Original title: "Web3 Mini Program? MetaMask Snaps Interpretation"

Original source: ZAN Team

MetaMask Snaps

MetaMask Snaps (https://metamask.io/snaps/) is a project with a long-term vision. However, apart from the "ideal" cloak it carries, I prefer to call it a small program in the Web3 world. Or give it a fancy name: dApplet.

Developers, especially those in China, should be familiar with the concept. In recent years, we often hear Internet jargon such as "ecosystem building" and "super app". Business giants always want to make the Internet more and more closed so that they can transform themselves from service providers to standard setters.

Now, this trend seems to be slowly drifting towards the Web3 field.

As of today (June 2024), although Snaps has been around for almost a year, and the concept has been around for at least 4 years, ordinary users know little about it. I have some friends who pay close attention to the cryptocurrency market. They open MetaMask every day as naturally as eating and sleeping, but they still don’t even know what MetaMask Snaps are. However, after I explained to them that it’s “just like a mini program”, they always immediately had an indescribable smile on their faces (they are all developers, most of them are front-end developers).

This scene reminds me of the situation when WeChat Mini Programs were first released. Since the function entrance was not obvious, the usage was very low. Later, after the entrance was changed to a list of Mini Programs appearing when pulling down the homepage, the usage began to increase significantly. Since MetaMask wants to build an ecosystem, how to attract users to enter the ecosystem may become an important issue that needs to be solved urgently.

Since its emergence, mini programs have been controversial in the Internet industry. Front-end engineers generally scoff at its emergence, believing that it is just a commercial tool for Internet giants to monopolize traffic and block the ecosystem, and it does not contribute much to technological development. I wonder how much contribution Web3's Snaps can make to the community? Browsing the documents provided by MetaMask, I feel more and more that future Snap developers will suffer the hardship of dancing with shackles.

It has been nearly a year since MetaMask launched the public beta of Snaps, but the number of available Snaps listed on its official website is actually not very large. As of June 2024, there are only 68 Snaps at most. You should know that before the official public beta, as early as around 2020, the official had already proposed the concept of Snaps, and Web3 companies and developers have actually had quite some time to fully understand it.

Some Snaps

I haven’t met a developer who specializes in Snaps, but there are still quite a few Mini Program developers around me in Web2. The general view of Mini Programs is that the development experience is relatively poor. Mini Program development still uses the front-end ecosystem, but it is a castrated version. Manufacturers restrict what developers can actually do for various reasons. In addition, the technical capabilities of various manufacturers and the quality of the documents they provide vary, resulting in developers having to step on various strange pitfalls on various platforms before they can be praised as "experienced".

Back to Web3, for security reasons, Snaps is very likely to face a similar situation. It has to run in an isolated security context and use "Secure ECMAScript", which actually imposes some restrictions on JavaScript APIs, such as inability to access DOM, Node.js, browser plug-in APIs, etc.

Due to understandable security considerations, a basic Snaps can't do much. Most of its functions require the corresponding permissions first, so Snaps needs to apply for relevant permissions from the user when installing. Available permissions include lifecycle, transaction, signature, CRON, etc.:

https://docs.metamask.io/snaps/reference/permissions/#eth_accounts

Therefore, compared with the prosperous Web3 ecosystem, the number of Snaps currently available is pitifully small, and MetaMask has classified them into some categories.

Snaps Types

According to the classification of MetaMask official website, it can be roughly divided into 4 types:

Account Management

This type of Snaps mainly improves the security of private keys through MPC (Multi-Party Computation, https://blog.usecapsule.com/what-is-mpc/) technology.

Think about how we usually protect our private keys? Many people probably save their mnemonics somewhere, I guess it's usually on their computers or mobile phones, haha. Of course, if you are very rich and have a lot of money in your wallet, then you may indeed use a more confidential method, such as using a hardware wallet. But most people, to be honest, just paste their mnemonics somewhere they can easily find them to avoid forgetting them completely.

This method of saving may cause some problems:

1. If you forget where you put your mnemonic phrase, you will most likely have to say goodbye to the assets in your wallet.

2. If the device where you store your mnemonics is infected with a Trojan virus, it is difficult to prevent hackers from stealing your mnemonics. Some users may split their mnemonics and store them separately to improve security. This may increase security, but it will undoubtedly increase the difficulty of management and the risk of forgetting.

