Wallets: The Friends & Foes of Web3 UX
The problem with wallets & it’s not just about the friction
With tech companies like Instagram, Apple, Google, and many more, we have become used to their sleek interfaces and easy-to-use digital products which keep up us hooked on them. But if we look at crypto products now, they seem quite raw and not so intuitive to use.
On Crypto Twitter a group of people will tell you that crypto is still new, we are still early and much of the focus is still on maturing the technology and it will only take time and so-called hype cycles for this space to evolve before it gets massive adoption. While on the other hand, some may differ by stating that if we can’t build products that people want to use, products that are useable then we are not doing enough for it to scale widely.
The current state
If we start from ground zero, for the hundreds of millions of people who will get introduced to crypto, a centralized exchange (CEX) is going to be their first interaction. They will use it to exchange their local fiat currency to buy some crypto token.
Maybe some of them will hold those tokens like an asset while some will use them to make the most out of Web3 (e.g- Using various DeFi products, buying NFTs, etc).
This is where the wallet kicks in, it’s like the passport to web3. Just like Akshay, our friend from Superteam says, the H1B visa doesn’t even matter anymore, what matters is the TCP/IP visa, which is the Internet. With a crypto wallet, one can connect to any supported dApp and get what Web3 has to offer. But for a newbie setting up a wallet, getting familiar with the Web3 products and then dealing with transactions can be overwhelming, and providing them with a similar user experience just like any Web2 app is tricky.
The entry gate to Web3 is a wallet but still, we haven’t figured out a way to onboard a new user while they are on the go. They just can’t create a wallet like opening up a Gmail account, they have to get a sheet of paper write the seed phrase, check again to ensure that what they have written doesn’t have any typos, retype that to confirm, and then they have got a crypto wallet. (Phew!)
That’s like trying to fill up a university form.
If we look at the numbers, the popular wallet Metamask reported over 30 million active users (wallets) in Q1 2022, and on Solana, there were 3.5 million active wallets in may during the peak of the bull market and since then, on average it has been between 500k-650k wallets.
Here in this piece, we will try to put some nuance to the above challenges and explore potential solutions to think about for builders while building a wallet with a delightful user experience.
Thanks to the Solana Foundation grant which made this happen and many thanks to Aditya, Yash and Krutarth for reviewing drafts of this essay.
What should be a wallet?
A wallet should provide informed consent for managing one’s digital authority. One should be aware of the limits of their digital authority as well as the status and results of their prior actions. as well as the full perspective of any potential action plans they may be thinking about. Particularly while connecting with suspicious sites.
As Taylor Monahan (founder of MyCrypto and currently working on Metamask) puts it,
A wallet should give you the information to make the best decision possible for you before you do any transaction/interaction.
Having the right to exit
Being able to exit gives you power over the system. A system that you can easily exit; forces the system to serve you honestly, and to evolve.
Having the option to leave provides you power over the system. A system that you can quickly leave forces it to serve you with honesty and to collectively evolve.
A wallet provider should never be able to know the scope of the measure of what people will do or the individual risk profiles of each person. At the end of the day, the wallet should be able to all about users, and the participants in the system.
When you will have full choice and control over your actions and how you are represented on the network is where the ownership will come from. When you look at on-chain, the keys are your identities and they represent how self-sovereign and digitally autonomous you are.
A Web3 wallet is a tool to access all of that.
Let’s try to define what is a good user experience. Is it about security or reducing the friction of using wallets as much as possible?
Designing for Security
Do you think it would be cool if there wasn’t any wallet pop-up when you were trying to use a dApp?
But actually, it won’t be that cool, instead, it will become a great way for any dApp to steal all of your assets/tokens.
If we look back, 1 year ago when the Solana wallet Phantom was new in the space, It attracted users with how sleek, fast, and snappy it was. It was so frictionless that any dApp can send a transaction; without you approving the transaction.
