Web3 Wallet, Sub-Wallet & Security Infrastructure
Web3 wallet is built on the premise of self-sovereignty of your own credentials, investments and data, and this approach creates a strong need for a mindful approach to wallet security infrastructure.
Web3 Wallet and Security Infrastructure
Web3 wallets are arguably an important gateway to extending value activities from Web3 protocol layer to the application layer, both application layer built on top the protocol themselves (i.e. Sereum built on top of Solana) and also also application layer with cross-chain and cross-protocol functionalities.
This is synonymous with how Web2 oAuth was able to extend the value activities of these Web2 ecosystems across other applications (i.e. Zynga and Facebook initial ecosystem cross value activities). Web2 oAuth allowed value of these networks (i.e. Facebook & Twitter) to be transmitted from their social networks to other B2C companies (i.e. Uber, Yelp, Groupon, Doordash, Airbnb, Webflow and more) and vice versa as well.
But it’s also prudent to recognize these closed Web2 social networks of user bases and countless 3rd-party B2C companies that are dependent on them for their user’s login infrastructure will continue to fuel their massive monopolistic control over other companies, and furthermore, it does not provide the right ongoing incentive structure for the builders of these networks to continuous to deliver value and build constant iterative value-add that are beneficial for the users long-term, arguably, a form of complacency will set in.
Even if these core product (social network) is subpar for an extended duration, it's still remains difficult for any B2C company with the oAuth login infrastructure build on top of these platforms to pick up and leave the platform. Most of their end users typically have Web2 oAuth login to at least 10-20 applications out there so the probability of the end users replacing that is highly improbable.
History of oAuth Open Authorization and Web3-based Authentication
Web3 Wallet and Self-Sovereignty
Web3 wallet infrastructure presents a different value preposition here in that it ultimately gives users a high degree of self sovereignty over their credentials, investments and data (in the current state of the Web3 wallet infrastructure world - most of the wallets are still predominantly focused on just a few protocol integrations, i.e. Phantom is mainly for applications built on top of Solana and Metamask for Ethereum, respectively. There are few chain protocols that integrates with most of the Web3 wallets but the experience is still being worked on). As Vitalik of Ethereum pointed out:
”Rather, the goal of crypto is to give people access to cryptographic and economic building blocks that give people more choice in whom to trust, and furthermore allow people to build more constrained forms of trust.”
But we should also be cognizant of the the whole point of digital technology, blockchains included, is to make it easier for humans to engage in very complicated tasks without having to exert extreme mental effort or live in constant fear of making mistakes, which, arguably is a more complex philosophical and technical question for Web3 wallet security and self-sovereignty.
As Walden from Variant pointed out:
Web3 Wallet Security Infrastructure
One of the great challenges with making cryptocurrency and blockchain applications usable for average users is security: how do we prevent users' funds from being lost or stolen? Losses and thefts are a serious issue, often costing innocent blockchain users thousands of dollars or even in some cases the majority of their entire net worth.
Web3 wallet goes beyond just the holding of these crypto assets but also digital assets in the future including digital securities (i.e. Balaji’s Web2 > Web3 Mirrortable concept) , NFT in today's funny money form and also in future state abstract form i.e. real estate title or Proof of Attendance Protocol (POAP)) as well as users' personal credentials (i.e. KYC/KYB/AML/3rd party Accreditation data) written on-chain. Web3 wallet is 1 wallet for any application but also with that demands a solid wallet security infrastructure framework.
Wallet security solutions have been proposed and implemented over the years such as (in no particular order):
Cold/Offline/Hardware Wallet i.e. Ledger
Hardware Memory/Enclaves i.e. Intel SGX
Multi-Sigs
Social Recovery Wallet
12-24 word Mnemonic Phases
Multi-Factor Authentication (MFA) and 2-Factor Authentication (2FA)
Encryption like Shamir's Secret Sharing and more
These solutions have all suffered from various defects - sometimes providing far less extra protection against theft and loss than is actually needed, sometimes being cumbersome to use from a UI/UX perspective leading to very low adoption, and sometimes both.
Public and private key access is synonymous with digital signatures (DS) and DS are ubiquitous in our computer dominated society. They are basic building blocks of eGovernment, eCommerce and electronic trust fabric of modern-day society. They are used to guarantee the integrity and authenticity of software updates and enable secure Internet connections. The security of currently used signature schemes – RSA and ECDSA is not solely enough. Given the importance of digital signatures in today’s society, the search for alternative signature schemes that resist attacks arising from algorithmic, technological advancements, or just pure theft and lost of public and private keys is an important question to simmer on.
