Published Mar 10, 2023
By Qredo Team
Julien Auchecorne, Chief Commercial Officer of Qredo, was in attendance speaking at the amazing WalletCon in Denver last week.
WalletCon Denver is a one-day conference dedicated to exploring theoretical questions and key innovations shaping the future of the blockchain wallet experience. The conference held its inaugural event this 1 March 2023 in Denver, Colorado. The thriving event featured events focused on security, identity, communications, and wallet UX.
A look at new tech through old tech’s battlegrounds
Julien spoke in a panel called "Browser Wars Reinvented: Security and Coordination Problems Faced by Wallets and dApps", an event hosted by Kyle Den Hartog, Brave wallet's CISO and a published expert on security standards.
Other guests on the panel included Weiwu Zhang, co-founder and CTO of Smart Token Labs, and Vanina Ivanova, CMO of Ambire Wallet.
What was covered in Browser Wars Reinvented?
Over the course of 45min, the panel discussed wallet-to-API interactions, ERC-1271, zero-knowledge proofs, account abstraction, secure self-custody, the responsibilities of dApps and wallets for the security of funds, fiduciary matters, dealing with malicious actors as well as the parallels with earlier technological developments in web browser technology.
If you'd like to watch the whole video of the panel, you can check it out right here, and we're glad to share some highlights from the event below.
Asked about competition and also collaboration with the wider blockchain ecosystem, Julien had this to say:
On [Account Abstraction], it's [actually] a great validation of the product that we've built, because [focusing on the end user] we do have all the features that you are describing. It goes back to this whole notion of sophisticated policy engines, allowing people to have a sophisticated way to manage their risk when it comes to actually getting assets out of their wallets. Both from a UX and security standpoint, by using MPC.
When asked about the state of the dApps ecosystem and new market opportunities, Julien had the following to suggest:
What we do observe is the current environment is quite oligopolistic. Some of the wallet providers are extremely dominant, and some dApps do siphon up most of the TVL. I think that's a natural occurrence. But where I think that the impact of AA and opening things up in this way could be positive in that, suddenly, things become more interoperable, and the movement of liquidity [between environments] is a bit more seamless. And then it actually opens up more areas of innovation and growth for more dApps and more wallets as well.
Speaking on the potential adoption of account abstraction in the wider blockchain economy in the year ahead, Julien offered this advice on the situation:
This is also the point at which I think we get a bit concerned, especially relative to the kind of maturity in the industry, about how robust the paths to implementation look.
Because, on one hand, it's awesome to have all that composability, but if there's no accepted standard or even a shared understanding of the DevOps process to actually produce security audits and upgrade smart contracts, then yes, it's awesome to unleash this creativity in the market, but it could actually lead to some bad outcomes. I think that if you look at what happened last year in DeFi, the soft targets in the market have often been at that level, poorly secured smart contracts.
Whilst sounding a note of caution on how fast and carefully we look to implement technological innovations, Julien nonetheless welcomed the depth of functionality that account abstraction could bring the market, also noting his overall optimism for the longer-term performance of the whole space:
I think that if you look ahead in 12 months, 18 months from now, and when we talk about standards, I think what we're really talking about is actually how people understand they need to operate to scale responsibly. Once I think that we've grown a bit more mature in that context, then I'm a permanent optimist about [what the industry can deliver.]
When pressed on whether he felt dApps or wallets were more responsible when hacks or attacks stealing funds occurred last year, this was Julien’s take:
If you look at the tax on the ecosystem that we've seen last year with all the hacks and wallet drainage, you could cut it in half 50-50, whether you could blame primarily a wallet or a dApp around what happened.
With dApps, it was more visible because you get a whole pool being drained. That's big numbers right away. You've got a whole community of users that are affected. With wallet drainage, it's different. But I would still say that with those two participants, the ecosystem is so tied at the hip that I think that any problem-solving effort should be really the focus of collaboration.
Asked how it was that Qredo helped control risk for its users, Julien had this to offer:
We [Qredo] have a policy engine. We provide the modularity to produce a set of conditions under which transactions can be signed off. The risk management toolkit is for anyone who actually wants to take their assets from a secure environment and deploy them into a risk environment.
That's where we focus our efforts. Let's give you the tools to actually do that in a way that is within your control.
Finally, the talk came around to how to guard against, and what degree of responsibility wallets or dApps must guard against malicious actors. Speaking on this nuanced subject, Julien’s closing remarks were as follows:
Policy engines limit that risk today. It's not just whitelisting; you can also pull the plug on wallets that are on assets that are exposed to those dApps. If there's any behavior that is identified as being suspicious, there is risk management there that actually would go a long way to addressing this.
Security in Web3: Qredo’s is a community-led solution
As Julien pointed out, wallet security in Web3 is a complex, fast-moving target. With new innovations come, unavoidably, new exploits and risks.
Staying ahead of this and offering leading solutions for self-custody and enhanced security on the blockchain is a mission that Qredo is leading the way on.
We will continue to research, develop and supply infrastructure to the wider blockchain community, which will help to make the space a healthier, more secure and more decentralized one.
Thanks for being part of what we do here at Qredo. We’re securing the future of blockchain, and we couldn’t do it without you.