On The Brink with Castle Island - Richard Meissner (Safe) on Account Abstraction Adoption and Barriers (EP.440)

Episode Date: July 26, 2023

In this episode, we hosted Richard Meissner, CTO of Safe, to illuminate the state of adoption of smart contract wallets following the roll out of ERC-4337 (an effort to standardize account abstraction... on Ethereum). Our conversation covers: The limitations of smart contract wallets in a multi-chain universe Account recovery and hybrid custody using traditional institutions Combining account abstraction with intents and AI Worldcoin's use of Safes and adoption of smart contract accounts Find additional content by Safe on account abstraction here.

Transcript
Discussion (0)
Starting point is 00:00:00 Hi everyone. This is Ria from Castle Island. This week, I had a conversation with Richard Meisner, CTO of SAFE, formerly known as NOSAFE, which is used to secure an enormous amount of ETH, USDA, and other assets for organizations and individuals. In this episode, Richard shares how SAFE has evolved and continues to evolve beyond being used as a multi-sig to creating tools and a broader ecosystem that makes it easy for developers to realize the full power of account abstraction and smart contract wallets, as well as contribute to the network that they're building. We also revisit the meaning of account abstraction progress since ERC 4337, which is a standard for account abstraction on Ethereum, and challenges that still impede widespread
Starting point is 00:01:00 adoption of smart contract wallets. So with that, here's my conversation with Richard. Everyone, welcome back to On the Brink with Castle Island. This is Ria. And today I'm joined by Richard, who is the CTO of SAFE, formerly known as NOSIS SAFE. Richard, thank you so much for joining us today. I'm very excited to have a conversation with you about account abstraction and the role that SAFE is playing in that whole conversation, an evolution of the crypto space. Happy to be here and happy to share or have some discussions around this, exchanging some knowledge and some sorts.
Starting point is 00:01:56 Well, maybe just to start, it would be great to get a quick background on yourself. What spurred you to join the crypto space? What were you doing prior to crypto? How long have you been at NOIS slash SAFE? And yeah, how has it evolved since you joined? That's a long story. It's going to be a long story. But I tried to make it short.
Starting point is 00:02:21 So actually, before I joined Gnosis, I was not in the crypto space. So it was Gnosis, actually, and primarily Stefan Giorga, who is the CTO of Gnosis, basically, that cut me to join the crypto space. Before I was a mobile developer and I was working in a smaller startup working on something. similar like TikTok just a couple years earlier. So completely different space. But yeah, then I think Stefan got me on board with Gnosis, my very fast fell in love with this open ecosystem that Ethereum is where you can look into all the different parts where it's a very active community.
Starting point is 00:02:59 And yeah, that was in 2017. So it was right after the token launch or token, the ICO from Gnosis. And at this point, actually, why? Stefan got me on board this because we wanted to have a mobile version of the Gnosis multisic at this point. It was not the SAFE at this point. It was the Gnosis multi-Sysic. And so yeah, that's how we started and then I started writing the first version of the SAFE contract. So got immediately in 2017 started with smart contracts evolving in the tech.
Starting point is 00:03:30 And it's also in 2017 we launched the first, like the first alpha version of the SAFE on the contract level with a simple mobile And yes, since then, I am responsible for most of the technical stuff around the SAFE. It has been evolving from a team that was Android-only two people towards being more full mobile and then into being a web app. And now we are a team from more than 60 people working on this project and where it's really the focus shifting from being an end user product to building an ecosystem around account abstraction and account-extruction tool in smart contract accounts. double clicking on account abstraction, smart contract wallets, it'd be helpful to kind of understand
Starting point is 00:04:19 how SAFE has evolved as the discussion around smart contract wallets and account abstraction has progressed. I think initially, historically, I have kind of used SAFE as a tool that is used in decentralized organizations for managing pools of capital with a group of people. I think that narrative around SAFE and what it can do is shifting from being just, obviously, a multi-sag for small groups of people and decentralized organizations to a tool that individuals can also really benefit from and leverage. And I think that kind of narrative has shifted as account abstractions, smart contract wallets have become more prevalent.
Starting point is 00:05:09 So actually maybe let's do a two-part discussion because I also want to just quickly level set and maybe help listeners understand what we are talking about when we say account abstraction and smart contract wallet. And then maybe we can move on to the discussion about how safe has evolved. Cool. So yeah. How would I summarize account obstruction and also. smart contract wallets. I think for us, like for the longest time when we look at blockchain, right, like it's this all or nothing approach when it comes to the asset management.
