Author: Shijun
1. Introduction
In the blink of an eye, I have been cultivating in the wallet track for 4 years. Many people believe that the wallet track of 2025 has already solidified, but the reality is not so — it is bubbling underneath; this year:
· Coinbase newly released CDP wallet, built on TEE technology;
· Binance's MPC wallet introduces key sharding custody in a TEE environment;
· Bitget just launched social login feature last week, underpinned by TEE custody;
· OKX Wallet launches TEE-based smart account functionality;
· MetaMask and Phantom introduce social login, essentially a key sharding encrypted storage.
Although this year has indeed not seen any standout new players, existing players have undergone tremendous shifts in ecological positioning and underlying technological architecture.
This transformation stems from the dramatic changes in the upstream ecosystem.
As BTC and the inscription ecosystem completely recede, many wallets are beginning to adopt a new positioning as 'entry', taking on emerging tracks such as Perps (perpetual contracts), RWA (stocks), and CeDeFi (a combination of centralized and decentralized finance).
This transformation has actually been brewing for many years. Following this article, let us delve into those flowers blooming in the dark and their impact on future users.
2. A review of the development stages of the wallet sector
Wallets are rare necessity products in the blockchain industry and are the first entry-level applications to break through ten million users, aside from public chains.
2.1 First stage: Single-chain era (2009–2022)
In the early days of the industry (2009–2017), wallets were extremely difficult to use and even required local node operation. We will skip this phase.
Once available, self-custody becomes the first choice—after all, in a decentralized world, 'default distrust' is the basis for survival. Products like MetaMask, Phantom, Trust Wallet, OKX Wallet, and others that are well-known are all leaders of this period.
From 2017 to 2022, the market witnessed an explosion of public chains / L2s. Although most chains still follow Ethereum's EVM architecture, creating a compatible and good tool is sufficient to meet the demand.
During this period, the core positioning of wallets is 'good tools'. Although the industry can see the commercial prospects of traffic entry and DEX entry, safety, usability, and stability are the primary requirements.
However, from 2023 to 2025, the situation has changed. Heterogeneous public chains like Solana, Aptos, and BTC (during the inscription period) have completely occupied the user market. Although Sui itself is developing well, after the hacker incident, large funds have hesitated due to the drawbacks of excessive centralization.
Driven by the financing era of 'fat protocols and thin applications', although VCs have limited returns, the market landscape is indeed changing.
2.2 Second stage: Multi-chain era (2022–2024)
Faced with a multi-chain landscape, even established players like MetaMask have to transform, starting to support Solana, BTC, and others natively. Top players like OKX Wallet and Phantom have also early implemented multi-chain compatible architectures.
The core sign of determining whether to be multi-chain compatible is how many chains are supported and where the transactions are initiated—this represents a significant workload for the backend, while the client only handles the signing. From the user's perspective, it is whether they need to find RPC nodes themselves to use the wallet.
Nowadays, multi-chain compatibility has almost become standard. Long-term adherence to single-chain is easily unsustainable, as the hotspots for chains continue to change.
A typical case is the Keplr wallet, which focuses on the Cosmos ecosystem, but this track has never taken off. Many application chains rapidly built on Cosmos gradually fell silent after going live. As the threshold for building EVM L2 continues to drop, the situation for single-chain wallets may ease, but the upper limit is also there.
Once the basic tools are good enough, users begin to awaken commercial needs within their wallets!
True asset owners not only need to custody their assets but also need to actively drive them—searching for the best yield locations and choosing interaction partners. However, users are also tormented by the complexity of interactions with various DApps and must always guard against phishing websites. Given this, why not directly use the built-in functions of the wallet?
2.3 Business competition branching period
The focus of competition among various wallets has shifted to the business layer, with typical examples being aggregated DEX and aggregated cross-chain bridges. Although Coinbase has explored integrating social features, this demand is overly superficial and has remained lukewarm.
Returning to necessities, users need to complete multi-chain asset transfers in a single wallet entry. At this time, coverage, speed, and slippage become core competitive points.
The DEX field can further extend to derivatives trading: RWA (such as tokenized stocks), Perps (perpetual contracts), and prediction markets (which will be hot in the second half of 2025, especially with the World Cup in 2026). Parallel to DEX is the demand for DeFi yields.
After all, on-chain APY will be higher than traditional finance:
Coin-based strategy: ETH staking approximately 4% APY, Solana staking + MEV approximately 8% APY (details can be found in the comprehensive report: The evolution and pros and cons of MEV on Solana), and more aggressive participants can engage in liquidity pools (LP) and cross-chain bridge LP (details can be found: Super intermediaries or business geniuses? A look at the past year of cross-chain bridge leader LayerZero from V1 to V2).
Stablecoin strategy: Although yields are relatively low, combining cyclical leverage operations can enhance APY. Therefore, by this year (2025), during the peak of business competition, wallet infrastructure will once again undergo upgrades. The reason is that the aforementioned transactions are too complex—not only in transaction structure but also in transaction lifecycle complexity.
