first level title
1. "No private key equals no token"
The premise of owning digital assets is to fully and truly master your own private key.
Although self-hosted digital wallets are secure, mnemonic words and private keys are much more complicated than the traditional Web2.0 entry-"username-password". According to a report by Chainalysis in 2021, about 20% of all bitcoins are lost because their owners don't remember their private keys. Numerous hacker attacks and security incidents, such as FTX Thunderstorm, continue to attract the attention of the industry.
On Ethereum, there are two basic account types:
EOA account (Externally Owned Account): Each unique private key of an EOA should be derived from 12 unique mnemonic words. Most of the current mainstream dApp wallets are EOA wallets, such as Metamask, Phantom (Solana), BSC Wallet (BSC), Keplr (Cosmos), etc. These wallets are not programmable.
Contract Account (Contract Account, a smart contract deployed on the chain through the EOA account): It is a programmable EVM code deployed on the chain through the EOA account, which can only be called by the EOA account.
In short, each account is determined by a unique private key, but there are flaws in the mechanism, that is, the forgetting, loss and leakage of the private key will cause irreversible loss of digital assets.
first level title
2. Smart contract wallet and abstract account
The smart contract wallet is a smart contract that uses a specific EOA account to manage assets on the chain and can support further programming. For example, a multi-signature wallet is a smart contract wallet that requires the signature of an M-of-N key to approve a transaction. This approach can enhance wallet security because it requires multiple keys to control assets, rather than just one private key.
Recently, due to the significant progress of the EIP-4337 proposal, account abstraction and smart contract wallets in Ethereum that do not require consensus layer protocol changes have become hot topics again. What account abstraction does is to decouple the relationship between the signer and the account, combining the programmability of CA and the ability of EOA to actively initiate transactions. Therefore, users can customize the internal logic without improving from the consensus layer or the bottom layer.
In the past, many proposals for account abstraction have been shelved due to technical limitations and the complexity of the consensus protocol layer. However, with the development of Ethereum and technological progress, account abstraction has become possible, which will bring more room for development of new wallets such as smart contract wallets.
The main goal of EIP-4337 is to separate key functions such as signature verification, gas payment, and replay protection from the core protocol of Ethereum, and put them into smart contracts for execution. In this way, a smart contract wallet with arbitrary verification logic can be used as the main account without any modification of the consensus layer protocol. Validators, MEV searchers, or the application itself can take transactions from the UserOperations pool and forward them to the blockchain to pay fees. The main advantage of this proposal is to reduce the complexity of the Ethereum core protocol while increasing flexibility and scalability.
first level title
3. MPC Wallet
The paper "Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations" brought the application of MPC (multi-party computing) technology into public attention. In layman's terms, the most basic properties that the MPC protocol aims to ensure are:
Input Privacy: No information can be deduced from the messages sent about the private data held by each party.
Correctness: Any appropriate subset of parties willing to share information or deviate from instructions should not be able to force honest parties to output incorrect results.
first level title
text
text
text
Smart wallets use a single private key to control and access funds. Since smart contracts can be customized, there are risks such as contract loopholes and compatibility. Even decentralized storage across multiple devices such as multi-signature wallets cannot guarantee complete security. Experienced hackers can trace and reconstruct the keys, allowing them to move laterally through the network and compromise other servers or devices after compromising one server.
The MPC wallet divides the private key into several parts and distributes it to multiple parties, making it more difficult for attackers to steal the private key. In some specific cross-chain scenarios, if multi-chain transactions and high-frequency interaction with dApp are not required, MPC wallets will be more secure. However, they cannot avoid off-chain governance, such as signing delegation policies and approving quorums, etc. It cannot be said which of the two has absolute security. We prefer to focus on improving the user experience.
Ease of use:
Whether it has a smooth and seamless experience like Web2.0 payment products.
Both wallets have no mnemonic and are more user-friendly than traditional wallet solutions such as MetaMask (browser-based).
Feature:
Whether it meets the actual needs of Web3 users, such as DeFi or NFT daily transactions, investment, digital identity, web3 social interaction, etc.
Compared with traditional EOA wallets with limited functions, smart wallets have advanced features such as multi-signature transactions, daily transfer limits, emergency account freezing and more secure account recovery. Certain organizations such as exchanges, custodians, and other large digital asset businesses may prefer MPC wallets because this technology prevents trust in any employee with a single asset key. Some schemes, such as the Lit Protocol, can interact with off-chain data via HTTP requests, which may make MPC useful for web properties.
Scalability:
Is it easier to build new features and integrations into the ecosystem.
Smart wallets are essentially smart contracts that enable an ecosystem of developers to extend wallet functionality by default, with implementation and functionality extensions auditable by anyone.
The MPC protocol is not standardized, and the existing ecosystem is mainly composed of customized MPC wallet products.
cost:
A single operation from a multi-signature smart wallet is generally more expensive than MPC today due to the need to verify multiple signatures, although transaction batching can help save costs in the long run.
