译文/Translated:
除了发布EOSIO LabsTM,Block.one还一起发布了通用认证库(UAL)存储库,来探索私人密钥管理的未来。UAL是我们探索钱包生态系统的第一步,这对于Block.one和EOSIO开发者社区的其他人都是个机会,这样他们才能共同推动行业和EOSIO™软件的潜力。和所有EOSIO Labs发布的内容一样,我们都欢迎和鼓励您提供反馈,帮我们塑造这个存储库的未来。
在EOSIO钱包生态环境中,我们的兴趣主要集中在密钥和密码管理这方面。在区块链领域,钱包在认证用户与区块链应用上起到至关重要的作用。要达到该目的,如果用户打算对服务进行“验证”或者“签署”交易,“钱包”这个术语可能会有了误导性。因为传统钱包的功能是储存代币,区块链社区在早期就采用了这个概念。但是,随着行业重点逐步转移到区块链应用的使用上,相比使用应用,存储代币的重点就减弱了,转而成为了使用应用的副产品。意识到这种变化之后,我们考虑了几个新术语来更准确地描述“钱包”的作用,比如“签名提供者”、“认证器”或“交易签名器”。最终,我们决定,在此代码库和未来关于“钱包”生态系统的文章中,我们都会用“认证器”指代“钱包”。
与认证器的互动推动用户体验
在过去几个月里,我们一直在思考基于EOSIO的应用怎么和认证器联系起来,对于开发者和用户体验这会带来怎样的影响。“钱包”生态系统有了巨大的发展。专门为EOSIO区块链开发的硬件和软件验证器、从跟其他区块链或非区块链行业向EOSIO迁移都给区块链应用的用户带来了巨大的价值,让他们能够选择合适自己需要的验证器。
然而,随着验证器的数量越来越多、越来越复杂,应用开发者必须集成各个验证器(或放弃选择不集成),最终用户必须要面对更多的不确定性——甚至可能是困惑——因为不同的独立运行的认证器中签署交易的用户体验各不相同。用户可能甚至会觉得他们享用的应用根本不能使用他们选定的认证器。
为了解决该问题,我们开始探索如何利用通用API(the Universal Authenticator Library通用认证库)实现验证器的可交换集成。
通用认证库
通用认证库(UAL)通过编码到一个通用API让应用开发者能够集成一系列验证器(钱包、应用浏览器、密钥管理等)他还给开发者提供可选但固定的UI界面,应用程序的用户可以获得和他们在使用的验证器或网站独立一致的界面。
一旦集成完成,应用就能轻松提供用户类似于登录社交网站或单点登录的登录体验。验证器不断被发展,对他们的支持也变得越来越简单,可能就是添加几行代码而已。
架构
通用认证库包含三个主要组建:UAL内核、验证器和渲染器
- UAL内核:这个TypeScript库是把三个组件联系起来的胶水。UAL核心规定了UAL钱包验证器插件必须符合的标准,并向应用开发者公开了统一的公共API和其它便捷的模式。
- 验证器:验证器可以被认为是UAL钱包插件。它们把单个钱包API包装在一个统一的UAL兼容封存器中,这些不是UAL内核库的组成部分,但是作为单独的代码库存在,它们通常由社区或者钱包开发者自己开发。现在已经有针对 Scatter Desktop, Lynx, Ledger, 和TokenPocket的验证器。其他的可以参考UAL Authenticator Walkthrough上的内容简答地写出来。
- 渲染器:渲染器是UAL可选的、固定的UI插件。对用户来说,它们负责界面和感受保持一致。对于开发者来说,渲染器通了一个熟悉的惯用方法,可以把UAL集成到其前端框架或库中。目前我们已经有PlainJS 和 ReactJS这两个渲染器,我们希望社区能够开发出更多。
用户体验会带来应用
实现钱包实用性的最佳方法是让自由市场有效运作。用户必须能够给带来最好用户体验的验证器投票,这种用户选择将推动用户体验快速发展的引擎。
像通用认证库这样的统一工具就能达到这个目的——帮助用户通过简化的、熟悉的签署交易体验推动引用的使用、减少用户摩擦,他们就能自由地选择他们想用的钱包。
如何参与
通用认证库还在alpha测试中,它需要您的帮助。您可以看通过以下一些方式开始
- 查看UAL文件
- 观看使用ReactJS的UAL基本应用例子和使用PlainJS的UAL基本应用例子,仔细看它们如何运行的。
- 把UAL添加到您的网络应用中。你可以使用先前构架的渲染器(PlainJS的UAL渲染器和ReactJS的UAL渲染器),但您可以同时直接和UAL内核API集成。
- 给您喜欢的钱包建立一个UAL验证器,并开源
- 给不同的前端库或框架(如Vue.js, AngularJS)建立UAL渲染器,并开源。
- 为UAL内核库做贡献,让它变得更好
- 通过GitHub的匹配repo报告您遇到的问题
- 在EOSIO StackExchange提出问题,记得加上UAL标签
保持联系
如果您想给给我们反馈或者和我们团队共同地提高EOSIO Labs开发者代码库,您可以给我们的开发者关系小组发邮件:developers@block.one
你还可以邮件订阅我们的EOSIO Developer Portal,获取我们未来的更新消息。我们很高兴能够不断为EOSIO开发者提高软件的可用性,我们也在为区块链技术的大规模使用奠定基础。
所有产品和公司名都是他们相应持有者的商标™或注册商标®。使用这些产品和名称不意味着和公司有联系或公司支持他们。
免责声明
Block.one作为EOSIO社区的一员,自愿做出自身贡献,并不对软件的总体性能及任何相关应用程序负责。对于此处所述版本以及相关GitHub版本或EOSIO软件,我们不作任何明示或暗示的陈述、保证、担保或承诺,包括且不限于提供担保,保证适销性或对某一特定目的和非侵权的适用性,并不承担相应的责任。在任何情况下,无论是合约操作、侵权行为或其他,亦无论是否与软件或文档相关,或由于软件使用导致,或在软件和文档上的其他交易导致的任何索赔、损害赔偿或其他债务,我们均不承担责任。任何测试结果或绩效数据具有指示性,无法反映所有情况下的绩效。任何对第三方或第三方产品、资源或服务的引用都不受Block.one的认可或推荐。对于您使用或信任这些资源的行为,我们概不负责,并且不承担任何责任和义务。第三方资源可能随时更新、变更或终止,因此此处的信息可能已过期或不准确。
原文/Original:
In conjunction with the announcement of EOSIO Labs™, Block.one has released the Universal Authenticator Library (UAL) repository to explore the future of private key management. UAL is a first step towards our explorations in the wallet ecosystem, an opportunity for both Block.one and others in the EOSIO developer community to collaboratively push the boundaries of what is possible within the industry and the EOSIO™ software. As with all releases of EOSIO Labs, we welcome and encourage your feedback in shaping the future of this repository.
Within the EOSIO wallet ecosystem, our interest has been focused on the direction of key and password management. In the realm of blockchain technology, wallets serve a critical role in authenticating users who interact with blockchain applications. To that end, the term ‘wallet’ is potentially misleading if the user’s intention was to ‘authenticate’ with a service or to ‘sign’ a transaction. Since traditional wallets functioned as a place to store tokens, the blockchain community adopted the term ‘wallet’ in the early stages of its development. However, as the industry focus gradually shifted towards the utility of blockchain applications, storing tokens became less of a focus compared to using applications, and more as a byproduct of utility. Cognizant of this change, we have considered a number of terms that would more accurately describe the purpose of ‘wallets,’ from ‘signature providers’ to ‘authenticators’ to ‘transaction signers’. Ultimately, we have decided that for the purposes of this library and our future literature in the wallet ecosystem, we will be referring to all ‘wallets’ as ‘authenticators’.
Interactions with Authenticators Drive User Experience
Over the last several months, we’ve been thinking a lot about how EOSIO-enabled applications interface with authenticators, and how that impacts both the developer and user experiences. There has been tremendous growth in the ‘wallet’ ecosystem. Hardware and software authenticators purposefully built for EOSIO as well as migrating to EOSIO from other blockchain and non blockchain industries have created tremendous value for blockchain application users and the ability to choose an authenticator that fits their needs.
However, with an ever-increasing number of authenticators comes increasing complexity. App developers must integrate with each authenticator (or give up and choose not to), and end users face increased uncertainty — even confusion — as the user experience of signing transactions across various independently operated authenticators diverge. Users may even find that the app they want to use doesn’t work at all with their authenticator of choice.