But theft alone is not the concern but there are also losses from losing one's private keys which ponders on the philosophical question on to what extent and what and how much is the users willing to give up in exchange for total self-sovereignty of one’s investments, credentials and data? If someone steals your credit card and use it for fraudulent purchases, you can call up VISA, AMEX and MA to cancel the fraudulent charges. This type of centralized security layer does not current existing in Web3 wallet infrastructure yet, at least with scale.
I would argue it’s not a binary question of whether we should go 100% or 0% in self-sovereignty of ones investments, credentials and data, but rather, its the ability of choice on whom one wants to bestow the trust to and to how many parties and to what depth of trust.
Hardware Memory/Enclaves
This is hardware/cold storage security based on the computer hardware memory. Intel SGX, AMD Secure Encrypted Virtualization and ARM TrustZones all enables hardware memory encryption and decryption for private and public key protection. Hardware memory also is subject to supply chain transparency and accountability, though arguable, a lot less touchpoints in memory chip manufacturing vs hardware USB/USB-C crypto wallets, but the supply chain, nevertheless, is still present.
This also presents a single point of failure, though, arguably a lot less probable than hardware/cold wallet. There is a higher probability of people losing their pocket-sized USB/USB-C over a whole computer but that does not present adverse parties to think otherwise.
Hardware/Cold Wallet
Supply chain attacks pre-purchase. If one buys a hardware wallet, one in essence trusting a number of actors that were involved in producing it - the company that designed the wallet, the factory that produced it, and everyone involved in shipping it who could have replaced it with a fake. There are way too many touchpoints in the whole supply chain that makes transparency and accountability extremely opaque.
Furthermore, this is the epitome of a single point of failure.
Multi-Sigs
Multi-sig wallet requires one to have 3+ keys and need at least 2+ of these keys in order to initiative and send a transaction, thereby avoiding a single point of failure concept. One can either manage these keys by oneself in separately locations (i.e. on smartphone, laptop and desktop) and/or share this with 3+ other trusted parties.
This is reasonably secure relative the security infra mentioned above: there is no single device that can be lost or stolen that would lead to you losing access to your funds. But the security is far from perfect as if one can steal someone's laptop, it's often not that hard to steal one’s phone as well. The usability is also a challenge, as every transaction now requires two confirmations with two devices.
Social Recovery Wallet
Social recovery wallet is a concept proposed by Vitalik of Ethereum. Functionally, the users can transact with their own (and with security infrastructures mentioned in this section) but the social recovery aspect only kicks in if and when the users loses their private key access to their wallet.
Social recovery is in essence entrusting the recoverability of your lost wallet access to a set of guardians, or say in another way, distributing your personal trust to a small group of trusted guardians, whether it be your spouse, friends, families and/or commercial 3rd party (i.e. a asset custodian, trust manager) which to some extend, functionally is similar to a family trust fund structure. These guardians will then be asked to sign a special transaction that change the signing public key registered to original wallet contract to a brand new one. They can simply go to a webpage such as security.loopring.io, sign in, see a recovery request and sign it.
Social recovery is interesting but I also feel it is somewhat anti-social and scary. Friends fall out all the time. People you trust can break you. Broken trust means you have to fix your multi-sig, which arguably present a single point of failure on the recovery aspect of the wallet security.
12-24 word Mnemonic Phases
Mnemonic phrases are 12-24 human-readable words that are often times defined by the BIP-39 specification. This is the most common type of mnemonic phrase used in the ecosystem, and does not rely on some kind of knowledge from yourself and/or from another pre-defined randomness logic (which brings into the philosophical and mathematical question of ‘what is randomness’).
"128 bits of entropy are enough. The whole and only point of considering entropy is to make sure that the system can resist brute force attacks: the space of possible values must be so large that any attacker could only try a negligible proportion of the values in non-ludicrous time.
There are strong reasons why 128 bits are highly sufficient for that. Realistically, a very powerful organization with lots of cash to spare (including behemoths like Apple or Google, who can muster much more resources than usual scarecrows like the NSA) could hope to perform, say, at most 285 elementary computations (like encrypting an AES block) within a year -- it won't be discreet, and that's still less than the millionth part of the millionth part of a 2128 space.”
