🛸How Close Are We to a Chain Abstraction Future?
In the Rollup craze, we can only make it by simplifying infra complexity for users. Meaning one account, one signature, and one gas for all cross-chain ops. However, challenges persist such as account state sync, signature…
Crypto key management sucks.
Why do we always need to sacrifice security or good experience, often both?
This article explores the maze of
#passkey
,
#webAuthn
,
#AA
and
#MPC
. Combing together, an optimal solution may pop up to save our desperate souls.
Critiquing DePIN: False Hope or Real Dawn?
#DePIN
is no novel concept. In the last bull run, some stood out, but many fell short. This piece aims to provide a balanced critique, substantial prospects, an evaluation framework, and in-depth case studies.
🧑🍳 Smart Contract Account(SCA) has been generating buzz for a long while, yet the comparison with Externally Owned Accounts (EOA) often falls short.
What exactly is blocking its adoption, and how can we tackle the core issues?
@SevenXVentures
Finished my series of research on wallets/accounts:
- Key layer🔑 (Passkey, webauthn, MPC...)
- Account layer👛 (SCA and its modular stack)
- Infra layer ⚒️(4337, bundler, paymaster)
Living in NYC, feeling
@base
.
No doubt that Base is booming in April. In just 7 days, the TVL has increased by 15.7% to $5.47B, making it the No. 2 inbound bridge chain. Currently, 4.1k revenue-generating developers are actively building.
TL;DR: What should we expect
· Web2…
BREAKING: has raised $30M to build the largest decentralized GPU network in the world and solve the AI compute shortage.
The Series A round was led by Hack VC with participation from Multicoin Capital, 6th Man Ventures, M13, Delphi Digital, Solana Labs,…
EIP3074 is scheduled for the next hard fork.
Such a surprisingly retro trend in
#AccountAbstraction
history!
We came from:
- EIP86 in 2017: Burden for miners to run extra logic to distinguish different types of tx;
- EIP2938 in 2020: New tx type on the protocol level, not…
Fun speech by
@tarunchitra
and
@mikeneuder
gives us a sip of the challenges of LRTs during the hype. The withdrawal duration could be tricky depending on the AVS+restaking protocol+L1. Also, multi-layer slashing risks, portfolio selection complexity, and so on. 👇…
The vibes in the room seem leisurely, yet
@tarunchitra
speaking on LRT risks was anything but. Tarun presented a summary of his recent piece with
@mikeneuder
at
@SevenXVentures
Research Day here at
#ETHDenver2024
. The foundational piece is linked below ⬇️
17/ DePIN Evaluation Criteria
💰 Total Value = Narrative X Product X Tokenomic
🕙 Duration = Estimated confirmed or falsified time
🌾 Last resort = Compliance, Tea
09/ Olas
@autonolas
• Why: Autonomous Agents(AA) are powerful entities that perceive certain information and conduct actions. But web2 AA is severely limited in its potential: They can't do KYC, users can't take ownership, platform censorship risks, and limited composability.…
22/
@MetaMask
enables AA from Snaps, which is a trustless execution environment running inside of MetaMask, and has zero permissions by default. A bunch of teams are working on 4337 compatible snaps now.
20/ New implementation:
@LitProtocol
using MPC-TSS. Each key pair is generated collectively by the Lit nodes, operating as a decentralized network, 30 Lit nodes running inside TEE. It can work with any account, EOA or SCA
Demo:
01/ Grass
@getgrass_io
• Why: Data is the foundation of all AI training, but extractive gatekeepers make it difficult to source high-quality training data. A great deal can be scraped from the public web, but it’s common practice to block commercial data centers among major…
02/ Story protocol
@StoryProtocol
• Why: AI remixing is illegal and inevitable. The major block of AI growth is the lack of monetizing and creating attribution and providence for IP and content creators.
• What: A composable on-chain IP layer allows creators to set autonomous…
03/ Space and Times
@SpaceandTimeDB
• Why: As the LLM evolves, major companies can bias, alt, or tamper the dataset and parameters; it's important to have cryptographic proof of the untampered dataset, ensuring that the same dataset was used during LLM training. Also, SxT has…
NFTs ARE EATING THE WORLD 🌎
A manifesto on how we need to push the NFT medium/ecosystem forward together!
Try it out:
Mint:
ps - all npc day attendees 'check your wallet'
19/ New implementation:
@Web3Auth
using MPC-TSS, share1 is social login share, and decentralized nodes store the key; Share2 is device share; Share3 is generated by local computer and backed up by cloud services. It can work with EOA and SCA.
