Original title: Beyond Seed Phrases

Original author: Joel John

Original source: https://substack.com/

Compiled by: Mars Finance, Daisy

A few months ago, I was in the process of signing up for 0xppl.com. It was right after the Memecoin craze, and I didn’t want my financially irresponsible choices to be exposed on social networks. I wanted to create a new wallet that was both secure and easy to access. I was looking for an alternative without having to store yet another pair of private keys, and I discovered Capsule in Metamask’s Snap catalog.

In the past, I’ve written about the importance of building mobile-first for growth. Multiple notable DeFi products offer mobile apps by 2024. We discussed volatility as a service last year. Last weekend, the Pump.fun team hit $100 million in cumulative revenue.

I wanted to see what the next big trend was, and it looked like passkey-based wallets might be one direction.

Passkeys are a mechanism for storing private keys on your device for authentication. Companies like Amazon and Google use them to help users get rid of passwords when logging in, and their use extends to Web3 as well.

In today’s article, I will briefly explain how they work and suggest a possible future direction. Aditi and Nitya helped write most of this article. Be sure to follow them on Twitter to stay up to date on the evolution of wallets.

Let’s dive in.

Image This is Steve Jobs, unveiling the iBook G3 in 1999. Nine years later, on January 15, 2008, he unveiled the Macbook Air, a device so thin it could fit in an envelope. We are currently in the iBook era of hardware wallets.

Imagine if mobile devices had never existed and the Internet was only accessible through large, expensive personal computers. This was the reality in the late 1990s. Often, these computers were connected to phone lines and would be disconnected when someone used the Internet.

So if you're trying to download the latest album from Napster, your house might not be able to receive any calls if you only have one Internet connection.

Mobile devices broke the shackles of network connectivity. They brought 3 billion people online between 2000 and 2020. When 1 billion users joined Facebook in the 2010s, they brought enough attention to fuel the development of a digital-first economy - a world where goods are sold online and dating takes place entirely through social networks. We discussed the rise of the attention economy and the role advertising plays in it with Antonio Martinez on the podcast.

If the internet hadn’t become ubiquitously accessible, affordable, and easy to use, these platforms would have likely faced the same fate as the content TV networks—centralized, censored, and often bland. You’d see separate “family-friendly” sites because everyone needed to use the devices together. Mobile devices enabled the internet economy to grow.

Today, secure wallet access requires you to physically take out a device (like a Ledger wallet), sign transactions, and be in a secure environment. As a result, people only use them to store high-value assets. Passkey wallets are closer to what mobile devices did to the internet. They don’t require a high upfront cost. They allow users to use them anytime, anywhere, and in Capsule’s case, across all apps. As a technology, they greatly reduce the barrier to entry to creating wallets and using them.

The main standard that Passkey uses is Fast Identity Online (FIDO) - a consortium that has over 250 well-known companies using it. Well-known password managers like Bitwarden and LastPass use it. So in a sense, they are a mature technology that is now entering the encryption ecosystem through players like Capsule.

But what are they exactly and how do they work? Just like crypto wallets - passkeys also use a public and private key model. The public key is an identifier that websites use to identify you and it is public. The private key is generated on your device.

When you pay with Apple Pay or log into your device via facial recognition, the biometric data does not leave your device. Instead, a chip (often called a secure enclave) verifies this information (e.g., fingerprint), processes it, and provides the results to third-party software. I may steal your iPhone, but that does not mean I can access your biometric data because it never leaves the secure enclave.

Each application has a unique pair of keys, so the keys you use on Google cannot be reused on Amazon. Think of them as unique passwords that are automatically generated for each website. These keys are usually stored in the cloud. Google and Apple both have mechanisms to store the keys in their cloud so that any device using their operating system can sync these keys for login.