To achieve genuinely high yields, it is necessary to combine automated trading: dynamic rebalancing, scheduled limit orders (rather than only supporting market orders), dollar-cost averaging, stop-loss, and other advanced functions. However, these functions were fundamentally impossible to achieve in the pure self-custody era. Therefore, should we prioritize 'safety above all' or 'profit above all'? Actually, it is not a difficult question, as the market itself has different needs.
Just like during the heyday of Telegram Bots, many players handed over their private keys in exchange for automated trading opportunities—'If you're afraid, don't play; if you play, don't be afraid' is a high-risk model. In contrast, large service providers must consider brand and reputation when making wallets. So is there a solution that can securely custody private keys while relatively ensuring that service providers do not run away? Certainly! This has ushered in this year's underlying custodial technology upgrade.
3. Custodial underlying technology upgrade period
Returning to the foundational technology upgrades mentioned at the beginning of the article, let us analyze them one by one.
3.1 Farewell to the era of complete self-custody.
As pure wallet manufacturers, Metamask and Phantom's actions are relatively lightweight and more experience-driven, as social login only addresses user needs for cross-device recovery and does not fully penetrate specific application layer tracks. However, their transformation is, to a certain extent, a farewell to the era of complete self-custody. Self-custody has degrees of distinction, but no one can truly define what is complete and what is incomplete.
First, self-custody refers to the fact that users' private keys can only be stored on their devices. However, this has already posed many issues in the past. Locally encrypted storage of private keys, if the device is compromised, has the potential for brute forcing, with strength depending on the user's password. During cross-device synchronization and backup preservation, it is always necessary to copy them out, making the operating system's clipboard permissions a critical factor.
What is deeply memorable is that a certain wallet manufacturer set the copy private key page to default paste only the first part, requiring users to manually enter the remaining few digits, which directly led to a more than 90% drop in reported private key theft cases during that time. Later hackers learned from this and exhausted the remaining digits through brute force, effectively entering a countermeasure period.
After the Ethereum Prague upgrade, due to the extremely high permissions of 7702, the signatures are also very obscure, and even have special characteristics that can affect the entire chain, which has triggered high phishing risks like permit 2. Therefore, the issue of self-custody still stems from the fact that users cannot easily get used to fully controlling their assets in this industry background.
After all, since the private key is with the user, there is naturally no problem. If a copy of the encrypted private key is kept on the server to prevent the user's local device from losing it, then assets could be completely lost. Can this still be considered self-custody? The answers given by Metamask and Phantom are yes, but it is also necessary to prevent malicious actions by service providers.
3.2 First, let's talk about Metamask.
His approach is straightforward: users log in with an email and set a password. The combination forms something called TOPRF (Threshold Oblivious Pseudorandom Function), which is used to encrypt the user's private key. The encrypted private key can naturally be backed up.
Then this TOPRF is distributed through a typical SSS (Shamir Secret Sharing) algorithm. These social login service providers will obtain encrypted data through social verification and must combine it with the user's password to completely decrypt it.
Therefore, security risks are not completely absent; after all, weak passwords + email hacking also pose risks, and if users forget their passwords, recovery becomes impossible. However, the advantage is that it becomes more convenient, and the experience is basically consistent with web2.
3.3 Looking at Phantom
Looking at the diagram, the overall architecture is somewhat more complex, but the essence is still backend storage of encrypted private keys, with shard management used for encrypting and decrypting keys.
The difference from little fox is that the key used for encryption is divided into two parts. It introduces another service provider called JuiceBox network to store one part, which must be used in conjunction with social login + PIN (4 digits).
Overall, as long as users keep their email from being hacked and remember their PIN, they can recover at any time. Of course, in extreme cases, if juiceBox colludes with phantom, they can also decrypt assets, but at least the cost of hacker attacks has shifted from a single point to multiple parties. Moreover, after all, juicebox is a network, and its security design will also share multiple validators.
It can be said that in terms of social recovery, these two companies have made certain compromises while adhering to principles, but to suppress user experience for low probability events, the author believes is a good shift. After all, what the blockchain industry needs most is to embrace ordinary users, not force ordinary users to all become industry experts.
4. Self-custody using Trusted Execution Environment Tee
The earlier social login can only solve recovery issues but cannot address automated trading problems. Therefore, each company's thinking varies somewhat.
First, to explain the background, Tee is short for Trusted Execution Environments. In essence, it is still a type of server, but this server can ensure that its memory environment and operation processes cannot be read or interfered with, even by AWS service providers or the owners of the servers. Additionally, once it starts running a program, it will publicize a document called Attestation, which parties interacting with Tee can verify against the publicly disclosed document.
Only when the program being run matches the specified open-source version will the two correspond, thus proving trustworthiness. This point has already seen widespread application in the industry: for example, Avalanche's official cross-chain bridge uses an SGX (a type of Tee) to run the notary verifier; for instance, the Ethereum mainnet has around 40% of its blockchain transactions and block generation done through a buildr net base that is also TEE; not to mention various financial institutions that strictly control to prevent insider threats have basically introduced Tee. Major exchanges have also introduced Tee at a high cost in the compliance landscape of 2025.
