Briefly describe the history of Blockchain Wallets and the market landscape in 2025.

1. Introduction

In the blink of an eye, I have been working in the wallet sector for 4 years. Many people believe that the wallet sector has already solidified by 2025, but this is not the case — it is currently in a state of undercurrents, and this year:

· Coinbase has launched a new CDP wallet, built on TEE technology.

· Binance's MPC wallet introduces key sharding custody into the TEE environment;

· Bitget just launched the social login feature last week, which is hosted by TEE;

· OKX Wallet launches smart account functionality based on TEE;

· MetaMask and Phantom introduce social login, which is essentially key sharding and encrypted storage.

Although there haven't been any standout new players this year, the existing players have undergone tremendous changes in ecological positioning and underlying technological architecture.

This transformation is driven by the dramatic changes in the upstream ecosystem.

With the comprehensive retreat of BTC and the inscription ecosystem, a large number of wallets are beginning to adopt a new positioning as “gateways” to accommodate emerging sectors such as Perps (perpetual contracts), RWA (real-world assets), and CeDeFi (a combination of centralized and decentralized finance).

This transformation has actually been in the works for many years. Follow this article as we delve into the flowers blooming in the shadows and their impact on future users.

2. Review of the development stages of the wallet track

Wallets are a rare essential product in the blockchain industry and are also the first entry-level application to break through ten million users, aside from public chains.

2.1 First Stage: Single Chain Era (2009–2022)

In the early days of the industry (2009–2017), wallets were extremely difficult to use and even required running a local node. We will skip this phase.

When it comes to the usable stage, self-custody becomes the preferred choice — after all, in a decentralized world, “default distrust” is the foundation for survival. Well-known products such as MetaMask, Phantom, Trust Wallet, OKX Wallet, and others are the leaders of this era.

From 2017 to 2022, the market experienced an explosion of public chains / L2. Although most chains still use Ethereum's EVM architecture, having a compatible and good tool is sufficient to meet the demand.

During this period, the core positioning of the wallet is “a good tool.” Although there are commercial prospects for traffic entry and DEX entry in the industry, safety, usability, and stability are the primary requirements.

However, from 2023 to 2025, the situation changed. Heterogeneous public chains such as Solana, Aptos, and BTC (the inscription era) completely occupied the user market. Although Sui itself is developing well, after the hacking incident, large funds have hesitated due to the drawbacks of excessive centralization.

Under the financing era driven by “fat protocols and thin applications,” despite the meager returns for VCs, the market landscape is indeed changing.

2.2 Phase Two: Multi-Chain Era (2022–2024)

In the face of a multi-chain landscape, even established players like MetaMask have to transform and start natively supporting Solana, BTC, and others. Top competitors like OKX Wallet and Phantom have implemented multi-chain compatible architectures early on.

The core indicator of multi-chain compatibility is how many chains are supported and where the transactions are initiated from — this means that the backend is doing a lot of work, while the client is only responsible for signing. From the user's perspective, it is whether they need to find their own RPC nodes to use the wallet.

Nowadays, multi-chain compatibility has almost become the standard. It is difficult to maintain a single chain for a long time because the hotspots of chains are constantly changing.

A typical case is the Keplr wallet, which focuses on the Cosmos ecosystem, but this track has never really taken off. Many application chains quickly built on Cosmos have gradually fallen silent after going live. As the barrier to building EVM L2 becomes lower and lower, the situation for single-chain wallets may ease, but the upper limit is still there.

After the basic tools are good enough to use, users begin to awaken commercial needs in their wallets!

True asset owners not only need to custody their assets but also actively drive them—finding the best yield opportunities and choosing interaction counterparts. However, users are also tormented by the complexity of interactions with various DApps and must constantly guard against phishing websites. Given this, why not directly use the built-in features of the wallet?

