Why are Smart Contract Wallets Considered as the Most Secure Wallet?
Meet Motty Lavie, Braavos’ Founder & CEO, for a series of Q&A that clarify what is a Smart Contract Wallet, StarkNet tech opportunities, market evolution, and more! The recap was edited for length and clarity.
- Why are smart contract wallets different from existing ones?
- How do gas fees work on StarkNet?
- What are the key elements of Braavos?
- How do you see the split between the mobile and browser experience?
- Will the Hardware Signer only be available on mobile?
- Do you see the Hardware Signer replacing hardware wallets?
- Do I still need my seed phrase after enabling the Hardware Signer?
- Are there any plans to deploy Braavos on other ZK ecosystems?
Q: Can you tell us what the smart contract wallets are and how it’s different from existing wallets?
If you look at classical self-custodial wallets like Metamask from a technology perspective, it’s only an application that resides on the user’s computer or mobile device.
It has no logic on-chain, it only signs transactions on the application side and sends them to the blockchain for processing.
In contrast, smart contract wallets (a.k.a account abstraction) have two parts. There is the application part like regular self-custodial wallets, and there is the smart contract part that resides on the blockchain. The smart contract part represents the user account where all transactions go through before they reach any other contract or any other protocol on the blockchain.
This is called account abstraction and it allows the wallet to run arbitrary signature verification logic as well as arbitrary execution logic, opening a whole new design space that can improve functionality and UX. One of the main manifestations of account abstraction in Braavos is our Hardware Signer.
Let’s take two simple examples to give a better understanding of smart contract wallets’ possibilities:
The first one is what we call Multicall, it’s the ability to perform multiple calls to contracts on the blockchain within the same transaction. But why is it so powerful?
Let’s take the Uniswap experience for example. When I want to swap tokens, first I need to approve the amount of tokens that I want to use. Usually, this approval is for an unlimited or a very high amount that the protocol can withdraw from my wallet. Only then I can sign the actual swap transaction.
That’s both a security risk and a bad experience, because I need to sign two transactions. With multicall we can bundle these together in a single transaction which gives us:
- The ability to sign only one transaction instead of multiple.
- Restricting the protocol to withdraw only the exact amount that is needed for this specific transaction, instead of an unlimited access that is never reset.
That way, even if we use the protocol only once and a year later the protocol is under attack, the attacker can’t drain our wallet.
The second example is account segmentation. If we think about TradFi, we have different types of accounts. We have our checking accounts, which we use almost daily, but usually involve transactions of low amounts. And we have our savings accounts, which we don’t use daily, but where the amounts transferred are higher.
In regular wallets, we can’t have this separation protected by the blockchain, but this is possible on smart contract wallets. We can embed the account segmentation within the account contract on-chain and say for example:
- The checking account has a daily withdrawal limit so I can spend only a certain amount from that account per day.
- As for the savings account, I don’t want a limit but a time delay or 2FA on transactions above a certain amount.
This is the kind of features that we take for granted in TradFi and Web2 and that does not exist in crypto, certainly not in a frictionless user experience.
Q: I have a follow-up question on Multicall. How does it affect gas fees on StarkNet?
In L2, similar to L1, we pay gas fees for storage and for steps. For me, the major advantage of L2s is that the payment for steps on StarkNet is exponentially lower than on Ethereum.
Just to give an intuition (not accurate as we ignore various constants), if we do, let’s say, a million steps on StarkNet, it is in the same order of magnitude as doing only a few dozens of steps on Ethereum. Even if we increase the step count by one million, we still did not increase the gas cost by a significant amount because the overall equivalent steps for L1 will be minimal.
The issue here is that we are billed logarithmically on the number of steps that we are doing. If people remember their high school lessons on logarithm functions they will recall that they rise very, very slowly.
Q: Could you share with us some of Braavos’ key elements?
At Braavos, everything is about improving the user experience in the broadest sense possible.
In the first few months of building Braavos, we focused on the basics, such as having support for multiple browsers and mobile devices. As well as an NFT gallery right in your wallet, a transaction explainer, a built-in exchange, and so on.
Once we covered the basics, we started using the power of account abstraction and the last feature that we released is what we call the Hardware Signer.
The idea of the Hardware Signer is to utilize the mobile device’s built-in security chip in order to generate keys, sign transactions and verify them on the blockchain. As far as we know, this is the first time that it’s been done on any major blockchain.
We really feel that this is a revolution in terms of security of crypto funds. Because now even if someone gets a hold of your seed, they cannot steal your funds, which is extremely powerful. To get that today you would need to use a hardware wallet that you need to buy separately and learn how to set it up, use it, store it, etc. With Braavos, you get it built-in with a seamless experience such as using Apple/Google Pay.
Q: Many dApps are built for the web and StarkNet is shaping up to be the gaming network. How do you see the split between the mobile wallet versus the browser extension?
If you want to target the mass market and the next wave of users that will come to crypto, I think that mobile support is essential, because for many users it’s their first choice to access the Internet, for some it’s their only choice. We have to cater to mobile users or else we simply lose a huge cohort of people.
Now on top of that, the built-in features that we have in the mobile such as face ID, robust fingerprint, security chip, touch interface, and so on, allows us to make a much better user experience not only for transferring funds, but also for gaming.
So for us it’s pretty natural to have dApp support in mobile, whether they are a classic DeFi like ZKLend or cool NFT innovations like Briq or Web3 games that are developed on StarkNet.
Q: In the case of the Hardware Signer on Braavos, is it only limited to mobile transactions? How do you envision this evolving in the future?
We deployed it first on mobile, but the second phase will also enable the Hardware Signer on PC, especially on laptops that have a security chip and a strong authentication mechanism like those we use on mobile, a biometric authentication — face or fingerprint ID.
And later down the road it will also take the form of two factor authentication. Meaning as I mentioned earlier, transactions above a certain amount will require two devices to sign them. For example, your mobile with your face ID and your laptop with your fingerprint ID which creates an even stronger security.
Q: Do you see the Hardware Signer replacing hardware wallets in the future or do you see a spectrum of use cases?
I see the Hardware Signer completely replacing hardware wallets for most users in the future, because the security modules that hardware wallets use today were derived from the security modules that exist on mobile devices.
Take the iPhone for example, all iPhones come with its security subsystem called “Secure Enclave”. It’s an isolated silicon module dedicated for security. It’s deployed in hundreds of millions of units around the world, and it’s constantly being attacked. Not by two kids in a laptop in some garage, but by powerful corporations and governments around the world in order to get money and personal information about people.
So the amount of resources that people invested to try and hack the iPhone’s Secure Enclave is enormous. It’s in orders of magnitude more than hardware wallets, which makes the Hardware Signer all the more robust.
I guess in the future there will be some people that will want to use a hardware wallet as an additional signer and maybe keep it in some safe in some very secure location. But I think that the vast majority of people would already have the same or better security within their mobile devices.
Similar to my belief that in the future, all wallets will become smart contracts, either new wallets like Braavos or existing wallets that will try to transform into smart wallets. And the successful ones will have hardware signers built-in that will make hardware wallets redundant.
Q: Someone asked, “why do I still need my seed phrase after setting up the Hardware Signer?”
Let me start by saying that the seed phrase is temporary. To get the best user experience we want to get rid of the seed phrase completely and this is what we’ll do in the coming weeks and months.
We are working on a “forgot password” feature which is similar to what people are used to in web2 when you lose access to some site and you forget your password. There is always an easy way to recover your password in two clicks. Our feature is going to be very similar but will be completely decentralized and preserve the self-custodial nature of Braavos.
Currently, we still need the seed phrase to cater to the fact that your phone might get stolen, lost or bricked, so even if no one will be able to steal your funds, you won’t be able to access them as well. And that’s not good, of course.
So once the Hardware Signer is enabled, the derived from the seed phrase can be used for the only function, which is, the “request to remove the Hardware Signer”.
This is a special transaction that comes with time delay, utilizing account abstraction / the fact that Braavos is a smart contract wallet. And only when this time delay will pass, the transaction will actually get executed.
That time delay is crucial because let’s say your seed phrase got stolen by a phishing attack and an attacker tries to remove the Hardware Signer. You will immediately and repeatedly get notifications, and you will have four days (the delay is configurable) to simply cancel that request and either replace your key or move your funds to a new wallet.
That’s the reason why there’s still the need for the seed phrase only for that specific scenario of a device getting bricked, lost or stolen.
Q: Do you plan on deploying the Braavos wallet on other ZK ecosystems like zkSync in the future?
I will circle back to what I said at the beginning. We are very bullish on StarkNet and the STARK technology. And we believe that eventually, all the rollup solutions that exist today will converge to STARKs, even the ones that are currently working on fraud proofs and legacy SNARKs will converge to STARK. Simply because of the intrinsic STARK characteristics — there’s no trusted setup, it’s quantum-resistant, tremendously scalable, and is overall the superior technology.
That’s why our focus is entirely on building on StarkNet.