To address these issues, we’ve begun exploring interchangeable integrations for Authenticators through a universal API, the Universal Authenticator Library.
Universal Authenticator Library
The Universal Authenticator Library (UAL) allows app developers to integrate with a variety of authenticators (wallets, app explorers, key managers, etc.) by coding to a single, universal API. It also offers developers an optional, but opinionated, UI layer so that application users get a consistent look and feel independent of the authenticator they are using or the site they are on.
Once integrated, apps are able to provide their users with an experience akin to social login or single sign on with very little effort. And as more authenticators are developed, supporting them is as simple as adding a few lines of code.
Architecture
Universal Authenticator Library consists of three main components: UAL Core, Authenticators and Renderers.
- UAL Core: This TypeScript library is the glue that binds these three concepts together. UAL Core defines the standard that UAL wallet authenticator plugins must conform to and exposes a consistent, public API to app developers along with additional convenience methods.
- Authenticators: Authenticators can be thought of as UAL wallet plugins. They wrap the individual wallet APIs in a common UAL-compatible wrapper. These are not part of the core UAL library but exist as separate codebases often written by the community or wallet developers themselves. There are currently authenticators for Scatter Desktop, Lynx, Ledger, and TokenPocket. Others can be easily written using our UAL Authenticator Walkthrough as a guide.
- Renderers: Renderers are optional, opinionated UI-layer plugins for UAL. For users, they are responsible for the consistent look and feel. For developers, renderers provide a familiar and idiomatic way to integrate UAL into their frontend framework or library. There are currently renderers for PlainJS and ReactJS, and we invite the community create others.
User Experience will Drive Adoption
The best way to achieve optimized wallet usability is to enable the free market to operate efficiently. Users must be able to vote for the best user experience with their choice of authenticator. This user choice will be the engine that drives rapid improvements to the blockchain user experience.
A unifying tool like Universal Authenticator Library will do just that — help developers drive adoption of their applications with a simplified and familiar transaction signing experience, and reduce friction for users so that they have the freedom to use the wallet of their choice.
How you can get involved
Universal Authenticator Library is in alpha and it needs your contributions. Here are some of the ways you can get started:
- Check out the UAL documentation.
- Spin up the Basic Example App for UAL with ReactJS or Basic Example App for UAL with PlainJS and see how they work.
- Add UAL to your web app. You could use one of the prebuilt Renderers (UAL Renderer for PlainJS or UAL Renderer for ReactJS), but you may also integrate directly with the UAL Core API.
- Build a UAL authenticator for your favorite wallet and open source it.
- Build a UAL renderer for a different frontend library or framework (e.g., Vue.js, AngularJS) and open source it.
- Contribute to the UAL Core library. Help make it even better.
- Report issues that you may find via GitHub issues in the matching repo.
- Ask questions on the EOSIO StackExchange. Be sure to add a UAL tag.
Stay Connected
If you are interested in providing feedback and working more closely with our team to improve the EOSIO Labs repositories for developers, you can send our developer relations team an email at developers@block.one.
You can also keep up to date with future updates by subscribing to our mailing list on the EOSIO Developer Portal. We are excited to be continually improving the usability of the software for EOSIO developers as we continue laying a foundation for the mass adoption of blockchain technology.
All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
Disclaimer: Block.one makes its contribution on a voluntary basis as a member of the EOSIO community and is not responsible for ensuring the overall performance of the software or any related applications. We make no representation, warranty, guarantee or undertaking in respect of the releases described here, the related GitHub release, the EOSIO software or any related documentation, whether expressed or implied, including but not limited to the warranties or merchantability, fitness for a particular purpose and noninfringement. In no event shall we be liable for any claim, damages or other liability, whether in an action of contract, tort or otherwise, arising from, out of or in connection with the software or documentation or the use or other dealings in the software or documentation. Any test results or performance figures are indicative and will not reflect performance under all conditions. Any reference to any third party or third-party product, resource or service is not an endorsement or recommendation by Block.one. We are not responsible, and disclaim any and all responsibility and liability, for your use of or reliance on any of these resources. Third-party resources may be updated, changed or terminated at any time, so the information here may be out of date or inaccurate.
原文链接/Original URL: