Hi Zhen, thank you for taking the time to participate in this interview. We'd like to know a little about yourself and Web3Auth.
Thank you for having me. I'm Zhen Yu Yong, the CEO and Co-founder of Web3Auth. Our mission at Web3Auth is to revolutionize authentication in the Web3 space by providing a leading non-custodial infrastructure. We enable Web3 wallets and decentralized applications to offer seamless user logins to both mainstream and native Web3 users. We power many leading brands, including Safe, Animoca Brands, Fox.com, McDonalds, and others.
My journey into the world of decentralized finance, blockchain, and Web3 began after my time at Visa and Accenture. Seeing the potential for innovation and progress in these emerging technologies, I decided to dive into this space. I'm deeply passionate about empowering users through self-custodial ownership of assets, and I firmly believe in making the authentication process as secure, seamless, and convenient as possible.
Prior to Web3Auth, I had the opportunity to work on projects such as building one of the first cross-chain bridges, the Peace Bridge. Additionally, I was involved in various Ethereum Foundation projects focused on researching off-chain scalability solutions. These experiences laid the foundation for the establishment of Web3Auth.
1. We know that user onboarding is pretty broken in Web3. Can you elaborate on what are the major challenges related to simplified user onboarding journeys in Web3?
I think the two most significant challenges are the complexity of wallet setup and security concerns.
Firstly, the process of setting up a crypto wallet can be quite intimidating, especially for users who are not familiar with blockchain. It involves understanding concepts like private keys, seed phrases, and wallet addresses, which proves to be overwhelming for newcomers.
Secondly, users need to understand the importance of securely managing their assets and data. When discussing security, people often mention the concept of the blockchain trilemma. This concept highlights the tradeoff between decentralization, scalability, and security in blockchain networks. Achieving all three simultaneously is challenging, as improvements in one aspect often come at the expense of another.
That being said, there are different solutions in the market. With Web3Auth’s MPC, the users' private keys are split into multiple parts and stored across various devices without the need for seed phrases. In addition, our MPC offers enhanced authentication options such as social logins, SMS OTPs, and biometrics. This eliminates the need for users to remember or store seed phrases while ensuring their assets are secure. We are also introducing Passkeys which allows a more user friendly, passwordless method.
2. What impact has Web3Auth been creating on the broader crypto market? Can you also share a bit more on your background & journey?
We offer practical solutions for managing non-custodial wallets, improving UX and accessibility.
Through our partnerships with industry leading brands like Safe, Trust Wallet, and Fortune 500 brands such as Fox.com and Mcdonalds, we strive to provide the simplest and most secure access to digital assets across various platforms and applications.
Last December, we partnered with Safe to launch SafeAuth - an MPC based solution that allows developers to build portable Smart Account using authentication methods that they are already familiar with, Google, and social logins. From there, users can then use the same login to seamlessly sign onto and interact with over 190 dApps in the Safe ecosystem, including popular dApps such as Aave and CowSwap and more, across supported networks such as Polygon, Optimism, and Gnosis Chain.
Our partnership with McDonald showcases how web2 enterprises can augment their loyalty programs with Web3 technologies - 2000 NFTs were claimed within 15 mins of launch, further exemplifying the demand of such loyalty programs. By utilizing Web3Auth's Wallet-as-a-Service (WaaS) infrastructure, McDonald's seamlessly integrates non-custodial wallets into its mobile app, ensuring brand ownership throughout the user journey without typical Web3 friction points like gas fees and token purchases. This also eliminates the need for complex seed phrases for users, and reduces barriers to entry in the web3 ecosystem.
3. What is the major differentiation factor of Web3Auth as compared to Fireblocks, magic, Privy and some other players in the space?
The main differentiation lies in our approach to security and decentralization. Magic utilizes a semi-custodial system relying on Amazon Web Services’s Hardware Security Modules (HSM), while we offer a fully non-custodial MPC solution. This means that user keys are distributed across a network of nodes owned by the top firms in the crypto industry and users themselves, ensuring that there is no single point of failure.
In contrast, Privy, while using Shamir Secret Sharing (SSS) based key reconstruction, offers embedded wallets for users signing in with email or social accounts, which may not provide the same level of decentralization and user ownership.
