0xhubman.ethAccount Abstraction - Part 2
Welcome back to part 2 of the Account Abstraction (AA)! Last post we covered the concept of AA, the benefits of AA, and the infrastructure needed to utilize SCAs in the manner proposed by ERC-4337. This week we'll take a look under the hood and discuss how ERC-4337's components actually interact with each other to make AA a reality. You'll remember that every transaction that occurs on Ethereum currently requires an EOA to initiate the transaction (by signing the transaction with a private ke...
0xhubman.ethStablecoins
For this post, we'll be diving into one of the crypto industry's most popular use cases - stablecoins. As of November 2023, USDT and USDC, the two biggest stablecoins by market cap, have a combined market cap of ~$110 billion within the crypto industry's entire $1.48 trillion market cap. However, this rise in popularity of stablecoins has not come without its controversies. If you've spent any amount of time following or participating in the crypto industry, you've no doubt seen the barrage o...
0xhubman.ethNostr
Tired of the Twitter/X drama? Don't know what the heck Mastodon is or how to use it? Do you like ostriches? Well then there is a protocol for you! In this post, we'll actually be veering off the blockchain-specific beaten path and delving into an exciting protocol that can best be described as crypto-adjacent - the Nostr protocol! Nostr (short for Notes and Other Stuff Transmitted by Relays) is an exciting protocol that aims to be a fully fleshed out decentralized social network and so much m...
We do a little learning
0xhubman.ethAccount Abstraction - Part 2
Welcome back to part 2 of the Account Abstraction (AA)! Last post we covered the concept of AA, the benefits of AA, and the infrastructure needed to utilize SCAs in the manner proposed by ERC-4337. This week we'll take a look under the hood and discuss how ERC-4337's components actually interact with each other to make AA a reality. You'll remember that every transaction that occurs on Ethereum currently requires an EOA to initiate the transaction (by signing the transaction with a private ke...
0xhubman.ethStablecoins
For this post, we'll be diving into one of the crypto industry's most popular use cases - stablecoins. As of November 2023, USDT and USDC, the two biggest stablecoins by market cap, have a combined market cap of ~$110 billion within the crypto industry's entire $1.48 trillion market cap. However, this rise in popularity of stablecoins has not come without its controversies. If you've spent any amount of time following or participating in the crypto industry, you've no doubt seen the barrage o...
0xhubman.ethNostr
Tired of the Twitter/X drama? Don't know what the heck Mastodon is or how to use it? Do you like ostriches? Well then there is a protocol for you! In this post, we'll actually be veering off the blockchain-specific beaten path and delving into an exciting protocol that can best be described as crypto-adjacent - the Nostr protocol! Nostr (short for Notes and Other Stuff Transmitted by Relays) is an exciting protocol that aims to be a fully fleshed out decentralized social network and so much m...
We do a little learning
Share Dialog
Share Dialog
Subscribe to 0xhubman.eth
Subscribe to 0xhubman.eth
<100 subscribers
<100 subscribers
Wallets, wallets, everywhere - but are they safe to store your crypto funds in? That can be a loaded question for some, and it all comes down to what custody model a specific wallet utilizes. And if you find yourself asking "what the heck even is a custody model?" then you've clicked on the right post! Whether you've just onboarded into crypto for the first time or have funds spread across 100 different wallets, knowing the key features of a wallet's custody model is important to avoid making any costly mistakes.
Wallet custody models boil down to who has access to a wallet’s private key, since the private key controls the funds in the wallet. The two overarching categories of custody models include custodial wallets and self-custody wallets.
Custodial wallets are the main entry point for many users in the crypto ecosystem. Crypto exchanges and qualified custodians offer custodial wallets to their customers. Custodial wallets mean the entity providing the wallet controls the wallet’s private key, and the users tell the entity what to do with their funds on their behalf. Additionally, these entities typically conduct KYC/AML checks on users who use their services. Custodial wallets can be considered similar to a bank account where you deposit funds and the bank has control and custody of your funds.
