General
JoyID is a cross-platform, cross-terminal, passwordless and mnemonic-free wallet solution based on FIDO Webauthn protocol and Nervos CKB. It allows users to create, use their wallets without passwords or mnemonics, and supports various features such as multi-device support, account recovery, NFT/FT asset management and so on. JoyID is designed to break down the barriers to the mass adoption of crypto wallet, making it truly easy-to-use and high security for all Web2 & Web3 users.
- No password, no mnemonic, no email, no phone number: You don't need to provide or remember any sensitive information to access your wallet. You only need your devices and biometrics.
- Non-custodial: You have full control over your private keys and funds. No one can access your wallet without your biometrics.
- Backup and recovery: JoyID provide several backup method to level up account security. You can use your device, blockchain wallet, social friends, passport etc. to backup and recovery your account without changing the address
- EVM Compatible : There will be a layer2 EVM chain with JoyID support, which will allow JoyID users to access EVM dApps more easily and securely.
Yes, you can link multiple devices (such as mobile phones or laptops) to your JoyID account and seamlessly use any of them to sign transactions. You can also unlink a device at any time.
JoyID is an open source project and integrating JoyID is completely free.
If you want to integrate JoyID, you can refer to JoyID Docs. which provides different SDK packages to meet different requirements. For example:
- @joyid/core: This is the core JoyID SDK, which includes core functions such as authentication, sign message, verify signature, etc.
- @joyid/ckb: This is the SDK for manipulating Nervos CKB assets, including transferring CKB/mNFT/CoTA NFT, signing Raw Transaction, etc.
You can choose the appropriate SDK package according to your application scenario and follow the instructions in the documentation for installation and use. If you need technical support, feel free to contact us in Discord.
Terms
The term "passkey" refers to a multi-device FIDO credential. To make sense of that, let's talk about FIDO credentials first. A FIDO credential is a private key-based credential that is tied to a specific device and designed to be resistant to phishing attacks. Credentials tied to a specific device like a phone or a laptop have been known as “platform authenticators”. Users typically interact with these through your Face ID, Touch ID, Windows Hello, or device PIN.
Passkeys are an extension of platform authenticators that make this secure authentication technology more user-friendly by syncing them between devices and enabling easy logins from many different devices.
In practical terms, passkeys refer to public key credentials synced via your iCloud, Microsoft, or Google account and protected by your Face ID, Touch ID, Windows Hello, or device PIN. When you want to register for a website, your device generates a key that is specific to that website and stores is securely in your device account.
Webauthn is a web standard that enables users to authenticate themselves on websites using biometric or cryptographic credentials, such as fingerprints, facial recognition, or security keys. Webauthn aims to provide a more secure and user-friendly alternative to passwords and other forms of authentication.
Security
JoyID applies the following technologies to protect users' account security:
- JoyID uses biometric-based authentication mechanism. Users do not need to enter any passwords or mnemonics to access their wallets. They only need to use their devices and fingerprints or facial recognition. This can prevent users from forgetting or leaking their sensitive information, and also prevent malicious software or hackers from stealing their private keys.
- JoyID have several provide several backup method to level up account security. You can use your device, blockchain wallet, social friends, passport etc. to backup and recovery your account without changing the address. This can prevent users from losing access to their wallets due to losing or damaging a single device, and also prevent users' funds from being stolen due to a single device being stolen or tampered with.
Your private keys are securely stored in your device's hardware security module (HSM), which means no one can export the key including yourself. It only allows you to sign transactions or messages with biometrics.
No, they cannot. Even if someone steals your device, they still need your biometrics to access your JoyID account. If you lose your device, you can also log in your account on another device and delete the stolen device authorization.
Yes, you can recover your JoyID account if you lose your device. There are several methods you can use to backup and recover your account:
- (Highly recommended)Device backup: You can link multiple devices (such as mobile phones or laptops) to your JoyID account and use any of them to sign transactions. If you lose one device, you can still access your account on another device.
- Passkey recovery: If you have used passkey on one of your device, passkey will sync between devices that are signed into the same iCloud account or Google account. Then you can directly sign in on another device by your biometrics.
- (Under dev)Mnemonic or Blockchain wallet recovery: You can use Mnemonic or ****another blockchain wallet (such as MetaMask or imToken) to backup your JoyID account. If you lose your device, you can still access your account by the backup wallet.
- (Under dev)Social recovery: You can invite some trusted friends (who also have JoyID accounts) to help you backup your account. You can set a threshold of how many friends are needed to recover your account. If you lose your device, you can ask your friends to verify your identity and restore your account.