But it didn’t take too much time for them to realize that and finally, they removed the “Auto-approve” feature from the Phantom wallet.
On the surface, it feels like a good user experience. But removing friction is not always good a move especially when you are dealing with real money. When you have allowed a dApp to take action on your behalf, you have removed the users’ right to consent to their actions. It is like valuing dApps over users which is not always a good idea.
The best experience the user feels is when people get airdropped free money out of nowhere (ft. Airdrops in peak bull market) and the worst experience the people encounter is when people lose their money
Security v/s Usability
If adding 5 more clicks makes people not lose their money then it is a far better user experience than people losing money. Because it just saved millions of dollars getting lost by real users.
At times you might think, not sharing the seed phrase will keep you safe, but you might fall into other sophisticated scams that just take the right amount of FOMO and impulsiveness to get it right.
For example, people in crypto usually check and verify any website’s Twitter username, and website URL, and check if they have a real discord server with an active community or not. A lot of checks right ?!
But at last something as silly as the letter ‘i’ and ‘l’ can change the game completely. They look the same, if you are using it in your project name always use a font that distinguishes it clearly between I (UPPERCASE I) and l (lowercase l)
First step: Creating a wallet and storing the seed phrases
Right now the crypto space attracts only individuals who are tech-savvy and are curious to learn new & complex technologies. The efforts of the builders are spent on research & technology and not on the user experience.
The seed phrase is the basic foundation idea in crypto. it gives the user control over their wallets. But this power and responsibilities bring their own set of challenges. They are not only bad UX but also pose security challenges. That makes a wallet a single point of failure.
There is no option for the user to reverse a transaction sent to the wrong wallet by mistake. And to retrieve the wallet, not only the correct words are required but the order also needs to be correct. A user saving a wrong seed phrase is as good as not saving it in the first place.
Everyone has been accustomed to the Web2 way of signing into applications, i.e- One-click login through Google, Apple, Facebook, Twitter, etc. and you are in. If we want to onboard a wide range of users then we can not presume that everyone is ready for using a self-custodial wallet.
People expect the same, easy experience they currently have. They expect those magic moments.
Think of it like this if something goes wrong with your bank a/c people know what to do and what happens, but when they are using your product and your experience is different for whatever reason, you should either try to make it more similar or educate the user why it is different and make them aware about the difference.
A few ways crypto wallets can do that,
Make that process secure by default and seamless like Web2 apps. Make users sign up with their web2 credentials like google/apple accounts, by default you can choose to go with a 2FA method linked with the mobile number or the email and create a wallet for the user. On top of that, the wallet can take a secure backup of the user’s private keys and store it in the apple keychain or the equivalent encrypted backups with google drive for android and other devices.
It allows users to fall back on something in case they lose their device or uninstall the wallet. Though that sounded like a custodial wallet, you should have the option to educate users about what their seed phrase is and make them write it down before they start making any transaction.
If someone wants to recover that wallet in another device and doesn’t have that seed phrase with them, worry not! As they will still have the access to their login credentials to the wallet i.e. their google/apple accounts they can still log in with the 2FA and get access to their wallet.
In the other case where someone wants to recover their existing wallet, they can simply do that by linking that to a login method like a google/apple account or their mobile number.
This way users have an easier way to access their wallet seamlessly and securely.
Examples of a few apps that do this:
- Key App is a new wallet that lets users sign up with their web2 login methods with Multiple Factor authentication.
2. Glow takes a backup of your private keys and stores it on apple keychain or google drive on android devices.
How to secure a seed phrase?
To save the seed phrase, right now users write down the seed phrase somewhere in a notebook. Or popular methods are saving them in google drive or password managers like bitwarden, and LastPass with end-to-end encryption. Can custodial wallets be that password manager? The need to write down/save the seed phrases will be eliminated.
Give more context to the user while doing a critical action like saving the seed phrase. Inform them that if saved incorrectly they CAN NOT reset it later. The familiar flow of web2 doesn’t apply here.
