Ryan Jones, senior director of product management at Consensys, the developer of the self-custodial crypto wallet MetaMask, discusses a new feature focused on enhancing security for wallet users. He also weighs in on what’s needed for broader adoption of crypto and explains why MetaMask was unavailable on the Apple App Store for a short period of time.
Big announcement for metamask this week focused on enhancing security for wallet users now yesterday metamask introduced the integration of privacy preserving security alerts for extension and mobile app users with the goal of driving wider adoption so now all self- custodial wallet users around the world will automatically receive alerts about
Potentially malicious transactions an important development especially because according to chain analysis crypto users around the world had $1.7 billion do stolen hacked or fished last year alone can you break down how this new feature works exactly and elaborate on the goal of this development yes of course um as you said
There’s a huge risk within the space in terms of scams uh and people essentially losing money within the self- custodial space And so there’s a lot of work that we’ve been needing to do in terms of protecting our users we had a few different methods in place already but
Of course there’s no one solution that is the silver bullet and so what’s really important is we are working with a specialists in the space to make sure that we are adding that protection and so there’s a series of steps that each of these different providers that we’re
Working with are leveraging as a means to go and determine which of these uh applications or smart contracts are potentially malicious and then we are able to alert our users before they actually go and make a transaction that could potentially put their assets at risk and so what’s great is of course
One of our core principles is make sure that we are doing this in as privacy preserving as possible and so we’re not sending any data externally to any of these third party providers but we’re leveraging the data that they provide to us to be front and center for those
Users as they’re making those transactions so happy to go through a little bit more detail in terms of what they’re doing but of course some of that detail we try to uh keep to ourselves so that we can keep the scammers guessing in terms of what we’re actually doing to
Protect those users and that makes perfect sense but metamask estimates that this year loone these security alerts will prevent hundreds of Millions worth of dollar assets from being stolen I read that a common tactic used by hackers is creating fake browser extensions that try to steal private
Keys when installed on devices and that these malicious extensions often imitate popular crypto wallet extensions like metamask in an effort to trick users into giving up their private keys so was this part of the reason you felt this new security feature was absolutely necessary I think this was one of the reasons for
Sure what we’ve actually seen is a lot of uh the malicious intent comes from individuals interacting with malicious applications themselves and so we see about uh of all the new applications or what we call decentralized applications staps that get released about 10% of them are malicious and so the bulk of
Users are going in in this permissionless ecosystem interacting with them and we want to just provide more protection to them at that State there are of course a bunch of different ways that people are trying to scam individuals whether it’s uh fake websites or fake extensions and a big
Thing here is to always double check the URL that you’re going for and we will not ask you for your secret recovery phrase uh that’s associated with that so really make sure that you’re protecting that at all cost and so we made a series of different steps of making sure that a
User understands what it means to open up and show that secret recovery phrase and then now of course when they’re connecting and interacting with apps also making sure that there’s warnings that pop up for those users a big premise of what we want to do within the
Space is make sure that we never block a user from actually taking an action but what we want to do is protect and inform that user so that they can make the most informed decision for themselves uh while they’re actually interacting with this ecosystem now you touched on this but
What other security measures is metamask taking to ensure users feel safe and secure yes so uh I think as we talked about before right there’s no one Silver Bullet so there’s an entire life cycle that the user goes through in terms of interacting with this ecosystem so we
Already had a series of detections in place albeit not as strong as we would like and so that’s why we’re taking a series of these new steps working with a company like blockade um but we’re also making it so that uh when that person does go in and look at the secret
Recovery phrase they understand what the risks are there but we’re also now starting to take some steps before they even connect to an application uh they can get some risk profile that’s associated with that application as as well and then uh also when they’re doing
A transaction we can be very clear in a human readable interface of what exactly is going to be that outcome for the user in terms of what’s going to happen to their assets and then the last part two that we’re uh working on is making sure that after the transaction actually
