1. Key points of the research report

• Passkey is the next generation of Web2 account technology, which features installation-free, security, convenience and privacy.

• Passkey wallet introduces this technology to the blockchain world and brings us a new wallet experience

• Its user experience even exceeds traditional Web2 accounts, and the new user experience will also give birth to new user scenarios.

• The threshold for ordinary users to enter the blockchain world has been completely cleared, and the large-scale popularization of Web3 may be just around the corner.

2. Overview

2.1 Passkey technology introduction

Before introducing Passkey, WebAuthn needs to be introduced first. It is a passwordless login technology proposed by the FIDO Alliance jointly supported by Apple, Google, Microsoft, Meta, etc. It performs user authentication through an asymmetric key pair generated by the device, replacing the user password authentication scheme. Its principle is similar to the USB shield or hardware wallet we traditionally use. The user uses the private key saved in the device to make a digital signature to authenticate his identity to the server.

WebAuthns private key is generated and managed in a dedicated security chip, corresponding to the Secure Enclave of Apple devices, the Secure Element of Android devices, and the TPM of PC devices. They are all independent chips independent of the CPU and operating system and have a very high security level. For example, Apple Pay credit card information is stored in this area. The private key in the security chip cannot be read through external APIs. It can only be evoked by the systems lock screen module (usually biometric) for digital signature operations.

Passkey is a key encryption synchronization solution based on WebAuthn. Users can use icloud or Google account to automatically encrypt and synchronize their device private keys to achieve the experience of automatically logging in to a website on multiple devices at the same time. Currently, mainstream devices including iOS, Android, and MacOS fully support Passkey, while Windows 10/11 only supports WebAuthn.

Passkey/WebAuthn (considering that the only technical difference between the two is synchronization, they will be collectively referred to as Passkey from now on) technology is the next generation account authentication technology promoted by large companies. It has very obvious advantages: no password, anti-loss , anti-counterfeiting, simple and easy to use, etc. But it also has natural flaws, that is, devices of different brands cannot trust each other. It is impossible to synchronize iOS Passkey with Android devices, so logging in to accounts across brand terminals is always a big problem.

2.2 Passkey combines the advantages of Web3

Passkey technology itself is designed for Web2 network services and does not take into account Web3/Crypto application scenarios. But due to its asymmetric key architecture, it will exert great advantages once combined with Web3.

• Passkey wallet can be used to build a non-custodial wallet without passwords and words.

• Passkey wallet does not need to reveal any user private information, including email, mobile phone number or even user name

• Passkey wallet improves the wallet security of ordinary users to the hardware level and provides a better user experience.

• Blockchain can serve as a trust intermediary, allowing Passkeys generated by devices of different brands to be mutually recognized, which can provide a better user experience than when Web2 uses Passkey.

Security, convenience, and non-custodial, these three seemingly impossible advantages can be achieved on the Passkey wallet. It will be an important promoter of the Web3 mass-adoption narrative.

2.3 Brief analysis of ERC 4337 and MPC wallet

Also focusing on the mass-adoption narrative, there are already two mainstream solutions on the market, namely the ERC 4337 account abstract wallet and the MPC secure multi-party computing wallet. Let’s first briefly review their principles and characteristics.

ERC 4337 wallet

ERC 4337 is an application layer standard for EVM contract wallets. The advantages of the contract wallet itself include resetting the private key if it is lost, payment of handling fees, flexible permission management, batch transactions, etc. But its disadvantages are also obvious, including high initialization costs, high single transaction fees, poor dapp compatibility, etc. These are the theoretical advantages and disadvantages of the contract wallet. In actual use, it exposes many other shortcomings.

Users still need a private key, how it is generated managed is a question

The trust anchor issue when the private key is lost and reset: Who has the authority to reset the private key of the users wallet?

Multi-chain synchronization problem of private key reset: Assuming that the user only has assets on Polygon and resets the private key at this time, should the contract private key on Ethereum be reset? If reset, a high handling fee will be required. If not reset, subsequent users will not be able to use their accounts on Ethereum.

There is an issue with the source of the initial deployment fee, which needs to be paid by the user or subsidized by a third party.

Incentive issues for bundlers under the 4337 protocol

These theoretical and practical issues result in the actual adoption rate of ERC 4337 wallets being lower than expected.

MPC wallet

MPC wallet is to divide the private key into several parts and hand them over to multiple parties for safekeeping. When a signature is required, the private keys are spliced ​​together to form a complete private key and then signed; or each fragment is signed separately and the signatures are merged and calculated into a complete signature. . Advantages of MPC wallet include

On-chain costs are low and users do not need to pay additional wallet contract execution fees

The recovery solution is flexible. Users can use email, mobile phone, password, cloud storage and other methods as authentication methods to obtain recovery fragments.

Platform independent, MPC wallet not only supports EVM, but also theoretically supports various blockchain systems

But MPC also has a relatively big shortcoming, that is, it must introduce centralized shard hosting and signature services. They require a lot of cost to maintain information security and data backup of shard servers, and to ensure that they can respond to user signature requests in a timely manner. This also leads to the fact that the business model of MPC wallet is toB SaaS, and it is difficult for users to migrate. This also leads to applications that are often unwilling to bind users to a certain MPC service provider.

3. Passkey wallet product analysis

3.1 Three directions of Passkey wallet

We analyzed the Passkey wallets currently on the market and found that they are mainly divided into three technical directions.

AA + Passkey signature verification solution, represented by Clave and Banana SDK

Centralized delegation authentication scheme, represented by Turnkey

Signature Transform solution, represented by JoyID

Below we will introduce and analyze them one by one.