Incase you are using the web2 credentials to link with the user’s wallet then let them know how to recover that(Multi-factor authentication) when needed
If you want to explore the onboarding flow of other crypto wallets, check out this site: neueux. It has got many crypto apps to dig in.
A wallet should excite the user on installation. Right now the excitement turns into anxiety when the user comes across new words such as seed phrases and is asked to store them safely.
We need design patterns that are familiar to the users. This is essential for mass adoption. The look and feel of a Web3 wallet may not be exactly the same as a web2 wallet because of technical differences. But the aim of the builders should be to make it as familiar as possible.
There can be a support team that will deal with specific user queries. Users can ask any specific questions they have and provide feedback on any unsatisfying experience.
Sending funds to another account
This is an irreversible action with multiple steps are involved.
A. Selecting the desired token: It is overwhelming for the user with the sheer number of tokens out there. The poor UX leads to distrust among the users as well. Also, a wallet supporting scam coins without due diligence also breaks the trust of the user. The stablecoins can be the default tokens. And the popular ones can be shown/clubbed at the top.
In fiat transactions, there is a fallback option incase the transaction is made by mistake. So here the main pain point is to solve is reducing the user’s anxiety during the process
Usually, the onboarding stops after the users are educated about the seed phrase. Onboarding users till their first transaction can be the standard.
Not all transactions are time-sensitive. The user can be asked for a time window during which they can schedule the transaction and the wallet can then proceed with the transaction whenever the gas price is around the average price and that transaction will happen during that time.
B. Entering the recipient’s address: This is where users are most anxious. There is no fixed pattern for addresses. so for the user to figure out if the address is valid or not is difficult.
While creating a new email address we all know how annoying it is when you don’t get your desired username and so you have to try out random variations, add numbers to it, or any character you want. But crypto addresses go multiple steps beyond and give a random string of characters that usually mean nothing and are obviously hard to remember. In this case, you can’t even risk remembering that, if you forget to include one character or make a typo, then that can be a completely different address that is not yours.
As the addresses don’t have a particular structure, it becomes harder to catch mistakes. Are we even talking about web3 if we haven’t talked about a Web1 experience yet! The wallet addresses can be compared to getting an ip address as you email address and using that, how annoying would be that to remember someone’s email which is 22.214.171.124?
As the folks from neuux put it
Would you have gone out of your way to get a domain name that was easily readable, paid $10 or more for it, and mapped it to the IP address of your email? That most likely won’t be true for most people. Then how can we expect new users into web3 to do the same?
A workaround with this can be to give users a domain name for free (yes, that’s expensive!) or have an in-app domain name. But the problem with the in-app domain name like .walletname is that it is restricted to that wallet and defeats the purpose of composability.
If most of the wallets partner up with themselves to give users this composability then this can be a game-changer.
Few apps like glow and key app do this where you can get a .glow or a .key domain.
A similar web2 analogy will be UPI IDs in India, just like you can send to a yourname@okhdfcbank or yourname@ybl or yourname@paytm from any application like GooglePay or PhonePe that’s how a cross-wallet compatible solution needs to be there.
Mobile first FTW
While the builders have access to desktops whereas the users do not necessarily have access to a desktop or they may not be using it as their primary device. The wallets are being built with desktop first in mind when it should be mobile first. Users need to feel confident when they are on their mobile device be it a mobile app or a website.
In a recent interview on Bankless, Anatoly said that the fear of being banned by Google or Apple prevents developers from building mobile applications and the lack of infrastructure and reliance on wallets makes it difficult to create delightful mobile experiences.
- Build on top of growing crypto rails for mobile. e.g.- SMS (Solana Mobile Stack), Backpack, etc.
- Optimizing for performance will be key here. Some users might have low-end devices which are less powerful and especially those devices try to save as much battery as possible to give the optimal performance. You need to make sure that the wallet can adapt to that without having the user stare at a blank screen, without draining their battery, and at lower network speeds.
