Tutorial
zkLogin 101
All you need to know before getting started with zkLogin
What is zkLogin
On sentence:zkLogin lets you access your wallet and make transactions with just a login with Google, Facebook accounts, etc.
Why shoud I use / not use zkLogin?
How zkLogin works?
Before we delve into whether or not to use zkLogin, let’s quickly understand how zkLogin manages your assets through your Web2 account.private key wallet
private key wallet
private key wallet process
zkLogin wallet
zkLogin wallet
zkLogin simplified process
- Log in via your Login Provider (e.g., Google).
- The Login Provider sends a JWT to your wallet provider’s domain.
- Your wallet provider returns the for your zkLogin account to your local device.
- Your local device signs your subsequent transactions using a temporary private key based on the .
| When to Use zkLogin Wallets | When to Use Private Key Wallets |
|---|---|
| 1. User-Friendliness: zkLogin wallets are more intuitive and simple for users who are not familiar with cryptocurrencies and blockchain technology. 2. Reduced Complexity: Users don’t need to remember or securely store a private key or mnemonic phrase, lowering the risk of user error. 3. Multi-Device Access: Since credentials are managed through OAuth, users can easily access their account across multiple devices. 4. Social and Network Effects: If the dapps you are going to use involves social interaction or needs to integrate with other services, zkLogin might be more convenient. | 1. Security: Private key wallets are generally considered more secure as the private key is stored only on the user’s device, not on a third-party server. 2. Full Control: Users have full control over their assets and data, without reliance on third-party services. 3. Advanced Features: Private key wallets usually support more advanced features like interacting with smart contracts, multi-signatures, etc. 4. Privacy: Private key wallets generally offer higher levels of privacy protection. 5. Offline Storage: Private keys can be stored in cold storage (e.g., hardware wallets), for added security. |
| Common Risks with zkLogin wallets | Common Risks with private key wallets |
|---|---|
| 1. Third-Party Dependency: zkLogin relies on OAuth, making it susceptible to attacks or vulnerabilities in the OAuth provider (e.g., Google, Facebook). 2. Credential Leakage: Wallet provider may acquire your OAuth token. 3. Wallet Provider No Longer Maintained: If the wallet provider discontinues service or is no longer maintained, all corresponding wallets will become invalid. | 1. Private Key Leakage: If the private key is accidentally exposed, all assets associated with that key are at serious risk. 2. Physical Security: If the private key is stored on a physical medium like paper or a hardware wallet, then physical damage or loss is a risk. |
- new to cryptocurrencies
- don’t anticipate transferring large assets
- a seasoned cryptocurrency user
- prefer complete control over your wallet
- more concerned about security vulnerabilities