What are the hurdles to mainstream adoption? What if Argent disappeared? Why don’t I need a seed phrase?
Their incisive and insightful questions covered several vital areas: Security & decentralization; Privacy; DeFi; and more
We thought we’d share the highlights below. Here’s the full AMA.
Quick background on Argent
You can skip this if you know us already, but for those that don’t, here’s some context for the questions.
We’re a smart wallet with the ease of use and security of the best new bank apps — without the bank. Only you (not us, not anyone else) can access your assets. You can earn interest with Maker and Compound in a tap; and enjoy peace of mind by locking and unlocking, recovering without a seed phrase, and setting a daily transfer limit.
Our security model is based on ‘Guardians’. A Guardian can be any other Ethereum account (your hardware wallet, or a friend, for example). They help you with specific security actions (like recovery) but never have access to your funds.
Now, on to the questions.
Let’s start with the toughest. They get to the heart of why we exist.
Security & Decentralization 🔒
What if Argent disappeared? Or Apple kicked you off the App store?
We’ve built Argent to be fully non-custodial and censorship resistant. The ultimate test of this is being able to disappear completely without any loss of assets to users. This is a crucial contrast with centralized wallets/exchanges.
We cover the two possible scenarios:
- If our App is removed from the Appstore: This does not impact existing users as the App would still be on your phone and you can keep using it. See other question in the AMA
- The extreme scenario where Argent, the company, suddenly disappears, including our infrastructure: We have built the Argent Emergency Kit just for that. You can sign a transaction on your phone but submit it to the blockchain through any other wallet such as MEW or Metamask. The emergency kit is live on iOS, and should be ready next month latest on Android.
What if a dictatorship comes after you?
We’ve put ourselves in a position where we cannot harm users. How?
- We’re non-custodial: we can’t take users’ funds even if we were taken over by a malicious actor
- We’re censorship resistant: users can move their funds even if our infrastructure is taken down.
- We limit the data we hold on users (email and phone only), which is why we plan to enable wallets to be created without a phone number, we target this for Q2 latest. The email will stay but it’s very easy for users to create new private emails with service such as protonmail.
What parts of Argent are centralized now?
The main component of the Argent wallet that is centralized is the relayer. However, the relayer is fully non-custodial as it cannot tamper with a transaction and we make it possible to not use the relayer through the Argent Emergency Kit. To further decentralise the relayer we are considering options such as connecting to the Gas Station Network.
We also have a centralised backend but its only purpose is to orchestrate certain flows between users and improve the user experience. However, by design the clients do not need to trust the backend, and all these flows can be achieved by interacting with the blockchain directly.
The Argent Guard Service can also be considered centralized but it’s not part of the wallet. It’s just a service that we offer to people for convenience and they can easily opt out. The overall Guardian model is fully decentralized since any Ethereum account can act as a guardian.
Should the Parity hack affect my view of all smart contract wallets?
The Parity hack was less of a problem with working with smart contracts in general than it was for issues specific to how they approached it, perhaps due to the fact that a wallet wasn’t their core product. While it won’t comfort those affected, it did act as a serious wake-up call to all the smart contract-based projects founded in the three years since — not just wallets.
In our case, for example, we only push to production code that has been reviewed and tested internally AND audited by external auditors. There is no exception to that rule.
Wallets based on smart contracts are no different than wallets based on client software running in your web client or firmware running in your hardware wallet. In the end they are all software/firmware manipulating financial assets and they need to be the result of the best development standards and processes. At least with smart contracts the code is public and available for everyone to inspect.
Has Argent been audited?
Yes, all our smart contracts go through external audits before we deploy them on mainnet. You can find the audit reports here.
On top of that we run a bug bounty program, and our smart contracts are public and open-source to ensure maximum scrutiny.
How and where is the seed generated, stored? how is the seed restored by a Guardian (technically)?
The seed (in our case the private key) is generated and stored locally on your phone. By design it never leaves your phone. On your phone it is encrypted with (a slow hash of) your PIN and if available the Secure Enclave, then stored in the local Keychain (the most secure element of you phone).
Since the private key never leaves the phone it cannot be restored by your Guardians. But what your Guardians can do is collectively define a new private key as the legitimate owner of your wallet. This is only possible because Argent is a smart-contract wallet.
What data do you collect on me?
There are 3 categories of data:
- Blockchain-related data: All blockchain data is public so we have access to the same information than you’d have on Etherscan
- Personal data: we only store your email and phone number, we do not have other personal information. If you go through KYC for fiat to crypto on-ramp in Argent, it’s always done through 3rd parties, and they are the only ones seeing that data. We will soon make phone numbers optional.
- App usage data: we use Amplitude for typical app metrics such as new downloads, on-boarding funnels (i.e. where do users drop in the process), % of users using Wallet Connect etc. Data in Amplitude is anonymized, we do not send any personal information (no email, no phone, no ens, no 0x address, etc…)
Why do you need a phone number when creating a wallet?
We wanted to prevent mass wallet creation without the need for you to prepay for gas. We’re now able to upgrade our wallet creation flow in a way that will remove the risks associated with this by leveraging the new Create2 EVM opcode.
Shortly after this we’ll allow wallet creation without a phone. The exact date is not confirmed but April would be my current estimate.
What are the biggest hurdles to mainstream adoption?
Conflicting with what many people in the space say, I don’t believe UX or scalability is the issue. Argent is getting close to the UX of Revolut, Monzo or Robinhood; and we’ll get to, or surpass, that level of simplicity very soon.
I actually think crypto isn’t yet bringing enough value to most people. As we often say internally, my dad/mom could use Argent, but they have no reason to. The path to mass adoption will come from gradually providing value to pockets of users; there is no magical switch to flip. There are hundreds of thousands of passionate developers working on this and and I’m confident we’ll get there.
How can Argent cover gas?
We use meta-transactions which allows us to pay for gas. In case anyone would like a quick explainer of meta-transactions, they’re similar to regular transactions but we add a relayer. With this you authorise a transaction and this information is sent to a relayer that pays the transaction and sends it to the destination. This means you don’t need assets to pay the fees.
The cost of this is not a significant at all compared to all our other costs (infrastructure, salaries, etc…).
As we add more functionalities to Argent, the cost will increase so we’re likely to introduce a fair use policy (i.e. a max amount per user per month). We are also believers that as Ethereum scales gas cost should decrease.
DeFi and roadmap 💸
When are you adding Maker Vaults?
We’re aiming for around Q2 of this year. The smart-contract integration is complete but awaiting external audit. When that is done we’ll start the integration in the iOS and Android clients.
Fiat on and off-ramps
For onramp we use Moonpay and Wyre. We’re exploring the best options for off-ramps at the moment.
TokenSets and Pool Together?
We’re on it!