Starting point is 00:05:47 And so you have your private key and you have to like pay attention that you don't leak it and it's very hard to give others partial access to this point. And this is where actually on the Ethereum based networks or the serum was the first one, there are a lot of other blockchains by now that has this smart contract functionality where we can put this logic on to Shane and actually use this. then a contract to manage your assets, your identity or becoming your identity. And then it's not this one or like all or nothing approach. And actually with smart contracts, since they can interact also with other smart contracts, you can build a system where you can extend this very much. The challenge here is still that most of the blockchain is also in Ethereum, it's still expected that this initial interaction always comes from a private key.
Starting point is 00:06:35 So if you have a smart contract account like a safe, you still need a private key to trigger your identity through this to the smart contract account. And this is where account abstraction comes into play with. Basically says, hey, we should stop thinking about private keys. And also the blockchain should stop thinking about private keys. It should be as a smart contract account. And when it comes to paying fees or signing transaction,
Starting point is 00:06:59 we abstract this into this account. We just define some interfaces. And yeah, this. abstraction, so abstracting the account, that's account abstraction. And yeah, this is where also for us, we have been, like I believe it's a safe building the smart contract wallet was the longest and there we had different ways to try to mitigate this challenge of somebody needs a private key that has ether on it so that they can interact with a smart contract account. But yeah, also in the recent times they had been, like in the recent half a year, like there has been a lot of
Starting point is 00:07:35 movement around this, like how could this become more of a standard and not just separate teams, like Argent or SAFE trying to work around this issue. Got it. Would you say that maybe multi-SIG is one very, like one specific use case or benefit of account abstraction and maybe account abstraction makes it easier? and then maybe talk a little bit about some of the other benefits that are afforded to the space as a result of smart contract wallets becoming more standardized via account abstraction. Yes.
Starting point is 00:08:18 I would not say that multisigs are only possible with account abstraction. It's more like, I mean, you can have a smart contract account that is a multi-sig, as we have seen with the safe, without account abstraction. But when we look at the UX level, as mentioned, right, like normally as a user, and this is also why we started developing this actually. You are used to, from most of the web two worlds that you have, this two-factor authentication, right? Like, that this can be any simple setup, like these two keys can be your browser and your phone, but it's not that you both need this super, like, you're very flexible here. On the theorem, the problem is if you build a multi-sick, you're still like, you're like, you're still like, you. why you can have most of your funds all in your multisick account,
Starting point is 00:09:05 like a little bit of your funds need to be somewhere else so that you can still interact with this. And this is a U.R.X that is super annoying for a lot of users and where it's like building around of this, this is where account obstruction really improves your X a lot, right? Because then suddenly having account abstraction aligning as a system on how do we handle this abstracted account and smart contract accounts allows the tooling around this to really grow.
Starting point is 00:09:30 And this is where for us, it's safe, like fourth through seven, a very big benefit was that suddenly they communicated and you had like more discussions around this, how can we align on interacting with smart contract accounts and a lot of visibility was there. So this is where I would say, again, account obstruction, not necessary for all of these use cases, but they will make it a lot, like, they will benefit the ecosystem, make the ecosystem grow and therefore bring us more diversity towards the users of the UX is. better. When it comes to the use cases in general, that we can, or where we believe in why smart contract accounts are required, is that, I mean, I teased it before a little bit with this,
Starting point is 00:10:16 not having this all or nothing approach, right? And this is, beyond this, you want to have two-factor authentication for security. It's actually that for certain actions, you might not want to, like, you don't require to a FAA. Let's assume. One of the examples was that you want to have this flexibility to switch between stable coins. And actually the risk is very low when swapping between stable coins because most of the times they should be very similar value. But there are reasons where this would be very helpful. And here this is where you could say this can happen automatically, right? Like you want that there is some extra key or where you don't need your full-fledged security setup where you can happen automatically.
Starting point is 00:10:58 very much optimizing on your experience when you trade. This is a very specific DeFi example or very specific actually also for this stable coin arbitration, which is a very specific topic in DeFi. But like a more simple example is when we think about recovery. Recovery is this big topic. When we look at how Ledger also recently had the announcement, which is still recurring, where people lose their private key and then lose everything. And with smart contract accounts, you have the possibility to think a little bit outside of the box of just losing everything.
Starting point is 00:11:36 And so if you can say you, I mean, we see Argent where they say we have guardians. So they themselves or a dedicated guardian is allowed to recover yourself. So switch out the owners that have been defined. You can have time box where you say if you don't deny the recovery, it was in like a week somebody else. Like you can recover access to it. So you don't even need anything. Or you can even use custodies where you interact with, I think, Letcher, for example, uses what was the name, coin?