- 128-bits of entropy for cryptographic operations
In fact, a 12-word seed phrase has a possible combination of 340,282,366,920,938,463,463,374,607,431,768,211,456 while a 24 word seed phrase has exponentially more combinations.
Logistically, the mnemonic phase is hashed to get a seed. Then, the seed is used in a mathematical formula and we get a private key as shown below.
If one lose their wallet but has the mnemonic phrase access, then one input the phrase when setting up a new wallet to recover your account. This wallet security is pretty common across most wallet security protocols today and while it’s functional at preventing loss of access to your wallet, it has limited functionality on theft because most people write down or email their 12-24 word mnemonic phrase somewhere that has accessibility ease.
All Web3 Wallets should following general macro framework:
No single point of failure: there is no single thing (and ideally, no collection of things which travel together) which, if stolen, can give an attacker access to your funds, or if lost, can deny you access to your funds.
Low mental bandwidth requirement: as much as possible, UI/UX should be simple, and it should not require users to learn strange new habits or exert mental effort to always remember to follow certain patterns of behavior versus status quo
Maximum ease of transacting: most normal activities should not require much more effort than they do in regular wallets (eg. Status, Metamask...)
Web3 Sub-Wallets
Provided that all the wallet security protocol solutions provided above all suffered from various defects from theft, loss of private keys, low UI/UX usability and therefore high mental bandwidth and thus low adoption, and counterparty trusts (philosophically, security is an on-going exercise that requires constant iterative improvements as there is not an one-model-fit-all or set-once-and-be-done-forever).
Given that public and private key access is more or less synonymous with digital signatures (DS), and in the Web3 wallet realm, also the key the kingdom where all assets and personal credentials are laid out barefaced, and DS are ubiquitous in our computer dominated society, there is an interesting proposal for Web3 sub-wallets.
This framework is build on top of existing Web3 wallet layer (Phantom, Trust, Ledger, MetaMask, Coinbase Wallet and more) but also including a subsequent layer to that by adding sub-wallets with allows more precise and pinpointed security enhancement protocols. Given that we will highly probable continue to live in a multi-chain environment for the years to come (Vitalik has a good thought piece on it on the bottom), this frameworks allow different layer of wallet security protocols in each sub-wallets.
For example, a user can have a ‘treasury wallet’ or the wallet that has the most security application protocols using some of the frameworks above that makes it extremely challenge to transact to and/or from that wallet to 3rd parties (as defined as parties outside your own wallet infrastructure) And another wallet with lighter security protocols for ‘daily transaction wallet’ that has similar functionality like a Venmo Wallet or VISA/AMEX/MA credit card to buy a cup of coffee and then another few wallets that serves as ‘digital securities and digital asset investment wallets’ that has more security protocols in place with the ability for you to share your on-chain KYC/KYB/AML/Accreditation credentials with 3rd parties for SEC, FINRA, FinCEN etc. compliance recordkeeping for investing in digital securities/tokenization and fractionalization real-world and digital assets.
This type of sub-wallet infrastructure allows more flexibility on wallet security protocols and ultimately gives people access to cryptographic and economic building blocks that allows them more choice in whom to trust, and furthermore allow people to build more constrained forms of trust. The previous one-wallet with simple or complex security is not scalable if want to onboard 1 billion+ users into Web3 over the coming decade.
Furthermore, there is high probability we will continue to live in a multi-chain environment for the years to come, and according to Vitalik, highly probable not a cross-chain environment, given the bridge of securities across many ‘zones of sovereignty’ the sub-wallet security protocol framework will extend the usability of a single wallet across several application layers within a given protocol and elsewhere.
We are entering the next few years/decades where the existing Web 2.0 internet infrastructure is getting upended and a more mostly improved infrastructure will replace the status quo as Isenberg from The Room Where It Happens has pointed out above. Also, I am pretty excited about Solana Pay, Terra Money $LUNA to further remove monopolistic friction points in the transfer of money between the buyer and the seller.
Interestingly, most of the upgrades mentioned above by Isenberg requires having a critical solid wallet infrastructure. I believe the community as a whole will continue to explore more Web3 wallet security frameworks as well as double down on the need to have sub-wallets in order to better segment and transmit value across different ecosystems, protocols, applications and wallets.
Feel free to share your thoughts, reach out and more.