Alright so weâve got Moralis functions for just about everything the MetaMask browser extension or other WalletConnect flavor does:
- List all native and ERC20 token balances and prices in local fiat.
- List historical transactions for native and ERC20 assets.
- Send or receive native and ERC20 tokens.
- Create token swap auth/Txâs via 1Inch (using a Moralis plug-in).
- Buy/sell crypto to/from fiat (using the Moralis OnRamper plug-in)
- Secure Tx authentication with 2FA.
Thatâs great, but the problem is the reverse: MetaMask does all that already, plus theyâve got better on-boarding guidance than we do. And their onboarding material doesnât report user progress. It just âsends users backâ to us if/when they survive. Thereâs no way to interject our guidance or encouragment into the process. We canât see where the users are within it.
Whatâs the market use for our âwalletâ dap if MetaMask is sitting right there doing all that wallet interface functionality anyway? Dap marketing wants to get MetaMask completely out of the picture and give our wallet daps some perceived purpose. The idea being to keep our end-users that we bought with our marketing/ onboarding/ crypto education money from ditching our âwalletâ dap for MetaMask before we can recoup expenses.
Really all thatâs missing from our Moralis dap to enable a true wallet project is the âkeychainâ behavior. We need to be able to securely:
- Generate completely randomized private key/address pairs
- Store private keys in the system (be it browser or OS).
- Sign transactions using the retrieved private keys.
- Export private keys to system-authenticated (and 2FA cleared) users.
I donât see any Moralis development efforts along those lines. Until we do Moralis is not enough to build a true web3 âwalletâ, and needs to stop using the term in the marketing. Those arenât âwalletsâ weâre building. Theyâre just daps.
While we wait, does anyone know of an open-source, âcrypto keychainâ project that would cover the gap? Say something in React or better yet: React-Native?
Rule #1 in cryptocurrency development: ânever roll your own cryptography or security codeâ. So yeah, I get why you guys dare not tread here. And neither would I. Except Iâve need to now. Practically MetaMask can only take crypto as far as web3. WalletConnect can only take crypto as far as ânativeâ mobile aps. But to spread crypto into IoT or VR will require at least one new lightweight, system-security-aware âkeychainâ library each for those embedded systems. Better: a diversity of keychain libraries to harden the system vs. single points of failure. Even simple web3 needs a diverse keychain ecosystem for that reason.
GitHubâs got 98 âwallet ethereum reactâ suspect repositories, few of which are recent or active, and maybe 10 sound useful. I need a more expert opinion to find the right needle in that haystack while we wait for Moralis to officially address the issue.
Otherwise thereâs really no point of taking a Moralis âwalletâ project to market with MetaMask spanning all gaps.
Thanks!
-The Bubble Guy
CTO, âUSA Walletâ.