Author: Richard Chen, San Francisco early encrypted risk fund 1confirmation Partner
Compile: Zhan Wei
Source: Chain smell
- Bloomberg: The $5 billion encryption loan market is just a credit bubble that is about to burst?
- Lightning network giant ACINQ received $8 million in financing. Why did the 6-person team get favored by state-owned banks?
- Xinhua News Agency: Some people deserve to be vigilant in the name of blockchain
- The funds can be stolen and can be withdrawn, the private key can be recovered, and the GateChain test network is officially released.
- The 18 millionth bitcoin will be dug out this week, and the remaining 3 million bitcoins will still need 120 years.
- Popular Science | Nine Questions Take You to Know the Past and Present of the Central Bank's Digital Currency
Wallets are a key infrastructure for cryptocurrencies. The behavior of each encryption field, whether it is to buy or sell cryptocurrency, long-term holding cryptocurrency, sending cryptocurrency, mortgage cryptocurrency, etc., depends on the wallet in some way.
The wallet is also the gateway to Web3, just as a web browser is the gateway to the Web2 Internet. Because the encryption wallet is so important, nearly $400 million has been flowed to the encrypted wallet business to date, including Ledger ($8 million) , Blockchain ($70 million) , BRD ($54 million) and Abra ($35.5 million) . The most funds.
In order to design a better wallet user experience, a large amount of research and work has been invested. In this article, I will outline the ecosystem of crypto-coin wallets and highlight some recent improvements in the user interface/user experience (UI/UX) of the wallet, including the wallet SDK, smart contract wallet and meta-transactions. (meta transactions) .
The rise of cryptocurrency wallet
In the early days of Bitcoin, the first users were cryptographic punks, and they were familiar with the concepts of public and private keys. Therefore, the initial key management of the cryptocurrency is to write a private key or a mnemonic phrase (also known as a seed phrase) on a piece of paper and keep the paper in a safe place. For example, the following:
Obviously, ordinary people don't remember a bunch of random alphanumeric characters in order to send money to others, and it is very dangerous to carry a private key with them. The Brainwallet project attempts to let users generate their own defined seed phrases and then convert them into a private key using a hashing algorithm such as SHA-256. The name Brainwallet comes from the fact that seed phrases are only stored in the user's own brain, not in what place. If the user forgets the seed phrase or unfortunately dies, this bitcoin will disappear forever.
The user's ability to choose a good seed period phrase on his own to withstand the risk of losing a fortune. But humans have always been poor at generating disordered seed phrases, and the seed phrases they come up with tend to form rules that are easy to predict. As demonstrated in a DEFCON presentation, hackers have stolen hundreds of bitcoins from the sparsely generated Brainwallet, which are now worth millions of dollars.
So the wallet was born. The wallet pulls out the private key, allowing the user to send and receive cryptocurrencies through a simple UI. In addition to backing up your wallet, users don't have to interact directly with their private key. The first version of each wallet is client-based and requires users to download desktop software. These desktop wallets either run a lightweight client locally or connect to a node, and it takes a few minutes to sync to the latest block each time the wallet is opened.
Loading too long is not a good user experience. Therefore, the next version of the wallet is mostly based on the network or mobile wallet.
All of these wallets have the basic function of securely storing cryptocurrency, sending and receiving transactions. Almost all of these wallets are controlled by the user, which means that the wallet provider can only create wallet software, not the user's funds. The wallet provider is not responsible for storing the user's private key, and they pass the burden on the user.
Today, there are many client-based, web-based and mobile-based wallets that are largely indistinguishable from the details. For example, some wallets allow users to purchase cryptocurrencies directly in the wallet, through payment processors such as Waye or Simplex , and some through Shapeshift or Changelly to support users to exchange cryptocurrencies , and some use bitcoins like CoinJoin . The rich currency service supports private transactions, and the other supports various cryptocurrencies and encrypted collections.
