{"id":13970,"date":"2022-09-16T22:40:08","date_gmt":"2022-09-16T22:40:08","guid":{"rendered":"https:\/\/nftandcrypto-news.com\/crypto\/wallets-like-metamask-need-to-become-more-user-friendly\/"},"modified":"2022-09-16T22:40:11","modified_gmt":"2022-09-16T22:40:11","slug":"wallets-like-metamask-need-to-become-more-user-friendly","status":"publish","type":"post","link":"https:\/\/nftandcrypto-news.com\/crypto\/wallets-like-metamask-need-to-become-more-user-friendly\/","title":{"rendered":"Wallets like MetaMask need to become more user-friendly"},"content":{"rendered":"
After Ethereum\u2019s long-awaited Merge, it\u2019s an ideal time to think about how we can also improve smart contracts. Essentially apps that run on blockchains, smart contracts are a vital component of our Web3 applications. But interacting with them remains quite dangerous, especially for non-developers. Many of the incidents where users lose their crypto assets are caused by buggy or malicious smart contracts.<\/p>\n
As a Web3 app developer, this is a challenge I think about often, especially as waves of new users keep onboarding into various blockchain applications. To fully trust a smart contract, a consumer needs to know exactly <\/em>what it\u2019s going to do when they make a transaction \u2014 because unlike in the Web2 world, there\u2019s no customer support hotline to call and recover funds if something goes wrong. But currently, it\u2019s nearly impossible to know if a smart contract is safe or trustworthy.<\/p>\n Related:\u00a0Liquid staking is key to interchain security<\/strong><\/em><\/p>\n One solution is to make wallets themselves smarter. For instance, what if wallets could tell us if a smart contract is safe to interact with? It\u2019s probably impossible to know that with 100% certainty, but wallets could, at minimum, aggregate and display a lot of the signals that developers already look for. This would make the process simpler and safer, especially for non-developers.<\/p>\n Here\u2019s a deeper look at the advantages and disadvantages of smart contracts, why they seem like the Wild West now, and how we might improve the UX for using them.<\/p>\n For developers, using a smart contract as the backend for their app has enormous potential. It also increases the potential for bugs and exploits. It\u2019s great that smart contracts can be created by developers without asking anybody for permission, but that can also expose users to considerable risk. We now have apps transacting hundreds of millions of dollars with no safety guarantees. As it stands, we simply have to trust that these apps are bug-free and do what they promise.<\/p>\n Many non-developers aren\u2019t even aware of the safety issues involved and don\u2019t take the appropriate precautions when interacting with blockchain-based apps. The average user might sign a transaction thinking it\u2019s going to do one thing, only to discover the smart contract does something else entirely. It\u2019s why malicious smart contracts are a primary attack vector for bad actors.<\/p>\n When a Web3 app makes a smart contract call, you don\u2019t know exactly what the transaction will do until you actually do it. Will it mint your nonfungible token (NFT), or will it send your money and tokens to a hacker? This unpredictability is true of any online application, of course, not just Web3 apps; predicting what code will do is very hard. But it\u2019s a bigger issue in the Web3 world since most of these apps are inherently high stakes (they\u2019re built for handling your money), and there\u2019s so little protection for consumers. <\/p>\n The App Store is largely safe due to Apple\u2019s review process, but that doesn\u2019t exist in Web3. If an iOS app starts stealing users\u2019 money, Apple will take it down right away to mitigate losses and revoke the account of its creator.<\/p>\n Related: <\/em><\/strong>Latin America is ready for crypto \u2014 Just integrate it with their payment systems<\/em><\/strong><\/p>\n Malicious smart contracts, on the other hand, can\u2019t be taken down by anybody<\/em>. There\u2019s also no way to recover stolen assets. If a malicious contract drains your wallet, you can\u2019t simply dispute the transaction with your credit card company. If the developer is anonymous, as is generally the case with malicious contracts, there often isn\u2019t even an option to take legal action.<\/p>\n From a developer\u2019s perspective, it is much better if the code for a smart contract is open source. Popular smart contracts do typically publish their source code \u2014 a huge improvement over Web2 apps. But even then, it\u2019s easy to miss what\u2019s really going on. It can also be very difficult to predict how the code will run in all scenarios. (Consider this long, scary Twitter thread<\/a> by an experienced developer who almost fell for a complex phishing scam, even after reading the contracts involved. Only upon a second closer inspection did he notice the exploit.)<\/p>\n Compounding these problems, people are often pressured to act quickly when interacting with smart contracts. Consider an NFT drop promoted by influencers: Consumers will be worried about the collection quickly selling out, so they\u2019ll often try to make a transaction as fast as they can, ignoring any red flags they might encounter along the way.<\/p>\n In short, the very same features that make smart contracts powerful for developers \u2014 such as permissionless publishing and programmable money \u2014 make them quite dangerous for consumers. <\/p>\n I don\u2019t think this system is fundamentally flawed. But there is a ton of opportunity for Web3 developers like me to provide better guardrails for consumers using wallets and smart contracts today.<\/p>\n In many ways, wallets like MetaMask feel like they were created for developers. They display a lot of deep technical details and blockchain minutiae that are useful when building apps.<\/p>\n The problem with that is that non-developers also use MetaMask \u2014 without understanding what everything means. Nobody expected Web3 to go mainstream so quickly, and wallets haven\u2019t quite caught up with the needs of their new user base.<\/p>\n Related: <\/em><\/strong>Learn from Celsius \u2014 Stop exchanges from seizing your money<\/em><\/strong><\/p>\n MetaMask has <\/em>already done a great job of rebranding the \u201cmnemonic phrase\u201d to \u201csecret phrase\u201d to prevent consumers from unwittingly sharing it with hackers. However, there\u2019s plenty more room for improvement. <\/p>\n Let\u2019s take a look at MetaMask\u2019s user interface (UI), followed by a couple of mock-ups I created outlining some potential improvements that could guide consumers into the \u201cpit of success.\u201d (By the way, MetaMask here serves as a reference since it\u2019s heavily used across the Web3 world, but these UI ideas should also apply to pretty much any wallet app.) Some of these design tweaks could be built today, while others might require technical advances on the smart contract side.<\/p>\n The image below displays what the current MetaMask smart contract transaction window looks like.<\/p>\nThe promise and peril of smart contracts<\/h2>\n
Why are smart contracts the Wild West?<\/h2>\n
The UX of wallets and smart contracts today<\/h2>\n