Demo:
07/ Ora
@OraProtocol
• Why: AI models can't run on-chain, thousands of computers will execute one inference. Verifying results on-chain is feasible but ZKML has an exponential cost with model size increases, so there's a need for linear growth cost- OPML.
• What: Ora is an…
04/ Bittensor
@TheBittensorHub
• Why: OpenAI aims to monopolize the control of AI
What: Bittensor is a decentralized platform for open-sourced AI
• How: The Bittensor network has 32 subnets. Those subnets started from the model, but now have extended to storage, computing,…
01/ Private Key Matters:
The private key is the core that allows us to sign transactions on Ethereum, but managing it has been a nightmare, even in the readable form of “seed phrases”.
18/ New implementation:
OKX uses MPC-TSS, Share 1 is stored in the OKX server, share 2 is stored on user’s device local storage, and share 3 is generated by device, encrypted and can be backed up to cloud. Also, it can be combined with 4337 SCA.
Link:
08/ Why didn't it work: Demand failure
Supply-side growth doesn't guarantee demand-side adoption. DePIN projects utilize tokens to rapidly incentivize miner expansion, with onboarding fees often reinvested to enhance network value. However, a surplus of supply without…
01/ What is DePIN:
DePIN, Decentralized Physical Infrastructure Networks. It represents a community-driven, decentralized hardware network incentivized by the token.
05/ Blockchain
@iotex_io
as a Layer 1, has introduced its Layer 2 solution "W3bstream," which enables secure IoT data collection, leverages flexible data availability layers, and aggregates large volumes of off-chain data into verifiable zero-knowledge proofs (ZKPs) and triggers…
08/ 🔑Key Layer:
Users authenticate using seamless biometric methods like facial recognition or fingerprint. Under the hood, it is the hardware-based security processor like Secure Enclave or cloud services like iCloud and Google Cloud that handle the key management.
05/ Secure Enclave(SE): An secure area designed to protect senstive data within computing devices. Using it as an authenticator
• Pros: Hardware-level security, Phishing resistance, Convenient experience
• Cons: Can't cross-device, it's bounded to SE
13/ Existing player analysis:
@TrustWallet
allows users to use a password or faceID to access the key stored in the user’s local browser’s storage, the user also can choose cloud service to back up the private key.
04/ Blockchain
@solana
, with a notable approximately $2.4B DePIN Market Cap, has emerged as the most popular choice for major projects. Solana aligns well with the DePIN projects’ needs for swift and low-cost transactions, Secondly, scalability is crucial, for example, Helium…
06/ Passkey: An implementation of WebAuthn at the operating system level, various by providers. Apple's Passkey uses the key stored in iCloud Keychain.
• Pros: Cross-device
• Cons: locked to specific platforms/ systems
07/ Here’s the idea to merge them into blockchain:
• 🔑Key: Preservation and access of private keys;
• 👛Account: Utilizing the key as an entity on-chain;
• ✍️Signing: Making on-chain signing both cost-effective and user-friendly.
14/ Existing player analysis:
@privy_io
allows users to use multiple social login methods like email, using SSS to split three shares:
• Device share: Local device or mobile;
• Auth share: Stored by privy;
• Recovery share: User password or encrypted by Privy stored in HSM.
02/ Key Management Layers:
Many will talk about 'custody', but what is it?
-> Can user sign without third-party?
-> Can third-party sign for user?
I avoid using 'custody' to label solution as good/bad, it's oversimplified. Here are important aspects I propose to look at:
15/ Existing player analysis:
@ParticleNtwrk
allows users to use social login, using MPC-TSS that has two shares:
• Device share: browser-iFrame
• Server key share: Particle's server
06/ Modulus labs
@ModulusLabs
• Why: When AGI's future is unstoppable, we need to prove the AI result is accountable and safe, which is generated from a certificated model instead of manipulated, without relying on the trusted centralized authority's good behavior.
• What:…
12/ Why didn't it work: Easily rug
Unlike other fields, DePIN participants (miners) usually need to initially invest significantly in hardware to start earning rewards, although this may be different for use cases. This presents a potential fraud risk, where the foundation could…
06/ Blockchain
@peaqnetwork
is a multi-chain Layer1 blockchain for DePIN. While having low cost and high transaction speed, it also provides Modular DePIN Functions like Multi-Chain Machine ID, payment, role-based access for machines, 3-tier data verification, AI agents, data…
07/ Why didn't it work: Regulation difficulty
Managing a network in the physical realm necessitates navigating a myriad of regulations, with feasibility and costs differing across markets. For example, hailing projects must manage travel data, comply with local governance…
10/ 👛Account Layer:
A traditional External-Owned Account (EOA) can be augmented with MPC services, their combination offers better interoperability and cost-effectiveness compared to SCA, though it lacks advanced functionalities that SCAs provide, especially for key rotation.