Starting point is 00:12:09 Coin cover. Where you could say coin cover can basically, it's like your custody provider for your safe and you can replace this without actually exposing any of the secrets. So having this recovery and being able to do this is quite powerful. Yeah, before you go into some of the other benefits, I want to ask a question around recovery and maybe the role that traditional financial institutions can play in helping, you know, more mainstream users manage their keys and their wallets. Do you envision a future where you have traditional financial institutions, whether they're banks or fintechs that hold a recovery key? that they can help, that they can use to help users in the case of, you know,
Starting point is 00:13:04 a forgotten password, a lost password, or a compromised account. Yes. The short answer is yes. The longer answer is a little more detailed. I think Lucas also at some point mentions this as this hybrid custody mode, right? Like we're actually with smart contract accounts and with also like still checking how we are interacting with these banks and other institutions, you have this way to provide a very flexible standard product in the sense of you can, a user could say they start out with, let's take
Starting point is 00:13:40 SAFE, it's a very complete example, with a SAFE that is created by a bank. And then they basically in the beginning just interact with the bank and just have the interface inside the bank. And at some point they say, but hey, I want to take more control, especially of my on-chain assets and then you switch into this hybrid mode where the bank is on the recover part, so the hybrid custody then, so where they can potentially monitor certain, like do security checks on your transaction that you trigger and that they can recover your account,
Starting point is 00:14:09 but you theoretically already are directly interacting with it, not through the bank interface, even going towards the way that you completely opt out of the bank and you have your smart contract account, which you can then even take to other interfaces and your eyes. I do believe that such a mode will be necessary if we aim for the next 1,000 people because we cannot assume that everybody sets up a metamask and has this as an owner of a safe.
Starting point is 00:14:34 I do believe there will always be such owners that use the lecture in metamask for this. It's just not the entry point, probably for the mass adoption. And yeah, this is also where for the safety, I think for us it's important, right? Like we cannot ignore the traditional finance sector in the existing world, right? Even so in some cases this might be easier, especially since regulations are shifting quite a lot and it's sometimes good and sometimes not so good for the crypto sector. But yeah, we believe that paying attention to it, trying to still build bridges also towards the traditional finance base and traditional banks and engaging with them, and therefore building
Starting point is 00:15:11 tooling with. And the users can use these bank as an entry point towards blockchain is very much required. Yeah. Sorry to interrupt your flow around some of the other benefits. So recovery is one big one, obviously, and just adding a lot more flexibility. around recovery and helping shift from this paradigm where all the onus is on the user to manage their keys and protect them from loss or theft and so on.
Starting point is 00:15:38 What are some of the other benefits? I think another very, or for us, very cool feature that people want to see is something around automation. I think a lot of users say we don't need this, but actually if you think about the current web two world, a lot of things are automatically happening. You set up your subscription and you automatically
Starting point is 00:15:55 pay every month's or $10 for, I don't know, your favorite video streaming platform. And this is just a very obvious example, but there's a lot of things where you do this. And just recently, I mean, one of the big topics is this intense, right, like where you say, hey, I want to just define what I want to have at the end and what I've said at the beginning, but also this involves automation, right, like where you automatically do certain transfers just to get the expected outcome of your intent. And having then smart contracts where you can extend them, theoretically allows you to potentially interact with your smart contract on an intent basis rather than saying what you want to have as a, like I said, raw transaction. And again,
Starting point is 00:16:35 also intense going further into this direction of fun new bus words, right, like when we think about AI and Shet GPT and these, all these models, it's also a way to say, if you take intense, combine them with the AI models and then plug them into a smart contract account, you can have a lot of very powerful concepts that are then accessible for a lot of users. And then you have to balance this out with a lot of the security aspects. And also there, smart contracts or accounts can bring this point where you say you can still perform checks on the transactions then being automatically generated for these intents. Plugging into the example of the banks again, right, like where they potentially could double
Starting point is 00:17:17 checks that these transactions are not malicious. Actually, our web interface has such a security check. when you trigger a transaction that tells you, is there security risk or not? Right. And so combining all of this is where really you get sense of full power of account-up's direction and you can start building also with smart contract accounts where you can start building tools that for the end user are very intuitive to use. Things are happening automatic.
