Cost is 98% higher. Is network login the biggest obstacle to the development of blockchain?

Source: Blockchain Knights

It’s perhaps no surprise that Internet login systems are as old as the Internet itself. As the first computer networks formed in the 1960s and 1970s, the need for user authentication emerged.

When the Internet’s predecessor, ARPANET, began operating in 1969, it implemented the first formal login system. These pioneering systems required users to enter usernames and passwords to access network resources, something that billions of people have done trillions of times in the years since.

With the advent of the World Wide Web in the early 1990s, web-based login systems quickly became mainstream, providing a gateway to personalized digital experiences. However, these early attempts at user authentication were often marred by lax security standards.

At the time, many developers saw nothing wrong with storing passwords as plain text, and even more surprisingly, embedding passwords directly into HTML code. As the Internet has grown, so have our methods for login security.

The introduction of server-side scripting languages ​​such as PHP in the mid-1990s made password storage and verification more secure.

Crypto and hashing became standard practice, and two-factor authentication emerged as an additional layer of security.

While other aspects of our digital lives have leapt forward with two-factor authentication and password managers, the basic username-password combination has persisted.

The scale of the login challenge

While blockchain has made rapid progress in industries such as healthcare and logistics, one area where distributed ledger technology (DLT) has yet to prove useful is login. LastPass once did a survey and noted that "the average user manages about 70 passwords and logs in 20-30 times a day."

NordPass, in a similar survey, noted that "the average user spends about 15 minutes a day logging in and out of their accounts," which, at 30 seconds to a minute per login, means that NordPass's survey means that users log in about 15-30 times a day.

To be conservative, let's assume a minimum number of 15 logins per day.

With 8 billion people in the world, 85% of whom have access to a smartphone, a proxy for the technology that requires a login. So a super rough estimate of the number of logins per day worldwide is 0.85 x 8 billion x 15 logins, which equates to about 102 billion logins per day, or 1.2 million logins per second.

Cost and Scalability Issues

Ethereum, one of the most popular blockchain platforms, can only handle about 6 zero-knowledge proof verifications per second.

For blockchain to replace traditional login systems alone, we would need nearly 200,000 blockchains like Ethereum working simultaneously, not counting the other transactions happening on these networks.

In short, blockchains in their current form lack the scalability to manage even a fraction of the world’s daily authentication needs. But capacity isn’t the only issue.

The cost of verifying a login on a blockchain like Ethereum can be prohibitively high. As a base case, let’s assume the gas unit cost per login is the absolute minimum cost per transaction on Ethereum, which is 21,000 gas units.

Let’s break it down and assume that the cost of one unit of gas on Ethereum is 5 gwei, and 1 gwei is equal to 1/1000000000 ETH.

This means that 240 million login verifications, each using 21,000 gas, will cost about $60.5 million per day, with the price of Ethereum at $2,400 per unit. What’s more, all of these costs will be consumed on Ethereum, which means that no one in the network will receive any income from it.

This is unsustainable. The cost of logging in is also not comparable to the cost of verifying transactions on a public ledger. While the decentralization of blockchains provides extremely high security and transparency, its financial premium makes it unusable for website logins.

Equally divided

Nevertheless, zero-knowledge proofs (ZKPs) have brought a glimmer of hope to the bleak outlook. ZKPs allow users to prove their identity without revealing any sensitive information.

Today, the world’s personal data is scattered across thousands of databases, each a potential target for hackers. In theory, blockchain-powered logins using ZKPs could usher in a new era of privacy, making passwords and usernames a thing of the past.

But theory and practice rarely go together so perfectly. While ZKPs can solve some privacy issues, they bring others, namely the need for massive computational resources and the currently high cost of verifying these proofs.  

As mentioned earlier, Ethereum struggles to meet these demands, and while other blockchains like zkVerify are working to drastically reduce costs, the technology is not yet ready for widespread deployment.  

Additionally, there are user experience challenges. Most internet users are not cryptography experts, so any new system needs to be as convenient as the current username-password combination, despite its flaws.  

User experience issues can’t be ignored either.

Technical superiority doesn’t mean it will necessarily be widely adopted, and the Linux operating system is a good example of this. The industry must combine the two if it is to succeed. While logging in shouldn’t incur any direct costs, they often do, hidden in the services we use.

Worldcoin offers a blockchain-based login solution that uses retinal scans to verify a user’s zero-knowledge proof, verified on the Optimism blockchain.

While this process costs just $0.0033 per login, when scaled to 240 million logins per day, that’s an unsustainable $800,000 per day.

While this is 98.5% lower than Ethereum, the system runs on a different, more centralized layer, trading decentralization for scalability.

By comparison, cloud services like AWS Cognito offer much cheaper alternatives, costing $0.0025 per user per month, making blockchain solutions 98.5% more expensive.

Clearly, there’s room for improvement in blockchain logins. So, where do we go from here?

Blockchain has the ingredients to disrupt logins, even if there’s no clear way to do it. With advances in cost efficiency and scalability, such as the continued development of zero-knowledge-driven L2 solutions, we may be approaching a tipping point.

While blockchain-based systems currently struggle to compete with the low-cost, high-speed infrastructure of cloud service providers such as Amazon and Google, the balance is tipping in favor of blockchain.