Pros
Users are not responsible for security of their funds
Easy user onboarding similar to web2 UX
Straightforward account recovery
Cons
Users do not have direct control over their funds
Examples
Crypto Exchanges: Coinbase, Gemini, Kraken, Robinhood Crypto
Qualified Custodians: Anchorage Digital, BitGo, Coinbase Custody
Self-custody wallets are the primary way most users interact with the on-chain crypto ecosystem (e.g., DeFi, NFTs, etc) and come in many forms, such as browser extensions, mobile apps, hardware wallets, and paper wallets. Self-custody means the user has access to the wallet's private key and can directly control the wallet's funds. Self-custody wallets for UTXO-based blockchains (like Bitcoin) all behave the same way, while self-custody wallets for Account-based blockchains (like Ethereum) can be implemented in one of two ways: externally owned accounts (EOA) or smart contract accounts (SCA). While both Account-based implementations can be used to send, receive, and hold funds, the key difference between these two implementations is how transactions are executed.
EOAs are self-custody wallets where the user controls the private key of their wallet and executes transactions by signing them with their private key. Most self-custody wallets that interact with the on-chain crypto ecosystem today are EOAs, mainly due to the popularity of wallet providers such as MetaMask and Coinbase Wallet.
Pros
Users have complete control over their funds
Cons
Users are responsible for the security of their funds
If a user loses their private key or seed phrase, the funds in their wallet are lost forever
Intimidating user onboarding for new participants
Examples: Coinbase Wallet, MetaMask, Rabby, Ledger
While not a new concept, SCAs (also known as smart contract wallets) have been steadily gaining popularity and developer mindshare over the past few years due to the promise of streamlining user onboarding and enabling mass adoption through the implementation of account abstraction. A SCA is a self-custody wallet in the form of a smart contract, where transactions are executed via pre-determined smart contract code instead of a user signing a transaction with a private key. This allows for greater customizability of the wallet’s functionality, such as social recovery, enabling MFA, sponsoring transaction fees, multi-sig functionalities, and bundling transactions. SCAs can be created through various strategies, such as an EOA/relayer combination, layer 2 rollups with native account abstraction, or a SCA factory smart contract.
Pros
Abstracts away much of the required technical knowledge for new users
Allows for social recovery
Increased security due to not relying on a private key
Cons
Still in early days and not widely supported in the greater crypto ecosystem yet
Potential unknown risks in the implementation of account abstraction
Examples: Coinbase Smart Wallet, Argent, Soul Wallet
Multi-sig wallets (short for multiple signatures) are a more complex wallet custody model that refers to a wallet that requires more than one signature, or private key, to control the funds. As such, this means multiple private keys are required to sign any transaction from the multi-sig wallet. The combination of private keys required for transaction signing can consist of both self-custody and custodial private keys, or only one or the other. Multi-sig wallets are similar to a single door that requires multiple keys to open it. Most multi-sig wallets are referred to as ‘X-of-Y’, where X amount of signatures out of Y possibilities are required. Common implementations of multi-sig wallets utilize a ‘3-of-5’ or ‘4-of-7’ architecture.
Pros
Increased security as an attacker would need access to multiple private keys to compromise the wallet
If one of the private keys is lost, utilization of the wallet is still possible with the remaining private keys
Cons
‘X-of-Y’ signatures does not necessarily mean X people hold X private keys, it could be a single person who holds every private key. Not necessarily a con, but could promote a false sense of security
Complex setup that introduces a variety of ways that loss of funds could occur
Examples: Safe Vaults, Unchained Capital
MPC wallets (short for multi-party computation) are similar to multi-sig wallets; however, as described above, a multi-sig wallet requires multiple private keys to sign a transaction whereas an MPC wallet divides a single private key among multiple parties. Leveraging multi-party computation, these types of wallets typically split the private key amongst the user and a remote server or third-party to eliminate a single point of failure. When a transaction requires signing, the involved parties collaborate to generate the signature without actually reconstructing the single private key. MPC wallets are commonly used among institutional entities, with consumer-facing products gaining popularity as well.
Pros
Increased security as an attacker would need access to multiple parties/key shards to comprise the wallet
Data can be shared in a distributed manner without trusted third parties
Key shards are encrypted to avoid revealing any private information
Cons
Complex setup that typically requires more communication between multiple parties, which could lead to slower transaction signing
Examples: ZenGo, Lit Protocol, FireBlocks
In addition to the custody models described above, there is another way to classify wallets depending on the connectivity of the wallet's private key: hot wallets and cold wallets. Hot wallets connect directly to the internet and are useful for storing crypto short-term, while cold wallets are offline (i..e, never connected to the internet) and are ideal for storing crypto long-term. By ‘connecting to the internet’, this is referring to whether the wallet’s private key is ever exposed to a network connection and could potentially become compromised. Custodial wallets utilize a mix of hot and cold wallets depending on the entity's internal infrastructure and business needs. Regarding self-custody wallets, below are different form factors of self-custody wallets for both hot and cold wallets, along with a brief description of the wallet mechanics and products available to users.
