d3h3d (ZUD arc) 「🦑」@d3h3d_
squidfra #1 - wallet as a protocol (waap)
first things first - credit to @0xHolonym for coming up with the name, brilliant.
----------
so what's waap? it's a simplified api that allows devs to incorporate a wallet experience within their app for their end users. key generation and key management is powered by @ikadotxyz and any access control policies are enforced by a @SuiNetwork smart contract.
----------
1. problem it solves
the problem waap solves is quite frankly one of the biggest problems in crypto, and one of the major hurdles to mass adoption.
in web2, users are accustomed to a robust access control system - passwords, social login and sso, user management systems with granular permissions, all with full flexibility and customizability. these systems are managed in a centralized way, and the user is (by design) not sovereign.
in web3, the main value proposition is user sovereignty, which is why access control is based on public key cryptography, and that unfortunately comes with a huge downside in terms of ux. we've all felt the ux difficulties as users ourselves - seed phrases, different wallets, gas fees - you name it.
now think about a developer who wants to create an app that runs on blockchain rails. creating a secure way for users to generate and manage keys and keep a good user experience around that is a HUGE challenge. then we have so many other challenges like gas fees, key recovery, seamless authentication, multi-chain support - it is so complex and the user experience is so clunky, the barriers to build even the simplest thing on crypto rails are extremely high.
----------
2. use cases it enables
the list of use cases is endless. this is such a fundamental piece of squidfra, i found myself bringing it up with about 90% of the builders i've talked to over the past few months - mentioning this would be something they can use to build out their use case.
we can all imagine different retail use cases like payments or trading or gaming, but this type of wallet infrastructure is an enabler for anything that touches blockchain - whether it's b2b / institutional products or ai agents that need to operate on blockchain.
the main point here is that devs want to build their use case, and when trying to do it on crypto rails, they end up spending most of their time trying to figure out the ux of onboarding (creating a wallet), performing actions (generating signatures), account recovery etc. - these are complex and sensitive things that need to be provided to devs so they can focus on their actual use case.
----------
3. existing alternatives
most devs are familiar with waas (wallet as a service) platforms. companies like @privy_io, @get_para and @Web3Auth provide a framework to generate and manage keys for end users. they have different security models (which we won't get into right now, that's probably a topic deserving its own post - not all waas systems are equal in terms of their architecture and security risks!) but all of them have one thing in common - a centralized single point of failure (spof). the company providing the waas service operates servers, and if they are compromised or disabled that could lead to catastrophic outcomes for all the end users of all devs using the platform.
besides the security risk it carries, the idea of relying on a centralized entity to manage and enforce access control negates one of the main reasons for building on blockchain rails - by bringing back reliance on a trusted 3rd party. especially given the fact that both business and security considerations lead to a big chunk of these platforms opting out of public and open-source in favor of being black boxes, so devs have very limited visibility into what they (and their users) are actually relying on.
however this is such a huge problem, that even with these great sacrifices in centralization and security - waas platforms are still wildly popular with devs. just a couple of weeks ago stripe acquired privy. there are local solutions on different networks such as account abstraction smart contracts, zklogin etc. but these are limited to the network they are deployed on so are not as popular as a basis for devs like waas platforms are.
----------
4. competitive advantage with ika
ika brings unprecedented power, security, decentralization and open-source power to waap solutions.
unlike the waas platforms' centralized key management spof, a waap platform utilizes ika and its 2pc-mpc protocol for a decentralized distribution of signing power. furthermore, all logic and policies live on a sui smart contract, enforced on-chain by the sui blockchain - that's the p in waap. everything, both ika and sui, publicly auditable and running on bft proof-of-stake rails. you literally can't get more secure and more decentralized than that.
side note: just think of the insane unlock for sui here - when waap platforms gain adoption that means every asset and every action performed on any blockchain with any app using the waap platform - is coordinated on-chain by a sui smart contract. this is what we're talking about when we say global coordination layer.
besides a superior product over waas platforms, there's also a really big unlock here for the waap platform company - ika lowers the barrier of entry, and removes risk and complexity for the waap platform. of course they still need to build a secure solution, but they don't need to deal with the really risky and complex cryptography, and don't end up doing crazy dangerous things like reconstructing the key in their servers every time it needs to generate a signature (yes privy i'm looking at you rn... smh)
story time - the first time @NanakNihal reached out to me was in denver just over a year ago, after we published our 2pc-mpc paper (it was actually the same day we met @b1ackd0g and told him what we were building for the first time!)
nanak told me that they have been building a centralized waas solution (@HumanWallets) and were desperately trying to figure out how to make it decentralized, hitting brick wall after brick wall, realizing it's an insanely hard problem that seems impossible. so when they read the 2pc-mpc paper they got so excited and couldn't believe someone actually solved that problem with real cryptography research.
i took @SapirHJ with me to meet nanak, she just joined the team as head of product a few weeks before, and she later told me that conversation was so powerful, it was the main thing that built her conviction around what we were building.
----------
well, this was the first squidfra post, tomorrow we'll start diving into bitcoin-related squidfra