- A way for a user to do gasless transactions can be a game changer, as people won’t think about the native chain’s token and can do the transactions with the tokens they want on their preferable network.
UI based on User Personas
The fintech apps in the web2 space have different UI based on their use case.
A few of the use cases and examples of apps are below.
- For high-value transactions — Banking Apps
- For relatively smaller value transactions & merchant payments — Google pay, PhonePe, Venmo, Cash App
- For investment — Kite, Robinhood
- For cross-border transactions — Paypal, Wise
Crypto wallets cater to or at least are trying to cater to all the above personas. This one size fits all approach makes the UI complicated.
What can be the solution:
- Personalized onboarding for the users. There is a need for personalization in onboarding as web3 is relatively new. The objective of the makers should be to understand the needs of the user and then show a UI relevant to that use case.
- For a user who wants to use it for their daily transactions (app like Google pay or Venmo), there is a poor user experience in showing the wallet balance details in the primary/hero section. Instead, the user would be interested in having the list of trusted contacts of the QR scanner as the main action.
- If the user wants to use it for long-term investments, then the wallet balance can be shown prominently and the transactions can be secondary interactions.
Bridge as default
How PayPal converts currencies and facilitates international transactions?
A similar UX for crypto wallets. where the user is not aware of the underlying tasks/processes. The user opens the wallet on the Ethereum network and sends it to the Solana network without having to change the network or any other additional steps.
Can a bridge become a default feature in crypto wallets?
The lack of interoperability forces users to use multiple wallets (in turn force user to safeguard multiple seed phrases).
What can be a solution:
- The wallet should understand the users’ actions and suggest the best possible paths to achieve them.
- You need not show the paths to the users by default. Abstractions can be made for the backend activities. Just show the key information to the users. (e.g- What chain they are on right now, the token they are sending and to which chain, etc.)
- Give users the choice to select from multiple options based on the networks. Show them all the networks and the cost & time involved in the transaction. Make it as easy as possible for the user to just take a decision. It is the responsibility of the wallet to compute everything and just the relevant information
- There is a challenge with the bridge for the receiver as well. If the recipient doesn’t have the network details loaded by default then the tokens will not show. There is a major challenge to this solution becoming standard. Each chain has its own bridge and they have its own interests in promoting it. This creates a roadblock to the broad adoption of Web3.
Circle recently came up with Composable USDC which combines Circle’s own Cross-Chain Transfer Protocol (CCTP) with Axelar (which offers secure cross-chain communication and dev tooling) to unlock seamless Web3 user experiences.
Axelar and Circle intend to make USDC composable so that developers can create multi-chain experiences with just one click that incorporates native USDC and function calls to any connected chain’s dApps.
From the user’s point of view, holding USDC on Solana is different from holding USDC on Ethereum or Avalanche. As a routing asset across chains, composable USDC can reduce fragmentation. Users never have to think which chain they hold their USDC on because they know they own it.
Wallet infrastructure as a service
A good UX for the users cannot be easily implemented without making the lives of developers easy. Wallet infra as a service makes the life of builders easy. They do not have to build the infra from scratch and they can in turn focus on making the life of the customer easy.
While these are not complete wallets, these services can help the wallet builders focus on the core functionality of the wallets. These services are necessary for the user journey and the builders can reuse these components in the wallets as per their needs.
Some infra players like Moonpay and Ramp also provide on/off-ramp services. They allow users to buy crypto without leaving their dApp or wallet. That’s a critical & most challenging infra for anyone to integrate and build for the masses
For example, a service provider can take care of fiat on ramping & off ramping. The service provider figures out the compliance requirements and offers easy integration with wallets.
An example here can be BitPowr Wallet Infrastructure.
Minimizing losses incase of a wallet hack/device theft
Crypto twitter often tries to give some heat to Banks, so let’s take an example of Banks themselves.
