Web3Auth is a pluggable wallet infrastructure for Web3 wallets and applications. It streamlines the onboarding of both mainstream and cryptocurrency native users in under a minute by providing experiences that they're most comfortable with. ^[1][2]

Overview

By integrating Web3Auth into a decentralized application (dApp) or blockchain wallet, the user onboarding process can be streamlined. Web3Auth also allows users to retain the non-custodial characteristic of their wallet management system, meaning that users maintain full control and ownership of their cryptographic wallets, reinforcing the principles of privacy and security inherent in blockchain technology. ^[1][3]

Unlike traditional wallets, Web3Auth offers customized flow adjustments to simplify user interaction and enhance transaction control. It generates a standard cryptographic key unique to each user and application, facilitating transaction signing and other wallet operations. ^[2]

While Web3Auth enhances wallet functionality, it's crucial to understand that it functions as infrastructure rather than a standalone wallet. ^[3]

In April 2023, Web3Auth partnered with Trust Wallet to improve the user experience and accelerate the mass adoption of Web3. ^[10]

“Lost seed-phrases are just very messy business, of course I have to mention the billions of dollars being lost in crypto every year. It’s time for seed-phrases to go away permanently. This is only the beginning of the long-term adoption of Two-Factor Wallets, and this partnership with Trust Wallet is a massive step forward for us, in our attempts to democratize enterprise-grade MPC for everyone.” - said Zhen Yu Yong, Cofounder and CEO of Web3Auth^[10]

To date, Web3Auth has powered over 10,000 dApps, with over 50,000 developers and over 20 million monthly users. Additionally, it has worked with Web3 brands such as Animoca Brands, Binance, and Fortune 500 companies including Fox.com, SK Planet, Universal Studios, and Mcdonald’s.

Web3Auth Technology

High-Level Architecture​

The Web3Auth SDK lives solely on the user/application’s front-end client and handles the interactions between OAuth providers and the Auth Network. The diagram below describes the relationship between the Web3Auth SDKs and integrating applications.^[4]

When a user logs in with a login provider like Google, it sends a JWT id_token to the app. This JWT token is sent to the Web3Auth SDK's login function to be validated and generates the private key in a self-custodial way. 

Plug and Play SDKs​

A Web3Auth Plug and Play integration process is designed to be developer-friendly, requiring only the initialization of the Web3Auth SDKs and the set up of necessary configurations. Once integrated into the application, the SDK facilitates the embedding of the login function. This allows developers to utilize the SDK to authenticate users by invoking the connect function, which can be activated via a login button or any user-triggered event. ^[4]

Core Kit SDKs​

The Core Kit SDKs is the backbone of the Web3Auth Plug n Play (PnP) SDKs. They form the essence of the Web3Auth infrastructure and allow for direct usage within decentralized applications (dApps) to foster deeper integration. They are further divided into two types of SDKs:

1. Single Factor Auth SDKs
2. Multi-Factor SDKs, like tKey SDK

MPC SDKs​

With the Web3Auth infrastructure, users' keys are divided into multiple parts and distributed across their devices and the Auth Network. This ensures the user's key is always accessible and never stored in a single location. ^[4]

In the traditional Web3Auth SDK, the key was dynamically reconstructed in the front end using Shamir’s Secret Sharing. However, with the new Web3Auth MPC (Multi-Party Computation) architecture with Threshold Signature Scheme (TSS), the key is never reconstructed. Instead, partial keys are stored across different locations, and the user's different authentication factors generate partial signatures for messages/transactions. These partial signatures are then computed and combined in the front end using the Threshold Signature Scheme (TSS) to produce the final signature, which can be used for blockchain transactions.