09/ 👛Account Layer:
A Smart Contract Account (SCA) offers the ability to assign arbitrary signers(e.g. SE and Passkey) and threshold mechanisms. Moreover, its modular design enhances flexibility and upgradability.
04/ WebAuthn: A web authentication standard uses public key-based credentials, often created by external authenticators. It eliminates the need for passwords and enables secure user authentication.
11/✍️Signing Layer:
Ethereum doesn't supports the r1 curve that used by WebAuthn's, so its signature verification incurs higher costs. Therefore, there are solutions EIP-7212 r1 curve precompiles, third-party services, Solidity verifiers, Zero-Knowledge (ZK) verifiers.
03/ Important New Solution Terms:
As described above, the webAuthn implementations align with our goal for daily blockchain users, to achieve high-level anti-phishing security and a friendly experience.
09/Why didn't it work: Tokenomic Failure
This tokenomic expertise proposed a challenge for projects originating from Web2 manufacturers, who tend to rely on precedents to formulate their token strategies. Sometimes projects tend to have mass incentives to attract participants,…
02/
@asparenb
, the ecosystem lead of
@argentHQ
explained why Argent made a big bet on native account abstraction. Argent was founded in 2018 and focuses on ZK-Rollups for scalability and native AA support.
Uniswap: Zero to Infinity
@Uniswap
is constantly pushing the boundaries of DEX. In my article, I explore the remarkable journey of Uniswap and where the future of DEX is heading.
Here's a summary🧵 of Uniswap's evolution, hooks, zkAMM, and more.
02/ Participants:
· Hardware Manufacturer: The physical devices that provide services or collect data, evolve from a centralized, whitelisted to a permissionless market.
· Miner: The entities that run hardware as nodes, calculate the payback period and rewards.
· Protocol: The…
optimal cost for a user on
@zksync
- L2 execution fee⬇️ (4337 and protocol level aa, save the verification fee cuz doesn't alter the slot in L1)
- L1 calldata cost for DA⬇️ (state diff allows posing only overall batch state change instead of every tx)
- the proof verification…
1/4337 (Account Abstraction) is gaining momentum, but it has a problem: high calldata costs. Fortunately,
@zksync
's state diff model offers a solution. It allows for reduced calldata costs for complex verification mechanisms on
@getclave
's account model
🧵
13/ Why there's still hope: Your margin is my opportunity
Web2 is FAT. When web2 companies enjoy high gross margins, DePINs can disrupt this by enabling individuals and smaller entities to compete against these giants. By tapping into this margin space, DePINs can offer more…
1/
Restaking Summer is coming. Let's explore LRT (Liquid Restaking Tokens) in one thread, covering:
- Why we need it (comparing LST and LRT)
- Competition landscape analysis
- Related risks
- Future opportunities related to LRT
*Research done in collaboration with
@LukeWasm
11/ Why didn't it work: Hard to build a moat
This challenge is particularly acute in commoditized services, where standardized and interchangeable offerings make it easy for both suppliers and customers to switch networks in pursuit of better revenue or lower fees. This lack of a…
16/ Why there's still hope: Community-driven, bottom-up approach
By leveraging a community-driven model, DePINs can achieve more cost-effective and agile development compared to traditional top-down approaches.
08/ Ritual
@ritualnet
• Why: New censorship and manipulation take place when AI infrastructure is more and more centralized, permissioned, and increasingly regulated. But crypto gives primitives around privacy and computational integrity, coordination and incentive, and…
10/Why didn't it work: Performance consideration
Centralization offers the benefits of focused coordination, adaptable management, and high-speed performance. Even though decentralized projects can attract attention with their lower fees, but matching the performance of…
15/ Why there's still hope: Token as a business booster
· Initial Funding: Raise significant capital from VC, kickstarts the business.
· Subsidies for Growth: Using a portion of the raised funds to subsidize service fees and reward users.
· Sustainable Expansion: When initial…
05/ Sentient
@witnesschain
• Why: AGI building is dangerous, facing "human extinction threat" and capitalistic framework risk, so they natively need crypto platforms; whereas the crypto platforms need native killer apps.