Every time there is a transaction, the banks let you know and ask whether you did it or not. When you are building a product where people send and receive money and something goes wrong and they lose money, there is no going back. And when the users come back to you to tell you that they have been scammed or lost money and you can do nothing about it to help them, the users will always get MAD.
We will have increasingly difficult challenges in achieving that level of satisfaction in our products as general tech products get better and the startups which are well funded just give no-question-asked refunds or refunds first, ask questions later.
So what can be the potential solutions? here are a few…
Hybrid Custody Wallets
On crypto Twitter, you might have come across phrases like “Be your own Bank” or “Not your keys, not your coins” for years. Now the FTX fallout made it seem even more prominent. While trying to mitigate counterparty risk self custody might seem a better possible solution that some people use, but it comes with its own challenges and feels quite primitive.
There are EOAs (Externally Owned Accounts) that are just low-level user accounts of blockchains. Operated and controlled by a private key can make it a single point of failure.
We have to face this — Most people are used to the security and comfort factor that comes with someone else taking care of the custody just like banks. So most people do NOT want to be their own bank.
Now the question is; Can we design a system that doesn’t require trust but still gives users confidence and peace of mind?
With Hybrid Custody system can be built that gives users access to their private keys while having keys for specific use cases with the trusted custodian. Then the custodian takes care of the other actions like blocking transactions or account recovery. However, these operations comply to clear guidelines established by users on-chain. The user always has the option to cut cords with a custodian, which is crucial.
This retains the advantages of self-custody by having full control and gives a better onboarding and better UX through these abstractions while having a safety net to fall back on.
Smart contract wallets, sometimes also known as “smart wallets,” are simply smart contracts that function like a wallet, i.e., an interface that enables users to manage their money, log in by connecting that, and communicate with dApps. But as there needs to be a Smart Contract that will be deployed, it will have some cost to create that.
Launched a few years ago by the smart contract wallet Argent, they gave users the choice to add Argent as a “Guardian,” as they put it. Argent might then carry out account recoveries on behalf of their clients. However, users may always turn off the Argent Guardian without permission. Another example here is Solace, they are building a smart wallet which enhances security using social recovery & vaults.
While smart contract wallets tend to remove the single point of failure, there is type of wallet that does the does the same thing but work differently from a technical point of view.
Those are nothing but MPC wallets.
Multi Party Computation also known as MPC lets a set of entities compute a certain operation as a whole or a collective. It keeps the individual inputs private and introduces a Threshold Signature Scheme (TSS) which removes any single point of failure.
Though it is mostly used for institutional purposes but slowly gaining popularity for mass market use cases as well.
What is in it for the users?
- No single point of failure
- No seed phrase
- Private key shares are distributed
As these key shares are combined off chain to create a signature, the transaction generated from these wallets looks and feels just like any other transaction done from any wallet with a private key.
- The ultimate scare for any user — “The seed phrase” is not needed to be saved by the user. So MPCs give peace of mind to the users.
- Lower costs over multi sigs and lesser recovery cost
Think of it like this, if an MPC is just like any other private key wallet on the blockchain then the gas fees will be similar just like a private key wallet
- Privacy for users:
As the signing occurs off-chain this gives the users privacy and then the organisation or the collective who participate in that signing process can keep a note of that.
Role of builders in MPCs
Builders have a critical role in making MPCs mainstream. MPCs are an alternative for the mass markets without compromising on security and giving tons of other benefits.
This narrative has led people new to crypto, to think that there are only 2 ways to store crypto.
- Self-custody (apparently the best way, because you hold your private keys)
- Centralized exchanges (not a good way after seeing massive fallouts recently)
Builders need to educate the user on the narrative that “not your keys not your crypto” may not be the best solution for everyone.