Starting point is 00:17:43 You have a high level of security. Also you can adjust the security based on what you're doing. Are you just doing a swap for 10%? in euros are you trying to transfer all your assets, should have different means on this. And yeah, this flexibility is really where we see a big benefit. And I mean, all of these examples that I brought
Starting point is 00:18:04 are now where primarily targeted towards, like, individual users. But as you also mentioned yourself earlier, actually the initial use case that, one of the initial use cases was this multi-sig where actually teams started using this to manage their treasury. and this is also how Gnosis started with their multisic and what they used it for. And this even transitioned into DAUs, right? And also there we can see it that also these,
Starting point is 00:18:31 they want to have hierarchies, that certain things can be done or by certain subgroups for certain interactions. And all of this is possible with smart contracts where if you want to do this with private keys, you would have to have a very big shift. Where do you share these private keys? how do you separate your funds into all of these? So this power is really what we believe in, makes a wide adoption of smart contract. Well, it's necessary to really bring all the use cases that we use in a day-to-day life in Web 2, also to Web 3.
Starting point is 00:19:06 One thing that I want to double-click on is this concept of intense. That's a topic that we haven't really broached on the podcast yet. So maybe just taking a step back. Can you explain? what we mean when we say intense, how is it different from how we've kind of been, how users have been transacting and operating and expressing the desire to do something on chain historically? Yes, I will try to because I think intents are, at least currently not really used as a
Starting point is 00:19:44 keyword for smart contract accounts rather than the defy sector, right? And therefore I would also bring an example from there. So in the past, if you wanted to do a trade, like you specified the very concrete transaction, like if you go to Uniswop, you say, hey, I want to trade this token and want to get at least this amount of other token and do this against this contract,
Starting point is 00:20:07 and this is an exact route, so it's this token versus the other one, and with this deadline. And actually, this is quite complex because you need to know all these parameters. And actually, when we look, actually a very early version also of the Cow Swop team, which I think they started doing this quite earlier,
Starting point is 00:20:24 where you say, actually, the only thing that you as a user care about, you give a token and you get a token. And actually how the route is being done or what other exchanges are used under the hood, you don't care, right? So your intent is, I want to sell, yeah, I mean, Cousbop, I'm not sure if you're aware, was also part of the Gnosis team,
Starting point is 00:20:42 so there was in the past the workshop where they were explaining the fun stuff under the hood and they were using this example. You are on a market and you want to, you have apples and you want to have fish and how do you do this right like and normally you would have to find somebody who says hey i get i take your apples and i give you my fish but actually especially in a bigger marketplace this doesn't matter right like it might be that you first exchange your apple for peers and then go somebody else where you exchange the peers for
Starting point is 00:21:15 for the fish right like you have this ringtrip mechanism and and until for a long time people had understand all of this which is complex and you just want to go to the marketplace and say here this is what i want to i want to sell apples i want to give apples away and i want to get fish that's my intent i don't care how you do this i just want to go home with my fish and be happy and this is basically the intent and then we have intent engines that basically unzoic can handle this and if we take this then to to the wallets right like um you would go in the same way that you could even, there was a very interesting prototype at the East Tokyo Hacker's son where basically you could tell the ShetGTP connected that I want to have a yield on a
Starting point is 00:22:05 defy platform from X for this token and they're going to generate you this transaction that makes this happen. And this basically you just tell you the intent and then in the background you pull the different pool information that builds the different transactions, And also there with smart contract, well, let's you propose them into the queue and that you can be executed. So for the user, they don't have to think about the details. Yeah, yeah. I think that has the potential to be very powerful because, you know, historically the way that we've operated is you go to a specific application and you have to be very specific about what you want the transaction to do, right? But as the universe of applications and use cases grows, that just allows you to be more flexible as a user and not have to think as much about where to go and maybe even have guardrails as things evolve where you can say, you know, across these vetted contracts, these whitelisted contracts or vetted applications, you know, find me the best yield or get me the best price on this trade or get me the lowest price.
Starting point is 00:23:13 NFT in this collection across all of these different marketplaces. So yeah, I think that's really powerful. I was, I was listening to a talk that Umar Roy from Sikinct gave at DBA's Research Day. And she was talking a little bit about how you can leverage account abstraction and intense maybe in tandem to, especially also as the crypto space becomes more cross-chain and you have some level of fragmentation, or you have a significant fragmentation of applications that exist on L1 or across different L2s, what role do you think account abstraction could play in kind of leveling the playing field and simplifying some of this fragmentation and complexity as we move towards a more cross-chain world. And maybe what are some of the challenges in account abstraction even playing a role and
Starting point is 00:24:24 helping? Let's try to start from this. I also actually have a project which I know that tries to also work on this or support this content-like basis. So I think the challenges with account abstraction is and when it comes to cross-shane and multi-chain, right? Like it's a limited, that smart contracts account very much depend on the implementation and the current state of one chain, right? So your smart contract account is a very, like a small program with the internal state on a specific chain. And this model is very hard for users to grasp because current blockchain users are used to this model. I have my private key. that generates a public key, which defines my address.
