An Overview of the Crypto Wallet Landscape
Wallets are critical infrastructure for cryptocurrencies. Every crypto behavior — whether buying or selling crypto, hodling crypto, sending crypto, staking crypto, and more — relies on wallets in some fashion. Wallets are also the gateway to Web3 just like how web browsers are the gateway to the Web2 Internet. Given their importance, almost $400M of funding has gone to crypto wallet businesses to date, of which Ledger ($88M), Blockchain ($70M), BRD ($54M), and Abra ($35.5M) have raised the most.
A lot of research and work is being done right now to design better wallet UX. In this piece I give an overview of the crypto wallet ecosystem and highlight some of the recent improvements in wallet UI/UX, including wallet SDKs, smart contract wallets, and meta transactions.
The emergence of crypto wallets
In the early days of Bitcoin, the first users were cypherpunks who were familiar with the concept of public and private keys. As a result, key management in crypto started out as writing down a private key or a mnemonic phrase (a.k.a. seed phrase) on a piece of paper and not losing the paper.
4136fb984d0a8650c6ddc54698cb9365479a607402120e0b7527b2aa1f5d8903
witch collapse practice feed shame open despair creek road again ice least
Obviously, no ordinary person would want to memorize a random string of alphanumeric characters in order to send money to others, and carrying around a private key is risky and dangerous. Brainwallet was an attempt for users to generate their own custom seed phrase, which would be converted to a private key via a hashing algorithm like SHA-256. The name Brainwallet comes from the fact that the seed phrase is stored solely in the user’s own mind without being written down anywhere. If the seed phrase is forgotten or the user dies, the Bitcoins are lost forever.
Users risked their fortunes on their ability to choose a good seed phrase. But humans are terrible at generating entropy for seed phrases and likewise seed phrases tend to follow predictable patterns. As shown in this Defcon talk, hackers were able to steal hundreds of Bitcoins from poorly generated Brainwallets that are worth millions of dollars today.
Enter wallets. Wallets abstract away private keys and allow users to send and receive cryptocurrencies via a simple UI without users ever interacting directly with their private keys, except to only back up the wallet. The first iteration of wallets was client-based and required the user to download desktop software. These desktop wallets either ran light clients locally or connected to a node and needed several minutes to sync up to the latest block every time the wallet was opened.
Long loading times weren’t a great user experience, so the next iteration of wallets was web-based and mobile wallets.
All of these wallets have the basic functionalities of storing cryptocurrencies securely and sending and receiving transactions. Almost all these wallets are user-controlled wallets, which means that the wallet provider only creates the software for the wallet but has no ability to touch users’ funds. The wallet provider is not responsible for storing users’ private keys and just offloads that burden to the user.
Today, there are so many client-based, web-based, and mobile wallets in the wild with little differentiation. In some ways wallets differentiate by allowing users to purchase cryptocurrencies directly from their wallet using fiat through a payment processor like Wyre or Simplex, supporting crypto-to-crypto exchange through Shapeshift or Changelly, supporting private transactions using a mixing service like CoinJoin for Bitcoin, and supporting more cryptocurrencies and crypto collectibles.
The exception is Chinese wallets, which are trying to copy the WeChat playbook to be the single crypto app that the user never has to leave and thus include as many features as possible. imToken, for example, lets the user take out a MakerDAO CDP natively from the wallet. Other popular wallets in China are Bitpie, RenrenBit, and Cobo Wallet.
In addition to these software wallets, there are also hardware wallets. Hardware wallets provide cold storage, meaning that they are airgapped from the Internet and are often physically stored in bank security deposit boxes. Hardware wallets are great for storing large amounts of money since the only way a hacker can steal the funds is to physically break into the bank to get access to the hardware wallet.
Web3 wallets
The wallets listed above are great if you’re only looking to store cryptocurrencies securely, send and receive transactions, and buy and sell cryptocurrencies. However, they aren’t all that useful for interacting with Web3 applications.
From the user’s perspective, the main difference between Web2 and Web3 applications is that Web3 applications require a wallet in the browser. Upon entering a Web3 application, the website will check whether there exists a wallet extension that supports the web3.js library, and if not will tell the user to go download Metamask before they can even use the dApp. Non Web3 wallets like BRD Wallet and Edge Wallet don’t support the web3.js library, so there’s no way, for instance, to use ETH from a non Web3 wallet on a dApp like Compound or Uniswap.
Metamask is the clear dominant player for Web3 wallets. As of April, Metamask has an estimated 264k monthly active users and 90k weekly active users. Given that almost every dApp requires the user to download the Metamask extension before being able to use the website, the Metamask metrics also represent the current total addressable market for dApps. In a way, Metamask currently serves as the gatekeeper to Web3 and likewise has extremely strong product-market fit despite the fact that there can be many improvements to its UX. But Web3 is all about reducing the power of a few centralized gatekeepers to the web, and thus there are plenty of teams building better alternatives to Metamask.
