The foundation of the Web3 ecosystem revolves around the use of wallets, which can either be an app or browser extension. These wallets enable users to verify their web identities and authorize transactions. However, using a wallet has always been challenging, especially for new users who need to learn how to store their seed words in a secure place, create a strong password for their keystore file, copy addresses correctly when sending funds, and more. To make onboarding more accessible, some users turn to custodial wallet providers such as centralized exchanges. But, experienced crypto users know the risk associated with them as they have seen centralized exchanges like Mt. Gox, QuadrigaX and FTX go bankrupt from hacks or outright fraud, causing some customers to lose all their funds due to using a custodial wallet.
Many crypto users still prefer noncustodial wallets backed up by a set of seed words as the only secure way of protecting their Web3 identity. A few Web3 companies are trying to create wallets that are easy to use and do not require users to place all their trust in centralized custodians. These companies believe that a wallet can be just as easy to use as an email account yet secure enough to protect a user’s identity and funds. They are using different types of wallet infrastructure to make this a reality.
One new system is the Magic software developer kit (SDK), which enables developers to create seedless wallets for users. Instead of storing the private key on the user’s device, an encrypted copy is kept on an Amazon Web Services Hardware Security Module (HSM). Magic wallets do not require passwords, and users receive a one-time use token through their email address to authenticate with Amazon Web Services. Wallets based on Magic incorporate this SDK.
Another infrastructure commonly used is Web3Auth, which relies on multiparty computation (MPC) to make private keys recoverable. When users sign up for an account using Web3Auth, their private key is split into three ‘shares.’ The first share is stored on their device, the second is stored by the Web3Auth network through a login provider, and the third is a backup share that should be stored on a separate device or offline. A user can generate the private key and confirm transactions with only two of the three shares.
Dfns is an MPC key management network that allows institutions, developers, and others to create and manage wallets. It also offers services such as key recovery and access control. The platform uses MPC and threshold cryptography to ensure the safety and custody of users’ assets.
As seen, these new infrastructures focus on making wallets easy to use while maintaining users’ security. While vulnerabilities still exist, ongoing efforts are in place to ensure these systems become even more robust.
