Author: Shijun
1. Introduction
In the blink of an eye, I have been working in the wallet sector for four years.
Many people believe that the wallet sector will be solidified by 2025, but that is not the case—it is currently undergoing significant changes. This year:
- Coinbase has launched a new CDP wallet, built on TEE technology.
- Binance's MPC wallet has introduced key sharding custody in a TEE environment.
- Bitget just released a social login feature last week, managed by TEE.
- OKX Wallet has launched a TEE-based smart account feature.
- MetaMask and Phantom have introduced social login, which essentially involves key sharding and encrypted storage.
Although there haven't been any standout new players this year, existing players have undergone tremendous changes in ecological positioning and underlying technical architecture.
This transformation stems from drastic changes in the upstream ecosystem.
As BTC and the inscription ecosystem have receded, many wallets are beginning to reposition themselves as "gateways" to new emerging sectors such as Perps (perpetual contracts), RWA (real-world assets), and CeDeFi (a combination of centralized and decentralized finance).
This shift has been brewing for years.
Follow this article as we delve into the flowers blooming in the shadows and their impact on future users.
2. A Review of the Development Stages of Wallets
Wallets are a rare necessity in the blockchain industry and are among the first entry-level applications to break the ten million user mark, aside from public chains.
2.1 First Stage: Single Chain Era (2009-2022)
In the early days of the industry (2009-2017), wallets were extremely difficult to use, often requiring local node operation. We will skip this phase.
As usability improved, self-custody became the preferred choice—after all, in a decentralized world, "default distrust" is the foundation of survival. Well-known products like MetaMask, Phantom, Trust Wallet, and OKX Wallet emerged as leaders during this period.
From 2017 to 2022, the market experienced an explosion of public chains/L2. Although most chains still used Ethereum's EVM architecture, creating a compatible tool was sufficient to meet demand.
During this period, the core positioning of wallets was as "good tools." While there were commercial prospects for traffic gateways and DEX gateways, security, usability, and stability were the primary requirements.
However, from 2023 to 2025, the situation changed.
Heterogeneous public chains like Solana, Aptos, and BTC (during the inscription period) have completely captured the user market. Although Sui itself has developed well, large funds have hesitated due to the drawbacks of excessive centralization following hacking incidents.
Driven by the financing era of "fat protocols, thin applications," although VCs have seen limited returns, the market landscape is indeed changing.
Second Stage: Multi-Chain Era (2022-2024)
In the face of a multi-chain landscape, even established players like MetaMask have had to transform, beginning to support Solana, BTC, and others. Leading players like OKX Wallet and Phantom have early on achieved multi-chain compatible architectures.
The core indicator of whether a wallet is multi-chain compatible is how many chains it supports and where transactions are initiated from—this indicates that the backend is handling a significant amount of work, while the client is only responsible for signing. From the user's perspective, it is whether they need to find RPC nodes themselves to use the wallet.
Today, multi-chain compatibility has almost become standard. Long-term adherence to a single chain can easily become unsustainable, as the hotspots of chains are constantly changing.
A typical case is the Keplr wallet, which focuses on the Cosmos ecosystem, but this sector has never really taken off. Many application chains quickly built on Cosmos have gradually fallen silent after launch. As the barriers to building EVM L2 become lower, the situation for single-chain wallets may ease, but the upper limit is still there.
Once the basic tools are sufficiently user-friendly, users begin to awaken their commercial needs within wallets!
True asset owners not only need to custody their assets but also actively drive them—seeking the best yield opportunities and choosing interaction partners. However, users are also tormented by the complexity of interactions with various DApps and must constantly guard against phishing sites.
If that’s the case, why not directly use the built-in features of the wallet?
Business Competition Branching Period
The competition focus among wallets has shifted to the business level, with typical examples being DEX aggregation and cross-chain bridge aggregation. Although Coinbase has explored integrating social features, this demand has proven to be a pseudo-need and has remained lukewarm.
Returning to the necessity, users need to complete multi-chain asset transfers through a single wallet entry. At this point, coverage, speed, and slippage become core competitive points.
The DEX field can further extend to derivatives trading: RWA (such as tokenized stocks), Perps (perpetual contracts), and prediction markets (which will be hot in the second half of 2025, especially with the World Cup in 2026).
Parallel to DEX is the demand for DeFi yields.
After all, on-chain APY will be higher than traditional finance:
Coin-based strategy: ETH staking yields about 4% APY, Solana staking + MEV yields about 8% APY (details can be found in the extensive report: The Evolution of MEV on Solana and Its Pros and Cons). More aggressive users can participate in liquidity pools (LP) and cross-chain bridge LPs (details can be found in: Super Intermediary or Business Genius? A Look at LayerZero's Journey from V1 to V2).
Stablecoin strategy: Although yields are relatively lower, combining cyclical leverage operations can enhance APY.
Thus, by this year (2025), at the peak of business competition, wallet infrastructure is once again undergoing upgrades.
The reason is that the aforementioned transactions are too complex—not only the complexity of transaction structures but also the complexity of transaction lifecycles.
