DEV Community

R Anmol
R Anmol

Posted on

Introduction to Web3 by a Beginner

#100daysofsolana #solana #web3 #beginners

The Core Vision

Let's start with "What is Web3"

Web3 is a decentralized, trustless and ownerless network, which aims to give back the power from few companies to individual users

All the technological decision of Web3 depends on the above tenet

Identity: From Records to Key Pairs

Traditionally to identify ourself on the network, we would have to authenticate ourself with username and password.

This username and password would have been stored in the server which is managed by a company or simply a entity.

We have to trust the entity to keep the username and password safe from any data breach.

But in Web3, method to authentication is through key pair, like SSH keys. We first generate a private key. Then derive public key from that private key. This is our identity on the blockchain.

Trust and Validation

A small nuance on what I mean by trustless is that we have simply shifted the trust from companies to open source or cryptography.

In the blockchain there is no sign in like we are used to in traditional services.

So you might ask if there is no sign in blockchain, how does the network know that you exist.

The answer I have understood is that network does not know you exist, till you sign a transaction. When we sign a transaction, every node on the network check it with the signature and public key, and if the check returns true then the transaction is considered to be true.

Now how does that check happen is something which I also don't know. But I would like to know

Solana Specific

Both the private key and the public key are of 32 bytes

Solana often stores the concatenated array of private key + public key (64 bytes). Because to sign a transaction we need both the public key and the private key. While we can always generate the same public key from the same private key, it is computationally inefficient, so for the sake of efficiency we store both the private key and public key in one 64 byte array.

Trade-off

Now, that we have understood that our identity on the network is made by cryptography( public and private key) not by a centralized account. This opens several benefits and drawbacks. Let's focus on the primary benefit and the drawback derived from the "benefit"

Benefit

  1. No entity can lock you out of your account as long as you hold the private key
  2. Your private key is always with you and so you are not trusting anyone with it

Drawback

  1. It removes the option of "forgot password" we all are so familiar with. If you lose your private key there is no backdoor, no forgot password, no password reset. Your access to the account is gone
  2. Since we trusting ourself with the private key, we have to manage the security and backup of it.

Wallets: Managing Your Keys

This is where browser and mobile wallet comes into the picture, they offer the convenience along with security

Now wallets(both broswer and mobile) are of two types:

  1. Hot Wallet
  2. Cold wallet

There are more types like hardware wallet and multisig wallet but that also follow the same principle that browser and mobile wallet follow

Just a remainder a wallet is used to store our private key securely. That is the wallet's main purpose. A wallet can be a software on a device or a separate device itself

Hot Wallet

A Hot wallet is a wallet that is connected to the internet. So theoretically it is susceptible to cyber attacks.

Cold Wallet

A Cold Wallet is a wallet that is NOT connected to the internet. So it is much more secure, but inconvenient to use.

Finding the Right Balance

Now one might assume that cold wallet are the best, and they would be correct if we were looking at things from the security perspective only.

It is analogous to the best practice of using different password for different accounts, it is better for security objectively, but incredibly inconvenient if you have not set up password managers and extensions.

So, choosing the right type of wallet is a choose based on your usecase

  1. If you are developer and using a devnet wallet for testing, you really don't need much security because all the currency in the wallet is fake

  2. If you are storing your real currency use a cold wallet, assuming you don't sign transaction often. If you sign transaction often you may have to look to a middle ground.

These are all the insights (or common sense to experienced folks) gained after reading about Blockchain (specifically Solana) for a week.

Top comments (0)