Brief history of blockchain wallets and the market landscape in 2025

Dec 21, 2025 12:32:47

Share to

1. Introduction

In the blink of an eye, I have been working in the wallet sector for 4 years. Many believe that the wallet space will be solidified by 2025, but this is not the case — it is currently undergoing significant changes. This year:

· Coinbase has released a new CDP wallet, built on TEE technology;

· Binance's MPC wallet has introduced key sharding custody in a TEE environment;

· Bitget just launched a social login feature last week, managed by TEE;

· OKX Wallet has introduced TEE-based smart account features;

· MetaMask and Phantom have introduced social login, which essentially involves encrypted key sharding storage.

Although there haven't been any standout new players this year, existing players have undergone dramatic changes in ecological positioning and underlying technical architecture.

This transformation stems from significant changes in the upstream ecosystem.

As BTC and the inscription ecosystem have receded, many wallets have begun to reposition themselves as "gateways" to accommodate emerging sectors such as Perps (perpetual contracts), RWA (real-world assets), and CeDeFi (a combination of centralized and decentralized finance).

This shift has been brewing for years. Follow this article as we delve into the flowers blooming in the shadows and their impact on future users.

2. A Review of the Development Stages of Wallets

Wallets are a rare necessity in the blockchain industry and are among the first entry-level applications to break the ten million user mark, aside from public chains.

2.1 First Stage: Single-Chain Era (2009--2022)

In the early days of the industry (2009--2017), wallets were extremely difficult to use, often requiring local node operation. We will skip this phase.

By the time usability improved, self-custody became the preferred choice — after all, in a decentralized world, "default distrust" is the foundation of survival. Well-known products like MetaMask, Phantom, Trust Wallet, and OKX Wallet emerged as leaders during this period.

From 2017 to 2022, the market experienced an explosion of public chains and L2s. Although most chains still used Ethereum's EVM architecture, creating a compatible tool was sufficient to meet demand.

During this period, the core positioning of wallets was as "good tools." While there were commercial prospects for traffic gateways and DEX gateways, security, usability, and stability were the primary requirements.

However, from 2023 to 2025, the situation changed. Heterogeneous public chains like Solana, Aptos, and BTC (during the inscription period) completely captured the user market. Although Sui itself developed well, large funds hesitated due to the drawbacks of excessive centralization following hacking incidents.

Driven by the financing era of "fat protocols, thin applications," although VCs saw little return, the market landscape was indeed changing.

2.2 Second Stage: Multi-Chain Era (2022--2024)

Faced with a multi-chain landscape, even established players like MetaMask had to adapt, starting to support Solana, BTC, and others. Leading players like OKX Wallet and Phantom achieved multi-chain compatibility early on.

The core indicator of whether a wallet is multi-chain compatible is how many chains it supports and where transactions originate — this indicates that the backend is doing a lot of work, while the client only handles signing. From the user's perspective, it is whether they need to find RPC nodes themselves to use the wallet.

Today, multi-chain compatibility has almost become standard. Long-term adherence to a single chain is likely unsustainable, as the hotspots of chains continue to change.

A typical case is the Keplr wallet, which focuses on the Cosmos ecosystem, but this sector has never really taken off. Many application chains quickly built on Cosmos have gradually fallen silent after launch. As the barriers to building EVM L2s decrease, the situation for single-chain wallets may ease, but their potential is limited.

Once the basic tools are sufficiently usable, users begin to awaken their commercial needs within wallets!

True asset owners not only want to custody their assets but also actively drive them — seeking the best yield opportunities and choosing interaction partners. However, users are often overwhelmed by the complexity of interacting with various DApps and must constantly guard against phishing sites. Given this, why not directly use the built-in features of the wallet?

2.3 Business Competition Branching Period

The competition among wallets has shifted to the business level, with a focus on aggregating DEXs and cross-chain bridges. Although Coinbase explored integrating social features, this demand proved to be somewhat superficial and has remained lukewarm.

Returning to the essentials, users need to complete multi-chain asset transfers through a single wallet entry. At this point, coverage, speed, and slippage become core competitive points.

The DEX field can further extend to derivatives trading: RWA (e.g., tokenized stocks), Perps (perpetual contracts), and prediction markets (which will be hot in the second half of 2025, especially with the World Cup in 2026). Alongside DEXs is the demand for DeFi yields.

After all, on-chain APY is higher than traditional finance:

Coin-based strategy: ETH staking yields about 4% APY, while Solana staking + MEV yields about 8% APY (for details, see the extensive report: The Evolution and Controversies of MEV on Solana). More aggressive users can participate in liquidity pools (LPs) and cross-chain bridge LPs (for details, see: Super Intermediary or Business Genius? A Look at LayerZero's Transition from V1 to V2 This Year).

Stablecoin strategy: Although yields are relatively low, combining cyclical leverage can enhance APY. Thus, by this year (2025), during the peak of business competition, wallet infrastructure will undergo another upgrade. The reason is that the aforementioned transactions are too complex — not only in terms of transaction structure but also in the complexity of the transaction lifecycle.

To achieve truly high yields, automated trading must be integrated: dynamic rebalancing, timed limit orders (rather than just supporting market orders), dollar-cost averaging, stop-loss features, etc. However, these functionalities cannot be realized in a purely self-custody era. So, should we prioritize "security above all" or "profit above all"? It's not a difficult question, as the market inherently has different demands.

Just like during the era of Telegram Bots, many players handed over their private keys for the chance of automated trading — "If you're afraid, don't play; if you play, don't be afraid" is a high-risk model. In contrast, large service providers must consider brand and reputation when creating wallets. Is there a solution that can securely custody private keys while also ensuring that service providers do not run away? Certainly! This brings us to this year's upgrade in underlying custody technology.

