he entire crypto space is attempting to make wallet creation, conservation, and blockchain transactions more accessible.
Several improvements have been made in different blockchains, and new protocols have been created. If you have been in the crypto space for more than a year, it's likely that you either know someone who has been hacked and lost all the funds that were in their wallet or you have experienced this yourself.
Account abstraction, decentralized social logins with multi-factor authentication to recover your private key and passkeys have been three of the main features that the industry has been working on.
Let’s explain a little what these three features are about:
- Passkeys -> Instead of remembering a password, a third-party service provider (e.g., Google or Apple) generates and stores a cryptographic key pair bound to a website domain. Since you have access to the service provider, you have access to the keys, which you can use to log in. In short, you can use your camera or your fingerprint to safeguard your password.
- Decentralized Social Logins -> This allows users to log into decentralized applications (dApps) using their social media accounts (e.g., Facebook, Twitter) without relying on centralized intermediaries. By integrating blockchain technology, these logins ensure that users maintain control over their data and identity, enhancing privacy and security. Users' social media profiles can serve as an additional layer of verification, facilitating a seamless and secure login process.
- Account Abstraction (ERC-4337) -> Is a concept in Ethereum that allows for more flexible and programmable account behaviors beyond the standard account model. With account abstraction, smart contract wallets can be used, enabling features like multi-signature requirements, session keys, and custom transaction validation logic. A nice feature that it introduces is the ability to add other wallets to recover your access in case of loss.
What else do we need to onboard all the internet users willing to participate?
In my opinion, combining social logins and passkeys, such as what Web3auth is developing, is ideal for the ecosystem because it adapts to what people are using. In the future, we will witness a rise in popular wallets such as Metamask integrating these features during the onboarding process. There is not much time left for the famous paper with the 12 words. It is unsafe and very compromising if the paper is lost or someone finds it. I had already proposed a 2FA-style solution for the private key (key kiss).
Today security companies offer several products where the main clients are DeFi companies. Where they can pause smart contract interactions in case unusual movements occur. In some way, a user could give privileges to a third party to view their movements and pause them if they notice something out of the ordinary. For example, if it is a wallet where funds are usually held, put conditions where fund movements greater than 40% of the total wallet have to wait 24 hours to see if any of the “friendly” wallets can stop it.
These ways of protecting wallets are the ones that we are going to begin to see more strongly in the near future. Several companies are going to start offering these services not only to companies, but also to individuals.
I believe that wallet-creating companies will offer default configurations with a monthly service for remote asset custodians. Strong investment in Interfaces will continue to be key in the adoption of the next millions of users.
If you are interested in knowing more about passkeys + social login, please visit the web3auth demo -> https://demo-sfa.web3auth.io/