Once upon a time, the Internet, or World-Wide-Web, provided mostly one-way communication. Content producers published information on their own websites, and users consumed it as they “surfed the web.”
The Internet we experience today is known as Web2 (or 2.0). It consists of user-generated content, aggregation platforms, and abundant two-way interaction. Despite the contribution of end-users toward the outcomes service providers enjoy, there is asymmetry between the tech giants who control publishing tools, marketplaces and data, and those who fuel it.
Web3 is the name given to the next iteration of the Internet—one built on blockchain technology. It intends to create symmetry by removing centralised control, and balancing the distribution of rewards based on value-add participation. The inherent decentralisation of Distributed Ledger Technology (DLT), along with paradigm shifts in identity management, access and authorisation, help create such symmetrical conditions. Conditions in which service providers must play by new rules, with greater expectations around privacy, ownership and control.
Product design for this, “third web” presents many exciting opportunities for product development and improved user experiences. Such opportunities and improvements, however, will require designers to consider usability in this new Web3 context. This includes understanding core concepts, such as; network access, self-custody, privacy preservation, fee payments, decentralised data sources and disaster recovery.
Network access and accounts
On a blockchain network, like Bitcoin or Ethereum, users don't need to sign-up with individual services but rather get an account on the network itself.
An account is made up of a public/private key pair. The private key is kept secret, and serves to prove ownership of the account. The public key instead provides the user with an address on the network, similar to this 42-character example:
0xb794f5ea0ba39494ce839613fffba74279579268
The address is associated with every action the user takes on the network, and subsequently recorded on the immutable ledger.
An account is typically created by setting up a wallet compatible with the given network the user wants to join.
Self-custodial wallets
Custody refers to the ownership of assets on a blockchain by way of holding the private key. Wallets which enable self-custody are those that ensure the user holds the private key for the account.
Some services (such as exchanges) may offer users a wallet service which provides public keys, while maintaining control of the private keys. This has led to the saying, “not your private key, not your crypto.” The distinction is important for designers to keep in mind.
Self-custodial wallets come in many different forms. Hardware wallets, also known as, “cold wallets” are used predominately for secure, offline storage. They require physical connections from the device to a computer or phone to interface with. Due to the focus on security, the experience has some friction.
Cold wallets provide added security, but interfacing with them can be less user-friendly.
“Hot wallets”, on the other hand, are software based, such as web-browser extensions or stand-alone mobile apps. Hot wallets can be less secure because they remain connected to the Internet, but this makes them more user-friendly when frequent network interaction is required.
Hot wallets are quicker to access, and more convenient for heavy usage.
Users may utilise a mix of hot and cold wallets along with different accounts. This is no different to how one might use one bank account for daily transactions, while keeping the bulk of their income in a more secure, savings account.
Once a user has set up an account, their wallet allows them to manage the native network currency, and other assets held at their public address. The wallet becomes their gateway to interact on the network through decentralised applications.
Decentralised applications, and cross-device interaction
Decentralised applications (dApps) are the websites of Web3. Unlike Web2 applications, they don't need a central data store. They are built atop the blockchain which is the single source of truth. DApps can draw information from the ledger as needed, and submit updates as users interact.
User self-custody—by way of a wallet—fundamentally changes how we design for access, authentication, and authorisation. When interacting with such decentralised websites, users don't necessarily need to log in, but rather “connect” their account via a compatible wallet.
Connections between devices could be a friction point, so designers must consider the patterns they leverage to streamline the process and handle edge-cases. QR codes, for example, have become a useful tool for facilitating the transition between devices, or establishing shared sessions. Using native camera functions to read the information in a QR code and launch secure end-points is simple and convenient. Walletconnect, is a popular software development kit for enabling dApps to integrate with most wallets securely.
Offering a QR code on a dApp can streamline wallet connectivity.
Once connected, records from the blockchain associated with the user's account can be retrieved, and assets or credentials they hold in their wallet can be used as they interact during the session.
The wallet remains central to the experience because authorising actions, such as payments will need to be “signed” by the user on the wallet side.
Cross-device interaction is not exclusive to Web3, but it is fundamental to Web3 experiences. Prompts, errors, and notifications, therefore, need to be considered, not just across a single touch-point, but also across the devices being used synchronously.
