Kresus has introduced a new crypto wallet that utilizes “magic links” for user sign-in, eliminating the need to store password hashes.
A new crypto wallet has just launched in Apple’s App Store store that uses Web2 trickery to ensure users don’t need to interact with seed phrases or passwords.
According to a May 11th announcement from the app’s developer, Kresus, the new wallet stores users’ private keys in an Amazon Web Services Hardware Security Module (HSM) and uses “magic links” and 2FA to authenticate users.
One common challenge faced by users of crypto wallets is the need to remember and securely store their recovery phrase or “seed words” during the setup process. This recovery phrase serves as a backup to regain access to the wallet in case of device loss or failure. However, if a user misplaces or forgets their recovery phrase and their device crashes, they face the risk of permanently losing access to their account and the funds stored within it.
For this reason, some crypto users prefer to store their crypto in an exchange account. But events like the collapse of FTX have also led to fears that keeping crypto in an exchange could also be unsafe.
The Kresus team has introduced a new wallet app that aims to address the issue of securely storing private keys by leveraging a wallet infrastructure and software development kit (SDK) called “Magic.” With Magic, the user’s private key is stored on a dedicated Amazon Web Services computer that is specifically designed for the secure storage of highly sensitive information. By utilizing this approach, Kresus aims to enhance the security of its wallet and provide users with peace of mind when managing their crypto assets. The use of specialized hardware and infrastructure adds an extra layer of protection, mitigating the risk of private key compromise. This innovative solution demonstrates the ongoing efforts in the crypto industry to enhance security measures and provide users with a more robust and convenient experience when interacting with digital assets.
Unlike a centralized exchange, Kresus does not use passwords to authenticate users, since stealing password hashes and cracking them is one of the most common techniques hackers use to get access to web accounts. Instead, it requires users to click a link from within an email each time they attempt to log in.
The app also uses 2FA to protect the account in case the user’s email address becomes compromised.
When it comes to sending crypto, users don’t need to cut and paste crypto addresses on Kresus. Instead, the app allows each user to register for a free .kresus domain name through Unstoppable Domains, which they can use to send crypto to others.
“We’re really trying to offer something that is truly a better mousetrap for any Web3 user,” Kresus CEO Trevor Traina told Cointelegraph. “Where you can move all of your things from multiple places into one place, have it be very accessible but highly secure […] but also a gateway portal for people who aren’t comfortable yet on Web3 because they’re terrified they’ll be locked out.”
The Kresus team stated that because of the way Magic infrastructure works, neither they nor the Magic development team are able to see the user’s private key during account creation or login, so they cannot make unauthorized transactions.
The Web3 app developer closed a $25 million funding round to support the development of its so-called SuperApp in March.
Kresus is not the only player in the space offering seedless onboarding with its “magic links” feature. Immutable, a web3 gaming company, revealed that it is working on a similar seedless wallet called “Immutable Passport” that utilizes the same infrastructure. Immutable Passport is designed to operate on the Immutable X and Immutable zkEVM networks and will serve as the onboarding tool for players of Immutable’s web3 games, including popular titles like Gods Unchained and Guild of Guardians. This innovative approach aims to streamline the user experience and enhance the accessibility of web3 gaming platforms by removing the reliance on seed words for wallet creation and management.