To achieve truly high yields, automated trading must be integrated: dynamic rebalancing, timed limit orders (rather than just supporting market orders), dollar-cost averaging, stop-loss, and other advanced features.
However, these features cannot be realized in a purely self-custody era.
So, should it be "security first" or "profit first"? In fact, it is not a difficult question, as the market inherently has different needs.
Just like during the heyday of Telegram Bots, many players handed over their private keys in exchange for automated trading opportunities—"If you're afraid, don't play; if you play, don't be afraid" is a high-risk model. In contrast, large service providers must consider brand and reputation when creating wallets.
Is there a solution that can securely custody private keys while also relatively ensuring that service providers do not run away?
Of course! This brings us to this year's upgrade in underlying custody technology.
3. Upgrade of Custody Underlying Technology
Returning to the earlier mention of the industry's underlying technology upgrade, let’s analyze them one by one.
Farewell to the Completely Self-Custody Era
First, the actions of pure wallet manufacturers like MetaMask and Phantom are relatively lightweight; they are more experience-driven, as social login only addresses user needs for cross-device access and recovery, rather than fully entering specific application layer sectors.
However, their transformation marks a certain farewell to the completely self-custody era.
Self-custody has varying degrees, but no one can truly define what is complete and what is incomplete.
First, self-custody means that a user's private key can only be stored on the user's device. However, this has already posed many problems in the past.
If the locally encrypted stored private key is compromised, there is a possibility of being cracked, with the strength relying on the user's password.
When synchronizing across devices or backing up, it must be copied out, making the operating system's clipboard permissions a critical vulnerability.
I vividly remember a wallet manufacturer that set the copy private key page to only paste the first part by default, requiring users to manually input the remaining digits, which led to a 90% drop in reported private key theft cases during that time. Later, hackers learned from this, and the remaining digits were also brute-forced, leading to a new phase of confrontation.
After the Ethereum Prague upgrade, due to the high permissions of 7702, signatures became very obscure, even having special implications for the entire chain, which triggered high phishing risks like permit 2.
Thus, the issue of self-custody fundamentally lies in the fact that users cannot easily adapt to fully controlling their assets in this industry context.
After all, if the private key is with the user, that’s naturally fine. However, if an encrypted copy of the private key is kept on the server to prevent the complete loss of assets due to the user's local device being lost, can this still be considered self-custody?
MetaMask and Phantom's answer is yes, but they also need to prevent malicious actions from service providers.
Let’s first discuss MetaMask.
Their approach is straightforward: users must log in with an email and set a password. The combination of these two forms something called TOPRF (Threshold Oblivious Pseudorandom Function), which is used to encrypt the user's private key, and the encrypted private key can naturally be backed up.
Then, this TOPRF is distributed in shards through a typical SSS (Shamir Secret Sharing) algorithm. These social login service providers will obtain the encrypted data through social verification and must combine it with the user's password to fully decrypt it.
Thus, the security risk is not entirely absent; after all, weak passwords and email theft also pose risks, and if users forget their passwords, they naturally cannot recover. However, the benefit is that it is more convenient, and the experience is basically consistent with Web2.
Now looking at Phantom.
From the diagram, the overall architecture is somewhat more complex, but essentially it still involves backend storage of encrypted private keys, with shard management used for encryption and decryption keys.
The difference from MetaMask is that the key used for encryption is divided into two parts, with one part stored with another service provider called JuiceBox, requiring both social login and a PIN (4 digits) to use its shard.
Overall, as long as the user's email is not stolen and they do not forget their PIN, they can recover at any time.
Of course, in extreme cases, if JuiceBox and Phantom collude, they could decrypt the assets, but at least the cost of attack for hackers shifts from a single point to multiple parties. Moreover, since JuiceBox is a network, its security design will also distribute the burden across multiple validators.
It can be said that in terms of social recovery, these two companies have made certain compromises while adhering to the bottom line, but they do so to avoid suppressing user experience for low-probability events.
I believe this is a positive shift, as the blockchain industry needs to embrace ordinary users rather than forcing them to become industry experts.
4. Self-Custody Using Trusted Execution Environment (TEE)
The previous social login can only solve recovery issues but cannot address automated trading problems.
For this, each company has slightly different approaches.
First, let’s clarify the background: TEE stands for Trusted Execution Environments. Essentially, it is a type of server that ensures its memory environment and operational processes cannot be read or interfered with, even by AWS service providers or the server's owners.
Once it starts running a program, it will publish a document called Attestation, which the party interacting with the TEE can verify against the open-source version it has published.
Only when the program it runs matches the specified open-source version will the two correspond, thus proving its trustworthiness. This concept has already seen numerous applications in the industry:
For example, the official cross-chain bridge of Avalanche uses SGX (a type of TEE) to run notarization validators.
In the Ethereum mainnet, 40% of the blockchain transactions are completed through Buildr Net, which is also based on TEE.
Not to mention various financial institutions that strictly control and prevent insider risks, which have also largely adopted TEE. Leading exchanges have introduced TEE at a high cost for cold and hot wallet signature custody in the context of compliance in 2025.