The only exception is the Chinese wallet, they try to copy the WeChat gameplay, stuffing as many features as possible so that users don't have to flee. For example, imToken allows a user to obtain a native MakerDAO mortgage debt bin from the wallet. Other popular wallets in China include Bitpie , RenrenBit and Cobo wallets .
In addition to these software wallets, there are also hardware wallets. Hardware wallets provide cold storage, which is physically isolated from the Internet, and they are usually stored in a bank safe. If you want to store a lot of money, the hardware wallet is very suitable, because the only way for hackers to steal the funds is to physically invade the bank to get these hardware wallets.
Web3 Wallet If you only want to securely store cryptocurrencies, send and receive transactions, and buy and sell cryptocurrencies, the wallets listed above are a good choice. However, if you want to interact with a Web3 application, they are not that useful.
From a user's perspective, the main difference between Web2 and Web3 applications is that Web3 applications need to have a wallet in the browser. When entering a Web3 app, the website checks to see if there is a wallet extension that supports the Web3.js library. If not, it tells the user to download a MetaMask before using the DApp . Non-Web3 wallets like BRD Wallet and Edge Wallet do not support the Web3.js library, so it is not possible to use ETH on a DApp like Compound or Uniswap from a non-Web3 wallet.
Me taMask is clearly the main player in the Web3 wallet. As of April, MetaMask is expected to have 264,000 monthly active users and 90,000 weekly active users. Considering that almost every DApp requires users to download the MetaMask extension before using the website, the MetaMask metric also represents the overall market size that the current DApp can address. To a certain extent, MetaMask currently plays the role of a Web3 gatekeeper and has a strong “product market fit” (the best match between product and market) , although it has a lot of room for improvement in user experience. . Of course, the mission of Web3 is to reduce the control of individual centralization gatekeepers on the network portal, so many teams are building alternatives to MetaMask.
Hedgehog is another option outside of MetaMask, a desktop Web3 wallet developed by the Audius team. The wallet encrypts the private key with a user-generated password and does not force the user to confirm the transaction pop-up multiple times, thus reducing the complexity of the wallet. But the downside of this solution is that the account cannot be recovered and is primarily built for small amounts of financial use cases.
Coinbase Wallet and Trust Wallet are two active mobile web3 wallets, while MetaMask Mobile and Astro Wallet are currently in beta. A mobile version of the Web3 wallet is actually just a browser with an ordinary mobile wallet added to make it easy for users to use their mobile wallet on various websites. The mobile version of the Web3 wallet can also be accessed by scanning the QR code on the computer, using WalletConnect or WalletLink to connect the two devices. Some mobile wallets, such as DexWallet and Rainbow , are custom-made and serve the use cases of Decentralized Finance (DeFi) .
A better user experience is best for DApps like MakerDao and Auger, each offering a dedicated mobile app that users can download from the App Store or Play Store, which is the most common way for users to access Facebook via a mobile app. Not the same as facebook.com on a mobile browser. To improve DApp's UI/UX on mobile devices, Tasit is building an SDK for mobile apps that serves the popular Ethereum DApps.
Wallet SDK Although MetaMask has a first-mover advantage, there are still many easy-to-implement improvements in UI/UX that can attract mainstream users to adopt DApp. The main UX bottleneck in using MetaMask is that users need to download a separate browser extension (although MetaMask recently released a new plugin for website integration) . DApp developers who track user conversion rates tell me that more than 90% of users who try to try DApps choose to give up when they are told they need to download MetaMask.
If we want mainstream users to try out Ethereum, then logging into a Web3 application should be no different than logging into a Web2 application.
A Web3 wallet SDK that logs in like the username and password for Web2. The user does not need to download a separate extension in order to use the application, nor does it have to click on a pop-up window each time a transaction is sent. Moreover, this wallet is natively integrated into the site and is supported on all devices and browsers. The downside is that this wallet is only for DApps that integrate a few lines of code into the wallet.