Fireblocks has been a traditional custodial MPC player in the market for a while, and the focus has always been enterprise customers. For a general user, using Fireblocks is quite expensive and not easy to set up in a non-custodial setup. In contrast Web3Auth gives a wide range of SDKs for all levels of developers to be able to integrate their ideal setup, from a basic integration taking just a few minutes to advance integration possible with our open source architecture.
In addition to that, the dev resources, the clarity of the infrastructure is many times more advanced with Web3Auth, since almost all resources we offer are widely available and open source. You can exactly know how your key is being managed end to end, just by going through our documentation and resources.
4. What do you think will be the key drivers for widespread adoption by Web2 giants & enterprises?
Over the past few years, we’ve witnessed a significant shift in the narrative surrounding Web3.
The key drivers for widespread adoption are multifaceted, but at their core, they revolve around enhancing user experience, fostering community engagement, and unlocking new value creation paradigms. Our experiences working with Fortune 500 brands, such as Nissan and Fox.com, have illuminated the vast potential of Web3 to revolutionize loyalty programs and consumer engagement strategies.
Through our partnership with Masked Singer, we enabled fans to vote for their favorite performers, earn rewards, and access exclusive content and merchandise in the Maskverse that is immersive. This not only amplified audience engagement but also demonstrated the seamless integration of Web3 into familiar Web2 platforms. By abstracting away the complexity of blockchain, we're not only democratizing access to these technologies but also paving the way for their mainstream adoption.
These successful loyalty programs we’ve seen in the past serve as testament of the demand of such technologies, for instance Mcdonalds’ Singapore’s NFT launch was fully minted under 15 minutes. Moreover, the simplification and invisibility of interacting with blockchain - through innovations such as non-custodial wallets linked to social accounts and gasless transactions have made Web3 more accessible than ever before.
5. Web3Auth’s MPC wallet has different features including Account Abstraction, Identity verification, Factor Authentication etc. Given all these features, where does Web3Auth stand on the security parameters for users?
I believe in the principle of empowering users with self-sovereignty over their digital identities. This includes the capability for users to revoke their credentials and access rights at any moment.
When it comes to MPC, it helps you create a fully non custodial blockchain account for a user of any capability in a matter of minutes. Even the recoverability of the key is extremely easy with additional shares added with MFA options, helping people use the traditional web2 methods to onboard to web3. Account Abstraction on the other hand is a great way of on-chain key recovery and management.
However, it needs an EOA, which the MPC can provide in a familiar way for the user. Additionally, the key recovery in Account Abstraction is costly, and ideally should be used in case when there is no other option available. I believe that a combination of MPC and Account Abstraction is the most optimal and secure experience for onboarding the next billion users onto web3.
Other than the features you mentioned earlier, we’ll also be launching new products that incorporate advanced cryptographic technologies to allow for identity verification without compromising user’s personal information. These will ensure that users own their credentials directly, without reliance on centralized authorities.
6. What are the major developments in the pipeline for Web3Auth in 2024?
In 2024, we are focusing on several key developments to further enhance security and privacy in the Web3 ecosystem. We’ve just rolled out Wallet Services, a comprehensive, modular solution that simplifies wallet development, enabling the full user flow to happen within your dApp.
Now, enhancing on-chain user experience to be as seamless and intuitive as any web2 application is easier than ever, all while maintaining enterprise-grade security, self-custody, and customizability. These are some of the features:
-
White-labeling that any dApps can easily customize under 15 minutes,
-
An integrated on-ramp aggregator that reduces on-ramp transaction fees up to 60%, and
-
Pre-generated wallet API that allows dApps to engage, reward and retain users by airdropping digital assets directly to users’ email or social accounts bypassing traditional signups. Users gain instant ownership of the assets in their non-custodial wallets as soon as they log into the dApp.
As we navigate the evolving landscape of regulatory requirements, such as the Markets in Crypto-Assets Regulation (MiCA), we are committed to introducing a suite of new products tailored for both enterprises and startups this year. Our objective is clear: to establish Web3Auth as the leading framework for secure, human-centric, and privacy-preserving identity authentication that operates on a trustless and decentralized basis.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.