a16z: Hosting is the weak link between Web2 and Web3

Author: Mahesh Vellanki, Managing Partner at SuperLayer, Co-founder of Rally and Forte

Original Title: “The Missing Link Between Web2 and Web3: Custody”

Compiled by: DoraFactory

Cryptocurrency faces a major barrier to mainstream adoption: the user journey is complex and not yet established, making it difficult or unintuitive for newcomers to do the simplest things—like having complete control over their digital assets.

Of course, users are not required to have complete control over their assets to invest in cryptocurrency. Centralized exchanges like Coinbase have demonstrated the effectiveness of a "custodial" model in cryptocurrency trading, where people store their assets with a custodian who protects and tracks them. The key advantage of this model is convenience. Anyone can relatively easily use the Coinbase app or other exchanges to buy cryptocurrency without needing to write down a "seed phrase," a string of words that constitutes the "private key" controlling access to their assets. In this way, users can buy and sell various cryptocurrencies, exchange them for other cryptocurrencies, use their assets for purchases and payments, and quickly buy NFTs.

However, venturing further into the broader, fully decentralized, interoperable applications and networks of the web3 ecosystem—not just exchanges, but also games, tokenized social networks, fan engagement communities, and other rich user experiences—largely cannot be accessed through custodians. This web3 experience requires users to send their cryptocurrencies to non-custodial wallets, where no one holds the private keys except the users, and there are no restrictions on the types of transactions that can be completed.

In fact, this is the most exciting part of cryptocurrency, and it’s where we see so many first-time users drop off. Web3 products cannot expect users to leap immediately from familiar centralized experiences into deep decentralization. The future of the mass-market cryptocurrency experience lies in providing applications that offer familiar custodial experiences while being able to upgrade to non-custodial experiences.

This article will outline some ways developers can consider introducing users to the cryptocurrency journey while leveraging some familiar Web2 structures, helping these users understand the potential of web3 before handing over the keys to their assets—ultimately making their products more widely adopted.

Framework for Helping Users Complete Their Journey

Tokens and NFTs are already unfamiliar to many, and there is a theoretical limit to how willing the average person is to explore new experiences. In a purely non-custodial environment, most people will glance at the screen prompting them to write down a 24-word "seed phrase" (a randomly generated phrase that constitutes their "private key" or password) and make the decision that "this isn’t worth it."

If the goal is to onboard first-time cryptocurrency users, then the experience must be custodial—at least at the beginning.

This diagram shows the pathway to broader adoption of the complete web3 experience—and the simplified user journey required for people to comfortably transition from custodial systems to non-custodial systems.

Below, we will delve into each of these steps in more detail, why they are important, and how they mutually reinforce each other to foster confidence and excitement around emerging web3 activities.

Step 1: Seamlessly onboard first-time cryptocurrency users through familiar Web2 structures (e.g., logging in with your email address). Many existing web3 applications invite users to log in by connecting their wallets.

This may become the default option for many applications in the future—wallet logins are very convenient and secure. However, first-time cryptocurrency users may feel confused, overwhelmed, or even skeptical if they don’t recognize what they are looking at. For many first-time cryptocurrency users without wallets, traditional login methods are the only option they are willing to use when trying new applications.

This is a particularly important step in the user journey for creators who are increasingly seeking to use web3 technology to create new forms of fan engagement. Fans who support artists early in their careers may receive benefits such as access, recognition, and allowances from creators. (The design space here is virtually limitless, and the wave of innovation and experimentation is just beginning).

However, most fans will not be cryptocurrency natives, and the demands of requiring them to obtain hardware wallets and create secure systems are too high. Fans should be able to register, pull out their credit cards, purchase tokens from their favorite creators, and see them in their accounts—it must be intuitive, reflecting the familiar web2 experience to visualize the entire user journey. No cryptocurrency wallets, key management, "gas" (transaction) fees, congested transactions, or any other foreign user experiences.

In this way, creators can establish a shared digital economy with fans that they can use anywhere on the internet, but the onboarding process should not intimidate or burden fans.

Step 2: Provide options for users to start engaging with the product in a simple, fully custodial experience. For experienced cryptocurrency users, managing private keys or seed phrases is part of daily life, but most first-time cryptocurrency users will immediately abandon the experience when they see such information. "These 12 words are the only way to recover your account. Keep them safe and secret: exhaust turtle silly pretty fog midnight enact throw journey nephew animal reward. Write this down."

Rather than welcoming users with this experience, it’s better to set them up with a familiar experience and then offer them non-custodial options further along the user journey. Their initial registration process should look more like: register, create a username/password, agree to terms, and start buying cryptocurrency. Then once they are in the app and making transactions, they should have the option to self-custody and enter the broader web3 ecosystem.

Some projects have attempted other solutions, such as embeddable iFrames that store users' seed phrases through their Google Drive. This is an enticing solution—super simple for users, requiring no writing down of their seed phrases. However, the crypto community quickly pointed out that this creates dangerous user habits, failing to adequately educate users about the risks they face and making their Google accounts targets for hackers. Instead of taking half-measures, it’s better to keep users in a clean experience: starting from the custodial experience they are used to, then helping them upgrade to full self-custody when they are ready.