Starting point is 00:25:12 And this address is the same across all of the Ethereum networks, because they use the same cryptographic curves, all the same logic. And this becomes very hard with smart contract accounts because there's a lot more involved than just deriving a public key. And this is where then the first challenge starts, where we always thinking,
Starting point is 00:25:32 okay, how do we get the same address across all networks? Do we want to have the same address on our networks? We are like, if you look at, for example, Starknet or also ZK Sync, they are not one another, like, Starknet is not an eBM network and ZKSync is also not like a network where the bytecode is not the same, so you cannot get the same addresses. It's impossible. So, yeah, this is a challenge where it's very hard for us, where we, how to think about this, that it's not possible to have the same address. And even if you have the same address, there is something we call state. like this is a smart contract account where you have an owner defined, but if you recover your account on main net 2 in your owner, it doesn't mean that it's recovered on Polygon or Evalanche or Noses Shane or anything. They are still the old owner. So you suddenly have two wallets that are owned by different people, which is the same address. And in these challenges, like to overcome them, that's a question, okay, how do these contracts behave across chain? They're one of
Starting point is 00:26:36 of the proposals actually that we have been also discussing with Vitalec and also with Martin from Gnosis. What's this where you say you have this Beacon account or main account? I think Vitali called it in his blog post a key store where you say this exists on one chain and all the other chains just through zero knowledge proofs and bridges can access the state and therefore as long as you update your key store you can access in all states. And I think this is a very interesting idea. It's something that we also have to look into how to do this because zero knowledge proofs again such a password that everyone can solve all our problems. That seems this is really true. But yeah, and abstracting this again a way, how do you make this accessible to the user,
Starting point is 00:27:19 like how do you explain it to the user? This will become hard. And there I think especially this whole intent based and also using an additional layer that can process these, it's, Intense into transaction or multiple chains potentially. I think this will be something that we have to look into. It should be part of our tooling building on top of this. There was, I think, the Anomar team, which is already doing something like this. And there, I think, Intense will provide a form of abstraction towards the user. So we will have different levels of abstraction where account abstraction is actually on a very low level, technical level.
Starting point is 00:28:01 and it's probably more interesting for the developers than it's actually to the end user. And then we have to use something like intense and even basically on top of intense, potentially something like AI, which basically generates meaningful and tense to bring a user experience where we say, hey, this is basically day-to-day usage.
Starting point is 00:28:21 On the topic of challenges, maybe just taking a step back since ERC 4337 was rolled out, that has made it significantly easier to create and leverage smart contract wallets. What are still some of the challenges that you're facing as you're building safes, tooling around account abstraction and smart contract wallets that even today kind of make it challenging to further adoption of smart contract wallets. Yes.
Starting point is 00:29:05 I think for this, it's important to understand what we really got out of 4337 is really this fee payment, right? So 437 generated a standard for how do we pay for fees? Like, how do we handle this problem that I mentioned earlier, that you need an account that's the pay support as a transaction. And therefore, 37 generated a standard where you can plug into it. solve like you as a developer don't have to worry about this problem. In the past, this is also very commonly referred to as re-layers
Starting point is 00:29:34 and there are quite some other projects where false three seven aims for to be the most decentralized version and being a stepping stone to have this as part of the protocol. That being said, as it is this really much this on-chain component of the common searching. How do you pay a fee? Therefore, for the one thing that it for us doesn't solve is, what happens offsham. And when we think about depth,
Starting point is 00:30:00 actually a lot of debts have this notion where you sign messages, right? Like you want to sign a specific action. And then this is validated of shame that you can interact with the protocol. OpenC, for example, uses this for login
Starting point is 00:30:17 and also to, that you can authorize certain traits. Kausphob does the same one inch two for the fusion, right? Like they use this. signatures. But most of these tools still think these signatures are primarily generated by private public keepers. And it's nice if you off, on-chain has this account restriction for fee payment. It doesn't have all of this moves towards the signature-based depths, which is necessary as much of the value and the gas fees increased. We want to have more stuff happening in off-shane.
Starting point is 00:30:48 But this one doesn't consider the smart contract account. So this is really moving this off-shane It's very important, like this, we're thinking about the offshshing component of smart contract accounts. It's very important for us and actually the examples that I mentioned, especially cowswap, and also one that they actually do consider smart contract wallets. There is EIP 1271, which has been around for quite some time, which exactly tackles this problem. And beyond this, we also see that even with 437, and that when you go into smart contract wallets, for the people that try to understand what actually happens with your smart contract wallet, that's not easy. If you use a smart contract wallet, it's not as simple as going to ESAS scan and you see what happens.
