Author: Joel John, decentralised.co; Translation: Golden Finance xiaozou

Note: This article is the second part of a three-part series. For the first part about chain abstraction, please refer to Golden Finance’s previous article "Blockchain’s AWS Moment: How Chain Abstraction Will Transform the Thousand-Chain World". The second part is about how wallet infrastructure will develop. They are all the cornerstones for attracting the next billion users to join Web3.

A few months ago, I signed up for 0xppl.com. It was the days after the meme coin craze, and I didn’t want my irresponsible financial choices to spread across social networks. I wanted to create a new wallet — one that was both secure and easy to use. Not wanting to store yet another pair of private keys, I looked for alternatives and found Capsule on the Metamask Snap catalog.

In the past, I’ve written about the importance of mobile-first for growth. As of 2024, multiple notable DeFi products have launched mobile apps. Last year we discussed how volatility is becoming a service. Last weekend, the Pump.fun team reached $100 million in cumulative revenue.

I want to see what the next big opportunity is, and it seems that Passkey Wallet may be one of them.

Passkey is a mechanism that stores private keys in devices to verify their identities. Companies such as Amazon and Google use passkey to help users log in without passwords, and the application of passkey has also been extended to Web3.

In this article, I will briefly explain how passkey works and propose a possible future enabled by passkey.

1. Crossing the Chasm

Imagine if mobile devices had never existed, and people could only access the Internet through expensive, large personal computers. This was the reality in the late 1990s. Usually, these computers were connected to physical phone lines, which would be disconnected when someone used the Internet.

So if you want to download the latest album from Napster and you only have an Internet connection, there's a good chance your house won't be able to receive any incoming calls at that time.

Mobile devices opened the door to online connectivity. Between 2000 and 2020, 3 billion people used mobile devices to access the internet. In the 2010s, 1 billion users joined Facebook, generating enough attention to fuel the development of a digital-first economy, in which online sales of goods or dating take place entirely through social networks.

If the Internet had not become accessible, affordable, and easy to use anywhere, anytime, these platforms would have likely suffered the same fate as the content television networks: centralized, censored, and often boring.Mobile devices have boosted the Internet economy.

Today, secure wallet access requires you to have a physical device (such as a ledger wallet), sign transactions, and keep it in a safe location. Therefore, people only use them to store high-value assets. Passkey wallets are more like mobile devices to the Internet. They do not require a high upfront cost and allow users to use them anytime, anywhere, such as Capsule. Passkey technology greatly reduces the barrier to use wallets.

The main driver behind Passkey adoption is Fast Identity Online (FIDO) - a standard used by more than 250 well-known companies. Well-known password managers like Bitwarden and LastPass use FIDO services. So, in a sense, this is a mature technology that is now being ported into the encryption ecosystem through entities like Capsule.

But what are they exactly and how do they work? Just like crypto wallets, passkeys are based on a public-private key model. The public key is an identifier that websites use to identify you, and it is public. The private key is generated on your device.

When you make a payment through Apple Pay or log into your device using facial recognition, the biometric data does not leave your machine. A chip (usually called the Secure Enclave) verifies the information (such as fingerprint), processes it, and provides the results to third-party software. I can steal your iPhone, but it does not mean that I can access your biometric data because this data never leaves the Secure Enclave.

Each application has a unique key pair, so your Google key pair may not be used again on Amazon. Think of them as unique passwords that are automatically generated by your device for logging into various sites. These keys are usually stored in the cloud. Google and Apple both have corresponding cloud storage mechanisms for keys, so any device using their operating system can sync login keys.

What does this mean for the crypto world? Wallets use private keys to sign transactions. Remember when I said your secure enclave stores your private keys? You can actually use facial recognition or fingerprint scanning as an authentication mechanism for signing transactions. Crypto veterans may not find this cool. But if you are a developer of a game or web3 social product, and you have less than 10 seconds to attract users, using iCloud's passkey is your fastest solution at the moment.

Capsule allows me to create a wallet that I can access at any time and conveniently verify transactions with a fingerprint scan or facial recognition from my mobile device. They provide a software development kit (SDK) that enables any developer to create new wallets for users. You log into a Capsule product using Gmail and immediately see a wallet ready to go.

Wallet providers like Capsule integrate with funding solutions like Stripe. So users can just hold ETH (to pay for gas) using Apple Pay after launching their wallet. This reduces a process that used to take hours to just minutes. No more dealing with opaque offshore exchanges to mint NFTs. But what if a user loses their keys?

This is where multi-party computation (MPC) comes in. It sounds a bit like account abstraction, but the concept is different.

MPC is a mechanism for managing the generation of cryptographic keys. As the name implies, multiple parties are involved in creating and storing private keys, and none of them knows its full contents. In fact, no single person has access to the key, but if one person loses part of the key, the other two can help restore access.

For example, in a wallet that supports Capsule, the key is generated by the user and the input of the Capsule, and the other parties do not know the specific content of these inputs. This setup is very useful for recovery when the key is lost and the user loses access. However, if any two parties cooperate, they can sign transactions. This setup is particularly useful for recovering keys when the user loses access.

Now that I’ve explained how it works, we can talk about what it enables and why it interests me so much. The SDK provided by Capsule allows users to create a wallet that can be used across multiple products. For example, when you use the same wallet for Uniswap and Aave on Metamask, both applications can interact with the same addresses to query and perform transactions.

