Perhaps unsurprisingly, the system for connecting to the Internet is essentially as old as the Internet itself. In the 1960s and 1970s, as the first computer networks took shape, the need for user authentication also increased. ARPANET, the predecessor to today’s Internet, implemented the first formal login systems when it began operations in 1969. These pioneering systems required users to enter a username and password to access resources of the network, something billions of people would do billions of times over the years that followed. .
With the advent of the World Wide Web in the early 1990s, web-based connections quickly became a staple, providing a gateway to personalized digital experiences. Yet these early forays into user authentication were often marred by shockingly lax security standards. At the time, many developers saw no problem storing passwords as plain text or, surprisingly, embedding them directly in HTML code.
As the Internet has evolved, so has our approach to connection security. The introduction of server-side scripting languages like PHP in the mid-1990s allowed for more secure password storage and verification. Encryption and hashing algorithms have become common practice, and two-factor authentication has emerged as an additional layer of security.
Despite two-factor authentication and password managers, and despite advances in other aspects of our digital lives, the basic username-password combination has remained like an unwelcome guest.
The scale of the connection challenge
Enter the blockchain – or not. Because despite blockchain’s tremendous progress in industries ranging from healthcare to logistics, connections are one area where distributed ledger technology (DLT) has not proven useful.
Okay, so let’s talk about why. For context, LastPass conducted a survey that stated that “the average user has around 70 passwords to manage and users may log in 20 to 30 times per day.” NordPass, in a similar survey, said that “average users spend about 15 minutes each day logging in and out of their accounts.” Between 30 seconds and 1 minute per connection, this means that NordPass’ survey would involve approximately 15 to 30 connections per day.
To be conservative, let’s assume the lowest number here: 15 connections per day. There are 8 billion people on the planet, 85% of whom have access to smartphones, which could be an indicator of access to technology that requires connection.
Therefore, a very rough estimate of daily connections worldwide is 0.85 x 8 billion x 15 connections, which equates to approximately 102 billion connections per day, or 1.2 million per second.
The problem of cost and scalability
Ethereum, one of the most popular blockchain platforms, can only handle around 6 zero-knowledge proof verifications per second. For blockchain to replace traditional connection systems alone, we would need the capacity of nearly 200,000 Ethereum-like blockchains working simultaneously – and that’s before taking into account other transactions that occur on these networks . Simply put, blockchain in its current form does not have the scalability to handle even a fraction of the world’s daily authentication requests.
But capacity isn’t the only problem. The cost of verifying connections on a blockchain like Ethereum could be extremely high. As a base case, let’s assume that the gas unit cost per connection is the absolute minimum cost per transaction on Ethereum, which is 21,000 gas units. For reference, right now, Ethereum costs $2,400 per ETH. Let’s break it down.
Let’s assume that one unit of gas on Ethereum costs 5 gwei and 1 gwei is 1/1,000,000,000 ETH. This means that 240 million login verifications, each using 21,000 gas, would cost around $60.5 million per day, with Ethereum valued at $2,400 per ETH.
And to top it off, all of this cost would be spent on Ethereum, meaning no one in the network would make any money from it.
It’s not sustainable.
Connections simply cannot cost as much as verifying a transaction on a public ledger. The decentralization of blockchain, while offering great security and true transparency, comes with a financial premium that makes it impractical for something as mundane yet ubiquitous as logging into your favorite website.
Squaring the circle
Yet zero-knowledge proofs (ZKP) offer a glimmer of hope in an otherwise bleak landscape. ZKPs allow users to prove their identity without revealing any sensitive information – a far cry from today’s world, where personal data is scattered across thousands of databases, each a potential target for hackers. In theory, blockchain-based logins using ZKPs could usher in a new era of privacy, in which passwords and usernames are relics of the past.
But theory and practice rarely align so well. Although ZKPs may solve some privacy concerns, they introduce others, namely the need for significant computing resources and the current high cost of verifying such evidence.
As mentioned previously, Ethereum is struggling to meet these demands, and although other blockchains like zkVerify are working to significantly reduce costs, the technology is not quite ready for widespread deployment. And then there’s the user experience challenge. Most Internet users are not cryptography experts, so any new system must be as transparent as the current, albeit imperfect, username-password combination.
UX issues should also not be detected. Just because something is technically superior doesn’t mean it will be widely adopted (let’s take the Linux operating system as an example). The industry must combine the two to succeed.
Although connections shouldn’t incur direct costs, they often do, hidden in the services we use. Worldcoin offers a blockchain-based login solution using retina scans to authenticate users with zero-knowledge proofs, verified on the Optimism blockchain. Although this process only costs $0.0033 per connection, when scaled up to 240 million connections per day, the expense reaches an unsustainable $800,000 per day.
Although this is a 98.5% reduction compared to Ethereum, the system operates on a different, more centralized layer, trading decentralization for scalability. In contrast, cloud services like AWS Cognito offer a much cheaper alternative, costing $0.0025 per user per month, making the blockchain option 98.5% more expensive. Clearly, blockchain connections can be improved.
So where does this leave us? Blockchain has the necessary ingredients to disrupt connections, if not a clear recipe for doing so. As advancements in cost effectiveness and scalability, such as zero-knowledge Layer 2 solutions, continue to expand, we may be approaching a tipping point. While blockchain-based systems currently struggle to compete with the low-cost, high-throughput infrastructure of cloud providers like Amazon and Google, the scales are tipped in its favor.