3.2 Clave & Banana SDK

The first type of wallet adopts AA + Passkey signature architecture, constructs an abstract account on the EVM compatible chain, and directly uses smart contracts to verify Passkey signatures. Two representative projects are introduced here.

Clave (https://www.getclave.io/) was originally a project that won an award at the EthGlobal Hackathon 2023. The project was named opClave when participating. It uses the EVM contract to calculate the secp 256 r 1 signature required by Passkey (not the usual secp 256 k 1). Due to the limitations of algorithm complexity and EVM capabilities, verifying a Passkey signature requires 600,000 to 900,000 gas. This is unacceptable for real scenarios, at least mass-adoption scenarios. Therefore, Clave plans to reduce gas consumption by building a separate Layer 3 chain and adding a precompiled secp 256 r 1 signature verification contract to it. However, this method seriously damages the multi-chain characteristics of the wallet, so it is difficult to be popularized.

Banana SDK (https://www.bananawallet.xyz/) positions itself as a toB SDK rather than a toC wallet. Through Banana SDK, dapp parties can embed low-threshold wallets anywhere, making it easy for users to import. But its underlying solution and problems are the same as Clave. The high gas fee is the biggest obstacle to the practicality of this type of product.

In order to solve the cost problem of Passkey signature verification on Ethereum, developers proposed EIP-7212 (https://eips.ethereum.org/EIPS/eip-7212) and other Ethereum proposals hope that EVM will have a built-in precompiled secp 256 r 1 signature verification algorithm, thereby significantly reducing the cost of signature verification. However, this EIP involves modifications to the underlying cryptography and consensus layer. Even if it can be passed, the time it takes to merge into the main network will be calculated in years. Clave is currently cooperating with zksync, substituting EIP-7212 into zksync, and mainly deploying it on it.

In addition, there are other solutions for projects similar to AA + Passkey on-chain signature verification, including solutions that use zero-knowledge proofs to reduce on-chain calculations, such asknownothinglabsUse halo 2.bonfire walletUse risc 0 bonsai. However, most products only exist in the product prototype stage, and there are currently no products that can be further analyzed.

3.3 Turnkey

Considering the cost of smart contract verification of Passkey signature, Turnkey (https://turnkey.com) and other developers put the Passkey verification outside the chain, and instead let the centralized service verify the users Passkey signature. After the signature verification is successful, the encryption machine is controlled to generate the signature. This solution is essentially the way Web2 uses Passkey, replacing the username and password with a public-private key pair, but the final authentication decision is still given by the centralized server.

Turnkey positions itself as toBs WaaS service. Its advantages are that the development tools are very complete, the developer experience is very good, and the ecological support is also very good. There are already many partners developing products, such asdynamic.xyzIt provides toC wallet service based on Turnkey and has a good user experience.

But the problem with Turnkey is also very prominent, that is, it essentially manages the users wallet private key (although its documentation repeatedly emphasizes that it is non-custodial. The reason seems to be that the private key is in the TEE environment of the server, and the administrator cannot directly access the TEE) , and the business model is toBs SaaS service. Once the service goes offline, users will face the problem of being unable to sign.

3.4 JoyID

JoyID Wallet (joy.id) is technically taking a unique route, called Signature Transform. The JoyID wallet itself supports multiple chains including Ethereum, Bitcoin, Solana, etc., and behaves as a standard EOA wallet on these chains. At the same time, it decentralizes its own keys and authorized equipment through the AA account on Nervos CKB. manage. This is a very special architecture that combines the flexibility of an AA account with the low cost and high compatibility of an EOA account.

The AA account managed by JoyID is mainly responsible for mutual authorization of Passkey between multiple devices, and saves the encrypted fragments calculated by the 2-of-2 key. The other fragment is calculated by the device in real time through Passkey when signing. This way to achieve decentralized signature conversion between secp 256 r 1 → secp 256 k 1. This solution does not require server intervention when signing transactions. It is completely based on the security chip signature on the user device side, ensuring security, decentralization and non-custodial.

In terms of actual product experience, the entire process of JoyID is very smooth and smooth. Users do not need to enter any information and can complete wallet creation with two system authentications. The whole process only takes a few seconds and there is no need to pay anything in between. At present, it is the most complete and mature solution among all Passkey wallets.

4. The future of Web3 wallets

To summarize the advantages of Passkey wallet: no installation required, hardware-level security, biometric authentication, no mnemonic phrase required, can be restored at any time, no password required, no need to provide private information, no reliance on Web2 large companies, high EOA compatibility (supported by some wallets) wait. Compared with traditional Metamask plug-in wallets and mnemonic wallets, its user experience and even security have been greatly improved. Even its user experience has surpassed the registration experience of a Web2 account, which not only requires users to provide email and mobile phone numbers, but also needs to pass verification code verification.

New user experiences will bring new users, which will in turn give rise to new application scenarios. Web3 applications such as music NFT, creator economy, Open Loyalty, and DAO used to be limited by the speculative nature of mainstream wallet users and were often unable to focus on their own valuable businesses. After a large number of non-speculative users enter, these application scenarios can exert their real advantages and provide long-term value to customers.

The future pattern of Web3 wallets is likely to be similar to the relationship between WeChat Pay and Alipay. Users use financial services through Alipay and make daily small payments through WeChat. For Web3 wallets, everyone will use hardware wallets or mnemonic wallets for DeFi business and asset storage, and Passkey wallets for daily dapp interactions and micropayments. We look forward to the Passkey wallet becoming popular and bringing real large-scale users.