The foundation of the Web3 ecosystem is the wallet, an app or browser extension that lets users verify their web identities and authorize transactions. But using a wallet has always involved a steep learning curve. New users must learn to copy down their seed words and store them in a safe place, create a strong password to encrypt their keystore file, copy addresses accurately when sending funds, and other things they may never have to learn when using a Web2 app.
If a new user wants to make onboarding more accessible, one option is to use a custodial wallet provider, such as a centralized exchange. But experienced crypto users will almost always caution them against this for a good reason. The world has witnessed centralized exchanges like Mt. Gox, QuadrigaX and FTX go bankrupt from hacks or outright fraud, causing some customers to lose all their funds due to using a custodial wallet.
Because of this risk, many crypto users still see a noncustodial wallet backed up by a set of seed words as the only secure way for a user to protect their Web3 identity.
But do users always have to choose between security and convenience? Or is there a way to combine a noncustodial wallet’s security with an exchange’s convenience?
A few Web3 companies are trying to create wallets that are easy to use but also don’t require the user to place all their trust in a centralized custodian. Companies like Magic, Dfns, Kresus, Web3Auth, Immutable and others believe that a wallet can be just as easy to use as an email account, and secure enough to be trusted to protect the user’s identity and funds. These companies are using different types of new wallet infrastructure to make this idea a reality.
Here is a rundown of a few of the solutions used by wallet developers:
Magic
One new system is the Magic software developer kit (SDK), produced by Magic Labs. It is a developer kit and wallet infrastructure that allows developers to create seedless wallets for users.
Instead of storing the private key on the user’s device, an encrypted copy is kept on an Amazon Web Services Hardware Security Module (HSM). The encryption is performed using a Master Key that cannot leave the HSM. All signing is done within the HSM, preventing the user’s key from being broadcast to the internet.
Magic wallets do not use passwords. Instead, when users first sign up for a magic wallet, they submit their email address to the Magic relayer. The relayer then sends a one-time use token to the user through…
Click Here to Read the Full Original Article at Cointelegraph.com News…