So how does this translate in the crypto space? Wallets use private keys to sign transactions. Remember how I mentioned your secure enclave can store private keys? You can actually use facial recognition or fingerprint scans as an authentication mechanism for signing transactions. For those who have been in crypto for a long time, this may not be anything new. But if you are a developer of a game or Web3 social product and you have less than ten seconds to onboard users, simply using iCloud's passkey is your fastest solution at the moment.

Capsule allows me to create a wallet, access it at any time, and verify transactions through fingerprint scanning or facial recognition of a mobile device. They provide a software development kit (SDK) that enables any developer to create a new wallet for a user. You can log in with Gmail in a Capsule-powered product and immediately see a wallet ready to go.

Providers like Capsule integrate with fiat onboarding tools like Stripe. So users can hold Ethereum (ETH) (for transaction fees) simply by using Apple Pay after launching their wallet. This reduces a process that would normally take hours to minutes. No more signing up for untrusted offshore exchanges to mint non-fungible tokens (NFTs). But what if a user loses their keys? One of the features of Web2 is “forgot password”.

This is where multi-party computation (MPC) comes in. It sounds a bit like account abstraction, but there are some differences in the concept.

From Capsule's blog

MPC is a mechanism for generating and managing cryptographic keys. As the name implies, multiple parties jointly generate and store private keys without any one party being able to learn its full contents. In fact, no one person has full access to the key, but if someone loses a part, the other two parties can help restore access.

In a Capsule-backed wallet, for example, keys are generated jointly by the user and the Capsule, and these inputs are unknown to each other. This setup is useful for recovery in the event that keys are lost and the user loses access. However, if any two of the parties cooperate, they can sign a transaction. This setup is particularly useful for passkey recovery in the event that the user loses access.

Now that I’ve explained how it works, we can talk about what it brings to the table and why it excites me. Software Development Kits (SDKs) like the one provided by Capsule allow users to create a single wallet that can be used across multiple products. For example, when you use the same wallet for Uniswap and Aave in Metamask, both applications can interact with the same addresses to query and execute transactions.

Aave can check your wallet balance before approving a loan, and you can also use Uniswap's liquidity provider (LP) tokens as collateral for a loan on another platform. This interoperability of cross-platform assets is a core idea of ​​Web3. Historically, enabling it required users to have their own wallets with mnemonics. Porting them between devices was a headache.

Capsule removes this pain by allowing users to sign transactions or manage wallets using more traditional means of authentication.

You can sign in with Google and use the same wallet across multiple products. One could argue that this feature set already exists for users using MetaMask, but most users are not familiar with seed phrases or how to protect them. However, they are familiar with using Google, Twitter, or Apple login systems. Allowing users to create a wallet with the click of a button could be the key to retaining them.

It is important to note that linking to email or embedded wallets is not new in itself. There are already several service providers on the market that offer such services.

What's interesting is how you can use the same form of authentication across multiple products - for example, an X account or a Gmail login. This interoperability is unique.

In the past, if you started a wallet on a decentralized exchange using an email (e.g. joel@decentralised.co), and then tried to do the same thing on another product (like a lending product), you would have two different wallets. Therefore, any form of composability (or cross-application interaction) would break. Capsule helps port assets and identities between Web2-native identification systems and them through their SDK, making it easy for developers to integrate it into their products with just a few lines of code.

Another improvement Capsule brings to the wallet space is off-chain privacy. This means you can keep your account information without interacting with any wallet. This will make decentralized identity authentication possible entirely through passkeys - the closest application I can see is verifying my identity through trust proofs.

Let’s say you want your wallet holding USDC (USD Coin) to buy $100 worth of ETH from Uniswap every time the price drops below $2000. In the past, you would have to deposit all $100 into a decentralized exchange like Binance or manually track the price action of the asset.

With programmable transactions, this process becomes much easier. Products like Velo Data can pass variables (in this case, the price of ETH) to verify transactions. Users opt in, and Capsule can sign transactions as long as ETH drops below $2,000.

