secondary title

No private key, no mnemonic, where is the best solution for Web3 wallet?

In the new round of industry reshuffle, the wallet side is getting more and more attention: if Web3 concepts such as NFT, GameFi, and SocialFi are to set off a bigger wave, encrypted wallets are the basis of a new round of revolution.

Whether it is an institution or an individual, the biggest demands of wallet users are on "safety" and "ease of use".

Compared with the steps of using existing wallets, "no trouble" is one of the prerequisites for moving from Web2 to Web3. No private key and no mnemonic are the ideal features of a Web3 wallet.

At present, the most popular ones are MPC wallet and smart contract wallet.

(1) MPC (Multi-Party Computation) wallet

The MPC wallet is an encrypted security technology solution without a private key. The idea is: fragmented custody of private keys. The MPC wallet itself does not have a private key, but fragments the private key, and realizes multi-signature under the chain by performing multi-party calculation (MPC) on the private key. The code of the MPC wallet is open source, and a simple password is automatically generated after "encapsulating" the private key, and then assets are managed through the password.

Some features of MPC wallets are:

* No private key (no private key appears), supports distributed private key storage, configurable signature rules or policies

* Off-chain signature, low cost and higher relative privacy (compared to multi-signature wallet chain signature)

* Requires the participation of the MPC service party, similar to semi-custodial, partially centralized, and the MPC library is not open source

* It is more suitable for scenarios where multiple people in the team decide to spend funds, such as exchanges/DeFi/DAO/blockchain enterprises or teams/Web2 institutions, jointly manage assets. Compared with the single-signature wallet, the use process is more complicated and not suitable for individuals.

Representative projects include: MPC managed wallet Safeheron, private keyless social wallet ZenGo, web wallet OpenBlock, decentralized and privacy protection wallet Bitizen, ZKP + MPC multi-signature wallet Safematrix.

(2) Smart contract wallet

A smart contract wallet refers to a wallet solution that uses a contract account (CA) as an address. is another full-fledged "helpless mnemonic" solution.

Ethereum stipulates that "a transaction must pass the verification of the standard ECDSA electronic signature based on the private key of the EOA account, and then it can be written into the blockchain". Therefore, the smart contract wallet aims to "make the CA account realize the ability of the EOA account", that is, to realize the account abstraction (Account Abstraction), so as to be closer to the non-perceptual interaction.

(*Ethereum account has two forms: EOA (external account) and CA (internal account, or contract account). The EOA account itself has no code and is controlled by the user through the private key. It can independently initiate transactions and control the contract account. CA The account is controlled by code (not controlled by any private key), run by the Ethereum virtual machine, and can control other smart contracts.)

It can be further understood as: In the original Ethereum, users are allowed to schedule public chain system resources with their private keys, such as transfer, authorization, liquidity injection and other operations, and generate Gas fees. After adding the account concept, user needs are "packaged" into smart contracts to realize account abstraction, and then interact with the public chain. Because it is run through code, it can realize functions such as multi-person signature verification, white list, gas fee payment, social retrieval, support for multi-chain unified address, etc., to improve the wallet experience.

Some features of smart contract wallets are:

* Web2 user-friendliness: no mnemonic solution, users do not need to bear the security risk of self-custody mnemonic; no private key or weaken the concept of private key, even the private key can be replaced.

* Compared with EOA wallets such as Metamask, smart contract wallets do not need to install browser plug-ins, download Dapps, or backup mnemonic words.

* The implementation of the ERC-4337 protocol will greatly reduce the development and operating costs of smart contract wallets. (For example, early smart contract wallets need to operate a centralized Relayer role to process transactions separately. After being compatible with the ERC-4337 account abstraction protocol, a general module can be used to complete the action of binding user instructions and transactions. At the same time, lower transaction costs can be achieved. costs and development costs.)

* Social Recovery: It can be used by logging in with Google, Facebook and other accounts, as well as social password recovery, user data storage and other functions.

Representative applications include: UniPass, a smart contract wallet solution that supports email social recovery; Gnosis safe, a chain multi-signature wallet with the widest audience in the Ethereum EVM ecosystem; Argent, a smart contract wallet with outstanding cross-chain bridge integration; and an L2-based smart contract wallet. Soulwallet.

At present, the user experience feedback of the two types of wallets is good, the product is highly completed, and the security is stronger. MPC wallets without private key mnemonics are more suitable for large asset holders or institutions. The security audit agency SlowMist also proposed in the "Blockchain Dark Forest Self-Help Manual" that the MPC-based private key-free solution should be popularized as soon as possible.

The L2 smart contract wallet based on ERC-4337 is more suitable for individuals and can reduce the hard cost of deploying contracts to a greater extent. This solution is especially in line with the aesthetics of Web2 users, and can lower the entry barrier to a greater extent.

secondary title

Primary market investment dynamics

Primary market investment dynamics