Starting point is 00:31:32 Because suddenly this transaction is not initiated by your account because it's an internal transaction how it's being called. So you need to have some more technical knowledge. This also means that some tooling, how you retrieve the state, how you try to monitor changes, which has been around for a while and also are present in libraries like Esers or with 3JS don't work one to one the same way. And this is basically a developer education that also needs to happen
Starting point is 00:32:02 and we also need to generate the relevant tools. Like how can you keep track of state changes? How can you get a list of transactions which before it was super trivial? You can go to ESS get and ask me all the transaction for a specific account. It doesn't work this way. where the smart contract comes.
Starting point is 00:32:20 So yes, to summarize, it's a little bit this off-shane signature part, but also this tooling part that for us are still big challenges to really say, okay, now we are ready that everybody can participate in this. Maybe just taking a step back and it'd be great to talk a little bit more specifically about SAFE and the role that SAFE is playing in furthering the adoption of smart contract wallets and account abstraction. Could you talk a little bit about that? And, and yeah, maybe just revisit the conversation that we started having around, you know, safe pre-4337 and safe post-4337.
Starting point is 00:33:01 Or maybe that's not even like the right way to think about it. But, you know, as account abstraction has become more standardized, how has, what exactly is safe doing in the space? Yes. So what is safe doing in the space, right? Like for us, as mentioned before, we try to shift away from the point where we say we only want to be an end user product where we focus on ourselves. We rather want to provide like this middleware or this base framework where you can build on top of all of the, like to leverage all of the account obstruction. And I think we are also participating in quite a lot of initiatives when it comes to these modular accounts where we say these are required for like, for all the solutions around recovery
Starting point is 00:33:47 and what we talked about before. I think this is where for us, one of the big parts is that we generate an ecosystem that can participate also at the governance around this. This is what we set up as a safe DAO, but this is more targeted towards a safe ecosystem. And generally we want to provide something that can be used by all of the ecosystem,
Starting point is 00:34:10 by debt developers that make it easier to integrate this system. This is where currently a big focus for us, like really creating educational material. I think there's a lot of teams that are currently focusing on this. We try to stipulate new projects building on top of a counter distraction. We try to utilize our connections also to depths to make sure that they become more smart contract friendly to leverage the problem that we had before. And one of our biggest fokey is still this topic around security, right?
Starting point is 00:34:41 So where we are working together with companies like Chittorra also to work on formal verification again of our core contracts, but also thinking about how can formal verification play a role for the general modularized smart contract account framework, but also creating standards where we can engage with auditors that should audit most of these components to provide security to the user. So the security aspect is very important for us. that's one of our highest values, it has been for a long time. We feel like we need to generate a system that brings this security also so that the users can leverage the security. Only then you can really take advantage of the full power of smart contract accounts where for the most part, it's when we talk about smart contract accounts, it always says smart contract risk that people also mention with it.
Starting point is 00:35:36 So yeah, this is where for us it's really like, okay, empowering the ecosystem. system and to focus more on the solving the use cases, not always having to rebuild the core. This is where we really want to step up the game a little bit. On this topic of building an ecosystem, you know, one, I guess, concept that I've seen mentioned by SAFE is this concept of SAFE modules. Could you talk a little bit more about that? What modules have you maybe developed yourselves internally and then how are you, thinking about maybe making it possible for other developers to come in and build modules that
Starting point is 00:36:17 people, apps can use as they kind of leverage your SDK? Yes. So modules have been around since the first version of smart contracts and the idea behind modules is that you can extend the functionality of your smart contract accounts. How is access to your account check? So one of the examples or one of the modules that we built and actually use also in our interface is this allowance module where you basically can say up to a specific limit somebody some sort of some keys that you specify some address actually can execute a transaction so this allows use cases where you say hey for large transfers you still need your full security setup
Starting point is 00:37:00 but you could theoretically white list your your account on your mobile phone that you can do smaller transfer on the go There are a couple of teams that do very more sophisticated setups, especially when it comes to defy to have automatic trading, and also similar to the use case that I mentioned with the stable coins, but just we're more complex because they say, you can define strategies under which we should do automatic trades, and then you can and then weep execute these trades in the name of your wallet. There was also the gelato team that had basically their whole task and automation engine was also available as a module, so that you can say under certain conditions execute a certain other transaction or do it recurring and then it would also be executed via the safe.