Synchronous cross-device interaction will be the norm in Web3 experiences.
Self-custody, privacy and security
Privacy is paramount to Web3 user experiences because blockchain records are, generally speaking, public. With that in mind, nothing sensitive should live on-chain. Personally Identifiable Information (PII) and other forms of sensitive data should therefore remain in user custody.
New technologies and standards have emerged which give users more control over their personal data. Standards such as Verifiable Credentials, and concepts like Zero-Knowledge Proofs (zkProofs) will become table stakes in Web3. They will have drastic impacts on the way users provide information about themselves.
Verifiable Credentials leverage a governance framework of trust between the user, the institute that vouches for them, and any service provider who requires some eligibility criteria be met. They provide the flexibility to share only what is necessary to prove their eligibility for products and services. Via zkProofs, revealing personal details like birthdates isn't required because verifiers can query data against conditions, like, “was born before 1 Jan, 1980” to determine age eligibility.
New technologies can maximise user privacy while fulfilling eligibility checks.
Verifiable Credentials therefore maximise privacy and security, ensuring service providers are not in a position to hoard customer PII unnecessarily.
To extend security in experiences, designers can confirm actions are intended by taking advantage of a mobile device's native features. Leveraging biometrics, for instance, can add another layer of assurance without adding excessive friction.
Leveraging the user's device security can make authorisation feel familiar.
Transaction fees
To sustain a decentralised network, the cost of computing power to verify actions needs to be covered. Referred to as “gas fees”, they are used to reward key participants, such as node operators or miners.
It's important to note that not all transactions on a network are payments. Updating information on-chain or executing smart contracts, for example, may also require gas fee payments.
When a user is transferring funds, they will need to cover the gas fee in addition to the fund, much like a credit card processing fee. It is, however, also possible for service providers to cover the fees in certain contexts.
From a design point-of-view, it's important to consider how this information is presented to users, how balances and totals are described and how crypto-native language might be translated into equivalent mainstream terminology.
Account and wallet recovery
As Uncle Ben might say, “with the great user empowerment, comes great responsibility.” On a blockchain network, everything is stored on-chain, and the private key is what determines ownership. A centralised service provider therefore can't help users reclaim their account or assets because the service provider doesn't hold them.
Account recovery and wallet restoration is therefore a pivotal experience designers need to consider. Traditionally, wallet recovery experiences have used a 24-word mnemonic “seed” phrase, given to the user while they set up a new wallet. Like so;
install eternal private name flash inmate toward cattle brand amateur hat advance sunset shadow easily filter demise grief reform tuition focus track decline color
This seed phrase can later reconstitute their private key, thus restoring the wallet in the event of an emergency. Writing down such a long phrase on a piece of paper and sticking it in a locked box is good for security, but equally anxiety inducing. We've spent years educated users that losing passwords isn't really a problem by providing basic “forgot password” flows. This won't cut it in Web3.
With stakes being so high, different options are available for offering account recovery when designing a wallet. A guardianship modal, for example, allows users to federate private key recovery through trusted parties (or other devices they own), which are nominated during wallet on-boarding. If the time comes, the guardians can vouch for the owners legitimacy before the wallet is restored.
Guardianship allows users to nominate other users or backup devices to restore their lost or damaged wallets.
Different contexts will need different considerations when it comes to account recovery. Education, guidance and reassurance will be important, and the ease-of-use will need to be balanced with security.
So, what now?
For all its complex cryptography and financial implications, blockchain technology is offering new ways of thinking about digital interactions. At its core is user empowerment, and that forces service providers to rethink how they design experiences.
Designers may already be familiar with the user interface examples above, and using them in centralised systems. In Web3, however, the very nature of DLT, the public nature of records, and the security implications of self-custody make these concepts standard, rather than extras.
Interacting with immutable blockchains can be daunting, especially when transferring large amounts of value between public addresses. Designers can make experiences more forgiving by ensuring important information is obvious and accessible, while making necessary technicalities invisible.
The technology is proven, but the key to Web3 adoption remains solid use-cases with powerful experiences. Right now, it's on designers to understand the technology, and as always, make it useful AND usable.