Some notes before we begin.
1. Sid and I will be at Singapore from the 17th to 21st for Breakpoint. Reach out by responding to this email if you are coming around.
2. Today’s piece is a part two of a three part series. The last of which will be in your inbox tomorrow.
3. The first one was on chain abstraction. Today’s issue is on how wallet infrastructure is evolving. Each of these are building blocks to onboard the next billion users to Web3.
4. As always, if you are a founder, make sure to drop in your details at the link below to collaborate with us.
Hey there,
A few months back, I was signing up for 0xppl.com. It was in the days following the Memecoin mania, and I did not want my financially irresponsible choices broadcast across a social network. I wanted to create a new wallet—one that was both secure and easily accessible. Not wanting to store yet another pair of private keys, I was searching for alternatives when I came across Capsule on Metamask’s Snap directory.
In the past, I wrote about how building mobile-first is crucial for growth. As of 2024, mobile apps are offered by multiple prominent DeFi products. We covered how volatility is a service last year. Last weekend, Pump.fun reached $100 million in cumulative revenue for the team.
I wanted to look at what could be the next big wedge, and it appeared as though passkey-based wallets could be one.
Passkeys are a mechanism for storing private keys within your devices to authenticate oneself. Companies like Amazon and Google use them to help users ditch their passwords while logging in, but their use extends to Web3 as well.
In today’s issue, I briefly explain how they work and suggest a possible future enabled by them. Much of this was written with the help ofAditi and Nitya. Make sure to follow them on Twitter for the latest on how wallets are evolving.
Let’s dig in.
Bridging Gaps
Imagine for a moment that mobile devices never existed. And the internet was only accessible from large, expensive personal computers. This was the reality in the late 1990s. Oftentimes, these computers were linked to physical telephone lines that were disconnected when someone used the internet.
So, if you were trying to download the latest album from Napster, your household would most likely not receive any calls if you had only one internet connection.
Mobile devices unshackled the gates of network connectivity. They brought three billion people online between 2000 and 2020. As a billion users joined Facebook by the 2010s, they brought enough attention to facilitate a digital-first economy—one where goods were sold online or dating happened entirely through social networks. Our podcast episode with Antonio Martinez covers the emergence of an attention economy and the role advertisements played within it.
If the internet had not become accessible, affordable, and easy to use while on the go, these platforms might have met the same fate as content television networks. Centralised, censored, and, oftentimes, boring. You would have had standalone “family-friendly” websites, as everyone would need to use these devices together. Mobile devices facilitated the Internet economy.
Secure wallet access today requires you to physically pull out a device (like a ledger wallet), sign transactions, and be in a secure location. So, people use them only for storage of high-value assets. Passkey wallets are closer to what mobile devices did for the internet. They do not require a high upfront cost. They allow users to use it on the go and, in Capsule’s case, across all apps. As a technology, they bring the entry barrier for spinning up wallets and using them down by far.
The primary driver for Passkey adoption has been Fast Identiy Online (FIDO)—an alliance that has onboarded north of 250 prominent companies into using the standard. Prominent password managers like Bitwarden and LastPass use it. So, in some sense, they are a mature technology now being ported into the crypto ecosystem through players like Capsule.
But what are they, and how do they even work? Much like crypto wallets—passkeys work on a public and private key model. The public key is the identifier used by the website to recognise you. It is known openly. The private key is generated in your device.
When you pay through Apple Pay or log in to a device using facial recognition, the biometric data does not leave your machine. Instead, a chip (usually known as a Secure Enclave) verifies the information (say a fingerprint), processes it, and offers the result to third-party software. I could steal your iPhone, but it would not mean I could access your biometric data, as the data never leaves a Secure Enclave.
Every application has a unique key pair, so the one you use for Google may not be reused on Amazon. Think of them as unique passwords for individual sites that your device automatically generates to log you in. These keys are often stored in the cloud. Both Google and Apple have mechanisms to store keys in their cloud, so any device using their operating systems can sync the keys for login.