Starting point is 00:37:48 And the last example which is that I wanted to give is this when it comes to DAO's right, like we actually have this module where you can give the control over your account or the safe account that it's voted on via snapshot and then you connect your snapshot space where you have the DAO voting towards your account. So this flexibility to enable all these use cases, this is where we see the modules. And modules were always open for anybody to use, but it was the challenge that since they are so powerful, there comes a lot of risk with it. If you want to, if you write a module and the module is malicious, it can basically do everything with your funds in your account, whatever they want. So the challenge that we are working on, and this is where a lot of our focus is currently on is like how can we provide the security. So to keep it modularized for everybody can participate in this and can contribute to this. But we have some checks and balances so that we can we say, okay, this module is not malicious.
Starting point is 00:38:50 Authorized. Yeah. It's again, it's coming back to this where utilizing our networks, we have been talking to different auditors. We have talking to Chatora, what are like setups we can do. We're also talking with heads finance around bug bounties, how you can integrate these. So a lot of the security aspects will coordinate around this. And it's one of the things where we will be, which is currently one of our biggest focus points to work on. I want to talk a little bit about adoption since, adoption of smart contract wallets since ERC 4337 has been rolled out.
Starting point is 00:39:30 And, you know, you have the standardization that you didn't have before. what has the uptake been like? What are maybe, and maybe some specific examples. You know, I think before we started recording, we were talking about WorldCoin and the discovery that, you know, a number of safes are being deployed on optimism. People didn't know what it was until WorldCoin kind of came out and said, hey, we're creating, we're the ones that are that are launching all of these safes on optimism. I think also as far back as last November, they were starting to deploy safes on Polygon as well. So that's, you know, one very clear and I think major indication that smart contract wallets are starting to be widely adopted.
Starting point is 00:40:25 It would be great to hear your general thoughts about adoption. Yes. Let's start with WorldCon. I think WorldCorn is a very nice use case and it, as you said, it drives a lot of, like this migration just showed how many safes are related to WorldCorp. And it's actually also showcase how you can really use smart contracts to have this alternative or the certification method where it's not your private key to connect to your account. When it comes to adoption, we really have to see, I think I would be, I would look at it a little differently when it comes to the World Coin case because it is one protocol. We would want that it's multiple protocols.
Starting point is 00:41:10 We have to also see how they approach their adoption is that when we look actually how many of these WorldCoy saves are actively used on a day-to-day basis. It's not on the level where we would say, okay, this is a breakthrough. It's still a very important and very good first steps that we see a theoretically. A lot of people now have a smart contract account associated to them. The general adoption, I think one of the things that we recently looked at is really the ratio of, okay, how many funds are locked versus how many users are like using a smart contract account. And you can actually see that a very high amount of funds are locked in saves or general smart contract accounts, but specifically saves actually. Why, if you look how like I think of the total value, it's like actually comes to more than a percent of the total crypto value is locked and safe. So this is a large amount.
Starting point is 00:42:04 But if you look at how many of the active accounts are saves, that's way below percent, way below 0.1 percent or something like. So we see this imbalance where it's like, okay, they are still seen as this tool to maximize some security, not on maximizing on UX. And I don't think this has been solved by 437, to be honest. brought a lot of visibility here. And I think this is really what I personally maximise on for fourth 337, which I really value. That there has been a lot of visibility, a lot of community activity around it.
Starting point is 00:42:44 But if you look at the adoption, it has not fundamentally changed yet house adoption of smart contract accounts. So I like to say that 437 gave us the opportunity to set a good starting point, but it is only a starting point. not, 437 didn't solve adoption. Fourth 37 didn't solve all the economic section problems. It gave us a good starting point where we can build on top of as a community and move forward and make the adoption happen, basically.
Starting point is 00:43:13 What is moving forward look like from here? You know, how do you start to have a conversation about what needs to be done in order to help people transition from thinking about smart contract wallets as a tool to. to maximize security to a tool that has the potential to significantly improve UX onboarding and security for individuals in a different way? That's a very good question. I think knowing this would make a lot of things easier in my day-to-day work life. So I think there are many parts involved in this, right?
Starting point is 00:44:01 So the first thing is that we really have to see that which debts are relevant and how can we also make them leverage account abstraction. And leveraging account abstraction goes to the level where you say the users should not have to think about that it is actually a smart contract account. And I think in the traditional DFI K, not traditional, in the OG Ethereum DFI space, this is not Like there you will not have the biggest impact on this regard. It's actually when you look at NFTs and when you see how certain stores around NFTs for different purposes came up as I actually really enjoyed DefCon and Prague so quite a while ago where you had a lot of these events where using kickback and on chain mechanisms to have like these tickets right like and died down for a while but now with more NFT adoption I think this is coming back and there you want to have a count abstraction that users but you should not think about the account. Like this is we partnered,
Starting point is 00:45:05 we have an integration with Web3 where you can basically use your social login to get a smart contract account, but you don't know that you have this account. And making this something that is a standard, right? People should not have to think about creating a Metamask account. You should think about,
Starting point is 00:45:21 I log in with my, as a start, I log in with my Gmail account or my Apple account. Yes, not perfect in a decentralized way, but it's a good starting point. And then we can generate adoption. And additional to this, we should take this opportunity of this whole multi-shane universe that is spinning up. We have more and more L2 spinning up.
