Unlike Web2 wallets, which are only used as asset management tools. But in the crypto field, wallets also play a role in on-chain interactions and are also used as asset management tools, you can say that from transaction payment transfer to participating in different DAO organizations to manage voting, users can’t do anything on-chain without their wallets.
In last year’s DuneCon 2022 conference, Tomasz Tunguz, general manager of Redpoint Ventures, said that the daily active users (DAU) of mainstream public chains accumulated to about 2.5 million, while the DAU of the Internet is just 5 billion, is slightly less than 0.05% and public chains are catching up with the rapid pace.
On the supply side, there are about 16,000 developers in the Web3 space, while there are about 27 million developers in the world, with Web3 developers accounting for less than 0.06%. The underlying cause of this problem points to the accessibility issues associated with the wallet access threshold.
In contrast to the vibrant on-chain ecosystem, the development of wallets has been rather slow, and it has not achieved a level of satisfaction for practitioners and participants. The mainstream crypto wallet is still the EOA Metamask wallet, and when all web3 users hear the Metamask, they know what it means, and its private key and Metamask prevent most web2 users from entering web3. The questionable security of web3 came first and the fact that the complex mnemonics did not prevent malicious links and user negligence. As an author, I recited my own mnemonic for the first time, and used pen and paper as a more primitive way to save my mnemonic, but with little success.
the above is only the first step into web3. The second step is more perilous. Users directly use the wallet’s fiat currency deposit function to buy tokens, and in this process, some regions do not support fiat currency deposits, so some users will use the exchange’s C2C buy coins function, and the risk of private key leaking in the process of the deposit is tremendously higher. The above steps are so sophisticated that most people will give up entering web3.
This kind of problem has also appeared in the traditional Internet era. Take the versatility of computers as an example. Before the appearance of visual operating systems, people need to interact with computers through codes. The development of the wallet is about to reach the same inflection point.
Smart contract wallet
For most users, the commonly used non-custodial wallets are not user-friendly. After several years of development, builders in this track have reached a consensus in recent years on the goal of lowering the threshold and improving security, efficiency, user experience, and interaction costs. To achieve this, three things need to be addressed: no mnemonics, no need for users to back up their credentials/private keys, and a non-custodial wallet. In order to achieve the final form of this wallet, there are already a variety of different solutions, and a smart contract wallet is currently the mainstream solution.
In general, the currently available smart contract wallets probably have the following advantages.
● No single point of failure. Multiple signatures are required to execute transactions.
● Programmable access control. Users can define different policies, and set time locks, spending limits, and automation.
● Transaction batching can be realized to save costs.
Scalability:
Thanks to the composability of smart contracts, wallet developers can create an ecosystem of modules that users can choose to add to their wallets, creating an ecosystem for new features like NFT lending frameworks, DAO voting modules, and non-custodial asset management services. app store.
Programmable recovery:
Wallets can offer several options for recovering funds for the smart contract itself.
On-chain accountability:
On-chain signature authorization policies and aggregations make it clear which keys are used to sign transactions, making operations more transparent and straightforward, allowing auditing of who participated in transactions in case of errors.
Support for switching to other signature schemes:
Smart contract wallets can change their signature scheme to a simpler, more gas-efficient, or quantum-resistant scheme. They can also be used on iOS and Android devices ( turning the phone into a hardware wallet ) or enabled with Ed25519, allowing the use of iOS biometrics and web authentication.
Open Source:
Anyone can audit the Smart Wallet implementation and extend its functionality to address vulnerabilities and add new features through an ecosystem approach.
AA (Account Abstraction) contract wallets could solve these problems in a sense, but the reality has not gone in the direction envisioned, and in fact, there are many problems with the application of smart contract wallets.
Gas fee:
The logic of a smart wallet is more complex than an EOA wallet, so the gas for each operation is more expensive. In addition, creating a smart wallet also requires a significant gas fee, and the low gas fee is the demand of all users.