The wallet SDK provider stores the encrypted user password, which maps the corresponding private key, stored in the HSM in the case of Fortmatic and Bitski , and fragmented in the Torus case. Because the wallet SDK provider stores the mapping between the password and the private key, updating the mapping resets the password. This is important because users are already accustomed to resetting in Web2 applications, and they think there is a backdoor for password recovery anyway. In a traditional wallet, if a user loses their private key, the funds inside are lost forever.
Smart contract wallet
Smart contracts on Ethereum provide programmable currency for use cases like DeFi. If we can use smart contracts to add extra features to the programmable wallet, it would be imaginative.
First of all, I would like to talk about some background knowledge of the Ethereum account model . There are two different types of accounts in Ethereum: externally owned accounts and contracted accounts. Traditional Ethereum wallets use externally owned accounts that are secured with a private key, usually a "seed phrase" that the user converts into 12 words. So the burden is on the shoulders of the end users, they have to make sure that the phrase is not lost, and if it is lost, the funds in the account will be lost forever.
In contrast, a contract account is a code that only survives on the Ethereum blockchain, and there is no private key to access the funds in the account. With contract accounts, the smart contract wallet completely breaks the concept of managing private keys for users. Moreover, smart contract wallets can be programmed to have the same security as traditional banks, such as account recovery, fraud protection, and withdrawal restrictions.
In a traditional wallet, if users don't back up their seed phrases and lose their phones, all their money will disappear. However, with a smart contract wallet, users can designate reliable family and friends as “ backers ” (called guardians in Argent) . If most backup users agree, users can trigger a social recovery process to get their funds back. It should be noted that backup users can never steal user funds; their permission is that only they can participate in the recovery process.
To prevent fraud, Gnosis Safe currently implements a two-step verification, and most people use 2-step verification when using their important online accounts. Dapper can also monitor unusual behaviors, such as sending large sums of money to suspicious addresses, or activity in anomalous areas, and checking before transactions are confirmed.
Withdrawal limits are a very common security feature in traditional banking systems. With a smart contract wallet, users can set a maximum transfer limit for any given transaction. If the triggered transaction exceeds this amount, the transaction will be tentatively scheduled for a period of time until a specified point in time. During this time, the user can cancel this transaction.
While smart contract wallets offer more security than traditional wallets, smart contract wallets have their own risks: it's not cold storage, and programming a wallet increases the vector of its attack surface. If it is a normal wallet, as long as the private key is secure, the wallet will never be hacked, and the smart contract wallet may be hacked due to bugs in the code.
Nexus Mutual provides insurance for smart contract wallets in response to unexpected situations where the wallet is hacked or the user loses money. Currently, the insurance coverage on Argent and InstaDapp is $2,400 and $15,000, respectively.
For more information, please visit NexusTracker.io
Meta transactions is an emerging design model pioneered by Austin Griffth that greatly reduces the threshold for DApps to be adopted on a large scale. Around this idea, a passionate community has taken shape, mainly leading to MetaCartel .
Meta-transaction is a no-gas transaction that allows users to instantly use the DApp without having to install a browser extension or purchase a cryptocurrency. The concept of a meta-transaction is that a user signs a transaction with his private key and then transmits it to a repeater (relayer) that receives the transaction data, which the repeater packages into an actual Ethereum transaction. The gas fee is then paid to submit the transaction to the Ethereum blockchain.
It should be noted that the meta-transaction is not a wallet, so where the user's private key is stored depends on how the wallet implementing the meta-transaction is designed.
The first version of the meta-transaction relies on a single repeater to broadcast transactions, which makes the system very central. In theory, the repeater can review the user's transactions, but since the wallet provider or DApp is usually a repeater, in practice they are not meaningful in reviewing their users. Despite this, members of the Zeppelin and TaboKey teams worked very smartly to solve this problem by relaying all meta-transactions in a decentralized manner and releasing the Gas Station network.