Having the signatures required to execute transactions across parties enables programmability. You can set the preconditions for asset swaps through Uniswap without user involvement — similar to an if-then statement on a transaction when logging into an application.

For example, an on-chain insurance product could query data from an oracle that provides weather data and pay out claims from a pool of funds funded by multiple users. Prediction markets using data queried from Google could also pay out claims for sporting events. Even better, you could link an Apple Watch to a pre-designed wallet so that if a user misses a workout that day, they automatically transfer money to their friends.

In all of these cases, the unique advantage Capsule offers developers is its ability to allow users to never have to bother with a seed phrase. Users can open a wallet, buy $10 of ETH, log in with Gmail to place a bet on a sports market, and use their SDK to buy ETH through Stripe.

The design space here is limited only by the type of data the product can query and the ability of the Capsule to interpret and sign transactions based on that data type. However, for more subjective data or transaction requirements, this model may be less effective.

Beyond Trading

Why is all of this important? I can explain with an example. Recently, Capsule partnered with r/datadao to enable users to port data from Reddit to the DAO. In short, the product allows users to export their data from Reddit to DataDAO (operated by Commonwealth) to train a Large Language Model (LLM). Such a system requires a simple login model that can handle email addresses and interact with Web3 native products like Commonwealth.

I tried launching a wallet using GMail on r/dataDAO to see how it worked.

The DAO at r/datadao is managed by a tool called Commonwealth. So when a user sets up a wallet (using Reddit) and then logs into Commonwealth, they can use the points (or tokens) they received from Reddit to vote on the DAO managed on Commonwealth. Capsule allows users to sign up for DataDAO using a wallet generated from an X handle, Discord, or Google account, and use their points to vote on the system built by Common. It takes seconds to launch these.

A more relevant example would be if Uber drivers could manage a DAO based on the mileage they have on their Uber account. The tools provided by ZkTLS are part of what makes this type of use case possible. We’ll write about it soon.

Another way Capsule is expanding the market of new Web3 users is through pre-generated wallets. This means that a Web2 product can allow its users to start a wallet and own the assets in the wallet when they log into the product.

For example, if I want to get the most active members of the Dubai Running Club to join a product, I can pre-generate a wallet linked to their Twitter account, load the NFTs, give them a discount on something like shoes, and then DM them to join the community.

Now, I'm not entirely sure how many people there are at the intersection of:

  1. Living in Dubai

  2. running

  3. Be active on Twitter

  4. Using NFTs to access the community

However, my point is that such tools can be used to bootstrap communities from the Web2 world using Web3 primitives. What if a user doesn’t respond to my DM? I can use a pre-programmed transaction to send the NFT back to the claiming wallet after a certain point in time. Kind of like how a discount offer expires.

In the story of the airdrop, we explored business models that merge real-world and on-chain primitives.

This opens up design space for entirely new applications. One of the most accessible opportunities may be content itself. Currently, we write on Substack because it allows us to connect with readers via email. If we need to mint NFTs, our best options are Paragraph, Mirror, or Farcaster Frame. Capsule’s SDK could theoretically create Web3 native publications that let users send articles to their own email addresses.

In fact, we can even pre-load OP (Optimistic) tokens into wallets associated with our most enthusiastic readers so that they don’t have to bridge assets to mint NFTs. The process will be as follows.

Just following the numbers on the left side of this diagram is difficult enough. Imagine being a cryptocurrency newbie and trying to do all of this using a consumer app.

On the left, I explain the steps to mint on Mirror today using tools like Metamask. On the right, I explain what minting will look like using Capsule’s SDK.

This means that products can reactivate users using traditional distribution channels (like email) while interacting with users through Web3 payment channels (like stablecoins).

The tools provided by Capsule seem to be a bridge between the market of today and the market that may exist in the next decade. In my opinion, they are tools that strike the perfect balance between the ease of use and convenience of Web2 products and the security, custody, and customization of Web3 natively built principles.