Aave can check your wallet balance before approving a loan, and you can use Uniswap's liquidity provider (LP) tokens as collateral for a loan on another platform. Interoperability of cross-platform assets is a core principle of Web3. Until now, achieving this interoperability has required users to have their own wallets with mnemonics. Porting interoperability between different devices is very painful.

Capsule abstracts away these pain points by allowing users to sign transactions or manage wallets using more traditional forms of identity verification.

You can use the same wallet across multiple products by logging in with your Google account. One could argue that this feature is available to anyone using MetaMask, but most users are not familiar with mnemonics or keeping them secure. However, they are familiar with using Google, Twitter, or Apple’s login systems. The ability for users to create a wallet with the click of a button could be the difference between retention and churn.

Another factor to note here is that email links or embedded wallets themselves are not new. There are many service providers in this market space.

It's interesting how you can use the same authentication form across different products - say, an X handle or a Gmail login. The interoperability is unique.

In the past, if you started a wallet on a decentralized exchange using an email (like joel@decentralised.co), and then tried to do the same thing on another product (like a lending product), you would have two different wallets. So, any kind of composability (or cross-application interaction) was out of the question. Capsule helps port assets and identities between web2-native authentication systems, and its SDK allows any developer to integrate it into a product with just a few lines of code.

Another improvement that Capsule brings to the wallet field is programmable transactions, which support automatic transactions under certain conditions.

For example, let’s say you wanted a wallet holding USDC to buy $100 worth of ETH from Uniswap every time the price of ETH dropped below $2,000. In the past, you would have to deposit the entire $100 into a centralized exchange like Binance, or manually track the price action of the asset.

With programmable transactions, this process is much easier. Products like Velo Data can pass variables (in this case, the price of ETH) to verify the transaction. The user makes the choice, and when the condition that ETH is below $2,000 is met, Capsule can sign the transaction.

Having the signatures required to execute transactions across parties enables programmability. You can set preconditions for trading assets through Uniswap without user involvement — similar to if-then statements for transactions when logging into an application.

For example, an on-chain insurance product could query data from an oracle that provides weather data and pay out from multiple user-funded pools. A prediction market using Google query data could also pay out for sports events. Even better, you could connect your Apple Watch to a preset wallet so that if a user misses a workout that day, money is automatically transferred to a friend.

In all of these cases, the unique advantage Capsule offers developers is that it never bothers users with seed phrases. Users can open their wallet, buy $10 of ETH, log in to bet on sports events markets using their Gmail account, and buy ETH using the SDK through Stripe.

The design space here is limited only by the type of data that the product can query and the ability of the Capsule to interpret and sign transactions based on that data. However, this model may not be as effective for more subjective data or transaction requirements.

2. More than just trading

Why is this important? I can explain with an example. Recently, Capsule partnered with r/datadao to enable users to port data from Reddit to the DAO. In simple terms, the product allows users to export their data from Reddit to DataDAO (run by Commonwealth) to train a large language model (LLM). Such a system requires simple login models that can handle email addresses and interact with web3 native products like Commonwealth.

The DAO of r/datadao is managed by a tool called Commonwealth. So when a user sets up a wallet (using Reddit) and then logs into Commonwealth, they can use the points (or tokens) they earn from Reddit to vote on the DAO managed by Commonwealth. Capsule allows users to register for DataDAO using a wallet generated by an X handle, Discord, or Google account, and use their points to vote on the system built by Common. It only takes a few seconds to complete these steps.

A more relevant example is that Uber drivers can manage a DAO in proportion to the miles they have on their Uber account. Support for these use cases comes in part from the tools provided by ZkTLS.

Another way Capsule is expanding its market to new Web3 users is through pre-generated wallets, which means that Web2 products allow users to start a wallet when they log in to the product, and the wallet already has assets.

For example, if I want to get the most active members of a running club in Dubai to join a product, I can pre-generate wallets associated with their Twitter accounts, load NFTs to give them discounts on items like shoes, and then private message them to join the community.

Now, I'm not entirely sure how many people would qualify as:

● Living in Dubai

● Running

● Active on Twitter

● Use NFT to access the community

However, my point is that such a tool can be used to bootstrap the Web2 community into using Web3 primitives. What if a user doesn't respond to my private message? I can use a pre-programmed transaction to send the NFT back to the claiming wallet after a certain point in time. Just like a discount has a certain expiration date.

This opens up a design space for entirely new applications. One of the easiest opportunities to acquire is probably the content itself. Currently, we write on Substack because it allows us to connect with readers via email. If we needed to mint an NFT, our best options would be Paragraph, Mirror, or Farcaster Frame. Let’s say the Capsule SDK allows the creation of a Web3 native publication that lets users generate articles and send them to their own email addresses.

In fact, we can even pre-load the wallets of our most active readers with OP (Optimism) tokens so that they don’t have to mint NFTs through bridging assets. The flow would look something like this.

On the left side of the image above, I explain the steps for minting coins on Mirror today using something like Metamask; on the right side, I explain what it would look like using the Capsule SDK.

This means that a product can reactivate users using traditional distribution channels (like email) while engaging with them on Web3 payment rails (like stablecoins).

Tools, like the ones provided by Capsule, seem to be the bridge between the current market and the market that may exist in the next decade. In my opinion, they are the perfect middle ground between the ease of use and convenience of Web2 products and the security, custody, and customization of Web3 natively built principles.