In the Gas Station network, the user randomly selects one from a network of multiple independent repeaters to submit his own transactions to the blockchain on his behalf. The DApp pays the repeater, and the latter has to submit a deposit, in case the malicious act, the deposit has to be confiscated. In this way, DApp takes on the cost of repeaters and gas, and as a customer to get the cost. And users can enjoy a seamless experience. Based on the DApp-based business model, they can charge users by charging a subscription fee.
Meta-transactions can be implemented in smart contract wallets. Argent and Astro wallets use meta-transactions so users can send transactions without paying a gas fee. But more importantly, meta-transactions allow multiple transactions to be bundled into one transaction. This is important because DApps like Uniswap require additional transactions to unlock each token that the user wants to redeem, and then the user can make a single redemption. Meta-transactions eliminate all these unnecessary initial steps and users can trade directly with DApp.
On ETHDenver, Burner Wallet was released, allowing people who participated in the hackathon to pay for the dining car. Since then, many different versions of Burner Wallet have appeared in other events.
Another good example of using meta-transactions in practice to attract new encrypted users is Burner Wallet . It is a web wallet with a simple interface for fast payment of small cryptocurrencies. When you access xdai.io from a web or mobile browser, a Burner Wallet is automatically generated, no need to download any applications or seed phrases, and the private key is stored in the browser's local storage. Sending a transaction between Burner Wallet is the same as using WeChat Pay – scan the QR code to exchange cryptocurrencies between users.
Burner Wallet is similar to cash – you don't carry a lot of money with you, because it's easy to lose, and banknote exchange is very convenient. Since the user's private key is stored in their browser's local storage, Burner Wallet provides a great trial experience for the user, but this is not a permanent way to store funds. To solve this problem, Burner Wallet worked with Gnosis Safe to automatically transfer funds to a more secure wallet once the user has accumulated enough money in their Burner Wallet. Combining the security and scalability of Gnosis Safe with the accessibility of Burner Wallet is a major improvement on the Ethereum wallet infrastructure.
Where will the wallet business go?
Most people think that the user experience of cryptocurrency and DApp is still several years away from the mainstream people's usability, but in the past year, the user experience has actually had many major breakthroughs, only in the existing wallet. It can be achieved. I believe that as long as a better user experience like meta-transactions can be promoted to DApp developers and more widely implemented, we will see the explosion of DApp use.
I also noticed that there is a gap between the existing cryptocurrency native users and the new cryptocurrency players in the use of wallets. Existing cryptocurrency native users seem to be able to use MetaMask very well (or at least have adapted to its UX issues) without the strong motivation to switch to other wallets. Of course, when the price of gas in Ethereum soars, they still want to take advantage of the fact that they do not pay for the gas fee.
However, newcomers to cryptocurrency don't understand that Web3 applications require a Web3 wallet, and once they hit a website saying it's not compatible with Web3, they feel like they have nowhere to go. Almost all UI/UX work currently done in the wallet space is actually for the latter category of users. Similarly, various wallet projects are also convinced that the user experience, rather than the lack of killer applications, is the biggest bottleneck for DApp adoption on a large scale. Solving this bottleneck will lead to the next wave of cryptocurrency.
In order to solve this split situation, in my opinion, the ideal solution is to provide two login options: one is to use MetaMask, to protect the existing encrypted native user service for autonomy, and the other is to use a new one. The wallet infrastructure, which caters to new users, will weigh in on anti-censorship and privacy.
Or there is the possibility that in the future, web browsers like Chrome and Firefox will have a pre-installed wallet for all users, and by then, the HTTP 402 error code will really come in handy. Note: HTTP 402 is reserved for future use. It is planned that this status code may be used for electronic cash or online small transactions, but it has not been implemented). In this case, we will realize the dream of a magical internet currency.
Chain Wen received the author's authorization to publish the Chinese version of the article.