Starting point is 00:45:43 Optimism, Z K-Sing, Evalanche, they all want to build this super chain where they have a lot of roll-ups going to their chain and then rolling up to main net. And also there we need to leverage, like, I think solving there, making sure that this is a good smart contract account experience will leverage. We will empower a lot of the users because then it should allow you to benefit there directly from the UX benefits, but also the big advantage is it's a clean state, right? Like it's not with all the legacy or original ideas from a serum which have evolved over time, which make it to some extent slow because we cannot just plug in native account abstraction on the zero minutes. There too many things to consider, but actually these L3 shades kind of, right, like there we have this opportunity. So this is for me moving forward that we take advantage of these new developments,
Starting point is 00:46:33 trying to plug in account abstraction quite early there. Also the safe team actually talking to quite a lot of the different teams there, and trying to think about how can we best support this. It's actually also a challenge for 4337. The idea would be how can you get the entry point present on all of these chains, right? This is non-trivial. And yeah, this is, once we have all of this, then I think we are at a point where we can see adoption picking up very significantly,
Starting point is 00:47:06 not just on a funds-locked case, but really on this, having this as a daily active usage case. In that world, you know, how, what does SAFE's evolution in the space look like? And I guess, how are you thinking about the role that SAFE, plays in this in this evolution over the next few months, years, and so on? I think for us, there are two parts that are very important. One part is this, what I mentioned, with the security. So building an ecosystem where we have these modularized components being easy to combine
Starting point is 00:47:55 and plug them into a standard is very important. This is what we thrived towards with the original version of the SAFE. It's actually also quite an important topic from a couple other teams that we're also interacting with. There's ERC 6900 which goes into this direction. We have also our own proposals in this direction. So maximizing on this is definitely something where we're going to focus on in the next couple months. And the other part is really where we have to maximize on this cross-shane component.
Starting point is 00:48:31 And this is where the safe, this vision from Vita Lik, where you have like a key store, and this key store could be or should be in our opinion. Then having all the other L3, L2, whatever accounts being linked to this safe would be something that for us is something that we have been ideating on two. It's just how do we put this together is non-trivial. And also there are different trust essentially because it's still in wolf bridges.
Starting point is 00:49:02 Zero knowledge is not the magic bullet. It's also something that empowers a lot of things, but also the setup and how you go with it is quite important. And yeah, for all of this you have to build tooling so that developers actually can use it. So this is really for us on a high level two of the focus points that we're working on, which connects to different initiatives that we then try to push forward. That's great. Yeah, as the last question, where can people, you know, follow along with what safe is building? How can they get involved? How can they follow you and what, you know, what you're specifically doing? Yeah, tell us a little bit about how they can stay connected.
Starting point is 00:49:48 So the easiest way is Twitter actually, as always, or as often, not always. So there's it's safe on Twitter where you regularly push updates, where we, we, keep you informed about the latest development, also when it comes to our blog post and what is happening on our forum. If you want to really actively participate in all these discussions, we very much are open source, all of our codes open source, go to our GitHub, participate in our forum. I said most of the changes there will be also published on our Twitter again.
Starting point is 00:50:18 And if you have questions towards the developers, you can join us our Discord. These are more the interactive channels, where we also, if you have questions to us, all of these channels will respond normally. If you just want to read up yourself, we have Save. Dot Global as our web page, which also links to our docs, which are docs.
Starting point is 00:50:36 .45, where you can read up how you can utilize our text tag. If you want to follow me on Twitter, it's R-I-Misner, R-I-S-N-E-R, too complicated. But yeah, you can find me on Twitter for this one. I guess for me personally, the focus is more really around the security aspect and to the general adoption of the kind of restriction. That's great. Thank you so much, Richard, for coming on and having a really honest discussion about where we stand today. I think there are a lot of topics that you brought up in this conversation that I definitely want to explore in future episodes, especially, you know, this concept of intent. an AI and account abstraction and then also just, you know, having a more honest conversation
Starting point is 00:51:33 about the barriers to adoption and what we really need to get from where we are today to a universe where everyone has a smart contract account and a lot of the barriers around having to think about what you're doing when you're participating on chain are just abstracted. away to a greater extent. Thank you very much to you too. It was a pleasure to be on the call.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.