Wallets: the big adoption challenge

Without them, interacting directly with the blockchain is impossible. Digital wallets are therefore crucial to the adoption of the sector.

Their development has seen renewed interest in recent months following the bankruptcies of centralised platforms such as FTX or Celsius in 2022. "Many saw it as an opportunity to offer their self-custody solution to avoid investors having to depend on a third party", says an entrepreneur in the sector.

"But for the time being, access to these wallets is still largely reserved for insiders", notes Charles Guillemet, CTO of Ledger, the world leader in physical wallets with its Nano, which claims to protect 20% of the cryptos on the market. "The industry still has a huge amount of work to do on the user experience, which is an essential condition for mass adoption of crypto," he huffs.

The battle of the user experience

The first digital wallets, which appeared with Bitcoin, only allowed you to check your balance and sign transactions to send funds. It couldn't have been more rudimentary!

But some companies quickly built more comprehensive interfaces, allowing users to manage more parameters. This explains in particular the success of MetaMask, the digital wallet launched by ConsenSys in 2018, which has attracted more than 30 million users. "At the time, it was a small revolution," points out Nicolas Bacca, co-founder of Ledger, who left the venture at the end of 2023 to launch his own project, Smooth.

MetaMask is the leader in "hot wallets", free applications connected to the Internet (via your browser or smartphone). This distinguishes them from "cold wallets" such as Ledger or Trezor, which rely on physical hardware and are more secure. Nevertheless, hot wallets such as MetaMask have the advantage of being more convenient (no need to carry your Nano around to sign transactions).

Other hot wallets such as ZenGo and above all Rabby, launched in 2021 by Singapore's DeBank, have subsequently joined the battle and are clawing back market share thanks to a more polished user experience.

Rabby automatically detects the tokens in your wallet (whereas you often have to manually integrate them into MetaMask by copying the address of a smart contract), selects the right blockchain to use, and helps you better understand the messages you sign with warning messages that are often quite useful.

To date, Rabby is undoubtedly the most user-friendly wallet and is highly regarded, ahead of MetaMask, whose experience lags a little behind.

"The MetaMask teams have long underestimated the user experience, believing that it was up to users to adapt to the specifics of Web3," confides one expert.

"Interfaces like Rabby are still too rare in the set of solutions currently available", judges Frédéric Ocana, ethical hacker and former director of a cybersecurity programme at the Banque de France. "With the sophistication of scams, making them more widespread is becoming more necessary than ever," he insists.

"The last two years have been devoted to a complete overhaul of MetaMask," says an internal source at ConsenSys, which is pulling out all the stops to maintain its lead. "It's often harder to innovate when you're the leader in a sector," she notes.

The first Ledger Stax arrivals

A problem that Ledger is familiar with, as the French manufacturer begins shipping the first copies of its latest physical wallet Stax, more than a year late. A setback due to the complexity of designing "the first fully secure touchscreen to manage cryptos", explains Ian Rogers, Ledger's Chief Experience Officer, in a video interview conducted for the occasion with The Big Whale.

"Stax aims to improve the user experience without compromising security. It's a very important step for self-custody as crypto grows in popularity, as evidenced by what's happening in the US," he adds.

When will a Ledger solution be integrated directly into a smartphone? That possibility is still too far off because of the risks involved in this kind of system. To date, "it is essential to operate in silos to ensure optimum security", says Ledger's Charles Guillemet. Nevertheless, the company is working towards one day integrating its technology into smartphones. This could see the emergence of "Ledger Inside", in the same way that Intel supplies the microprocessors for so many computers.

In the meantime, other innovative solutions focusing on ease of use continue to develop like Smooth, a start-up launched by Nicolas Bacca. "We're going to offer a wallet that can be accessed via a website with conventional authentication like an email, so that users don't have to manage their private keys. The wallet will be fully integrated into the website so as not to change the user experience. The aim is that they won't even notice that there's a blockchain behind it", he explains.

The development of "smart wallets"

Currently, interaction with blockchains is via the EOA (Externally Owned Account) protocol, i.e. with a private key. Most wallets, such as Rabby, MetaMask and Ledger, operate on this principle.

This is a major obstacle to wider democratisation, since the loss or theft of the private key results in the loss of funds. It is to minimise this drawback that "smart wallets" have appeared.

"Via this system, wallets are no longer managed solely by a private key but by a programmable smart contract and in a non-custodial manner," explains Johannes Moormann, Senior Product Manager at Safe Wallet, which secures nearly $100 billion in assets. As a result, transactions can be signed or access to the wallet can be retrieved more easily (email address, facial recognition, etc.) while remaining highly secure.

"This system makes it possible to attach additional functionalities such as governance rules via a multi-signature system or spending limits, with the possibility of connecting to one's account without using a private key," adds Johannes Moormann.

"Today, most crypto-native companies use Safe because they are keen to be able to customise their security," points out a cybersecurity expert.

This route is also being taken by the Americans at Fireblocks, whose wallet-as-a-service offering provides companies with a secure technical foundation while allowing them to parameterise their offering.

But the big development expected from smart wallets concerns "account abstraction", which could make the creation and use of wallets in the Ethereum ecosystem much more flexible. "A set of smart contracts manage access and automate a certain number of operations on your wallet, hiding complex operations to facilitate the user experience," explains Nicolas Bacca.

This functionality began to be implemented on Ethereum via EIP-4337 at the beginning of March 2023. But for it to be generalised and adopted by all wallets, the entire blockchain needs to be modified.

"For the time being, many players are still hesitant to completely jump the gun because they don't want to manage two standards at the same time: account abstraction and EOA," Nicolas Bacca points out. "We'll have to wait until the standards linked to account abstraction are a little more tried and tested and have solutions for migrating EOAs to smart accounts to speed things up," he adds.

On the other hand, account abstraction introduces other risks such as password or recovery phrase theft, as well as hacking into smart contracts. So it's all a question of compromise: more simplicity means more angles of attack. To date, there is no more secure solution than using a physical wallet such as Ledger and keeping the private key personally.

To address this problem, Ledger and other wallet providers (such as ZenGo) have designed systems for recovering access to the wallet in the event of loss of the private key or death of the owner.

Business models and regulation still uncertain

At present, in Europe or the United States, wallets are not regulated and are sometimes criticised for their non-custodial aspect (as the funds in them cannot be seized), which introduces a degree of uncertainty. In addition, some voices are calling for their providers to be reclassified as financial intermediaries.

In the United States, MetaMask is notably targeted by the Securities and Exchange Commission (SEC), which accuses it of acting as an unregulated broker, requiring its developer ConsenSys to register as such.

This accusation is based on the business model of MetaMask and most wallets, which are remunerated via commissions taken from transactions such as the purchase of crypto in legal tender, a swap or staking.

MetaMask is said to have generated more than $250 million in revenue in 2022 by charging 0.875% on these crypto-crypto exchanges.

"In Europe, the authorities consider that a wallet does not perform the functions of a custodian as long as the user retains full control over their funds and private keys," points out Victor Charpiat, a lawyer at Kramer Levin. "Except in the case of institutional use, non-custodial wallets such as Ledger or MetaMask are therefore not affected by regulation", he concludes.