Hi, My name is Andrii Bondar. I'm a product designer working on the zkSync Era∎ project, a Layer 2 solution for scaling the Ethereum blockchain.
As a product designer, I've always been interested in how widespread blockchain adoption can be fostered. Looking at today's technologies, I believe they are at a point where global adoption isn't a pipe dream anymore.
What does a user need to start using Web3? Of course, the user must create an account to interact. Let's consider the number one blockchain with which you can interact and on which many Web3 projects are built - Ethereum.
There are two types of accounts in Ethereum: Externally Owned Accounts (EOA) and Contract Accounts.
Externally Owned Account (EOA) is the most popular way to create an account in Web3 today. But this is not the best solution, especially for beginners, because of the terrible User Experience. UX it's how a person feels while interacting with a system. More problems - less desire to use it.
Let's talk about the problems of Externally Owned Accounts (EOA) and why it's so hard for beginners. And the problem number one - the onboarding process is breaking users' habits.
Suppose an ordinary user starts using EOA, which is a typical crypto wallet and sees Seed Phrase instead of registering using an email or phone number. In that case, it will become clear how big the difference is between onboarding a regular cryptocurrency wallet and regular digital products user uses daily.
As a product designer, I believe the problem is that the onboarding process is breaking user habits.
The Seed Phrase is not what users expect to see because all classic financial products users trust require personal things - mobile phone, email, passport or client number. In the case of a client number, the bank, for example, can confirm authentication using a mobile phone confirmation (via SMS or voice call) or any other Two Factor Authentication.
When getting the Seed Phrase, users usually do not know what to do with this. In the world of digitalization, we do not have the habit of keeping all access to financial products in one special place. Even if we do, usually, this is protected by some Two Factor Authentication, like SMS, email, etc.
You may have already guessed problem number two - Seed Phrase cannot be protected by Two Factor Authentication. Lost Phrase - Lost everything.
What is a Seed Phrase? It's a human-readable set of phrases that recovers a private key from the blockchain. A Seed Phrase gives access to the crypto wallet.
Advantages of Seed Phrase
A Seed Phrase is a simple set of words that gives access to a crypto wallet, and it is much easier to copy them somewhere safe, and there is less chance of making a mistake in some characters than saving a private key of random characters.
Disadvantages of Seed Phrase
Access to a crypto wallet requires only this set of words. If you store those words online, the server it resides on may be compromised.
It can be hacked if you hold it on a device with Internet access. If you store it on a device that does not have access to the Internet, there is a risk that the device will fail, like any electronic device. If you store the phrase on a physical medium, there is a risk of losing or that medium may be damaged due to other factors. For example, the paper may get wet, metal rust, etc.
And the worst thing about this situation is that you can't implement Two Factor Authentication, which I highly recommend putting on all your mailboxes and social applications if you want to keep access to them safe.
If the user is not sure about the protection of the keys to the crypto wallet, he does not trust the blockchain.
Therefore, product designers creating interfaces for crypto wallets try to suggest different options for forcing a person to save this phrase and verify it by offering to manually enter parts of the phrase or choose the order of words.
Losing the Seed Phrase is not a unique situation. You can see a lot of headlines like "Fenbushi Capital Partner Loses $42 Million in Personal Funds From Supposed Leaked Seed Phrase" or "This man owns $321M in bitcoin — but he can't access it because he lost his password"
To implement mass blockchain adoption, you need to create a way to use decentralized wallets without a Seed Phrase but in a way that is common to users.
The solution is Account Abstraction
What is AA? It's a smart contract wallet. Unlike an Externally Owned Account, which can only sign transactions with a pair of public and private keys, this smart contract wallet can contain many functions, which makes it more flexible and increases security.
A smart contract crypto wallet is a decentralized wallet that allows users to interact with smart contracts on the blockchain. Users can create, deploy, and execute smart contracts directly from the wallet with a user-friendly interface. There are a few examples of smart contract wallets: Argent, Safe, Ambire Wallet, etc.
Improving UX and security is crucial for mass adoption. Account Abstraction, which eliminates the need for seed phrases and enables social recovery or biometric signatures, can provide these necessary improvements. Alex Gluchowski, zkSync Era∎
How can we improve onboarding UX to make mass adoption possible? Smart contract wallets can include many functions for this — for example, the opportunities to use email and phone numbers.
Let's check the onboarding process on Argent mobile application:
First - the user chooses the username everyone can use to send the money to this user.
Second - the users enter their email and phone number and verifies them.
What about security?
For increasing security, the smart contract code becomes the security guarantor, not the seed phrase. But where a private key is stored? Argent, for example, creates your private key on your iCloud or Google Drive so it can be shared between all user's devices. However, if someone steals this file, it's impossible to use the wallet because it will require email and SMS verification to access it.
And other functions include Trusted contacts, Bundle transitions, Account freezing, etc. But I want to highlight some of them, for example, Multisig security and Transfer limits.
Multisig security. This is like a two-factor authorization, where your friends or another wallet can act as validators. With their help, you can restore access to the wallet, approve funds transfers above the limit, or send funds to untrusted wallets.
Transfer limits. Users can set transfer limits preventing hackers from emptying the wallet if it is compromised.
And your smart contract wallet is not protected by Seed Phrase but protected by Guardians. There're the following types of guardians: a person you can trust (a friend or family member), a hardware wallet or another device you own and the Guardian that consists of your phone number and email. You can use your Guardians to lock your wallet, approve wallet recovery or approve an untrusted transaction.
I love the idea of an Account Abstraction that is natively supported by zkSync Era. I thank every smart contract wallet creator for pushing this idea forward by creating a user-friendly interface with excellent security.