Happens if they did on accident work or interact with a malicious smart contract or application they can go back and revoke all of those uh access controls that are actually there and so if you go to the minim portfolio there’s a an area that we call spending caps that can
Actually show you all of uh what you’ve given in terms of allowances to all these different smart contracts and applications and go and manage that all in one location so we do want to make sure that people are not allowing free reign to any application and so we do
Want to make sure that while they’re going through that they are actually sitting in there and limiting uh what access each of those applications have and we give that control to the user as well as some recommendations for them as we all know when it comes to crypto
Wallets certainly there are a lot of options out there so how is your crypto wallet different from others from a security standpoint yeah so I think uh one thing that’s really interesting is the fact that we are the largest wallet in the space and so the way in which we
Approach some of these new functionality while we may not be the first ones to release the functionality we are spending a lot of upfront time to make sure that we’re doing it in a scalable and secure manner and so uh a few different aspects of that is we did have
The blockade uh integration up and running and we were actually running that for a series of months before we turn it on by default for everyone because we wanted to make sure that we were getting the outcomes that we actually expected and we were protecting those users the other part too is even
In certain areas say like adding in the ability to bridge a lot of uh a lot of competitors may just add that functionality by using a third party uh that’s out there and what we end up doing is we spend the extra time an effort to write our own smart contracts
To add additional protections on top of it so there’s been some recent hacks across Bridges and none of our users were actually uh came into risk with that because of the smart contracts that we put in place in front of that user interaction so I think it goes back to
Security is extremely important to us we certainly have some more work to do um but that is a core Focus uh over the next six months to really make sure that we have that endtoend life cycle being covered and so I think the scale that we have really helps us understand where
All those different uh points are and targets are so that we can protect our users from it now earlier this month consensus announced that the crypto wallet in metamask will now let users buy crypto through Robin Hood allowing those using the trading platform greater access to digital assets so now that it
Has been a couple of weeks since the announcement how is the integration going so far and is it revealing a shift toward r or mainstream adoption for sure yeah and so uh I think the integration with Robin Hood has been great the team has been great
In terms of working with us we’ve seen some great flows in terms of individuals moving from Robin Hood to our self- custodial wallet of metamask and even those going back as well and so one of the things that we really wanted to decrease is that barrier from custodial
To self custodial and so you’ll be seeing a few more uh of those sort of Integrations to help individuals who start in this custodial uh ecosystem and then move to something like mamass to go and interact with the web 3 ecosystem and so we’re trying to make uh that
Interaction a lot simpler so it does become uh more mainstream for those users to leverage a tool that’s right for them so is the shift to broader adoption reflected in the number of your users if so break down the numbers for us yeah of course so uh it’s been uh
Pretty amazing to see over the past few months we’ve actually seen an increase of 10 million monthly active users uh so moving from about 20 million to 30 million of course not all of that data we certainly have because of our privacy preserving uh stance um but yeah that
That increase has been really great to see in terms of people leveraging the Min Mass wallet and then moving between these different ecosystems we’re we’re coming out uh more into this bull market um and this does definitely feel different than where we’ve been in the past uh a lot of the infrastructure that
Is there today wasn’t there before and so we’re starting to see a lot more of those different use cases and what people are interacting with and the way that they’re using crypto has also changed over the past couple years and I actually read that this growth nearly
Matches the peak figures seen during the bull market in 2022 uh but on a general note what do you think the industry as a whole should do to move toward Mass adoption of crypto what steps do you think should be taken yeah so uh I’m a firm believer
That the technology shouldn’t just be used because it’s just the new technology right it’s here as a means to allow for people to do things that they couldn’t do before and so working on ways to abstract away the complexity that’s associated with uh the technology
To make it so that every uh day users can all of a sudden just do something that’s brand new for them and so I think we’ve been making a lot of steps to do that we’re not fully there yet um but even in some of the new decentralized