2.3 Business Competition Branch Period

The competition among various wallets has shifted to the business level, with typical examples being aggregation DEX and aggregation cross-chain bridges. Although Coinbase has explored integrating social features, this demand is overly superficial and has never gained much traction.

Returning to basic needs, what users need is to complete multi-chain asset transfers in one wallet entry. At this time, coverage, speed, and slippage become core competitive points.

The DEX field can also be further extended to derivatives trading: RWA (such as tokenized stocks), Perps (perpetual contracts), and prediction markets (which will be hot in the second half of 2025, especially with the World Cup being held in 2026). Parallel to DEX is the demand for DeFi yields.

After all, the on-chain APY will be higher than traditional finance:

Currency-based strategy: ETH staking approximately 4% APY, Solana staking + MEV approximately 8% APY (for details see the extensive research report: The Evolution of MEV on Solana and Its Pros and Cons), those who are more aggressive can participate in liquidity pools (LP) and cross-chain bridge LP (for details see: Super Intermediary or Business Genius? Looking at the Year After LayerZero's Transition from V1 to V2)

Stablecoin Strategy: Although the returns are relatively low, combining it with cyclical leverage operations can enhance APY. Therefore, by this year (2025), during the peak of business competition, the wallet infrastructure will once again undergo an upgrade. The reason is that the aforementioned transactions are too complex—it's not only the complexity of the transaction structure but also the complexity of the transaction lifecycle.

To achieve truly high returns, it is necessary to combine automated trading: dynamic rebalancing, timed limit orders (rather than just supporting market orders), dollar-cost averaging, stop-loss, and other advanced features. However, these features cannot be realized in the pure self-custody era. So, should it be completely “security first” or “profit first”? In fact, this is not a difficult problem, as the market inherently has different demands.

Just like the heyday of Telegram Bots, many players handed over their private keys in exchange for automated trading opportunities — the high-risk model of “if you're scared, don't play; if you play, don't be scared.” In contrast, large service providers must consider brand and reputation when developing wallets. So, is there a solution that can securely manage private keys while also relatively ensuring that service providers won't run away? Of course, there is! This has ushered in an upgrade of underlying custody technology this year.

3. Custody underlying technology upgrade period

Returning to the initial mention of the industry's underlying technology upgrades, let's analyze them one by one.

3.1 Farewell to the Era of Complete Self-Custody

First of all, the actions of pure wallet vendors like Metamask and Phantom are relatively lightweight, driven more by user experience, as social login only addresses user needs in scenarios such as cross-device access and recovery, not fully entering specific application layer tracks. However, their transformation actually marks a certain farewell to the era of complete self-custody. Self-custody has degrees of distinction, but no one can truly define what is complete and what is incomplete.

First of all, self-custody refers to the fact that the user's private key can only be stored on the user's device. However, this has posed many problems in the past. If the private key is stored encrypted locally and the device is compromised, there is a possibility of a breach, with the strength depending on the user's password. When synchronizing and backing up across devices, it must always be copied out, so the clipboard permissions of the operating system directly become a matter of life and death.

What is particularly memorable is that a certain wallet manufacturer set the page for copying private keys to only default paste the front part, requiring users to manually type in the remaining few digits. This directly led to a drop of over 90% in reported cases of private key theft during that time. Later, hackers learned from this and began to exhaustively brute force the remaining digits, effectively entering a new phase of confrontation.

After the Ethereum Prague upgrade, due to the high permissions of 7702, the signatures are very obscure, and there is a particularity that can even affect the entire chain, which has triggered high phishing risks like permit 2. Therefore, the root of self-custody still lies in the industry background where users cannot easily get used to fully controlling their assets.

After all, the private key is with the user, which is naturally not a problem. If an encrypted copy of the private key is kept on the server to prevent the user's local device from being lost, then assets could be completely lost in that dilemma. Can this still be considered self-custody? The answer given by Metamask and Phantom is yes, but at the same time, we must also prevent malicious acts from the service provider.