However, there are several challenges in using TEE, such as lower machine performance (which can be mitigated with money) and the risk of downtime (which can lead to loss of memory information) as well as complex upgrades.
So, the remaining question is how various exchanges provide TEE services in wallets?
4.1 Coinbase and Bitget's Solutions
At first glance, it is hard to imagine that a compliant exchange like Coinbase, which is publicly listed in the U.S., is actually implementing the most centralized version.
Bitget's logical architecture is almost identical.
In essence, it simply uses TEE to generate private keys and drive signature services, but how does TEE verify that this service truly reflects the user's intent?
Coinbase relies entirely on user login, forwarding commands to TEE after backend authentication, and then completing the transaction.
Bitget operates similarly; although there is little information available, it currently does not show a signature page on the client side, directly setting a new address with an EIP-7702 address to achieve gas payment.
The advantage of this setup is that at least the user's asset private keys are indeed stored in TEE. However, whether the backend might insert other strange commands remains unverified and unfalsifiable.
Fortunately, there is evidence on-chain.
Therefore, I believe that Coinbase and similar platforms essentially add the credibility of the exchange, as there will definitely be records of whether the private keys are exported, which can eliminate the risk of users committing fraud. The only risk is if the exchange itself acts maliciously, which aligns with the underlying model of user trust in centralized exchanges (CEX).
Comparison with OKX
Comparing the MPC and SA of these two companies, the underlying logic is essentially the same. In terms of driving transactions, OKX will pop up a set of intent authorization signature pages, which, combined with the logic of verifying intent within TEE, allows for a higher degree of user authorization, but also increases the overall user understanding cost.
Binance's MPC is more influenced by its existing technical framework (MPC has limitations in multi-chain expansion). After introducing TEE, users need to encrypt and transmit a shard from their local device to TEE, while OKX encrypts the user's local mnemonic phrase for transmission to TEE.
As a user, there is no need to worry too much about security risks here; the reliable communication between TEE and the client is very mature, theoretically completely eliminating man-in-the-middle attacks. After all, as long as asymmetric encryption is done using TEE's public key, only the private key can decrypt it.
There are also some differences in user experience details, such as how long the MPC and private keys remain valid in TEE and how to renew them. These are engineering issues, so I won't elaborate further.
Analyzing the design motivation, the benefits of this design mainly lie in the migration costs, avoiding the cold start problem where users need to migrate assets to experience new advanced features.
For example, Coinbase's setup focuses on the payment sector, allowing traditional e-commerce service providers without local private key management experience to call private keys via API to complete on-chain operations.
Binance's setup combines to target the CeDeFi sector, making it easier for users who usually look at K-lines to directly operate and purchase on-chain assets, while ignoring issues like gas, slippage, and multi-chain complexities.
5. Conclusion
How to evaluate 2025, and how to view the future?
I believe this year is a year of silence for wallets, as well as a year of transformation. It hasn't made much noise, but it is quietly working on significant developments.
In today's multi-chain environment, simply creating a user-friendly tool is no longer sufficient to sustain a large-scale wallet team (and the accompanying infrastructure). It inevitably requires various value-added services to provide support, and coincidentally, this year is also an explosive year for applications, with the Perps sector emerging anew, RWA (in the stock direction), prediction markets, and payments all showing improvement.
The market is gradually shifting from a focus on meme tokens to diverse DEX demands.
Moreover, the meme phenomenon is primarily due to rapid trading and high transaction volumes, which make the market appear large; in reality, it has always been the same group of people playing, with the hotspots changing, but the user growth is not significant.
Additionally, with various TEE enhancements supporting the reputations of different exchanges through their new custody systems.
In the broader trend, AI will become increasingly powerful, and AI trading will also grow. Previously, wallets were designed solely for human users, not for AI.
Thus, I foresee that next year will see a richer explosion of applications, as the underlying technology has matured further. There will certainly be a gap period in between, as TEE is still a play of large exchanges, and they are unlikely to easily open external access like Coinbase.
Furthermore, user funds engaging with DEXs represent only a portion of user demand; a larger segment of users simply wants to earn stable returns. Coupled with various promotional subsidies and airdrops during the promotional periods, along with attractive APYs, they will be very satisfied.
CeDeFi products that can yield on-chain returns will be the first landing place for many CEX users (to clarify, this mainly refers to CeDeFi with independent addresses; shared address models like Bitget's will not yield returns).
Finally, this year has also seen significant advancements in cryptographic technology, particularly with passkeys. Although this article does not cover it, more public chains like Ethereum and Solana are gradually integrating R1 curves (which are the default supported by device passkeys) through precompiled contracts. Therefore, wallets that incorporate passkeys are also a foreshadowing (though their recovery and cross-device synchronization are challenging), which is why there aren't many good applications yet.
After all, any product that can streamline high-frequency demands will eventually find its place.
Disclaimer
Although this article is brief, it is densely packed with information, as many architectural overviews are highly condensed. Additionally, since many of the aforementioned technologies have not been fully open-sourced, most technical implementations are based on publicly available information analysis.
Furthermore, this discussion purely focuses on technical solutions and does not imply any positive or negative evaluations of the products from various companies.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