TSS is a cryptographic primitive for distributed key generation and signing. Its integration into Web3Auth's Auth network represents a new paradigm that offers numerous security benefits. ^[4]

Web3Auth Wallet Management Infrastructure​

Web3Auth's Wallet Management Infrastructure enhances security by distributing a user's private key across various key shares, thereby avoiding direct exposure of seed phrases in a single point of failure. These key shares form a 'web of trust' and enable wallet management akin to multi-signatory account handling. Users employ OAuth logins, trusted devices, and other factors to manage their cryptographic key pairs. More importantly, the private keys are not stored anywhere within the Wallet Infrastructure system, not in databases or any participating nodes. ^[4]

Products

Plug and Play Embedded Wallet SDKs

Web3Auth's Plug and Play (PnP) SDKs are engineered to redefine the key management integration for wallets and dApps, focusing on efficiency, user convenience, and security. These SDKs are not just tools for facilitating blockchain transactions but are embedded wallet solutions designed to merge seamlessly into the user's application, offering a robust framework for user authentication and wallet management. ^[5]

Core Kit

The Core Kit Wallet Management SDKs intends to cater to a hands-on, customizable approach while aiming to create a tailored authentication flow for users. Core Kit is made for developers who prioritize direct control and customization, and it allows for creating user-centric whitelabel wallets where Web3Auth operates in the background, invisible to the end user. ^[5]

Wallet Services

Web3Auth Wallet Services offers modular, pluggable enhancements and customizations for Web3Auth-integrated wallets, designed with the aim of making it easy for applications to create their own embedded wallets. This product facilitates seamless integration, a WYSIWYG interface for developers, and built-in tools like an onramp aggregator, providing a comprehensive set of features while cutting on development time and effort. ^[6]

Web3Auth Wallet Ecosystems

Wallet Ecosystem is a flagship integration of Web3Auth for established Web3 communities, which makes the user’s crypto assets inside embedded wallets and smart accounts portable across dApps within the ecosystem. This platform leverages the Web3Auth infrastructure for the creation of the wallets while allowing a way for a group of applications to be interconnected and tap into a wider user base. Wallet Ecosystem unifies the user’s experience across different platforms. ^[7]

SafeAuth Kit​

The SafeAuth Kit, designed in collaboration with Safe, offers a transformative approach to integrating smooth onboarding through MPC on smart wallets within an ecosystem, ensuring compatibility with ERC-4337 and leveraging the principles of interoperability. This solution utilizes Web3Auth's MPC-powered accounts as the signer for these smart wallets, facilitating a smooth onboarding and recovery process. By doing so, it aims to not only simplifiy the user experience by streamlining their interaction with the blockchain but also enhance security and user autonomy.^[7][8]

Torus Wallets​

EVM Torus Wallet​

The Torus Wallet, the in-house wallet from Web3Auth, offers an integration across leading platforms such as Opensea, 1inch, with the intention of enhancing interoperability. Equipped with features such as fiat on-ramp top-ups, pre-generation of wallets, and swap functionalities, the Torus Wallet aims to provide convenience and utility in the blockchain space. This wallet illustrates the potential of Web3Auth to streamline the user experience while maintaining high levels of security and efficiency. ^[7]

Solana Torus Wallet​

The Solana Torus Wallet is a specialized version of the Torus Wallet, tailored specifically for the Solana ecosystem. Designed to facilitate seamless integrations with leading Solana platforms such as Magic Eden and Star Atlas, this wallet intends to embody the core principles of interoperability and ease of use within the Solana network. ^[7]

XRPL Torus Wallet​

The XRPL Torus Wallet is a mobile-first solution crafted for the XRPL ecosystem, emphasizing the effective management of tokens and NFTs. This iteration of the Torus Wallet leverages the strengths of the original platform while honing in on the unique demands of the XRPL environment. It offers users an intuitive and secure experience tailored to the fast-paced world of XRPL, facilitating transactions and interactions with digital assets. ^[7]

Acquisition of Poko On-Ramp Aggregator

In October 2023, Web3Auth announced the acquisition of Poko Onramp Aggregator. With this acquisition, popular brands like Animoca Brands, Axie Infinity (Ronin Wallet), and Ripple (XRPL) can access more than 10,000 fiat-to-crypto pairs on localized payment providers.^[9]

As we strive to bridge the gap between Web2 and Web3 applications, fiat-to-crypto is a big part of it which faces more hurdles than ever in regulation and anti-crypto sentiment. Poko Onramp Aggregator allows users to choose local payment providers they’re familiar with, cutting onramp fees by up to 70%, while boosting transaction success rates by as much as 5 times.^[9]

Web3Auth continues to provide the Poko Onramp Aggregator services under a new name — Web3Auth On-Ramp Aggregator. ^[9]