The foundation of the Web3 ecosystem lies in wallets, which allow users to verify their web identities and authorize transactions. However, using a wallet comes with a steep learning curve, often leading new users to opt for custodial wallet providers, such as centralized exchanges like Binance. Experienced crypto users may advise against this, as centralized exchanges like Mt. Gox, QuadrigaX and FTX have suffered from hacks or fraud, resulting in some customers losing all their funds. Still, the majority of crypto users see noncustodial wallets as the only secure way to protect their Web3 identity.
The question is whether users must constantly choose between security and convenience. Several Web3 companies, including Magic, Dfns, Kresus, Web3Auth, Immutable, and others, are working to create wallets that are both easy to use and secure. They use various types of wallet infrastructures to make this idea a reality.
One new system is the Magic software developer kit (SDK), produced by Magic Labs. Instead of storing the private key on the user’s device, an encrypted copy is kept on an Amazon Web Services Hardware Security Module (HSM), preventing the user’s key from being broadcast to the internet. This introduces the concept of seedless wallets, as passwords are replaced with one-time use tokens sent to the user’s email. Companies using Magic include Kresus and Immutable Passport. To address security concerns with Magic, Immutable Passport and Kresus plan to use two-factor authentication (2FA).
Another promising wallet infrastructure is Web3Auth, which relies on multiparty computation (MPC) to make private keys recoverable. Users generate a private key, which is then split into three shares. They keep one share on their device, and another is stored by the Web3Auth network through a login provider. A backup share should be stored on a separate device or offline. Some of the wallets incorporating Web3Auth are Binance Wallet and a closed beta version of Trust Wallet.
Dfns is an MPC key management network designed to allow institutions, developers, and end-users to create passwordless and seedless wallets. The private key is stored as multiple shards distributed across nodes throughout the Dfns network. By utilizing WebAuthn, the Dfns nodes verify that a user has authorized a transaction.
Whether these new wallet technologies will encourage mass adoption or be accepted by current users remains uncertain. They might still be too complex for users preferring to hold their crypto in an exchange, or those who staunchly believe in the “not your keys, not your crypto” mantra may be suspicious of trusting an MPC network or hardware security module owned by Amazon. However, some users may decide the benefits of MPC or magic links are too good to pass up. As wallet technology evolves, discussions about how to ensure users stay in control of their funds or what “self-custody” really means continue to emerge.
Source: Cointelegraph