our demo repo.
Currently available wallets treat every transaction as if it were moving around your life’s savings. Hedgehog was built for use-cases involving low-to-no financial value.
NOTE: The primary improvement to end-user experience is by hiding wallet complexity and not forcing users to constantly confirm transactions - The opposite of what you’d want when moving significant money around.
Hedgehog isn’t right for every DApp. Massive improvements in user experience are only possible through tradeoffs. As a general rule Hedgehog should not be used for apps involving significant sums of money. As a bridge, one could start users on Hedgehog and suggest migrating to a more secure wallet if their stored value increases beyond a certain threshold; the Hedgehog paradigm is interoperable with existing web3 providers too.
[Good use cases]
- Signing data: If you’re building decentralized applications that rely on user signed data (eg. via EIP-712-esque signing schemes), Hedgehog could help simplify the experience if the stakes are low enough.
- Gaming DApp: Nothing ruins fun as much as signing transactions. If you’re building a gaming DApp that doesn’t use significant financial assets, improving UX is key.
- Decentralized Music Player: If you’re building consumer-facing DApps, Hedgehog will dramatically improve user experience and significantly increase your potential userbase.
[Bad use cases]
If your DApp involves moving around significant sums of money, then the tradeoff in security is most likely not worth it. Hedgehog’s primary improvement to end-user experience is by hiding the wallet and not forcing users to confirm transactions - The opposite of what you’d want when moving money around. We absolutely don’t recommend using Hedgehog in situations like these:
- Banking DApp
- Decentralized Lending
- Prediction Markets
Hedgehog is a package that lives in your front end application to create and manage a user's entropy (from which a private key is derived). Hedgehog relies on a username and password to create auth artifacts, so it's able to simulate a familiar authentication system that allows users to sign up or login from multiple browsers or devices and retrieve their entropy. Those artifacts, through hedgehog, are persisted to a backend of your choosing.
NOTE: A private key is only computed and available client side and is never transmitted or stored anywhere besides the user's browser.
// Provide getFn, setAuthFn, setUserFn as requests to your database/backend service (more details in docs).
const hedgehog = new Hedgehog(getFn, setAuthFn, setUserFn)
let wallet
if (hedgehog.isLoggedIn()) {
wallet = hedgehog.getWallet()
} else {
wallet = await hedgehog.login('username', 'password')
// or
wallet = await hedgehog.signUp('username', 'password')
}After creating or retrieving a user's wallet, you can either fund their wallet directly to pay transaction fees or relay their transactions through a EIP-712 relayer.
More details in the docs.