How does this translate in the context of crypto? Wallets use private keys to sign transactions. Remember how I said your secure enclave can store private keys? In effect, you get to use your facial recognition or fingerprint scan as an authentication mechanism for signing transactions. A user who has been in crypto for a long time may not find this cool. But if you are a developer for a game or a web3 social product and have less than ten seconds to onboard the user, then simply using passkeys with iCloud is the fastest solution you have today.
Capsule allows me to create a wallet, access it at any time, and authenticate transactions with the convenience of a fingerprint scan or facial recognition from my mobile device. They offer Software Development Kits (SDKs) that enable any developer to create a new wallet for a user. You log in with Gmail on a Capsule-powered product and immediately see a wallet ready to go.
Providers like Capsule integrate on-ramps like Stripe. So a user could hold Ethereum (ETH) (for gas) by simply using Apple Pay after spinning up a wallet. This reduces a process that previously took hours to minutes. No more signing up for shady offshore exchanges to mint a Non-fungible token (NFT). But what if a user loses their keys? Part of what makes Web2 functional is “Lost Password.”
This is where Multi-Party Computation (MPC) kicks in. It sounds a bit like account abstraction, but the concept has its differences.
MPC is a mechanism for generating and managing cryptographic keys. As the name implies, multiple parties contribute to creating and storing a private key without one party knowing the entirety of its content. In effect, no single person can have access to the key, but if a person loses a portion of it, the other two can help restore access.
In a Capsule-enabled wallet, for example, the key is generated with input from the user and Capsule, with none of these inputs being known to the other parties. This setup is useful for key loss and for recovery when the user has lost access. However, if any two of these parties collaborate, they can sign a transaction. This setup is particularly useful for passkey recovery when the user has lost access.
Now that I have explained how it works, we can discuss what it enables and why it excites me. SDKs (Software Development Kits) like the one provided by Capsule allow users to create a single wallet that can be used across multiple products. For instance, when you use the same wallet on Metamask for Uniswap and Aave, both applications can interact with the same address to query and execute transactions.
Aave can check your wallet balance before approving a loan, and you can use Liquidity Provider (LP) tokens from Uniswap as collateral for loans on another platform. This interoperability of cross-platform assets is a core tenet of Web3. Historically, enabling it required users to have their own wallets with seed phrases. Porting it between devices was painful.
Capsule abstracts that pain away by allowing users to sign transactions or manage wallets using more traditional forms of authentication.
You can sign in with Google and use the same wallet across multiple products. One could argue that this feature set existed for anyone using MetaMask, but most users are not familiar with seed phrases or securing them. However, they are familiar with using Google, Twitter, or Apple’s login systems. Enabling users to create a wallet with just the click of a button could be the difference between retaining and losing them.
An added element of note here is that email-linked or embedded wallets are not new on their own. There are multiple service providers for that section of the market.
What is intriguing is how you can use the same verification form—say, an X handle or a Gmail login—across products. The interoperability is what is unique.
In the past, if you used an email (say joel@decentralised.co) to spin up a wallet on a decentralised exchange and then tried to do the same thing on another product, like a lending product, you would have two different wallets. So, any kind of composability (or cross-app interaction) broke down. Capsule helps with porting assets and identity across Web2-native identification systems and their SDK makes it possible for any developer to integrate it into a product with a few lines of code.
Another improvement Capsule brings to the wallet space is programmable transactions. It allows transactions to be automated if certain conditions are met.
For example, imagine you want to enable a wallet holding USDC (USD Coin) to buy $100 worth of ETH each time the price drops below $2000 from Uniswap. In the past, you would have had to deposit all your $100 onto a scentralised exchange (like Binance) or manually track the price movement of the asset.
With programmable transactions, this process becomes much easier. A product like Velo Data could relay the variable (in this case, ETH’s price) to authenticate a transaction. The user opts in, and Capsule can sign the transaction whenever ETH drops below $2000.