MPC wallets may have lower transaction and recovery costs. MPC wallets are represented on the blockchain as an address with no additional gas fees, which may be important for B2C users who conduct hundreds of transactions per day.
transparency:
Smart wallets have a more transparent and auditable code base. Since key generation and signing are generated off-chain, and many MPC protocols are not open source, the ecosystem has no easy way to audit them independently and integrate them for analysis when something goes wrong. MPC wallets hinder transparency and require stricter operational audits.
As an off-chain wallet solution, MPC wallet can control both ordinary wallets based on external accounts and smart wallets. No changes to the Ethereum consensus or contract layers are involved. It is less expensive for users and more feasible in the short term. However, the multi-party accountability system under the chain cannot be avoided, and the improvement of the competitiveness of wallet products in terms of security and user experience is not obvious.
Smart wallets are a product with many opportunities for innovation, which can bring more new applications and use cases. However, account abstraction is a big project that requires the cooperation of other smart contracts, developers, and Ethereum architects to upgrade. It is worth noting that L2 s greatly speeds up adoption, reduces costs, and improves scalability. For example, Starkware has made all Starknet accounts native smart wallets, and zkSync 2.0 will also be launched together with AA.
first level title
5. Summary of the comparison of the two wallets
It is precisely because wallet developers can continuously update new functions based on smart contracts, as well as the demand for application scenarios such as programmatic payment and game high-frequency transactions, that more and more developers and teams are devoted to the development and development of smart wallets. innovation. We are positive about the new narrative of wallet abstract accounts. For example, the article "Auto Payments for Self-Custodial Wallets" published by Visa discusses the use of the account abstraction wallet Argent to realize automatic payment on the StarNet network. Programmatic payments allow users to automatically pay using self-hosted wallets without signing every transaction. In addition, a number of smart wallet products have emerged on the market, such as Argent, MetaMask, Gnosis Safe, Rainbow, etc., and they all have breakthroughs and innovations in terms of user experience, security, and functions. At the same time, some wallet teams are developing customized wallets for specific scenarios, such as the MetaHero wallet, which is widely used in the NFT field.
It should be noted that the development of smart wallets is not only a technical challenge, but also needs to fully consider user needs and experience. In terms of user privacy protection and authorization management, smart wallets need to have higher security and convenience. On this basis, the function and design of smart wallets also need to be closer to user needs and provide more personalized and subdivided services. In addition, smart wallets also need to be deeply integrated with other applications and ecosystems to provide more complete and integrated services.
Summarize
Summarize
Technology is only a sufficient condition for the realization of functions, and functions will lead to inevitable changes in the market structure.
It is not difficult to talk about technologies such as MPC protocol and account abstraction, but the difficulty is how to realize the product iteration process of applying the technology to the market. In addition to the security issues that everyone cares about, the improvement of user experience will be a very important dimension for us to evaluate wallet products. After all, as a tool to enter Web3.0, wallet products should not only serve users who are accustomed to private keys and mnemonics, but more importantly, should be "out of the circle", provide a smoother product experience, and attract more Web2.0 users join.
secondary title
Reference
https://medium.com/1kxnetwork/wallets-91c7c3457578
https://blog.jarrodwatts.com/what-is-account-abstraction-and-how-does-eip-4337-work
https://hackernoon.com/what-is-account-abstraction-and-why-is-everyone-talking-about-it
https://www.argent.xyz/blog/wtf-is-account-abstraction/
https://www.theblockbeats.info/en/news/32634
https://www.wikiwand.com/en/Secure_multi-party_computation#Definition_and_overview
http://ex.chinadaily.com.cn/exchange/partners/82/rss/channel/cn/columns/snl9a7/stories/WS638d8beaa3102ada8b225382.html
https://www.bitcoininsider.org/article/196364/account-abstraction-will-evolve-wallets
https://cointelegraphcn.com/news/why-are-we-bullish-on-the-future-of-web3-wallets
https://mp.weixin.qq.com/s/TF2FCQDyyApzEVHQjxgZRg
https://foresightnews.pro/article/detail/21898
https://blog.makerdao.com/what-are-smart-contract-wallets-and-how-can-they-benefit-defi-users/
first level title
About Jsquare
Jsquare is an investment research and technology-driven investment institution, focusing on empowering Alpha projects in the Web3 industry to promote the large-scale application of blockchain technology. At present, our own capital management scale exceeds 150 million US dollars. Portfolio includes CeFi (CoinList, 3 iQ, Republic, FV Bank), Gaming/NFT (Efinity, Big Time, Thetan Arena, Apeiron), Infrastructure/Tools (Pocket, Render, Shardeum, Moonbeam, ChainSafe, GSN), etc.
Website|www.jsquare.co
Twitter|@JSquare_co