Step 3: Educate users outside of the product and platform. This is especially important when it comes to security issues—most users don’t even use current best practices (like password managers, 2FA, etc.) in Web2 applications and products. Introducing new experiences requires more education. Metamask does a great job of providing users with the content they need to stay safe.

As wallets build more "first-time cryptocurrency user" features, we can expect to see wallets incorporate this education and content directly into their products.

Step 4: Create pathways to web3 wallets. Once previously unfamiliar users with cryptocurrency are onboarded, web3 products can strive to guide them along the path to self-custody. An accessible web3 product must ensure that users can exit the system, such as converting their assets into other forms of currency or taking them out of a specific ecosystem and into the broader web3 world.

As users become more familiar, they should find it easier to seamlessly participate in the creator economy rather than being tied to a specific platform. For example, Coinbase allows users to easily transfer their assets to a non-custodial wallet. This means they can register, try buying cryptocurrency, and then send their assets to a web3 wallet to interact with the entire ecosystem of applications.

In the social token community Rally, which I co-founded, users can freely convert creator tokens into the community's native token $RLY, which they can then transfer to an ERC-20 (Ethereum-compatible) wallet, allowing them to convert it into any cryptocurrency or interact with other communities (although creator social tokens themselves are currently fully custodial, the era of transferring tokens out is coming).

The key to educating non-cryptocurrency native users is to create an experience that allows fans to easily get started and engage with high-functioning product experiences around social tokens while still retaining the flexibility to trade assets, monetize, and extract value as needed.

Of course, different consumer products require different approaches. For Rally, we have built on a sidechain, so starting with a custodial approach makes sense. Just as we envision a gradual decentralization for the RLY ecosystem, the best approach for Rally is to start by providing familiar experiences for end users and gradually build out mainnet and self-custody capabilities over time. But other products may make different decisions; for example, decentralized exchanges, daily fantasy sports, or hardcore games catering to high-spending users may be better suited to adopt non-custodial experiences from the start. The complexity of these user groups and the increased demand for distrust suggest that a non-custodial user journey should be in place from the beginning.

Custodial experiences mean infrastructure requirements

Of course, building applications for custodial assets also comes with its own obstacles and challenges—namely, compliance and security. Allowing users to transfer from custodial wallets to non-custodial wallets means that Know Your Customer (KYC) and Anti-Money Laundering (AML) checks will be unavoidable. Additionally, with custodial assets, you also take on the associated risks of keeping those assets safe on behalf of your users when faced with some very sophisticated attackers.

Currently, cryptocurrency companies largely rely on themselves to do this. You either build and manage the infrastructure yourself or find one of a few trusted partners. This is no small task for Rally—it’s doable, but not straightforward or cheap. A simple fact is that when it comes to compliance, there really are no prescriptive guidelines, as many factors determine a cryptocurrency project’s compliance strategy: What growth stage is the company in? In which jurisdictions does it operate? What is the risk tolerance level of the leadership?

A great example of how two different approaches can work is Coinbase and FTX. Coinbase has always been U.S.-based and has taken a cautious approach to regulation, investing heavily in compliance. On the other hand, FTX mitigated risk by launching first outside the U.S. and growing the company internationally. Both approaches have proven successful among users.

In fact, we are currently seeing a new wave of cryptocurrency adoption coming from emerging markets that were previously overlooked by web2 companies, which could not monetize their advertising models in those regions. Non-custodial experiences make it genuinely easier to enter emerging markets, as applications are not responsible for compliance. On the other hand, custodial experiences involve a thoughtful approach to enable those users to navigate unique payment providers. For example, credit cards are often declined in these regions; however, there are often "non-traditional" avenues, such as buying cryptocurrency with cash at 7/11 stores. Even how and where you establish your company can affect what kind of custodial experience you can offer.

But as large web2 social and financial platforms like Facebook, Twitter, Square, and PayPal begin to further push into cryptocurrency and require more services, the ecosystem will rapidly evolve, and finding reliable and affordable partners will become easier.

Growing Demand for Web3 Access

We are closer to this evolution toward web3 than many realize. It can be argued that within five years, more than half of the large web2 platforms will initiate some form of embrace of web3 initiatives, likely considering many of the user experience principles mentioned above.

There is undoubtedly a pent-up demand, and it will only grow. When Robinhood announced it would immediately launch its cryptocurrency wallet at the September Messari Mainnet conference, everyone expected a significant reaction. After all, a standalone cryptocurrency wallet is one of the most needed features for the company. This would allow Robinhood users to send their tokens to any address they wish.

However, even the most optimistic about cryptocurrency may not have anticipated how enthusiastic users would be about Robinhood's wallet. The company’s co-founder Vlad Tenev stated at the CNBC conference that the number of names on the waitlist far exceeded one million, and this was for a feature that would launch sometime in the next quarter.

The tremendous interest in the Robinhood wallet hints at other situations within the cryptocurrency portfolio. After all, users already have a smooth, fun, and secure trading environment for coins within the Robinhood app. Why are so many eager to have a wallet so they can send tokens out? It’s clear that people want to move their cryptocurrencies, engage with other cryptocurrency protocols, and store their assets in different ways.

As more applications strive to meet user needs and guide them into new experiences, and as cryptocurrency infrastructure becomes cheaper and easier for projects to use, the path to the next iteration of the internet will become increasingly clear.