Apart from that here are some more that can be done on a low level…
2 step authentication
Pin/Password can be added as an additional step for transactions above a certain threshold for approving the transactions. This can be enabled even when the wallet is connected to a trusted site. To prevent drains, this threshold kicks in when the transaction is beyond a certain threshold. Initially, the user can set up a threshold amount for which they usually have the transactions. Later the wallet can decide based on the average amount of transactions and enhance the limit.
There can be a sub-wallet for spending. The spending wallet is linked to the main wallet. For transactions, the spending wallet is used and the main wallet remains a separate entity. The spending wallet can get automatically reloaded once the balance reached below a threshold.
StepN does this really well by having two separate wallets, one being a Spending wallet and another non-custodial wallet you can use.
In case of device theft or it getting lost, temporarily the wallet can be blocked. Temporarily blocking the wallets can be achieved with the help of guardians. Guardians are wallets on other devices. Guardians are approved by the user. Incase the user loses access to their device which has the wallet, then they can block their wallet with the help of guardians.
Will wallets eventually become a feature inside a dApp?
This idea is contrarian to how wallets function today. In the current system, you have got a wallet through which you can use multiple crypto apps (dApps) by connecting your wallet to them. This is not a familiar experience if you compare it with other non-crypto applications. Not to mention that there aren’t many consumer apps built on crypto but the user experience of dealing with wallets while using those dApps is going to be crucial and simplifying that is necessary.
StepN does this by having 2 wallets in their mobile app. There is one spending wallet which works seamlessly and another self-custodial wallet for transferring/withdrawing those earned tokens from the spending wallet to this wallet.
Another app which created a buzz on Twitter and follows a similar approach is Backpack.
Backpack creates an experience that we are very used to i.e- Using apps by downloading them. On Backpack you can simply click on an app, install it on your device and then you can start using it. These apps are called xNFTs and the OS for creating, discovering and using them is called Backpack.
Backpack creates a different experience by making actions like storing assets and signing transactions just a part of using the app and provides a more seamless experience of using other apps.
Soon we will start to see other use cases where owning assets and signing transaction parts become components which run in the background and more utility-based seamless experiences can be built on top of that.
UX is essential for making crypto mainstream. We still have a long way to go before we get to a smooth user experience.
Hopefully, this essay was helpful to think about what a good user experience looks like and what are the things we need to consider while building a wallet that optimizes for a good UX and never compromises on Safety.
To sum it up
- Educate your users
- Help people create and use wallets with ease by using their existing web2 credentials and a way to recover them however and whenever they want.
- Security over everything by default (i.e- 2FA, Limit access intentionally until they have performed a certain Safety check, like writing down the seed phrase)
- What’s the worst case that can happen to your users (without making any assumption about a third party)
- Detect any suspicious/bad activity and have a plan for it when that happens (Have a support line, take immediate action when something suspicious happens)
Before we end, here is a quick note that we feel is essential for making crypto mainstream and usable.
We all do general transactions every day whether while buying something from a store or buying any digital product or experience from the internet. If we need to check for the current user adoption and ask one question that can help us think better from a high level can be ‘How many transactions did you sign today?’
No matter how often we say it, if people aren’t using web3 applications, we need to consider how to make it valuable and usable so that users would sign up, start using it, and come back to it again and again.
That’s all folks.
In this piece, we dived deep into the intricacies of user experience for Web3 wallets and how can we make it better. Thanks to the Solana foundation grant for making it happen.
Hope you found it useful, and if you have any suggestions or want to have some interesting conversations around web3, we would love to connect — Mahadeep Ray and Sitesh Kumar Sahoo. Signing off!
- Stop Building for Crypto Twitter by Aditya
- Crypto Design Challenges by Stammy
- Alliance for Mass Adoption of the Blockchain by Beltran
- The Crypto UX Handbook by Christoph Ono, @gbks
- Designing for Web3 by cope studio
- Best onboarding examples from the Web2 app by Proudctled
- A playlist containing a set of talks on UX and design track from Devcon6
If you want to read the on-chain version of this, you can read it here on Wordcel