Clave's Solution: Re-imagining Wallet UX
Seamless UX, Enhanced Security, and the RIP-7212 Standard
Re-imagining the User Experience
In the world of Web3, creating user-friendly experiences for applications, including wallets and decentralized applications (dApps), continues to be a significant bottleneck for mass adoption. The stark difference in user experience between Web2 apps and Web3 technologies presents a major obstacle to their widespread adoption.
To address this challenge, Clave, a Smart Contract wallet application, has emerged. It improves the user experience and enhances security through advanced hardware-level protection leveraging Apple's Secure Enclave system, enabling users to interact with Ethereum without the need for seed phrases or private keys using their biometric data.
Clave’s main value proposition is based on research from Account Abstraction and Elliptic Curve Cryptography (ECC). Specifically, Rollup Improvement Proposal 7212 (RIP-7212) which introduces a pre-compiled contract for verifying signatures on the secp256r1 elliptic curve.
This allows any Ethereum Virtual Machine (EVM) compatible chain to easily integrate this contract which enables users to sign transactions using their biometric data.
Clave aims to bridge the gap between the satiability of Web2 UX and evolving Web3 by providing a seamless and secure onchain payments user experience.
Note: For more information on the technology and the importance of pseudorandom elliptic curves in ensuring a seamless user experience (UX) for crypto-native apps, please read this article.
—
Clave’s Technology: Enhancing User Experience
Clave is an onchain payment solution that incorporates Account Abstraction to enhance its functionalities. Its main objective is to provide users with a seamless Web3 payments solution while ensuring strong hardware-level security.
By leveraging the secure components found in everyday devices like phones, tablets, and select notebooks, Clave simplifies user onboarding by implementing biometric authentication.
—
Simplifying dApp's UX
While the greater Ethereum community focuses on onboarding the Next Billion users, it sometimes underestimates the learning curve that non-technical individuals encounter with decentralized applications.
These applications, often cumbersome and high-maintenance, pose greater security risks than their Web2 counterparts, like Venmo. Main challenges include securely managing non-custodial wallet keys and limited recovery options in case of key loss.
The prevailing view suggests that users should be sufficiently technical in order to take control and ownership of one's digital assets and data on the internet.
However, what if it were possible to match or even surpass the user experience of traditional payment apps without compromising data sovereignty? Enter Clave.
That is what Clave aims to do. When exploring the Clave beta app, the user interface immediately feels familiar, seamlessly combining the best features of apps like Venmo and MetaMask, and presenting them in a straightforward manner. Its design focuses on essential elements, avoiding the common Web3 issue of overwhelming the user.
—
How Clave Addresses Web3 UX Challenges
Clave’s approach involves the use of Secure Enclave and similar Trusted Execution Environment (TEE) technologies to enhance security. Secure Enclave is a hardware module in Apple iPhones that operates as an isolated processor, separate from the operating system, and runs immutable code.
The presence of a hardware component for secure password storage, separate from the core processor and requiring users' biometric information for access, is an elegant solution.
This innovative approach eliminates the need to store private keys or seed phrases, making the entire process more straightforward while still ensuring heightened security without compromising the user experience.
—
Road to Devconnect 2023
The initial concept for developing a smart contract wallet controlled via a Secure Enclave, originated during the ETH Global Hackathon in March 2023. After achieving finalist status, the team was inspired to further refine and expand upon this concept, leading to subsequent developmental efforts.
Since then, there has been a continuous evolution of smart contracts and libraries, supporting not only Secure Enclave but also all structures within Trusted Execution Environments (TTE). Clave, as the pioneering application utilizing the technology, made its debut on zkSync testnet at Devconnect Istanbul. The ultimate goal is to present a fully functional product accessible on Mainnet to a wider audience in the coming months.
—
Introducing RIP-7212
Ulaş Erdoğan and Doğan Alpaslan spearheaded the initiative, RIP-7212 (formerly known as EIP-7212), which aims to enhance Ethereum's user experience and security. Their innovative approach integrates Apple Secure Enclave's signature capabilities with Ethereum smart contracts.
This was partly inspired by the realization that Trusted Execution Environments (TTE) like Apple’s Touch/Face ID and Android Biometrics, including the Secure Enclave, predominantly use the NIST approved secp256r1 elliptic curve, a standard in nearly all devices.
The Secure Enclave is configured to support the secp256r1 elliptic curve, also known as prime256v1 or P-256, different from the secp256k1 curve used by Ethereum and Bitcoin.
To address this compatibility challenge, the team proposed EIP-7212, officially published in June on the Ethereum Magicians forum. This proposal aims to incorporate the secp256r1 elliptic curve into Ethereum as a precompile, creating a vital link between Web2 and Web3 technologies.
After extensive discussions, a consensus was reached on the EIP's specifications. Consequently, the decision was made to transition the EIP into a new standard, the Rollup Improvement Proposal (RIP), in light of the growing prevalence of passkey and Secure Enclave-based Account Abstraction wallets in Layer 2 solutions (L2s). This transition marks the first merged RIP.
—
EIP-7212 → RIP-7212
RIP-7212 addresses this difference by offering a cost-effective and secure verification method for the P256 curve, which is widely used in Web2 authentication systems such as biometric authentication, FIDO2, and Secure Enclave-based signers.
Clave, built on the RIP-7212 standard, generates a new key pair on the user's mobile device. The public key is then added to the smart wallet contract as an authorized key. Users can easily manage their wallets by using their biometric data for signing transactions on their devices.
This approach eliminates the requirement for users to comprehend and safeguard seed phrase structures, ensuring a faster and more secure onboarding experience into the blockchain world.
During the final all-core devs meeting of 2023, the precompile address was established as '0x100,' and the following two weeks were dedicated to finalizing the specifications. As we enter 2024, the finalization process is expected to remove any obstacles to integrating the precompile across all rollups.
It is worth noting the ongoing collaboration amongst EVMs like zkSync, Polygon, and Evmos, who have been diligently working on incorporating the precompile and have recently announced their intention to integrate it onto Mainnet.
—
Involvement with ENS DAO
On June 13th, 2023, Nick.eth, the Lead Developer of the Ethereum Name Service (ENS), requested that the ENS DAO Public Goods Working Group draft and publish a Request for Proposal (RFP) to have a secp256r1 precompile added to a future EVM hardfork.
Clave's team actively participated in discussions on the ENS DAO forum while preparing for and approaching the publication of EIP-7212. Ulaş Erdoğan shared their research, fostering support and collaboration within the community. Their engagement extended to interactions with the Public Goods Working Group.
According to Article III of the ENS DAO Constitution, the primary use of revenue generated for the ENS treasury is to ensure the long-term viability of ENS. Any surplus funds, considered non-essential for this main objective, are allocated by the DAO's governing body to support other public goods within the web3 ecosystem.
The Public Goods Working Group offers a Large Grants opportunity, awarding up to 50k USDC for Ethereum or Web3 Public Goods. This serves as a platform for foundational projects in these ecosystems to request substantial funding, based on their established value and significant impact on users and developers.
—
Rewarding Open Source Projects
The Public Goods Working Group rewarded Clave a 35k USDC from its Large Grants initiative. This initiative serves as a platform for foundational Public Goods projects within Web3 ecosystems to request substantial funding, based on their established value and significant impact on users and developers.
—
notDEVCON Participation
notDEVCON held significant importance for the Clave team. Organized by ITU Blockchain, Turkey's first university blockchain community established in 2018, the community has grown into a hub for active learning, teaching, and decentralized technology development over the years. During notDEVCON, Clave's team offered an in-depth perspective to participants on stage alongside other Public Good projects. The panel, moderated by the Q3/Q4 (2024) Public Goods Working Group Stewards, Vegayp.eth, Coltron.eth and Simona.eth, highlighted the invaluable support Clave has received from ENS DAO.
—
ENS DAO x Clave's Impact
ENS DAO have been instrumental for Clave's team, supporting EIP specification development and community outreach. With this support, Clave has not only crafted essential tools but also shared valuable resources, including informative materials aimed at enhancing understanding and adoption of the EIP and its applications within the Ethereum community.
Currently, Clave's focus is on developing user-friendly libraries and tools which aims to simplify the adoption of modules such as Secure Enclave and WebAuthn, significantly benefiting from the advancements brought by RIP-7212.
ENS DAO has played a vital role in enhancing Clave's community engagement, learning initiatives, and overall impact through technological innovation.
—
Current Focus and Achievements
As of the end of January 2024, Clave has made its smart contract stack open source under the GPL-3.0 license. Clave is currently working on compatibility with ERC-4337 and other Ethereum Virtual Machines (EVMs).
For security, Clave has partnered with Cantina to complete their first smart contract security audit. The audit report found no critical risks, and all minor risks have been addressed through a secondary review. Clave remains committed to open-source collaboration, user security, and the continuous improvement of account infrastructure for blockchain applications.
—
Conclusion
As Clave advances, its dedication to improving account infrastructure for blockchain applications remains paramount. Clave's audited versions on zkSync, compatibility with ERC-4337, and ongoing efforts to ensure smart contract security exemplify Clave's commitment to reliable and secure solutions. These principles not only drive Clave towards its goals but also significantly contribute to the broader development of Web3 technology.
The partnership with ENS DAO highlights the mutual contribution towards research and development in the blockchain field, exemplifying the potential impact of the Public Goods Working Group Large Grants initiative on foundational projects within the Ethereum and Web3 ecosystems.
—
About ENS DAO Grants
The Large Grants opportunity from the Public Goods Working Group awards up to 50k USDC to applicable Ethereum or Web3 Public Goods.
This grant aims to provide a pathway for foundational Public Goods in the Ethereum or Web3 ecosystems to request more significant funding from the Public Goods working group. Foundational Public Goods in the context of this grant have exceptional usefulness or an established record of making an impact for users or developers.
To learn more, visit the ENS DAO Forum and make sure to follow ENS DAO for notifications of when the next Large Grants opportunity will begin.
Last updated