Wallets

The gateway to Web3

Web1 ↷ Web2 ↷ Web3

Web1: Read-Only (1990-2004)

In 1989, at CERN, Geneva, Tim Berners-Lee was busy developing the protocols that would become the World Wide Web. His idea? To create open, decentralized protocols that allowed information-sharing from anywhere on Earth.

The first inception of Berners-Lee's creation, now known as Web1, occurred roughly between 1990 to 2004. Web1 was mainly static websites owned by companies, and there was close to zero interaction between users - individuals seldom produced content - leading to it being known as the read-only web.

Web2: Read-Write (2004-now)

The Web2 period began in 2004 with the emergence of blog and social media platforms. Instead of a read-only, the web evolved to be read-write. Instead of companies providing content to users, they also began to provide platforms to share user-generated content and engage in user-to-user interactions.

As more people came online, a handful of top companies began to control a disproportionate amount of the traffic and value generated on the web. Web2 also birthed the advertising-driven revenue model. While users could create content, they didn't own it or benefit from its monetization.

Web3: Read-Write-Own (2014-now)

While the second iteration of the web relied on users to offer data which the host would reap the benefits of, the third iteration would transfer the benefits back to the users: the model becomes read-write-own.

In most cases, with Web2, you as a user had little to no control over your own data. Take these two examples:

1. You are a digital artist and you post your new artwork as an image on Instagram or as an NFT on SuperRare

2. You are a blog writer and you post your new article on Medium or as an NFT on Mirror

Furthermore, you never knew if the Web2 platforms you enjoyed using would stick around or significantly change their rules (the migration from Twitter to X is a good example).

At its core, Web3 uses blockchains, wallets, cryptocurrencies, NFTs, and DAOs to give power back to the users in the form of ownership.

Read more at Ethereum.org

The traditional banking model achieves a level of privacy by limiting access to information to the parties involved and the trusted third party.

However, the necessity to announce all blockchain transactions publicly precludes this method. In Web3, privacy can still be maintained by keeping identity pseudo-anonymous. As we will see, Web3 identity is shredded across multiple wallets and accounts.

Web3 has a trade-off between transparency (all data are public and visible by anyone) and privacy (users can decide when and with whom to share their data).

• Traditional wallets are physical — you keep them in your purse or pocket and they store credit cards, cash, your driver’s license, maybe even a photo of a loved one.

• Digital wallets like your phone’s wallet, while intangible, also hold a variety of objects: credit card information, digital cash, concert tickets, boarding passes, and more.

• Cryptographic wallets are a form of digital wallet designed for Web3. Crypto wallets are your gateway to Web3: they store users' public and private keys, while providing an easy-to-use interface to manage your blockchain assets (cryptocurrencies, Non-Fungible Tokens or NFTs, SoulBound Tokens or SBTs).

Contrary to popular belief, crypto wallets do not physically hold digital assets like the wallet in your pocket. Instead, they read the public ledger to show the balances in a user's addresses, as well as hold the private keys that enable the user to digitally sign transactions. So, the term "wallet" is somewhat of a misnomer, and "keyring" might be better.

Public vs. Private keys (Image from Crypto.com University)

1. An individual can have many wallets

2. A wallet can contain many accounts

3. Each account is a pair of private/public keys and is associated with an address

Blockchain address

An address is a alphanumeric string of characters derived from the public key of an account using a cryptographic hash function; it publicly identifies an account of a wallet and is used as the to and from endpoints in a transaction. Here's an example of an Ethereum address:

0xdBAb9585BB07278403284282073119cCA177b4c7

You can think your address (or your public key) as your bank account number (or your mail address), and your private key as the secret password to access your bank account (or the unique key to open your mail box).

Ethereum Name Service (ENS)

You can associate an Ethereum address to a more intelligible name using Ethereum Name Service or ENS for short. For instance, cubiclearn.eth, the ENS of the DAE project, is associated with the Ethereum address: 0xdBAb9585BB07278403284282073119cCA177b4c7

This is similar to the Domain Name System (DNS), which associates names to resources in the Internet identified by IP addresses.

When starting a (non-custodial) wallet, the user is asked to write down and safely store a list of 12/18/24 randomly generated words, known as a seed phrase, a cryptographic master password that you need to keep secret.

An example of a seed phrase is:

witch collapse practice feed shame open despair creek road again ice least

From this phrase, the user’s public and private keys of all accounts in the wallet can be generated. This acts as a backup or recovery mechanism in case the user loses access to their device.

Anyone with the seed phrase is able to gain full control of the funds held in that wallet. If the seed phrase is lost, the user also loses access to their funds. So it is imperative to keep the seed phrase in different secure locations. Do not save it on the cloud or in your computer or mobile, do not print it out at a public printer or send it on the Internet, do not take a picture of it.