3.2 First, let's talk about Metamask

His approach is very simple. Users need to log into an email and set a password, which together form something called TOPRF (Threshold Oblivious Pseudorandom Function). This is used to encrypt the user's private key, and the encrypted private key can naturally be backed up.

Then this TOPRF is distributed through a typical SSS (Shamir Secret Sharing) algorithm. The social login service providers will obtain encrypted data through social verification and will also need to combine it with the user's password to fully decrypt.

So the security risks are not completely absent; after all, weak passwords + email hacking also pose risks. Moreover, if users forget their passwords, they will naturally be unable to recover them. However, the benefit is that it is more convenient, and the experience is basically consistent with web2.

3.3 Watching Phantom

The overall structure looks a bit complex when looking at the diagram, but essentially it is still backend storage with encrypted private keys, and sharding management is used for the encryption and decryption keys.

The difference from Little Fox is that the encryption key is divided into 2 parts, and it introduces another service provider called JuiceBox Network to store one of the parts. You must combine social login + pin (4 digits) to use its shard.

Overall, users only need to ensure that their email is not hacked and that they do not forget their PIN, so they can recover at any time. Of course, in extreme cases, if juiceBox and phantom conspire, they can also decrypt assets. However, at least the cost of the hacker's attack changes from a single point to multiple parties. Moreover, after all, juicebox is a network, and its security design will also share the burden among multiple validators.

It can be said that in terms of social recovery, these two companies have made certain compromises while adhering to their bottom lines. However, in suppressing user experience for the sake of low-probability events, the author believes this is a good change. After all, what the blockchain industry needs most is to embrace ordinary users, rather than forcing them all to become industry experts.

4. Using a trusted technology environment Tee for self-custody.

The previous social login can only solve recovery issues, but it cannot address the problem of automated trading. Therefore, each company has its own approach to this.

First, let me give you some background. Tee is an abbreviation for Trusted Execution Environments. It is essentially a type of server, but this server can ensure that its memory environment and execution process cannot be read or interfered with, even by the AWS service provider or the owner of the server. Additionally, once it starts running a program, it will publish a document called Attestation, which the party interacting with the Tee can use to verify whether this document is consistent with what it has publicly disclosed in an open-source manner.

Only when the program he runs conforms to the specified version of the open source will the two correspond, thereby proving its trustworthiness. This point has already seen a lot of applications in the industry: for example, the official cross-chain bridge of Avalanche uses SGX (a type of TEE) to run notarization validators; for instance, 40% of the Ethereum mainnet's blockchain transactions and block generation are completed through Buildr Net's underlying TEE; not to mention various financial institutions that strictly control and prevent insider risks have also basically introduced TEE. Major exchanges, under the regulatory background of compliance in 2025, have also invested heavily in TEE for cold and hot wallet signature custody.

Although there are many difficulties in using Tee, such as low machine performance (which can be overcome with money) and the risk of downtime (loss of memory information), as well as complex upgrades. The remaining question is how each exchange provider offers Tee services in the wallet?

4.1 Coinbase and Bitget's Solutions

At first, it is hard to imagine that an exchange like Coinbase, which is publicly listed and compliant in the US stock market, operates the most centralized version. Moreover, Bitget is also almost consistent in its logical structure.

In essence, it only uses Tee as a service for generating private keys and driving signatures, but how does Tee verify that this service is truly the user's intention? Coinbase is entirely based on user login, forwarding instructions to Tee after backend authentication, and then completing the transaction.

Bitget is similar; although there is little information, it currently appears that there is no process for displaying the signature page on the terminal, and then a new address is directly set with the eip-7702 address, thus enabling gas payment on behalf of the user. The advantages of this system can be said to include at least the private keys of user assets, which are indeed in the Tee, but whether the backend will insert other strange instructions is unverifiable and unfalsifiable.

