Author:Mask Snaps
MetaMask Snaps (https://metamask.io/snaps/) is a project with a long-term vision. However, setting aside its idealistic facade, I prefer to describe it as a mini-program within the Web3 world, or perhaps give it a fancier name: dApplet.
As developers, especially those in China, we should be familiar with its concept. In recent years, we often hear terms like “ecosystem building” and “super apps.” Commercial giants always aim to make the internet increasingly closed off, in order to shift from being service providers to standard setters.
Now, this trend seems to be gradually drifting into the Web3 domain.
As of today (June 2024), although Snaps has been around for nearly a year and its concept was proposed over four years ago, the average user still knows very little about it. Some friends of mine who are very focused on the cryptocurrency market open MetaMask every day as naturally as eating and sleeping, yet they don’t even know what MetaMask Snaps is. However, after I explained it as “like mini-programs,” a subtle, indescribable smile always appeared on their faces (they are all developers, mostly front-end developers).
This scene inevitably brings to mind the situation when WeChat mini-programs first appeared. Due to the lack of prominent functional entry points, their usage was very low. Later, when the entry was moved to a mini-program list appearing in the home page’s dropdown, usage began to grow significantly. Since MetaMask aims to build an ecosystem, how to attract users to enter the ecosystem gate will likely become an urgent issue to solve.
Mini-programs have been controversial in the internet industry since their inception. Front-end engineers generally scoff at their emergence, considering them merely a commercial tool for internet giants to monopolize traffic and seal off ecosystems, contributing little to technological development. How much contribution can Web3’s Snaps make to the community? Browsing the documentation provided by MetaMask, I increasingly feel that future Snap developers will experience the hardships of dancing with shackles.
From the public beta launch of Snaps by MetaMask until now, nearly a year has passed, but the number of Snaps available on its official website is still quite limited. As of June 2024, there are only 68. It is worth noting that before the official public test, the concept of Snaps was already proposed around 2020, and Web3 companies and developers have had quite some time to understand it thoroughly.
Some Snaps
I haven’t met any developers dedicated to developing Snaps, but there are many mini-program developers in Web2 around me. The general perception of mini-programs is that their development experience is poor. Mini-program development still uses the front-end ecosystem, but in a stripped-down version. Various manufacturers limit what developers can actually do for various reasons. Additionally, the technical capabilities and document quality of different manufacturers vary, leading developers to step on all sorts of bizarre pits on different platforms before being praised as “experienced.”
Returning to Web3, considering security and other factors, Snaps is likely to face similar conditions. It must run in an isolated security context, using “secure ECMAScript,” which actually restricts some JavaScript APIs, such as not being able to access DOM, Node.js, browser plugin APIs, etc.
Due to understandable security considerations, a basic Snap cannot do much. Most of its functions require specific permissions, so Snaps need to request relevant permissions from users during installation. Available permissions include lifecycle, transactions, signing, CRON, etc.: https://docs.metamask.io/snaps/reference/permissions/#eth_accounts
Therefore, compared to the thriving Web3 ecosystem, the number of available Snaps is pitifully small. MetaMask has categorized them.
Types of Snaps
According to the classification on the MetaMask official website, they can be roughly divided into four types:
Account Management
These Snaps mainly enhance private key security through MPC (Multi-Party Computation, https://blog.usecapsule.com/what-is-mpc/) technology. Think about how we usually protect our private keys? Many people probably store their mnemonic phrases somewhere, usually on their computers or phones, haha. Of course, if you are very wealthy and your wallet contains a lot of assets, you might indeed use a more secure method, such as a hardware wallet. But most people, honestly, just paste their mnemonic phrases somewhere convenient to avoid completely forgetting them.
This method of storage can cause some problems:
1. If you forget where you put the mnemonic phrases, you are likely to say goodbye to the assets in your wallet.
2. If the device where you store the mnemonic phrases is infected with malware, it is difficult to prevent hackers from stealing your mnemonic phrases. Some users might split their mnemonic phrases and store them separately to increase security, but this undoubtedly increases management difficulty and the risk of forgetting.