Although there are indeed many challenges in using Tee, such as low machine performance (which can be compensated with money) and risks of downtime (loss of memory information) and upgrade complexities, the remaining question is how various exchange manufacturers provide Tee services within wallets?
4.1 Solutions from Coinbase and Bitget
At first, it is hard to imagine that a compliant trading platform like Coinbase, which is listed on the US stock market, actually operates the most centralized version. Moreover, Bitget's logical architecture is almost identical.
In essence, it only uses Tee to generate private keys and drive signatures, but how can Tee verify whether this service truly reflects the user's intent? Coinbase is entirely based on user login, forwarding commands to Tee after backend authentication, and then completing the transaction.
Bitget is similar; although there is little information, it currently appears that it does not have the process of displaying the signature page, and then directly sets a new address with an eip-7702 address, thus achieving gas payment. The advantage of this can be said to be that at least the user's asset private key is indeed within Tee, but whether the backend will insert other strange instructions cannot be verified or falsified.
Fortunately, there is evidence on-chain. Therefore, I believe that companies like Coinbase essentially add the credibility of exchanges. After all, whether the private key is exported must have a record, which can exclude the risk of user fraud. The only risk is whether the exchange itself will act maliciously, which is actually consistent with the underlying model of user trust in CEX.
4.2 Bn and Okx
Comparing the MPC of these two companies and SA, the logical essence is actually the same. In driving transactions, okx will pop up a set of intent authorization signature pages, which, combined with the logic of intent verification within Tee, may lead to a higher degree of user authorization, but the overall user understanding cost is also higher.
Binance's MPC is actually more influenced by the existing technical system (MPC has considerable limitations in multi-chain expansion). After introducing Tee, users need to encrypt a shard from their local device and transmit it to Tee. In contrast, okx's approach is to encrypt the user's local mnemonic and transmit it to Tee.
As a user, there is no need to worry too much about security risks here. Currently, the reliable communication between Tee and the client is very mature, theoretically completely preventing man-in-the-middle attacks. After all, as long as the public key released by Tee is used for asymmetric encryption, only the private key can decrypt it. There are also some differences in detailed experiences, such as how long the private key is passed into Tee, when it expires, and how to renew it. These are engineering issues and will not be elaborated.
Analyzing its design motivation, the benefits of such design mainly lie in the migration costs, avoiding the cold start problem of users needing to migrate assets to experience new advanced features. For example, the set from cb is focused on the payment track, allowing traditional e-commerce service providers without local private key management experience to call private keys through API to complete on-chain operations. Moreover, Binance's set is combined to be used in the CeDeFi track, making it easier for users who usually watch K-lines to directly operate and purchase on-chain assets while ignoring gas, slippage, multi-chain, and other issues.
5. Conclusion
How to evaluate 2025, and how to view the future? I believe this year is a quiet year for wallets and a year of transformation. It has not made much noise but is doing significant things. In today’s multi-chain environment, simply making a good tool cannot sustain a large-scale wallet team (and the accompanying foundational setup), and it must necessarily need various value-added services for support. Coincidentally, this year is also an explosive year for applications, with the perps track emerging reborn, RWA (stock direction), prediction markets, and payment all simultaneously improving.
The market is gradually shifting from a fat meme to diversified Dex demands. Moreover, memes are merely because the transactions are too fast and the flow amounts too high, making the market appear large, but in reality, it has always been the same group of players involved, with hotspots changing, but the user growth is not significant. Coupled with various Tee enhancements, it has boosted the reputation of each exchange’s new custodial system.
Moreover, in the overall trend, AI will become increasingly powerful, and AI trading will also advance. Previously, wallets were only prepared for humans, not for AI. Therefore, what I see is that next year will witness richer applications as the underlying technology matures further. There will undoubtedly be a gap period in between since Tee is still a play of major exchanges, and they are unlikely to easily open external access like Coinbase.
Additionally, playing on Dex with user funds is only a part of users' needs. Another larger segment of users simply wants to earn some stable money. With various subsidies and airdrops during each company's promotion period, they will be very satisfied with an added APY. Cedefi products that can capture on-chain yields will be the first landing place for many Cex users (note, this primarily refers to independent address Cedefi; for those with shared addresses like Bitget, they cannot benefit).
Finally, this year, there have also been significant improvements in cryptography technology regarding passkeys. Although this article does not cover them, more and more public chains like Ethereum and Solana have gradually integrated R1 curves (which are supported by device passkeys) through precompiled contracts. Therefore, wallets combined with passkeys are also a foreshadowing (although retrieving and synchronizing across devices is challenging), so there aren't many good applications yet. After all, any product that can streamline high-frequency demands will eventually find its place.
Recommended reading:
Why does Asia's largest Bitcoin treasury company Metaplanet not buy the dip?
Multicoin Capital: The era of fintech 4.0 has arrived.
A16z's heavily invested Web3 unicorn company Farcaster is forced to transform. Is Web3 social a false proposition?
