2018-02-13 Mobile Work Session


#1

Meeting notes from mobile planning session

Attendees

  • Ryan
  • Aaron
  • Jude
  • Ken
  • Larry
  • Chase
  • Muneeb

Agenda

  • Mobile timeline
    • iOS and Android
  • Strategy for development
    • Native vs React Native vs. wrapper
  • On-boarding process
  • Features that we want to support
  • Process for developing across platforms
  • How we segment the team

Questions and One-Line Answers

  • iOS first and then Android second?
    • We will do them simultaneously in Phase 1 (SDK-only)
  • Native or React Native or web or Cordova?
    • Not doing a mobile app immediately
  • Ken on iOS and a new Android hire on Android?
    • SDK will be developed as cross-platform friendly as possible
  • What exactly are developing on mobile?
    • Phase 1: SDK-focuse
    • Phase 2: progressive on-boarding to a native expeirence
  • What is our strategy for the SDK?
    • Cross-platform development — support for
  • What do we want the user experience to be?
  • What are the constraints of the platforms?
  • What is the minimum feature set for the mobile product?
    • SDK for Apps
    • Ability to on-board users
  • What is the end goal of the mobile product?
  • How does multi-device / cross-platform operation work?
    • Same twelve-word phrase on all items
    • Phase 2: support for multiple devices
  • What is the on-boarding process like for new users of the mobile product?
    • Simple web view for creating a blockstack identity and then going back into App — this is included as part of the SDK
  • What is the on-boarding process like for users who first discover a Blockstack app?
    • See above — we are focusing on the app SDK first, then the web app view
  • What is the primary discovery mechanism or user flow?
    • For blockstack-interested users: blockstack.org → web application
    • For app-interested users: SDK authentication flow

Android vs. iOS

  • Android very popular (especially outside of US, where our potential userbase is much larger)
  • Should we develop them simultaneously?
  • What devices are we using personally
  • We have strong iOS resources currently, but would have to hire for Android
  • Cross-platform library/SDK written in Javascript?

Blockstack on Mobile Development: Native v. React Native v. Web

  • Smoothness of React Native depends on whether or not you have to use a lot of native APIs
  • Larry: you can use blockstack.js and reuse that across some platforms — hopefully you end up not re-implementing any logic.
    What is the minimum feature set?
  • We’re here to help apps get off the ground who want a good mobile experience
  • Requirement: If someone comes to a Blockstack App first, they cannot be required to download a second app
  • Potential plan: Ship SDK first and then ship an app
    • Three phases:
      • SDK
      • React Native / Cordova
      • Full Native

Recovery for Users who On-Board on App

  • Requirement: Blockstack cannot store shards
  • Apps will want to have a way to backup a user’s private key somewhere…
    • We need a story for ‘lost my blockstack identity’:
    • 2 Parts:
      • Documented best practices for backing up and storing a user’s app private key (perhaps some support in the SDK?)
      • A way to log in to an app if you have the App-Private-Key but not your identity key
  • Where is a user’s private key stored?

Proposal: Phase 1

  • Focus on on-boarding flow on blockstack.org
  • Focus on SDK
  • Shift away from desktop native — focus on web experience.
    • Same experience, desktop or mobile
  • For additional security, you can download a native authenticator — a place to store your keys.
    • The web experience calls out to this authenticator?
  • What are we delivering?
    • An authenticator
      • Profile management
    • An app store
  • Mobile experience —
    • Start with no-mobile-app — nail the web experience, and the SDKs
    • SDK includes the on-boarding experience
    • App store is in web
    • Phase 2: native solves security problem and user’s desire for a mobile experience
  • Larry:
    • Users with multiple browsers on desktop have a bad experience
    • Many users use incognito or private browsing all the time on mobile
    • Our protocol handler situation is still bad
  • Decision: focus on the SDK
  • All the user has to do maximum — open webview — user enters e-mail and password (of their choosing)
    • E-mail could be pre-filled
    • In AwesomeApp, user clicks “sign in with blockstack”, Web View opens, User enters e-mail and password, then goes back to AwesomeApp
      • Problem: user doesn’t think of themselves as having signed up for Blockstack
      • We want users to think ‘sign in with Blockstack’ — otherwise, we get no benefit for users in the ecosystem
  • Specifically, focus on the experience of a user going to a DApp first
    • Ship SDK as wrapper of blockstack.js
    • A logic on blockstack.org for the on-boarding flow of the sign-in
  • This ‘punts’ on multiple-device
    • Just input your twelve-word phrase on both devices
  • Still need to hire for SDK on Android ?
  • In terms of this sprint:
    • Research for the SDK — cross-platform tools?
  • Protocol handler — we auto-redirect to a web client or something
    • This is going to be documented in Authentication

Proposal for Phase 2

  • Build mobile apps for Android and iOS
  • Allow for progressive on-boarding where users can migrate from the web experience to a native experience
  • Trezor support

Key Management Story

  • Use the same key across devices

Roadmap

Possible Authentication routes:

Key Take-Aways

Five point plan.

  1. Mobile SDK
  • Ken and larry will take lead on SDK for iOS and Android (as cross-platform as possible)
  1. Move more functionality into blockstack.js
  • ongoing work of everyone
  1. mobile web sign up & user management
  • Chase could take the lead here
  1. desktop shift browser to blockstack.org
  • Everyone focuses on this
  1. Native Blockstack mobile app will be in phase 2

Blockstack Mobile Plans
PBC-team
#2

Hell yeah.

Love that we’re doing more posting of these notes in public.

Also the list of attendees is a great help.