The MPC technology can automatically split your private key into multiple parts and store them in different places. Only when the private key is needed to sign a transaction, they will be spliced ​​together to generate a complete private key. At the same time, the complete private key will not be generated in this process, which maximizes the protection of the private key from leakage.

As of now (June 2024), there are only 3 account management Snaps, namely Capsule, Silent Shard and Safeheron.

Capsule uses the device's PassKey, recovery password, and 2FA to maintain the same key. If one is lost, it can be recovered through the other two.

Silent Shard and Safeheron do this by using multiple devices to install their apps.

It’s hard to say how many Web3 users this type of Snaps can attract. Judging from the data shown on the Snaps website, there are indeed very few Snaps of this type and the installation volume is not high.

They are not complicated to use, so I won't go into details here. After the installation is complete, there will be an additional address in your MetaMask wallet:

Interoperability

This type of Snaps mainly provides compatibility with non-EVM networks. We can see many familiar chains, including Solana, Cosmos, Near, Sui, etc. Currently, this type is the largest, and they occupy more than half of the entire Snaps ecosystem.

Rich multi-chain Snaps

Notification and Chat Communication

I personally prefer this type of Snaps, but at present, with so many chat apps to choose from, the number of users willing to send messages through the chain is obviously still a minority. So unfortunately, we can only continue to "fight for the future".

Security

This type of demand is relatively large, especially since MetaMask itself does not do enough to warn users when they encounter phishing transactions. As the most common operation in the field of cryptocurrency and blockchain, transactions are inherently high-risk and highly sensitive. Through the transaction insight-related functions provided by Snaps, developers can show users more abundant transaction information, provide analysis and insights on transactions, and minimize user asset losses.

A friend of mine had his account balance transferred by a phishing website, and MetaMask did not warn him from connecting to the wallet to the successful transfer. He had no choice but to switch to another wallet. And I didn’t know much about Snaps at the time, so I just recommended ZAN’s KYT (https://zan.top/home/know-your-transaction?chInfo=ch_wxdyh) service to protect his transaction. I hope that this type of secure Snaps can make up for the shortcomings of MetaMask itself. In fact, according to the data shown on the Snaps official website, secure Snaps are indeed the most in demand besides multi-chain support, currently accounting for 20% of the total.

MetaMask Snaps provides the endowment:transaction-insight and endowment:signature-insight permissions to meet relevant needs. After applying for relevant permissions, Snap can read the payload of the original transaction or signature when the user initiates a transaction or signs. Snap can analyze it and then display more and richer security instructions to the user.

Idea MetaMask wants to expand its domain to other chain platforms through Snaps, but how far it can go in the end is probably difficult to achieve. Take the mini-programs in the Web2 field as an example. Although many apps provide mini-program versions, the services provided by the simple mini-programs are often far from comparable to those of apps, and the follow-up of new features is often lagging behind. Many mini-programs even guide users directly to their own apps. After the explosive growth of mini-programs, more apps also want to get a piece of the pie, and have launched their own mini-program platforms. Each company is working hard to strengthen its own moat, and the entire Web world is becoming more and more "centralized."

The capital in the Web3 field is not better than that in Web2. If Snaps develops well in the future, more wallets will surely follow. If it really comes to this, developers in the Web3 field will need to develop corresponding versions for the "Snaps" of each wallet, which will probably make them anxious for a while. However, if each manufacturer builds its own "Snaps" ecosystem, it is almost equivalent to having no unique ecosystem of its own. Hey, this seems to be in line with their "decentralized" label.

We can probably predict that there will be various "Snaps-like" in the future. The platforms are so different that compatibility with all platforms becomes a daily routine for developers, and eventually becomes unbearable. So Snaps Standard was born in anticipation of many developers, and there will be various "SIPs" for people to discuss, and the community is thriving...

I'm sorry that I don't have much confidence in MetaMask Snaps. After all, it is at least a product built by a group of passionate developers who want to solve real problems, rather than a scam launched by a group of financial experts.

However, for most of MetaMask’s current users, Snaps is not really a particularly necessary feature. MetaMask may need to do more work on how to promote it more effectively.

Original link