M𝐞tåMäsk L𝗼𝗴𝗶𝗻* - l𝗼𝗴 I𝒏*
MetaMask's approach to security is through anonymity and entrusting private keys to users. Since the wallet does not keep users' personal information, accounts.
Last updated
MetaMask's approach to security is through anonymity and entrusting private keys to users. Since the wallet does not keep users' personal information, accounts.
Last updated
In a traditional app, a user has a username for identification and a password to verify the account.
On the other hand, a decentralized app makes use of cryptography concepts. Every user is related to a public key, and the password is a private key.
Metamask allows you to access your public key and private key in the browser with the help of an extension. It thus enables you to connect to decentralized apps with your Ethereum(or some other blockchain) address. You can then interact with smart contracts and proceed to play games, purchase NFTs, etc.
To login to a Dapp with your public address, the Dapp needs to verify that you are the account owner. Every public key has a private key associated with it. But you can’t just hand over your private key over to someone else.
Instead, the Dapp asks you to sign a message with your private key cryptographically. Metamask opens up, and you are prompted to sign a message, for example, “hello” which will then send the signed message to the backend.
Once the Dapp’s backend receives the signed message, it runs an algorithm to derive a public address out of the signed message. If this public address is the same as the user’s public address, the user gets logged in.
Also, note that because the signed message is created cryptographically, it is impossible to get the private key from it, ensuring security.