But fortunately, there is evidence on the chain. Therefore, the author believes that platforms like Coinbase essentially add credibility to exchanges. After all, whether the private key is exported is certainly recorded, which can eliminate the risk of users committing fraud. The only risk is if the exchange itself commits fraud, which is actually consistent with the underlying model of user trust in CEX.

4.2 Bn and Okx

In comparison between the MPC and SA of these two companies, the underlying logic is actually the same. In terms of driving transactions, OKX will pop up a page for intent authorization signature. This, combined with the logic of verifying intent within the Tee, means that the level of user authorization is higher, but the overall cost of user understanding is also higher.

The MPC of Binance is actually more influenced by the existing technical system (in fact, MPC has quite limited capabilities for multi-chain expansion). After the introduction of Tee, users need to encrypt and transmit a shard from their local device to the Tee. On the other hand, OKX encrypts and transmits the user's own local mnemonic to the Tee.

As a user, you don't need to worry too much about the security risks here. Currently, the reliable communication between Tee and the client is very mature, theoretically completely eliminating man-in-the-middle attacks. After all, as long as you use the public key provided by Tee for asymmetric encryption, only the private key can decrypt it. There are also some differences in experiential details, such as mpc, how long the private key sent to Tee lasts, and how to renew it. These are engineering issues, so I won't elaborate on them.

Analyzing the design motivation, the main benefit of this design is still the migration cost, avoiding the cold start issue where users have to migrate assets to experience new advanced features. For example, cb's system focuses on the payment track, allowing traditional e-commerce service providers without local private key management experience to use APIs to call private keys for on-chain operations. Moreover, Binance's system is combined to be used in the Cedefi track, making it easier for users who usually look at K-lines to operate directly on similar pages to purchase on-chain assets, while ignoring issues like gas, slippage, multi-chain, etc.

5. Summary

How to evaluate the past 25 years and how to view the future? The author believes that this year is a silent year for wallets, but also a year of transformation. It hasn't made much noise, but it has been focused on significant developments. In today's multi-chain environment, simply having a useful tool is no longer enough to sustain a large-scale wallet team (along with its supporting infrastructure). It inevitably needs various value-added services to survive, and coincidentally, this year has also been an explosive year for applications, with the perps track undergoing a rebirth, and areas like rwa (stock direction), prediction markets, and payments all seeing simultaneous improvements.

The market is gradually shifting from fat memes to diverse Dex demands. Moreover, the meme phenomenon appears to dominate because transactions are too fast and the flow amounts are too high, making the market seem large; in reality, it's still the same group of people playing, with trends changing but little increase in users. Additionally, various Tee endorsements are boosting the reputation of each exchange's new custody systems.

Moreover, in the larger trend, AI will become increasingly powerful, and AI trading will too. Previously, wallets were only designed for humans, not for AI. Therefore, what I see is that next year there will be a more abundant explosion in applications, as the underlying technology has become more mature. There will definitely be a gap period in between, because this system is still a game played by major exchanges, and they are unlikely to easily open up external access like Coinbase did.

In addition, the funds of users playing Dex only meet the needs of a portion of users; there are a larger number of users who simply want to earn some stable income. Combining subsidies during promotional periods from various platforms and various airdrops, along with a certain APY, they will be very satisfied. Products in the Cedefi category that can yield on-chain returns will be the first landing point for many Cex users (to clarify, this mainly refers to Cedefi with independent addresses, as those with shared addresses like Bitget cannot benefit from this).

In the end, there have actually been quite a few improvements in cryptographic technology this year regarding passkeys. Although this article does not cover it, more and more public chains like Ethereum and Solana have gradually integrated the R1 curve (which is the default supported by devices for passkeys) through precompiled contracts. Therefore, wallets that incorporate passkeys are also a foreshadowing (although the recovery and cross-device synchronization are hard to manage), so there aren't many good applications yet. After all, any product that can streamline high-frequency demands will eventually have its place.