MPC technology can automatically split your private key into multiple parts, storing them in different places, only stitching them together to generate a complete private key when needed for transaction signing, without generating the complete private key in the process, thereby maximizing the protection of the private key from leakage.
As of now (June 2024), there are only three account management Snaps: Capsule, Silent Shard, and Safeheron.
· Capsule uses the device’s PassKey, recovery password, and 2FA to maintain the same key, and if one is lost, the other two can be used to recover it.
· Silent Shard and Safeheron achieve this by using the installation of their app on multiple devices.
It is hard to say how many Web3 users these Snaps can attract. From the data displayed on the Snaps website, this type of Snaps is indeed very few, with low installation numbers. They are not complicated to use, and installation adds an address to your MetaMask wallet:
Interoperability
These Snaps mainly provide compatibility with non-EVM networks. We see many familiar chains, including Solana, Cosmos, Near, Sui, etc. This type is the most prevalent, occupying more than half of the entire Snaps ecosystem.
Rich Multi-chain Snaps
Communication
I personally prefer this type of Snaps, but currently, there are so many chat applications available, and users willing to send messages through chains are obviously in the minority. Unfortunately, we can only continue to “fight for the future.”
Security
The demand for this type is likely quite large, especially since MetaMask itself does not do enough to warn users of phishing transactions. Transactions, being the most common operations in the cryptocurrency and blockchain field, inherently have high risks and sensitivity. Through the transaction insight-related functions provided by Snaps, developers can display richer transaction information to users, provide analysis and insights into transactions, and minimize asset loss for users.
I have friends who have encountered phishing sites draining their account balances, and MetaMask provided no warning from wallet connection to successful transfer. They had no choice but to switch to another wallet. At that time, I was also unaware of Snaps and only recommended ZAN’s KYT (https://zan.top/home/know-your-transaction?chInfo=ch_wxdyh) service to protect his transaction. I hope these security Snaps can make up for MetaMask’s shortcomings. In fact, according to data on the Snaps official website, security Snaps are also the most demanded besides multi-chain support, currently accounting for one-fifth of the total.
MetaMask Snaps provides the permissions endowment:transaction-insight and endowment:signature-insight to meet related needs. After a Snap requests relevant permissions, it can read the raw payload of the transaction or signature when the user initiates a transaction or signs. The Snap can analyze it and display more comprehensive security explanations to the user.
Idea
MetaMask wants to expand its domain to other chain platforms through Snaps, but how far it can go is probably hard to achieve as desired. Taking mini-programs in the Web2 domain as an example, although many apps offer mini-program versions, the services provided by these rudimentary mini-programs often cannot compare with the apps, and their follow-up on new features is often behind. Many mini-programs even direct users to their own apps. After the explosive growth of mini-programs, more apps wanted a share and launched their mini-program platforms, each trying to strengthen its own moat, making the entire Web world increasingly “centralized.”
Web3’s capital is no smarter than Web2’s. If Snaps develops well in the future, more wallets are bound to follow. If it really reaches that point, Web3 developers will need to develop corresponding versions of “Snaps” for each wallet, which will likely make them quite overwhelmed for a while. However, if all manufacturers build their own “Snaps” ecosystems, it would almost mean having no unique ecosystem of their own. Hmm, this seems to fit their “decentralization” label.
We might be able to predict that various “Snaps-like” will emerge in the future, with huge platform differences. At this point, compatibility with different platforms becomes the daily work of developers, eventually reaching an intolerable level. Thus, the Snaps Standard was born amidst the expectations of many developers, along with various “SIPs” for people to discuss, with a thriving community scene…
Sorry, I seem to lack some confidence in MetaMask Snaps. In any case, it is at least a product built by a group of passionate developers who want to solve practical problems, not a scam initiated by a group of financial experts.
However, for most of MetaMask’s current users, Snaps is indeed not an especially necessary feature. MetaMask will probably need to do more work on how to promote it more effectively in the future.