Web3 Mini-Apps? MetaMask Snaps Explained

MetaMask Snaps

MetaMask Snaps (https://metamask.io/snaps/) is a project with long-term ideals. However, apart from the "ideal" coat it is wearing, the author prefers to call it a small program in the Web3 world. Or give it a fancy name: dApplet.

As developers, especially developers in China, you should be familiar with its concept. In recent years, we often hear Internet jargon such as "ecological creation" and "super App". Business giants always want to make the Internet more and more closed so that they can transform themselves from the role of service providers to the role of standard setters.

Now, this trend seems to be slowly drifting towards the Web3 field.

Today (June 2024), although Snaps have been around for almost a year, and the concept has been proposed for at least 4 years, ordinary users have almost no knowledge of it. I have some friends who pay close attention to the cryptocurrency market. They open MetaMask every day as naturally as eating and sleeping, but they still don’t even know what MetaMask Snaps are. However, after I explained to them that "it's just like a mini program", an indescribable smile always appeared on their faces (they are all developers, most of them are front-end developers).

This scene inexplicably reminds people of the situation when WeChat mini programs first came out. Because the function entrance was not obvious, the usage was very low. Later, after the entrance was changed to a list of mini programs appearing when the homepage was pulled down, the usage began to increase significantly. Since MetaMask wants to build an ecosystem, how to attract users to enter the ecosystem will probably become an important issue that needs to be solved urgently.

Since its emergence, mini programs have been controversial in the Internet industry. Front-end engineers generally sneer at its emergence, believing that it is just a commercial tool for Internet giants to monopolize traffic and block the ecosystem, and it does not contribute much to technological development. I wonder how much contribution Web3's Snaps can make to the community? Browsing the documents provided by MetaMask, I feel more and more that future Snap developers will suffer the hardship of dancing with shackles.

It has been nearly a year since MetaMask launched the public beta version of Snaps, but the number of available Snaps listed on its official website is actually not very large. As of June 2024, there are only 68 at most. You should know that before the official public beta, as early as around 2020, the official had already proposed the concept of Snaps, and Web3 companies and developers have actually had a long time to fully understand it.

Some Snaps

The author has not seen a developer who specializes in developing Snaps, but there are still many small program developers in Web2 around him. The general view of small programs is that the development experience is relatively poor. Small program development still uses the front-end ecosystem, but it is a castrated version. Manufacturers restrict what developers can actually do for various reasons. In addition, the technical capabilities of various manufacturers and the quality of the documents they provide vary greatly, which means that developers have to step on various strange pitfalls on various platforms before they can be praised as "experienced".

Back to Web3, for security and other reasons, Snaps is very likely to face a similar situation. It has to run in an isolated security context and uses "secure ECMAScript", which actually imposes some restrictions on JavaScript APIs, such as being unable to access DOM, Node.js, browser plug-in APIs, etc.

Due to understandable security considerations, a basic Snaps can't actually do much. Most of its functions require the corresponding permissions first, so Snaps needs to apply for relevant permissions from users when installing. Available permissions include lifecycle, transaction, signature, CRON, etc.: https://docs.metamask.io/snaps/reference/permissions/#eth_accounts

Therefore, compared with the prosperous Web3 ecosystem, there are very few available Snaps at present, and MetaMask has classified them.

Snaps Type

According to the classification of MetaMask official website, it can be roughly divided into 4 types:

Account Management

This type of Snaps mainly improves the security of private keys through MPC (Multi-Party Computation, https://blog.usecapsule.com/what-is-mpc/) technology.

Think about how we usually protect our private keys? Many people probably save their mnemonics somewhere. I guess it's usually on their computers or mobile phones, haha. Of course, if you are very rich and have a lot of money in your wallet, then you may indeed use a more confidential method, such as using a hardware wallet. But most people, to be honest, just paste their mnemonics somewhere they can easily find them to avoid forgetting them completely.

This storage method may cause some problems:

1. If you forget where you put your mnemonics, then you are likely to say goodbye to the assets in your wallet.

2. If the device where you save your mnemonics encounters a Trojan virus, it is difficult to prevent hackers from stealing your mnemonics. Some users may split their mnemonics and store them separately to improve security. This may increase some security, but it will undoubtedly increase the difficulty of management and the risk of forgetting.