Types of wallets

1. Hot wallets

   • Web-based wallets

     • Browser wallets

     • Browser extension wallets

   • Desktop wallets

   • Mobile wallets

2. Cold wallets

   • Hardware wallets

   • Paper wallets

3. Custodial and non-custodial wallets

4. Single-signature and multi-signature wallets

Hot vs. Cold wallets (Image from Crypto.com University)

Custodial vs. Non-custodial wallets (Image from Crypto.com University)

Finally, as for single-signature and multi-signature wallets:

• single-signature wallets require one private key to access the funds

• multi-signature wallets are a type of wallet for which at least two private keys are needed to sign a transaction. Imagine a secure locker with two locks and two keys held by two parties that can only be opened if both provide their keys, thus ensuring that one party is not able to open the box without the other party’s permission.

How to stay safe

Good safety practices are:

• if something sounds too good to be true, it probably is: be wary of someone that promises a lot in exchange for nothing or a few. They will probably just want to steal that few

• don't trust, verify (aka, do your own research): check personally every single bit of information without giving anything for granted; never do something just because someone told you to do it but always do your own investigations; do not delegate, be responsible of your security

• not your keys, not your coins: use a cold wallet to store the bulk of your funds as well as to sign important transactions

• put security first: save the seed phrase of your wallet on at least 3 cold storage media (like USB sticks, paper, engraved metal) and distribute them across different geographic places

• use dedicated devices: the computers and phones that you use to manage your cryptos should be used only for this purpose

• be prepared for the worst-case scenario: share with a trusted person how to recover you funds in case of death or loss of memory

Metamask and Kukai

• Metamask is a non-custodial browser-extension hot wallet for Ethereum and Ethereum compatible blockchains

• Kukai is a non-custodial Web-based hot wallet for the Tezos blockchain

Let's make a live demo of both wallets.

Buy crypto

There are two ways to buy cryptocurrencies in fiat money (such as euros or dollars):

Buy on an exchange

You can buy on a centralized exchange such as Binance or Coinbase:

1. create an account on the exchange

2. pass the know your customer (KYC) process

3. buy crypto using a credit cart (more expensive)

4. alternatively, make a bank transfer in fiat to the exchange and swap fiat with cryptocurrencies (suggested method since less expensive)

We stress that a wallet on an exchange is custodial. If you don't need the crypto for trading, we advice to transfer the coins to a non-custodial wallet.

Buy on a wallet

With both Metamask and Kukai you can directly buy crypto from the wallet, without using an exchange.

You can pay by credit card (more expensive) or bank transfer (less costly) using a third-party provider such as transak. If you use it for the first time, you need to pass a KYC process.

Buying crypto on a wallet is typically more expensive than on an exchange, but the advantage is that you don't need to transfer them from the exchange to your wallet, which might be costly.

Key Takeaways

1. contrary to popular belief, crypto wallets do not physically hold your tokens

2. instead, they store the public and private keys required to manage your assets and provide digital signatures that authorize each transaction

3. crypto wallets can be hot or cold, custodial or non-custodial

4. determining which crypto wallet is best depends entirely on individual needs

5. the is no customer support in crypto: if you lose the seed phrase of a non-custodial wallet you've lost all the associated digital assets

Play - Exchange Sepolia ETH with Metamask

1. group in pairs

2. connect your metamask to the Sepolia testnet

3. choose your account

4. (if necessary) get some Sepolia ETH (Alchemy / Infura, you can receive 0.5 ETH / 24h)

5. use Discord private message to exchange the address with your mate

6. add your mate's address to the contacts on Metamask

7. with metamask send each other the same amount of ETH. Before approving the transaction check the estimated fee and gas parameters (base/priority fees, gas price, gas limit, total fee)

8. when the transaction is validated, open it on etherscan and find the following parameters: value, transaction fee, gas price, gas limit and gas used by the transaction, base and priority fees)

9. open your account on etherscan and find the in and out transactions that you just made. Moreover, verify your account balance

Play - Create a Kukai wallet on Tezos

1. go to Kukai webpage

2. click on create new wallet (do not sign it with social)

3. reveal and back up your seed phrase by writing it on a piece of paper (do not save it on your computer). Number each word starting from 1. Later made 3 copies of the seed phrase and distribute them in different geographical places

4. verify your seed phrase

5. set a strong password and secure it

6. download your encrypted keystore file and secure it (you have to import it when you want to access your wallet)

7. access your wallet and copy your Tezos address

8. share your address on the course channel on Discord (I will gift you 1 XTZ; don't spend it, you are going to use in a future exercise)

9. log out from your wallet and log back in using either the seed phrase or the keystore file

Play - give a name to your address

1. connect Metamask to Sepolia testnet and select your DAE account

2. go to ENS

3. choose a name (ending in .eth) for your address

4. register the name for 3 years

5. optionally add information to your profile

6. sign both transactions

7. review your name