Beyond custodial and non-custodial wallets

How smart contract wallets like Sequence Wallet bring social recovery and more.

A crypto wallet is used for holding and managing web3 assets, such as tokens — fungible, non-fungible, and semi-fungible. Tokens can have all sorts of utility, ranging from currency and identification to event tickets, video game items, works of art, or digital clothing. You can learn more about the role of a web3 wallet here.

The two main categories of web3 wallets are Externally Owned Accounts (EOAs), which are first-generation wallets, and smart contract wallets, which are second-generation wallets.

Let’s start with EOAs: these wallets can be custodial or non-custodial. Custodial wallet services hold onto private keys and are responsible for securing users’ funds. In contrast, a non-custodial wallet gives users full control over their private keys and sole responsibility for securing their assets. Let’s have a closer look at both options in more detail.

Custodial

Most custodial wallets are web-based and usually offered by centralized cryptocurrency exchanges. As your custodian, the exchange holds your keys and stores your funds. Usually, these service providers require identity verification (you’ll often see this referred to as KYC, which stands for “know your customer”). The interfaces, in this case, are designed so that users hardly ever interact with their wallets directly. Their ease of use attracts newcomers who value not having to manage their own private keys.

Custodial wallets give users peace of mind that they can still access their funds even if they lose or forget their passwords. Most of the time, the password can be reset by the provider. In contrast, the funds of a non-custodial wallet holder can be irrecoverable if the holder loses their private key.

Custodial wallets require tremendous trust in the institution, which underscores the importance of using a trustworthy and reliable exchange and doing your research first. If the institution is untrustworthy, incompetent, or is compromised by a hacker or rogue employee with privileged access, you risk losing all your funds. Checking whether the custodian is regulated, how they keep your private keys secure, and if they carry insurance is part of that process.

The best way to think about custodial wallets is that you’re trusting someone else to hold onto your web3 assets for you, and in exchange, you’re getting an easy-to-use interface. For many people, it’s a fair trade-off, but you need to ensure that you have confidence in the organization (and its security models and employees with privileged access) you’re entrusting with your assets.

It is also important to mention that custodial wallets are limited in their capabilities, and tend to work only with a specific application or a small group of applications. If, as a user, you would like to access and interact with multiple applications, it’s likely worth looking at other options.

Some examples of custodial wallets you may have heard of are Free Wallet, Binance, BitMex, Bitgo, Blockchain.com, and unfortunately, FTX.

Non-custodial

Users of non-custodial wallets have complete control over their private keys, as well as their funds. Since non-custodial wallets are often more technically complicated than custodial wallets, they are more popular with experienced crypto users. In addition to browser-based wallets, non-custodial wallets can include mobile or desktop applications or hardware devices.

Users have more freedom with non-custodial wallets, but that freedom comes with more responsibility. Non-custodial wallet providers give users a seed phrase as a backup recovery method. The risk is that anyone with the seed phrase can access the account.

One of the advantages of non-custodial wallets is that they ​​have greater compatibility with a wider variety of web3 applications. Users can enjoy more flexibility and benefit from access to multiple dapps.

Some examples of non-custodial wallets are Trust Wallet, Electrum, Exodus, and MetaMask.

As you can see, there are flaws in both of the solutions described above. In an ideal scenario, people would have an easy-to-use interface, control of their assets, and uncompromised security. Good news: there are better solutions, and this is where MPC wallets and smart contract wallets come into play.

MPC wallets

Multi-party computation (MPC) wallets distribute the signing process of crypto transactions between multiple computers. The process splits a single private key into multiple key shards shared across different devices. MPC wallets require these key shards to be combined to authenticate a transaction.

As a result, an attacker who compromises a single key shard cannot transfer funds from an MPC wallet, which can only be hacked if the threshold number of key shards are compromised at the same time.

Benefits of MPC wallets include user-friendly custodial to semi-custodial options, an ability to configure additional security including transfer limits and 2FA, heightened data privacy, and elimination of the risk of a single point of failure from the private key.

Drawbacks include computational overhead, high communication costs, limitations with key rotation, and the lack of gasless transactions and transaction batching.

Some examples of MPC wallets are ZenGo, Fireblocks and Krayon.

Smart contract wallets

Smart contract wallets (a.k.a. smart wallets) are another alternative to EOAs and represent the next generation of web3 wallets. Smart wallets hold your assets in a smart contract. Programmable smart contracts allow for new features that make them safer, more versatile, and easier to use. For example, smart wallets can have built-in account recovery if you lose a key.

As an alternative to seed phrases, smart wallets rely on various mechanisms, with “social recovery” being one of the most popular. The social recovery wallet requires a single signing key that can be used to approve transactions. To increase security, you can set up at least three keys. The additional keys are called guardians. If the owner loses their signing key, they can access or contact their guardians and ask them to change the key. To note: the guardians can be controlled by the owner (i.e. via another device) or trusted to a third party like a friend or institution.

Beyond account recovery, smart wallets can make wallet creation and login seamless. Smart wallets like Sequence use the multi-key architecture to enable social/email login for users. In other words, Sequence delivers a wallet creation and account login experience that’s familiar and seamless for nearly all Internet users while maintaining the non-custodial principles of web3.

The ability to conduct transactions without paying gas fees is another major advantage of smart wallets. Smart wallets allow developers to sponsor their users’ transaction fees. And, for transactions developers don’t want to sponsor, smart wallets let users pay gas fees in any currency they want, not just the native token of a given chain. In addition to saving on gas fees, smart wallets can bundle multiple transactions into one to cut down on validation time.

When it comes to compatibility, smart wallets grant users access to a wide variety of web3 applications, similar to non-custodial wallets, while simultaneously empowering users with far more capabilities.

Overall, smart wallets are a great way to securely control your funds, unlock the promise of the DeFi economy, and access the next generation of Internet applications and games.

Some examples of smart wallets are Sequence, Argent, and Safe (previously Gnosis Safe).