PONTEM DISCUSSES WEB3 SAFETY WITH MOMENTUM SAFE

Web3, or the decentralized web, allows for greater control and ownership of online data and assets. However, it comes with its own unique set of safety concerns. During the community call, Alejo and Wendy from Momentum Safe discussed different ways in which users can protect themselves and their assets in Web3.

You can listen to the full recording on Twitter, Discord, or YouTube.

The evolution from Web1 to Web3 – and beyond: from tech giant power to user power

Staying safe in Web3 means maintaining your privacy: making sure your data is not being misused and that nobody can get access to your money. It’s a huge change from the earlier stages of the internet, when it was all about sending cat pictures.

The internet started as a research project by the government and universities where people could send mainly messages. Then AOL came about, with most websites in read-only mode. Only website owners could generate content: that’s the Web1 model.

Next, users could text and images, first on My Space and then on Facebook. Then came things like Yelp, with a two-way flow of information, eventually leading to Twitter and Discord. That is Web2: big platforms that own all the data and allow users to participate by creating content.

Apple and Google have become giant gatekeepers of Web2: if you want to make a phone app, you need to go through these platforms to get it posted. Apple can just say, hey, I don't like that there's Pepe the Frog in the metadata of your application, so I'm going to take it down. But now, people are now starting to ask if we actually need centralized parties like Apple.

The Web3 evolution can counter these issues, making the internet more open and permissionless. And Web3 may not even be the final stage of this evolution. Jack Dorsey’s company TBD has just registered the word "Web5" as its intellectual property – we wonder why!

Crypto as the key element of Web3

Crypto is the new layer of value transactions that is native to the internet. It’s probably the biggest Web3 innovation so far: previously a digital file couldn't hold any value because you could just mint infinite numbers of them, but now you can make a digital file of which only a finite amount can exist – and make it transferable. This intrinsically creates value, whereas previously we had to go through centralized parties like credit cards or payment processors.

It’s not just crypto but also IoT devices: your phone, watch, future headsets or glasses, even our cars. These devices can start talking to each other, becoming more intelligent.

The last piece is going to be AI. Talking to your devices will get easier and things like search and typing will get more semantic or contextual.

To summarize, the three core innovations that go into Web3 are IoT, crypto, and AI.

Transactions and control in Web3

In Web3, we transact with information as much as value, and it happens via different channels. Centralized platforms still decide what sort of assets and transactions are permitted on their platforms – and historically it was the users who gave them this power.

But now, we as users finally have the power to give or NOT give that control over decision-making to others. The entry barriers to creating ways to transfer value are much lower. The economy of scale isn’t as important as it used to be: even server costs are being distributed. Users may have to pay a little bit to use such a service, but in Web2, those apps that looked free actually weren’t: you were giving away your data.

If you’re not paying for a product, you are the product. Look at the implosion of centralized exchanges: you weren’t paying to use them, but now we’re learning that they used customer funds for their own trading etc.

We’re seeing a move to decentralized transactions, especially with DeFi and NFTs. In the next 3-5 years, we’ll see more types of applications: perhaps a decentralized Twitter or Facebook. There will also be value transactions there, just different ones.

Key management and the redundancy issue in Web3

If you use email or a centrally stored password to log in, you don’t have full control. But are there barriers to self-custody? Why are people still using CEXes so much instead of non-custodial wallets?

People are used to trusting authority, thinking that if a lot of people use a platform, it must be safe. But FTX has shown that even if something uses 100% legit, you shouldn’t trust it will all your money. Banks and insurance companies failed customers in the past, too, just as rating agencies kept giving them AAA ratings. How do you know that Google or Facebook, which you trust with your private data and images, won’t fail you in the same way?

As for MetaMask, people are afraid to lose their keys. For self-custody to reach mass adoption, this needs to be solved – and redundancy can be the way forward.

Redundancy means sharing the same secret information in different places. Through multisig wallets, Momentum Safe introduces such a level of redundancy, freedom, and security. You can create a secure asset with 2 or 3 wallet addresses.

Perhaps in the near future new blockchain accounts will be multisig by default: if you trust Binance or another entity, maybe you’ll let it hold one key, you’ll hold the other, and someone you trust will hold the third. One of the keys can even be stored on Google or Facebook, accessible with social login.

You’ll have that redundancy and the feeling of safety – knowing that you don’t have a single point of failure.

Of course, we’ll also have to make device backups easier, because users will be stressed knowing that they have to keep the device that holds their key extremely safe. We’ll have to think through the user experience, who the trusted parties should be, etc. - but in the end we’ll adapt.

It’s a bit like cars and horses: at first, not all people were willing to make the paradigm shift from riding horses to cars that used highly combustible fuel and no seat belts. But then they adapted, and cars became faster and safer. World War 1 was a catastrophic event that triggered the adoption of cars, and FTX and the bear market can be such a trigger.

Who knows – maybe printers will make a comeback, and private keys will be automatically printed at creation. Safety deposit boxes could become an important way to store private keys, too. Some connection with the physical world will remain: people still hold gold bars, after all.

The important part is that we now have the option to have full custody over our assets. Perhaps 5 years from now people will be as used to remembering their seed phrase as they are now used to remembering the email password.

But multisig is key, because spreading the responsibility for your private keys is a smart practice – as long as the entities you trust don’t collude with each other. Having sole custody over your assets is a bit like storing all the money under a mattress – risky.

Creating a multisig address is a bit like building a personal mini-DAO. You can already reassign the right to hold your key, but maybe in the future entities will compete to be able to enter your DAO, and you’ll get offers in a dApp. This healthy competition can bring more transparency to the industry, and maybe trust doesn’t have to go away entirely.

Answers to community questions

MSafe updates

In December, Momentum Safe is launching an app store for users to be able to interact with DeFi and earn yields on the assets held in their multisig Momentum Safe accounts. Liqudiswap will be among the first dApps in the store.

On-chain transparency vs off-chain ‘privacy’

On the surface, self-custody comes at the expense of privacy: anyone can see your transactions: for instance, competitors can see your trades. On CEXes, your transaction data is more private: for example, your trading strategies can be kept secret. But they are only secret from other regular users: insiders like trading funds can still get access to your data and make money off it.

There is a use case for transparency, though we will also eventually have tools to protect the privacy of the users who use self-custody. There are already protocols for private transactions, like Secret Network. There can be regulation issues, but the middle ground could be on- and off-ramps to make sure that a user isn’t on a sanction or money laundering list – and let all

ABOUT MOMENTUM SAFE

Momentum Safe is the most secure and extensible multi-signature wallet solution in the Move ecosystem and it is currently live on Aptos. Pontem is partnering with Momentum Safe for its emergency stop.

ABOUT PONTEM

Pontem is a product development platform that enables global financial inclusion through blockchain technology. Pontem is developing the infrastructure and decentralized tools necessary for the adoption of the fastest and most scalable layer-one blockchain – Aptos

The Pontem wallet is the gateway to the Aptos ecosystem and it is available as a Chrome extension, Firefox extension, and an iOS application. Users of the Pontem wallet can send and receive tokens, connect to decentralized applications, and explore the Aptos ecosystem.

As a result of its partnership with Aptos, Pontem has developed the foundational dApps, EVMs (such as the Move Playground), AMMs (such as Liquidswap), and other infrastructure (such as ByteBabel) needed to adopt its layer one blockchain.