Blog

May 8, 2023
10 min read

What if Ethereum Signature Approval Was as Simple as Apple Pay?

The Problem

When users interact with dapps in the Ethereum ecosystem, they have to approve signature requests from the dapps in their wallets. This comes with security and UX challenges. The security challenge is that different dapps have different types of signature approval requests and malicious dapps can exploit this to trick users into approving signature requests that they would not approve otherwise. The UX challenge is that while it’s ok to require explicit approval for each interaction in financial applications, it becomes cumbersome in social apps and games.

May 6, 2023
7 min read

Dapp Isolation Mechanisms in the Ethereum Ecosystem

TLDR: Requiring manual approval for every signature request can hinder good social and gaming experiences. We can automate signature approval with dapp isolation mechanisms such as session keys. Dapp isolation can not only improve user experience, but it can also ensure security when testing new dapps. This could reverse the negative trend of users being reluctant to experiment with new things and ultimately benefit the ecosystem as a whole.

April 14, 2023
5 min read

Exploring Ethereum Token Transfers with TLA+ for Wallet Security

TLDR: Formal methods facilitate thinking in a rigorous way about the problem and help catch errors even if we don’t use them to verify the implementation.

April 9, 2023
2 min read

Dev Update: Filecoin FEVM Support & Upcoming Features

Hi folks, this is a quick development update.

I’ve made some under the hood improvements to unblock FEVM support and the Filecoin Hyperspace testnet is now supported in the iOS beta for SealVault. There is no NFT support and no automatic custom token discovery support yet for FEVM due to lack of Ankr Advanced API support. We'll eventually add these through standard Ethereum RPC methods (tracking issues: #112 and #113). If you wanna see other chains supported, please open a feature request on GitHub.

This release also brings increased transaction reliability by using gas oracles to estimate gas fees and gradually increasing gas price allowance to make sure transactions don't get stuck in the mempool.

September 19, 2022
7 min read

Why Web3 Is Inevitable, How It Can Go Wrong, and What to Do About It

Intro

We believe that general purpose decentralized databases will be ubiquitous in the future, but we see two major obstacles to realizing truly decentralized web applications: The immediate problem is that it's very difficult to experiment with new dapps due to safety and UX issues and this slows down progress. The longer term problem is that wallets need to be reinvented, otherwise the majority of internet users won't own their keys. We try to fix both with SealVault.