TLDR; There is no proven, safe way for native wallet encryption-decryption. This means we do not yet offer the ‘signup with MetaMask’ experience. This decision is related to MetaMask’s action to ‘deprecate’ encryption and decryption functions. The good news is that you can still safely use MetaMask to register Ethereum addresses for wallet-to-wallet communication.
We know people want to login/signup with their existing wallets and would love to provide this feature to our users. (Less typing, fewer clicks, right?)
However, in June 2022 Metamask announced they ‘deprecated’ (aka recommend not using) the encryption-decryption functionality, even though there are no known attacks or vulnerabilities. Why? Metamask and their parent company, Consensys, concluded that using the same private key across different elliptic curves for both signing and encrypting isn’t best practice, as it opens up additional attack vectors. Addtionally, the eth_decrypt and eth_getEncryptionPublicKey methods used with this feature were built in accordance with EIP-1098, which has since been abandoned.
Projects have enabled this login mechanism in the past using Metamask’s native encryption-decryption function. This function encrypts data with the public key of an Ethereum account and decrypts with the private key. These are the same keys that the wallet uses to sign transactions on blockchains, however a different elliptic curve is used for encryption. It turns out this may not be the best thing to do.
We support Metamask’s transparency on this issue as well as their decision to set the bar higher. Because of this development, there is no proven, safe way for native wallet encryption-decryption, and that means we do not yet offer the ‘signup with MetaMask’ experience.
At Mailchain, our users’ privacy is the highest priority. We have worked for over three years to create safer security norms for Mailchain users.
Before this development, Mailchain had already implemented a safe method for users to send and receive encrypted messages from their blockchain address, by separating encryption-decryption functions away from a transacting wallet address. Different messaging keys are used for signing, and the messaging and signing keys can be validated against signed proofs that originate from the transacting wallet address.
This approach does not recycle your wallet’s keys. Instead, it creates new, unique “messaging keys.” And it’s your wallet’s signature that enables you to have access to these messaging keys.
The EIP-1098 abandonment and MetaMask deprecation means there is currently no standard for native wallet encryption. When that functionality comes along and adheres to security best practices, we will reevaluate incorporating it into Mailchain’s login process.
The good news is that you can still safely use MetaMask to register your Ethereum addresses for wallet-to-wallet communication inside Mailchain.
Original source video (Ethereum Engineering Group):