Browser extension wallet: wallet that lets users connect directly to dApps within their browser
Examples: Coinbase Wallet, MetaMask, Rabby, Phantom
Mobile app wallet: wallet within an app on your phone that is able to utilize QR codes for sending and receiving funds. WalletConnect is utilized for many mobile app wallets to connect to dApps
Examples: Uniswap, Rainbow, MetaMask, Coinbase Wallet
Desktop wallet: wallet within a client on your desktop that can also integrate natively with some dApps
Examples: Electrum,
Hardware wallet: wallet in the form of a physical device. Hardware wallets are typically used in tandem with browser extensions wallets acting as the online UI to interact with dApps, while the wallet's private key never leaves the hardware device or connects to the internet
Examples: Ledger, Trezor, Grid+ Lattice, Cold Card
Paper wallet: wallet in the form of your private key being written on a piece of paper, inscribed in metal, or some other physical form factor. The private key for this wallet should never be photographed, sent via text or email, or left in plain sight.
Wallets, wallets, everywhere - but are they safe to store your crypto funds in? That can be a loaded question for some, and it all comes down to what custody model a specific wallet utilizes. And if you find yourself asking "what the heck even is a custody model?" then you've clicked on the right post! Whether you've just onboarded into crypto for the first time or have funds spread across 100 different wallets, knowing the key features of a wallet's custody model is important to avoid making any costly mistakes.
Wallet custody models boil down to who has access to a wallet’s private key, since the private key controls the funds in the wallet. The two overarching categories of custody models include custodial wallets and self-custody wallets.
Custodial wallets are the main entry point for many users in the crypto ecosystem. Crypto exchanges and qualified custodians offer custodial wallets to their customers. Custodial wallets mean the entity providing the wallet controls the wallet’s private key, and the users tell the entity what to do with their funds on their behalf. Additionally, these entities typically conduct KYC/AML checks on users who use their services. Custodial wallets can be considered similar to a bank account where you deposit funds and the bank has control and custody of your funds.
Pros
Users are not responsible for security of their funds
Easy user onboarding similar to web2 UX
Straightforward account recovery
Cons
Users do not have direct control over their funds
Examples
Crypto Exchanges: Coinbase, Gemini, Kraken, Robinhood Crypto
Qualified Custodians: Anchorage Digital, BitGo, Coinbase Custody
Self-custody wallets are the primary way most users interact with the on-chain crypto ecosystem (e.g., DeFi, NFTs, etc) and come in many forms, such as browser extensions, mobile apps, hardware wallets, and paper wallets. Self-custody means the user has access to the wallet's private key and can directly control the wallet's funds. Self-custody wallets for UTXO-based blockchains (like Bitcoin) all behave the same way, while self-custody wallets for Account-based blockchains (like Ethereum) can be implemented in one of two ways: externally owned accounts (EOA) or smart contract accounts (SCA). While both Account-based implementations can be used to send, receive, and hold funds, the key difference between these two implementations is how transactions are executed.
EOAs are self-custody wallets where the user controls the private key of their wallet and executes transactions by signing them with their private key. Most self-custody wallets that interact with the on-chain crypto ecosystem today are EOAs, mainly due to the popularity of wallet providers such as MetaMask and Coinbase Wallet.
Pros
Users have complete control over their funds
Cons
Users are responsible for the security of their funds
If a user loses their private key or seed phrase, the funds in their wallet are lost forever
Intimidating user onboarding for new participants
Examples: Coinbase Wallet, MetaMask, Rabby, Ledger
While not a new concept, SCAs (also known as smart contract wallets) have been steadily gaining popularity and developer mindshare over the past few years due to the promise of streamlining user onboarding and enabling mass adoption through the implementation of account abstraction. A SCA is a self-custody wallet in the form of a smart contract, where transactions are executed via pre-determined smart contract code instead of a user signing a transaction with a private key. This allows for greater customizability of the wallet’s functionality, such as social recovery, enabling MFA, sponsoring transaction fees, multi-sig functionalities, and bundling transactions. SCAs can be created through various strategies, such as an EOA/relayer combination, layer 2 rollups with native account abstraction, or a SCA factory smart contract.