MPC technology can automatically split your private key into multiple copies and store them in different places. Only when the private key is needed to sign a transaction, they are spliced ​​together to generate a complete private key. At the same time, the complete private key will not be generated in this process, which protects the private key from leakage to the maximum extent.

So far (June 2024), there are only 3 account management Snaps, namely Capsule, Silent Shard and Safeheron.

• Capsule uses the device's PassKey, recovery password and 2FA to maintain the same key. If one of them is lost, it can be recovered through the other two.

• Silent Shard and Safeheron achieve this by using multiple devices to install their apps.

It is difficult to say how many Web3 users this type of Snaps can attract. Judging from the data shown on the Snaps website, there are indeed very few of this type of Snaps and the installation volume is not high.

They are not complicated to use, so I will not go into details here. After the installation is complete, there is an additional address in your MetaMask wallet:

Interoperability

This type of Snaps mainly provides compatibility with non-EVM networks. We can see many familiar chains, including Solana, Cosmos, Near, Sui, etc. Currently, this type is the most numerous, accounting for more than half of the entire Snaps ecosystem.

Rich multi-chain Snaps

Notification and Chat (Communication)

I personally prefer this type of Snaps, but at present, there are so many optional chat applications, and users who are willing to send messages through the chain are obviously still a minority. So unfortunately, we can only continue to "fight for the future".

Security

This type of demand is still relatively large, especially since MetaMask itself does not do enough to warn users when they encounter phishing transactions. As the most common operation in the field of cryptocurrency and blockchain, transactions are inherently high-risk and highly sensitive. Through the transaction insight-related functions provided by Snaps, developers can show users more abundant transaction information, provide analysis and insights on transactions, and minimize the loss of users' assets.

A friend of mine has encountered a situation where his account balance was transferred by a phishing website, and MetaMask had no warning from connecting to the wallet to the successful transfer. He had no choice but to switch to another wallet. Moreover, the author did not know much about Snaps at the time, and only recommended ZAN's KYT (https://zan.top/home/know-your-transaction?chInfo=ch_WZ) service to protect his transactions. I hope that this type of secure Snaps can make up for the shortcomings of MetaMask itself. In fact, according to the data shown on the Snaps official website, secure Snaps are indeed the most in demand besides multi-chain support, currently accounting for 20% of the total.

MetaMask Snaps provides "transaction-insight" and "signature-insight" permissions to meet relevant needs. After applying for relevant permissions, Snap can read the payload of the original transaction or signature when the user initiates a transaction or signature. Snap can analyze it and then show users more and richer security instructions.

Idea

MetaMask wants to expand its field to other chain platforms through Snaps, but how far it can go in the end is probably difficult to achieve its goal. Take the mini-programs in the Web2 field as an example. Although many apps provide mini-program versions, the services provided by the simple mini-programs are often far from comparable to those of apps, and the follow-up of new features is often lagging behind. Even many mini-programs will guide users directly to their own apps. After the explosive growth of mini programs, more apps also wanted to get a piece of the pie, and launched their own mini program platforms. Each company worked hard to strengthen its own moat, and the entire Web world became more and more "centralized".

The capital in the Web3 field is not more sophisticated than that in Web2. If Snaps develops well in the future, more wallets will inevitably follow. If it really comes to this, developers in the Web3 field need to develop corresponding versions for the "Snaps" of each wallet, which may make them anxious for a while. However, if each manufacturer builds its own "Snaps" ecosystem, it is almost equivalent to not having its own unique ecosystem. Hey, this seems to be in line with their "decentralized" label.

We may be able to predict that there may be various "Snaps-like" in the future, with huge platform differences. At this time, compatibility with various platforms has become the daily work of developers, and it has finally reached an unbearable point. So Snaps Standard was born in the expectation of many developers, and there will be various "SIPs" for people to participate in the discussion, and the community is prosperous...

I'm sorry that I personally don't have enough confidence in MetaMask Snaps. In any case, it is at least a product built by a group of passionate developers who want to solve practical problems, rather than a scam initiated by a group of financial experts.

However, for most of MetaMask's current users, Snaps is indeed not a particularly necessary function. MetaMask may need to do more work on how to promote it more effectively.