Hedgehog is a desktop Web3 wallet alternative to Metamask developed by the Audius team. The wallet encrypts the private key with a user-generated password and hides the wallet complexity by not forcing users to confirm transaction popups. The tradeoff is that this solution lacks account recovery and is built primarily for use cases involving little financial value.
Coinbase Wallet and Trust Wallet are two mobile Web3 wallets that are live, while Metamask Mobile and Astro Wallet are currently in beta. A mobile Web3 wallet is really just a browser added to the regular mobile wallet to allow users to use their mobile wallet funds on websites. Mobile Web3 wallets can also be accessed on desktop using WalletConnect or WalletLink by scanning a QR code to link the two devices. Some mobile wallets like DexWallet and Rainbow are custom built to primarily serve the use case of DeFi.
A better UX would be to have a standalone mobile app for each dApp like MakerDAO and Augur that the user can download from the App Store or the Play Store, similar to how most users access Facebook on mobile via the Facebook app rather than facebook.com on a mobile browser. To improve UI/UX for dApps on mobile, Tasit is building an SDK for developing mobile apps for a wide variety of popular Ethereum dApps.
Wallet SDKs
Despite Metamask’s early traction, there are still many low-hanging fruit improvements to UI/UX that can be made to attract mainstream adoption of dApps. The main UX bottleneck of using Metamask is that users need to download a separate browser extension (although recently Metamask announced a new plugin for website integrations). From talking to dApp developers who track their user conversion funnel, over 90% of users who try to use a dApp will give up when told they need to download Metamask.
If we want to onboard mainstream users to Ethereum, logging into Web3 applications should be indistinguishable from logging into Web2 applications.
A Web3 wallet SDK resembles a Web2 login with a username and password. The user doesn’t need to download a separate extension in order to use the app or click a popup window every time the user wants to send a transaction. Moreover, the wallet is integrated natively into the website and can be supported on all devices and browsers. The downside is that the wallet only works for dApps that integrate the few lines of code for the wallet.
The wallet SDK provider stores the encrypted user passwords that map to the corresponding private keys, which are stored on HSMs in the case of Fortmatic and Bitski or sharded in the case of Torus. Because the wallet SDK provider stores the mapping between passwords and private keys, updating the mapping enables password reset, which is important because users have been trained from Web2 applications to assume that there are always backdoors for password recovery. In contrast, if a user loses their private key for a traditional wallet, then their funds are lost forever.
Smart contract wallets
Smart contracts on Ethereum enable programmable money for use cases like DeFi. What if we could leverage smart contracts to program wallets with extra functionality?
First, some background on the Ethereum account model. In Ethereum, there are two different types of accounts: externally owned accounts and contract accounts. Traditional Ethereum wallets use externally owned accounts, which are secured with private keys often transformed into a 12 word “seed phrase” for the user. The onus is on the end user to not lose this phrase, and if they do the funds in the account are lost forever.
In contrast, contract accounts are just code that lives on the Ethereum blockchain forever and do not have a private key to access the funds sitting inside the account. Leveraging contract accounts, smart contract wallets shed the concept of managing private keys entirely for the user. Moreover, smart contract wallets can be programmed to have the same security guarantees as a traditional bank, such as account recovery, fraud protection, and withdrawal limits.
In a traditional wallet, if the user didn’t have their seed phrase backed up and they lost their phone, all of their funds would be gone. With smart contract wallets, however, the user can designate trusted family members and friends as “backups” (called Guardians in Argent). The user would be able to trigger a social recovery process to restore their funds if the majority of their backups agree. It’s important to note that backups can never steal a user’s funds; they just have unique permission to complete the recovery process.
For fraud protection, Gnosis Safe currently implements two-factor authentication, which most people use for their important accounts online. Dapper also can monitor for unusual behaviors like sending large amounts to a suspicious address or activity in an unusual region and check before confirming the transaction.
Withdrawal limits are extremely common security features for the traditional banking system. With smart contract wallets, the user would be able to set their max transfer limit for any given transaction. If a transaction is triggered over that amount, the transaction would be halted until a set amount of time clears. During that time, the user could cancel the transaction.
While smart contract wallets enable more security features than traditional wallets, the risk of smart contract wallets is that it’s not cold storage; programming a wallet increases the attack surface vector. Unlike regular wallets where securing the private keys means that the wallets can never get hacked, smart contract wallets could get hacked if there’s a bug in the code.