Pros
Abstracts away much of the required technical knowledge for new users
Allows for social recovery
Increased security due to not relying on a private key
Cons
Still in early days and not widely supported in the greater crypto ecosystem yet
Potential unknown risks in the implementation of account abstraction
Examples: Coinbase Smart Wallet, Argent, Soul Wallet
Multi-sig wallets (short for multiple signatures) are a more complex wallet custody model that refers to a wallet that requires more than one signature, or private key, to control the funds. As such, this means multiple private keys are required to sign any transaction from the multi-sig wallet. The combination of private keys required for transaction signing can consist of both self-custody and custodial private keys, or only one or the other. Multi-sig wallets are similar to a single door that requires multiple keys to open it. Most multi-sig wallets are referred to as ‘X-of-Y’, where X amount of signatures out of Y possibilities are required. Common implementations of multi-sig wallets utilize a ‘3-of-5’ or ‘4-of-7’ architecture.
Pros
Increased security as an attacker would need access to multiple private keys to compromise the wallet
If one of the private keys is lost, utilization of the wallet is still possible with the remaining private keys
Cons
‘X-of-Y’ signatures does not necessarily mean X people hold X private keys, it could be a single person who holds every private key. Not necessarily a con, but could promote a false sense of security
Complex setup that introduces a variety of ways that loss of funds could occur
Examples: Safe Vaults, Unchained Capital
MPC wallets (short for multi-party computation) are similar to multi-sig wallets; however, as described above, a multi-sig wallet requires multiple private keys to sign a transaction whereas an MPC wallet divides a single private key among multiple parties. Leveraging multi-party computation, these types of wallets typically split the private key amongst the user and a remote server or third-party to eliminate a single point of failure. When a transaction requires signing, the involved parties collaborate to generate the signature without actually reconstructing the single private key. MPC wallets are commonly used among institutional entities, with consumer-facing products gaining popularity as well.
Pros
Increased security as an attacker would need access to multiple parties/key shards to comprise the wallet
Data can be shared in a distributed manner without trusted third parties
Key shards are encrypted to avoid revealing any private information
Cons
Complex setup that typically requires more communication between multiple parties, which could lead to slower transaction signing
Examples: ZenGo, Lit Protocol, FireBlocks
In addition to the custody models described above, there is another way to classify wallets depending on the connectivity of the wallet's private key: hot wallets and cold wallets. Hot wallets connect directly to the internet and are useful for storing crypto short-term, while cold wallets are offline (i..e, never connected to the internet) and are ideal for storing crypto long-term. By ‘connecting to the internet’, this is referring to whether the wallet’s private key is ever exposed to a network connection and could potentially become compromised. Custodial wallets utilize a mix of hot and cold wallets depending on the entity's internal infrastructure and business needs. Regarding self-custody wallets, below are different form factors of self-custody wallets for both hot and cold wallets, along with a brief description of the wallet mechanics and products available to users.
Browser extension wallet: wallet that lets users connect directly to dApps within their browser
Examples: Coinbase Wallet, MetaMask, Rabby, Phantom
Mobile app wallet: wallet within an app on your phone that is able to utilize QR codes for sending and receiving funds. WalletConnect is utilized for many mobile app wallets to connect to dApps
Examples: Uniswap, Rainbow, MetaMask, Coinbase Wallet
Desktop wallet: wallet within a client on your desktop that can also integrate natively with some dApps
Examples: Electrum,
Hardware wallet: wallet in the form of a physical device. Hardware wallets are typically used in tandem with browser extensions wallets acting as the online UI to interact with dApps, while the wallet's private key never leaves the hardware device or connects to the internet
Examples: Ledger, Trezor, Grid+ Lattice, Cold Card
Paper wallet: wallet in the form of your private key being written on a piece of paper, inscribed in metal, or some other physical form factor. The private key for this wallet should never be photographed, sent via text or email, or left in plain sight.
No activity yet