Poor compatibility:
personal_sign often requires existing dApps to adapt to the signature rules.
It is difficult to support non-EVM public chains: AA wallets can only be realized within EVM, while the competitive landscape of L1 public chains is not yet stable, and qualified wallets should be multi-chain compatible.
Wallet Guardian Dilemma:
For newcomers, using a contract wallet requires setting up a credible “guardian”, and the risk of the guardian’s account has left a security risk for new users, and such a process is also very unfamiliar to Web2 users.
Contract maturity issues:
The core contract of ERC-4337 is still in progress, and developers are mostly cautious without long-term security verification.
At present, there is no AA wallet that has landed, is highly usable, and is popular on the market. On this route, the further development of wallet developers and the continuous promotion and market education of the project to the C-end are still awaited.
CA “Contract Account” not only includes the advantages of the AA wallet but also solves some of its existing problems. CA has more advantages, such as low gas, high compatibility, multi-chain support, complete social recovery, etc.
MPC Wallet:
MPC wallet (secure multi-party computation) is another solution. Multi-party computation (MPC) enables a group of mutually distrusting parties to jointly compute a function based on their inputs while keeping those inputs private. MPC wallets eliminate single points of failure by using a Threshold Signature Scheme (TSS). Under this paradigm, portions of the private key are created and distributed such that no single person or machine has full control over the private key — a process known as distributed key generation (DKG). We can then combine the parts and co-generate the public key without exposing the parts between the parties.
Similarly, MPC also has obvious advantages and disadvantages:
● Advantages:
- There is no single point of failure. A complete private key is never centralized on one device at any time. There is no mnemonic either.
- Adjustable signature scheme. Organizations can dynamically adjust signature schemes without having to notify counterparties of a new address each time.
- Granular access control, etc. Organizational users can assign an unlimited number of transaction approvers to a policy, and assign permissions that accurately reflect organizational roles and security measures (time locks, MFA, fraud monitoring). Individuals can choose the semi-custodial route through MPC wallet-as-a-service, where a third party holds a key shared portion.
● Disadvantages:
- Off-chain accountability. Signing authorization policies and approving fixed numbers are managed off-chain, so these custom rules are still prone to centralization issues. The key share is still a cryptographic secret and should be treated like the entire private key. Off-chain rules and signatures hinder transparency and require stricter operational audits.
- Incompatible with most traditional wallets adopted by many users (no Mnemonic Phrase, no full private key stored on a single device). The MPC algorithm is also not standardized, nor is it natively supported by agency-grade security devices such as iPhone SEP and HSM.
- Mostly isolated custom products. Many MPC libraries and solutions are not open sources, so it is difficult for the ecosystem to independently audit and integrate them if something goes wrong. Therefore, whether it is based on the security of use, user trust, or transparency of the project party, the open-source MPC wallet is the trend of the next stage.
● Epilogue:
- Nowadays, as wallet project parties pay more and more attention to user experience and interaction, the wallet development ecology of two different tracks is also facing the same challenges. For example, there are endless technical loopholes, such as user education costs, such as security, and shifting costs…these all need to be looked at and faced.
- After comparing two different wallet technologies, you will find that although MPC and smart wallets share a common “this vs that” framework, in the long run, they are not competitive, but complementary. MPC provides shared security at the key generation and management level, while smart contracts bring scalability and an ecosystem approach to function and application development. As practitioners in the wallet industry, we are also constantly bridging the differences between the two parties to bring better wallet products to users.
- Therefore, ideally, the wallet as the entrance to the crypto world should take into account multiple advantages at the same time as the market develops and the technology matures — giving users a better user experience, more transparent information, and more funds Guarantees, freer trading methods, truly respecting users, and friendly interactions — perhaps, they have already emerged.
- We welcome you to discuss with us in the comment section the best wallet you think, so far, We will draw a part of the comments to give gifts.
All Comments