Nexus Mutual offers insurance on smart contract wallets in case the wallet gets hacked and users lose their money. Currently there is $2.4K covered on Argent and $15K covered on InstaDapp.
Meta transactions
Meta transactions are an emerging design pattern pioneered by Austin Griffth that drastically lowers the barrier for mass adoption of dApps. A passionate community has formed around this idea, largely spearheaded by the work of the MetaCartel.
Meta transactions are gasless transactions that allow users to use dApps immediately without needing to install browser extensions or purchase cryptocurrencies. The concept of meta transactions is that the user signs a transaction with their private key and passes it to a relayer that takes the transaction data, packages it into an actual Ethereum transaction, and pays the gas to submit the transaction to the blockchain. It’s important to note that meta transactions are not wallets, so where exactly the user’s private key is stored depends on the wallet that implements meta transactions.
The first iteration of meta transactions relies on a single relayer to broadcast transactions, which makes for a very centralized system. The relayer could in theory censor users’ transactions, but since the wallet provider or dApp is usually the relayer, it doesn’t make sense to censor one’s own users in practice. Nonetheless, members of the Zeppelin and TabooKey team very cleverly solved the problem of relaying meta transactions in a decentralized way and are launching the Gas Station Network.
In the Gas Station Network, users randomly choose from a network of independent relayers to submit transactions to the blockchain on their behalf. Relayers are paid by dApps and must put up stake that can be slashed if the relayer behaves maliciously. This way, dApps bear relayer and gas costs as customer acquisition costs (CAC) and users enjoy a seamless onboarding experience. Depending on the business model of the dApp, it could charge the users through other means such as subscription fees.
Meta transactions can be implemented in smart contract wallets. Argent and Astro Wallet use meta transactions so that users don’t have to pay gas to send transactions. But more importantly, meta transactions allow for multiple transactions to be bundled together into one transaction. This is important because dApps like Uniswap require extra transactions to unlock each token the user wants to trade with before the user can even make a single trade. Meta transactions eliminate all of these unnecessary preliminary steps so the user can just transact with the dApp immediately.
Another great example of using meta transactions in practice to onboard new crypto users is the burner wallet. A burner wallet is a web wallet used to send small amounts of crypto quickly with a simple UX. A burner wallet is automatically generated upon visiting xdai.io from a web or mobile browser without any app download or seed phrase, and the private key is stored in the browser’s local storage. Sending transactions between burner wallets is like using WeChat Pay — scanning a QR code to exchange crypto between users.
A burner wallet is analogous to cash — you won’t carry too much around because it can be lost but it’s very easy to exchange. Since users’ private keys are stored in their browsers’ local storage, the burner wallet provides a great onboarding experience for users but is not ideal for permanent storage of funds. To solve this, burner wallet partnered with Gnosis Safe to automatically move funds to a more secure wallet once the user accumulates enough money in their burner wallet. Combining the security and extended functionality of the Gnosis Safe with the accessibility of the burner wallet is a major improvement in Ethereum wallet infrastructure.
Where the wallet space is headed
Most people believe that the UX for cryptocurrencies and dApps is still many years away from being mainstream usable, but in reality there has been a lot of great breakthroughs in UX over the past year that just need to be implemented in existing wallets. I believe we’re are the tipping point of dApp usage once better UX like meta transactions is better marketed to dApp developers and more widely implemented.
I’ve also noticed a dichotomy in wallet usage behaviors between existing crypto-native users and new crypto users. Existing crypto-native users seem to be generally fine with using Metamask (or at least acclimated to its UX problems) and don’t have a strong incentive to switch to other wallets except to take advantage of features like not paying for gas when Ethereum gas price spikes.
New crypto users, however, don’t understand that Web3 applications need a Web3 wallet and get turned away when a website says it’s not compatible with Web3. Almost all of the UI/UX work being done in the wallet space is catered to the latter category of users. Likewise, wallet projects are making the bet that UX, not lack of killer app, is the biggest bottleneck for mass adoption of dApps and solving that will cause the next boom in cryptocurrency adoption.
To bridge this dichotomy, the ideal solution in my view is to offer two login options: one using Metamask for the existing crypto-native users that care about self-sovereignty and one using a new wallet infrastructure that’s catered towards new users but makes tradeoffs in areas like censorship resistance and privacy. Or perhaps in the future existing web browsers like Chrome and Firefox will have a pre-installed wallet for all users and we’ll actually make use of HTTP 402 error codes. In that case, we would achieve the dream of magical Internet money.
About the author: Richard is a partner at 1confirmation, an early-stage crypto venture fund based in San Francisco. Sign up for the 1confirmation newsletter and don’t hesitate to reach out on Twitter.