Social constructs uh individuals can go they can use their standard email and sign in just like any web 2 and they can interact uh with individuals within that space and they don’t need to understand what chain they are what token they’re using none of that and they’re able to
Leverage kind of the power and the value that’s associated with the blockchain and the decentralized ecosystem now in October metamask was no longer available on the Apple App Store but I see it’s back now so I’m wondering where does that stand right now how long was it
Unavailable and what did you think about that development when it first happened why did Apple make it unavailable to begin with yeah so uh it was only unavailable for a very short period of time we got a back up and running certainly worked with the Apple team to
Make that that happened it had nothing to do with security it didn’t have anything to do with kind of Apple’s uh like sets or regulations that are associated with it so it’s a series of things on our side that we wanted to make sure we had in place uh before
Getting it back up onto the store so um I think from that perspective we all worked really well in terms of making sure that that happened and wanted to get it back up to our users as fast as possible so certainly was a little bit
Of a hiccup uh and making sure that that doesn’t happen again but it’s been uh it’s been helpful in terms of having that communication between Apple and then of course we work closely with Google as well and people shouldn’t expect it to happen again type of thing
Correct got it now metamask is a crypto wallet designed primarily for the ethereum blockchain so yes I’m wondering what you’re paying attention to as it pertains to ethereum is the next big upgrade which is expected to happen soon something that’s on your radar yeah so we’re really excited about the upgrade
Uh that is coming we call it the Duncan upgrade it’s uh coming out shortly uh the area that’s really important for this is that it is improving uh infrastructure for us and moving more towards uh the speed and low cost of what we call layer twos and so again in
In terms of the differences between a couple years ago to today you now are able to interact with the ecosystem at a much uh lower cost and a much higher speed and so that we believe will again bring on more of the masses uh to
Interact in a a lot of new use cases that are associated with it and then of course we are certainly very ethereum focused but we do now have a product that we call snaps and so there’s something like 15 different nonm chains that we actually support through snaps
And we’re working on integrating those uh some of those directly Within by default uh for end users as well so we do realize that this is a multi-chain world and we want to make sure that metamask continues to be the most flexible wallet out there and can work
With you wherever you want to go I understand polygon is one of those Chains Are you able to disclose any others uh so polygon is is one of the evm chains and that’s certainly one that we currently support today and so any evm uh you’re able to leverage with
Metamask out of the box and by default uh we do have a series of chains that we add additional functionality to so we have kind of like a list of our top nine based off of the transactions that um our users interact with uh as a means to
Go and prioritize those and make sure that we have certain things like Auto token detection some of the security features um all of those and making sure like gas optimizing ation is associated with it uh but of course with metamask because of the flexibility you can
Leverage it with any ubm uh chain that’s out there but some of the other chains that we do have say snaps for are things like Bitcoin and salana um that you can go and leverage today now metamask was developed by consensus so I’m wondering what’s next for consensus and metamask what can people
Expect yeah so I think uh one of the big parts that we’re there’s a few different areas that we’re really focused on uh one of those is of course increased flexibility so the snaps uh which enable you to extend the functionality of mamass so your menam mask in a year
Versus my Min mask in a year may look different depending on what’s important to each of us and the way that we interact within the ecosystem I think the other area that we’re really focused on as well is this new concept of like embeddable wallets and smart contract
Accounts so this brings in a lot of that account abstraction that we were talking about is how do we abstract away the complexity of blockchain and make it much easier 10 users so there might be a future in which you’re able to interact with an application and you actually
Don’t need to download an extension or a mobile and you can onboard directly to that application and then move your pass Keys around between different devices and that for us makes it uh lot simpler for individuals to pick up and to use and they don’t have to make all those
Choices that they have to today in terms of using say like that extension and so those are some of the key areas that we’re really focused on and then of course we’re going to continue to always focus on the core the product and again protect our users throughout that entire
Life cycle and really make sure that we’re making metamask as easy to use as possible when people uh on board
1 Comment
Hit 200k today. Thank you for all the knowledge and nuggets you had thrown my way over the last months. Started with 14k in last month 2024