Having the signatures required to execute transactions across parties enables programmability. You can set pre-conditions for an exchange of assets through Uniswap without the user being involved—similar to if-then statements for transactions at the point of signing into an application.
For instance, an on-chain insurance product could query data from an oracle providing weather data and make a payout from a pool of capital funded by multiple users. A prediction market that uses data queried from Google could also payout for sporting events. Even better, you could link an Apple Watch to pre-designed wallets so that a user automatically transfers money to their friends if they miss their workout for the day.
In all these instances, the unique advantage Capsule offers developers is its ability to never have a user bother about seed phrases. A user could open a wallet, buy $10 of ETH, bet on a sporting market with their Gmail for login, and buy the ETH via Stripe using their SDKs.
The design space here is limited only by the type of data a product can query and Capsule’s ability to interpret and sign transactions based on it. However, such a model might be less effective for more subjective data or transaction requirements.
Beyond Transactions
Why does any of this matter? I could explain with an example. Recently, Capsule partnered with r/datadao to enable users to port data from Reddit to the DAO. Put simply, the product allows users to export their data from Reddit to a DataDAO (run by Commonwealth) to train Large Language Models (LLMs). Such a system requires a simple login model that can handle email addresses and interact with Web3-native products like Commonwealth.
R/datadao’s DAO is managed by a tool called Commonwealth. So, when a user sets up a wallet (using Reddit) and then logs into Commonwealth, they can use the points (or tokens) they received from Reddit to vote on a DAO managed on Commonwealth. Capsule allows users to sign up for DataDAO using wallets generated off a X handle, Discord or Google account and use their points to vote on a system built by Common. It takes a few seconds to spin these up.
A more relatable example would be if Uber drivers could govern on a DAO in proportion to the miles they have on their Uber accounts. Part of what enables use cases like these is the tooling provided by ZkTLS. We will be writing about it soon.
Another way Capsule expands the market for new Web3 users is through pre-generating wallets. This means a Web2 product can enable its users to spin up a wallet and have assets already on it when they log into the product.
For example, if I want to onboard the most active members of a running club in Dubai to a product, I could pre-generate wallets linked to their Twitter accounts, load NFTs that give them a discount on goodies like shoes, and then DM them to join the community.
Now, I’m not entirely sure how many people exist at the intersection of:
Living in Dubai
Running
Being active on Twitter
Using NFTs to access a community
However, my point is that such tooling can be used to bootstrap communities from the Web2 world using Web3 primitives. What if a user did not reply to my DM? I could use pre-programmed transactions to send the NFTs back to a claim wallet after a particular point in time. Kind of like how discount offers expire.
We explored business models that blend the real world and on-chain primitives in this story on airdrops.
This opens up design spaces for entirely new applications. One of the most accessible opportunities could be for content itself. Currently, we write on Substack as it allows us to reach out to our readers via email. If we need an NFT minted, our best options are Paragraph, Mirror, or a Farcaster Frame. Capsule’s SDK would hypothetically allow the creation of a Web3-native publication that lets users mint essays to their own email addresses.
In fact, we could even pre-load wallets linked to our most engaged readers with OP (Optimism) tokens so they won’t have to bridge assets to mint the NFT. The flow would look like the one explained below.
Sidenote: There is a massive opportunity in cross-pollinating on-chain media and newsletters. Please reach out if you are building in that space.
On the left, I explain the steps in minting on Mirror today using something like Metamask. To the right, I explain what it could look like with Capsule’s SDK.
This means a product could reactivate a user using traditional distribution channels (like email) while interacting with them on Web3 payment rails, such as stablecoins.
Tooling, like the one provided by Capsule, appears like a bridge between the market that exists today and the one that can hypothetically exist in the next decade. In my mind, they are tools that enable the perfect middle ground between the ease and convenience of Web2 products and the security, custody and customisation of Web3 native principles of building.
Reading Amazon Unbound,
Joel John