MultiversX launches on-chain two-factor authentication standard
Two-factor authentication (2FA) is a tried and tested online security measure, and the technology is now being used as an additional transaction signing measure on MultiversX’s blockchain protocol.
MultiversX CEO Beniamin Mincu unpacked the protocol’s new guardian service in conversation with Cointelegraph. The feature makes use of Google Authenticator, Authy, Duo, Microsoft Authenticator or biometrics to provide a second signature for transactions before they are processed on-chain.
Mincu outlines the novelty of the approach, which allows users to make use of guarded transactions and accounts to act as a secondary security mechanism:
“What the chain sees is a guarded account, if it has the feature activated, and for that account, it requires that any outgoing transaction carry two signatures, one from the account owner and the second one from the guardian, through a guarded transaction.”
The guardian service requires users to create a guardian address to provide 2FA-controlled signatures. Part of the sign-up process sees the wallet prompt the user to finalize the registration by issuing a transaction to the MultiversX network, which will set the service-generated address as a guardian for their account.
After an account becomes guarded on-chain, transactions issued by the user require both the user’s and the guardian’s signatures. A valid guardian signature for the user transaction will be provided by the guardian service whenever a user that has a guarded account sends a transaction from their wallet and provides a valid 2FA code.
While 2FA does not strictly take place on-chain, transactions require authentication codes to be executed. Mincu added that the approach to 2FA protection embedded in the protocol is yet to be carried out by other protocols.
“As opposed to existing solutions that provide extra protection for wallet accounts, Guardians don’t require storing more private keys and don’t add additional fragility to the backup scheme, which are important tradeoffs and barriers for users.”
Many cryptocurrency wallets and exchange services tap into 2FA as an added measure to confirm logins and user transactions at an application level. However, Mincu believes the fundamental principles behind the MultiversX guardian approach are possible on other blockchain protocols:
“The concept of using a device-based authenticator to enable 2FA protection could certainly cause a paradigm shift within our industry.”
Mincu added that additional security should not come at a cost to user experience and should be aimed at adding minimal friction to transaction signing.
Two-factor authentication has been part and parcel of the cryptocurrency space for years, with exchanges like Kraken making the added security measure mandatory for its users in 2019 to secure logins attempts.