• What: Sentient is a platform for sovereign…
14/ Why there's still hope: Value anchor to minimize bubbles
DePINs provide tangible value through hardware devices, services, and data. This practical utility acts as a stabilizing factor, anchoring the business model and mitigating the risk of speculative bubbles. By offering…
21/ Closing thoughts:
However, challenges to address include striking a balance between flexibility and security, pushing modular standards forward, and implementing standardized interfaces that empower users to easily upgrade and modify their smart accounts.
11/ My Shell
@myshell_ai
• Why: With the rise of LLM, we need better tools to help creators easily build applications, also subversing the current "static" creator economy into a dynamic space.
• What: MyShell is a decentralized platform for discovering, creating, and staking…
10/ Future Primitive
@futureprimitive
• Why: NFTs are internet-native objects, but they lack programmability, therefore constraining their potential to conduct further behavior on-chain.
• What: Future Primitives turns NFTs into agents through ERC6551 and its infrastructure.…
4/ Elaborate on the engineering difficulties:
• Fragmentation: Different standard leads to platform lock-ins or redundant efforts.
• Security: The risk of account vulnerabilities.
• Upgradability: Retain the capacity to add, replace, or remove functionalities.
14/ Modules Sequence:
Introducing ERC6900, originally proposed by the
@Alchemy
team. It addresses the challenge of modularity in smart accounts by providing common interfaces and coordinates the efforts between plugin and wallet developers.
19/ Modules discovery:
The concept of “Module Registry” opens avenues for monetization for plugin and module developers, avoids vendor lock-in and supports the expansion of the EVM by adding an enhanced user experience that attracts a wider audience.
3/ Adoption dilemma:
• Bear market, few new users and existing are educated EOA users
• Migration obstacles from EOA to SCA(check EIP-7377)
• SCA signing issue(check ERC1271 and ERC6492)
• Gas overhead for deploying, simulating, and executing SCAs
• Engineering difficulties
2/ The topic of Account Abstraction (AA) has been under discussion since 2015 and it was further propelled into the limelight by
@erc4337
this year. However, the number of deployed SCAs still pales in comparison to EOAs.
6/ Modular SCA to address issues
Modular AA is a niche within the broader AA movement which envisions modularizing smart accounts to customize them for users and empower developers to seamlessly enhance features with minimal restrictions.
15/ Modules Sequence:
Three main processes defined in ERC6900 design
• Validation: Ensures the authenticity and authority of the caller
• Execution: Performs any custom logic that the account allows.
• Hook: Acts as a module that runs before or after another function
18/ Modules discovery:
@rhinestonewtf
Rhinestone defines a niche structure, where developers can create modules based on a schema, which could be easily attested by the external auditor. Users can check the module's security information from the front-end.
13/ Modular Structure: Comparison
⚠️Cost:
The flexibility inherent in the Diamond approach comes hand in hand with amplified security concerns. This increases the cost factor, necessitating comprehensive audits with every addition of a new plugin.
16/ Modules Sequence:
ERC6900 dictates how validation, execution, and hook functions for smart contract accounts should be written, which helps reduce the need for unique development efforts specific to certain implementations or ecosystems and prevents vendor lock-in.
17/ Modules discovery:
@safe
Safe{CORE} protocol is an open-source, interoperable protocol for smart contract accounts, designed to enhance accessibility for various vendors and developers while maintaining robust security through well-defined standards and rules.
7/ Modular Structure:
@safe
Safe is no doubt the premier of Modular Smart Account Infrastructure, which is designed to provide battle-tested security and flexibility, it empowers developers to create diverse applications and wallets.
10/ Modular Structure: ERC2535 Diamond💎
The ERC2535 is a modular system that can be upgraded/extended contract after deployment. Diamond uses a stateful contract as the main contract and uses delegateCall directly to all modules(or so-called facets).
Some personal news:
I will be leaving
@zksync
at the end of April.
I've been working on starting my own project.
Allow me to introduce
@sophon
Sophon is a general purpose hyperchain, focused on ██████ and ██████, using ██████ as DA, leading us all towards a…
11/ Modular Structure: Comparison
⚠️Flexibility:
@safe
needs to redeploy its Singleton to change the modules, while Diamond achieves this directly through the `diamondCut` function. Safe retaining a higher degree of control, while Diamond introduces enhanced flexibility.
9/ Modular Structure: What we gain by adopting
@safe
• Upgradable Contracts: Users retain the autonomy to upgrade their Safe to the desired singleton version.
• Composable and Reusable Modules: Freely select and combine these modules based on their use cases.