# Ideas for a Wallet Dashboard This document outlines suggestions for creating a comprehensive, credibly neutral dashboard for all wallet solutions, à la [L2Beat](https://l2beat.com/). > “*The primary challenge is making sure that all these projects are, collectively, building something that feels like one Ethereum ecosystem, and not 138 incompatible fiefdoms.”* - [Vitalik Buterin](https://vitalik.eth. Software wallets (EOA), and smart wallets should be all under one dashboard. Hardware wallets should also be included (maybe in a different page as they're not the same) ## The Challenge of Being a Wallet Wallets are critical infrastructure and often the primary interface users have with the blockchain. For many, the wallet **is** the blockchain experience. Evaluating wallets can involve ranking them into stages based on specific criteria, similar to how Layer 2 solutions are assessed. I won't propose an implementation nor help with the execution (as I don't think that should be my role and also don't have the bandwith). But I'm happy to help the brainsorming of criteria and open my network of wallet people to make it happen ! ## Technical Alignment for Wallets **Decentralization and Security Metrics**: - **Passkeys** if yes, does it use an audited and efficient implementation such as https://github.com/get-smooth/crypto-lib formerly known as https://github.com/rdubois-crypto/FreshCryptoLib - **Transaction simulation** with back end auth with a backend that you can run locally - **Transaction policies** with back end (with timelock to avoid drains) - **Multisig** with Musig2 or Frost, so that signers are indistinguishable on chain you couldn't tell it's a multisig - **Legacy / social recovery** - **PQ primitives** (FALCON) does the wallet implements post quatum signatures ? if yes does it use an audited and efficient implementation ? - **Walkaway Test**: If the development team and servers disappear, the wallet should remain functional for users. - **Insider Attack Test**: Evaluate how much harm could occur if the team attempts to compromise the system. Employee credential control. - **RPC selection**: able to easily switch RPCs - **Transaction simulation** Does the wallet include transaction simulation ? - **Smart wallet support** Is it compliant with 4337, (if yes how good is the implementation) ? Does it support 7702, (if yes how good is the implementation) ? - **Chain format**: uses chain-specific addresses, we're in the process of defining an ERC similar to [ERC 3770](https://eips.ethereum.org/EIPS/eip-3770) - **ERC check**: 4337, 7863, 4361 [...] - **transaction types**: Ability to easily chose transaction types to legacy ? - **How long does the wallet take to implement new EIPs / ERCs** ? i.e do you have to wait for a year to get new Ethereum features or is Ethereum a priority for the wallet thus providing day 1 support ? ## Values Alignment for Wallets ### Is Open Source - **Open source and transparency**: From locksmiths to cryptographers, security experts have demonstrated that security through obscurity is weaker. Exposing Ethereum security openly allows advanced users to verify all aspects, especially critical components. - **Avoid Openwashing**: Do not mislead users with marketing that suggests open-source status if it's not fully accurate. Such practices could negatively affect ones ranking. - **Assessment Criteria**: Evaluate wallets based on how much of their software and hardware is open source. Critical components should carry more weight in this assessment. E.g entropy generation is heavier than front end. ### Respects Privacy by Default - **No User Tracking**: Minimize data collection and avoid tracking users. Be transparent about any data collected. - **Transparency Reports**: Regularly publish reports detailing data collection practices and policies. - **Assessment Criteria**: Use existing framework to assess data policy (GDPR, DPIA) ### Funds Open Source & Public Goods - **Allocate Revenue**: Donate a percentage of revenue to support open source and public goods within and outside Ethereum. - **Distribution Categories**: - **Ethereum Core & Open Source**: Projects like Protocol Guild and Gitcoin. - **Internet & Academia**: Entities like IETF, W3C, Linux Foundation, universities. - **General Charities**: Environmental and relief organizations. - **Assessement Criteria**: Wallets can be ranked based on their contributions, with thresholds (e.g., at least 3% of annual revenue donated, with at least 0.5% to each category) for different stages. ### Uses free and open services as default options - **User Experience**: Do not prioritize the company's paid products as default options. Default services should be decentralized, permissionless, and free. Display fees in a transparent way. - **Staking Services**: Encourage validator participation without preferential agreements that could influence neutrality. Separate activities as much as possible. By focusing on these values and technical criteria, the dashboard could provide a unified and transparent evaluation of wallet solutions, fostering a cohesive and secure Ethereum ecosystem. --- PS: As a personal disclaimer, I had my first profesional experience working as an intern in an HSM cryptoanalysis startup in 2017. I then worked for a few years as Devrel at Ledger. So, I would define myself as a secure hardware enjoyer. I am also a strong advocate for [account abstraction](https://https://github.com/4337Mafia/awesome-account-abstraction). However, **I don't own a single share nor do I have any financial interest in a wallet company**. I work at the Ethereum Foundation and I'm trying to make the world a better place.