3. Upgrade of Custody Underlying Technology

Returning to the industry's underlying technology upgrade mentioned at the beginning, let's analyze each aspect.

3.1 Farewell to the Complete Self-Custody Era

First, the actions of pure wallet providers like Metamask and Phantom are relatively lightweight, driven more by user experience, as social login only addresses user needs for cross-device access and recovery, rather than fully entering specific application layers. However, their transition does mark a certain departure from the complete self-custody era. Self-custody has varying degrees, but no one can truly define what is complete and what is incomplete.

Self-custody itself means that a user's private key can only be stored on the user's device. However, this has already posed many problems in the past. If a locally encrypted private key is stored and the device is compromised, there is a possibility of being cracked, with the strength relying on the user's password. During cross-device synchronization and backup, it must be copied out, making the operating system's clipboard permissions a critical vulnerability.

I vividly remember a wallet provider that only allowed the first part of the private key to be pasted by default on the copy private key page, requiring users to manually type in the remaining digits, which led to a more than 90% drop in reported private key theft cases during that period. Later, hackers learned from this and began to brute-force the remaining digits, leading to a new phase of confrontation.

After the Ethereum Prague upgrade, due to the high permissions of 7702, signatures became very obscure, even having a special impact on the entire chain, which triggered high phishing risks like permit 2. Therefore, the issue of self-custody fundamentally lies in the fact that users cannot easily adapt to completely controlling their assets in this industry context.

After all, if the private key is with the user, there is naturally no problem. If an encrypted copy of the private key is kept on the server to prevent the complete loss of assets if the user's local device is lost, can this still be considered self-custody? Metamask and Phantom's answer is yes, but they must also prevent malicious actions from service providers.

3.2 Let's Talk About Metamask

Their approach is quite simple: users must log in with an email and set a password, which together form something called TOPRF (Threshold Oblivious Pseudorandom Function). This is used to encrypt the user's private key, which can then be backed up.

Then this TOPRF is distributed in shards using a typical SSS (Shamir Secret Sharing) algorithm. The social login service providers will obtain the encrypted data through social verification and must combine it with the user's password to fully decrypt it.

So, the security risk is not completely absent; after all, weak passwords and email account theft also pose risks, and if users forget their passwords, they cannot recover their keys. However, the benefit is increased convenience, and the experience is largely consistent with web2.

3.3 Now Looking at Phantom

From the diagram, the overall architecture is somewhat more complex, but essentially it still involves backend storage of encrypted private keys, with shard management for encryption and decryption keys.

The difference from the little fox is that the key used for encryption is divided into two parts, with one part stored by another service called JuiceBox, requiring both social login and a 4-digit PIN to use its shard.

Overall, as long as the user's email is not stolen and they do not forget their PIN, they can recover their assets at any time. Of course, in extreme cases, if JuiceBox and Phantom collude, they could also decrypt the assets, but at least the cost of hacking attacks shifts from a single point to multiple parties. Moreover, since JuiceBox is a network, its security design will also distribute the risk across multiple validators.

It can be said that in terms of social recovery, these two companies have made certain compromises while adhering to the bottom line, but to suppress user experience for the sake of low-probability events is, in my opinion, a positive shift. After all, what the blockchain industry needs most is to embrace ordinary users, rather than forcing them to become industry experts.

4. Self-Custody Using Trusted Execution Environment (TEE)

The previous social login can only solve recovery issues but cannot address automated trading needs. Each company has a slightly different approach to this.

First, a bit of background: TEE stands for Trusted Execution Environments, which is essentially a type of server that ensures its memory environment and operational processes cannot be read or interfered with, even by AWS service providers or the server's owners. Once it starts running a program, it will publish a document called Attestation, which parties interacting with the TEE can verify against the open-source version.

Only when the program running matches the specified open-source version can the two correspond, thus proving trustworthiness. This concept has already seen many applications in the industry: for example, Avalanche's official cross-chain bridge uses SGX (a type of TEE) to run notarization validators; on the Ethereum mainnet, 40% of the blockchain transactions are completed using TEE through Buildr Net; not to mention various financial institutions that strictly control and prevent insider risks, which have also basically adopted TEE. Major exchanges are also investing heavily in TEE for cold and hot wallet signature custody in the context of compliance in 2025.

Although there are challenges in using TEE, such as lower machine performance (which can be mitigated with money) and the risk of downtime (which can lead to loss of memory information), the remaining question is how various exchanges provide TEE services in wallets.

4.1 Coinbase and Bitget's Solutions

At first glance, it is hard to imagine that a publicly traded compliant exchange like Coinbase is actually using the most centralized version. Bitget's logical architecture is almost identical.

Essentially, it just uses TEE to generate private keys and drive signing services, but how does TEE verify that this service is truly the user's intention? Coinbase relies entirely on user login, forwarding commands to TEE after backend authentication, and then completing the transaction.

Bitget operates similarly; although there is little information available, it appears that there is no visible signing page process on the client side, and it directly sets a new address with an EIP-7702 address, thus enabling gas fee payment. The advantage of this setup is that at least the user's asset private key is indeed within TEE, but whether the backend will insert other strange commands remains unverifiable.

Fortunately, there is evidence on-chain. Therefore, I believe that exchanges like Coinbase essentially add credibility to their operations, as there will be records of whether private keys are exported, which can eliminate the risk of users committing fraud. The only risk is if the exchange itself acts maliciously, which aligns with the underlying model of user trust in CEXs.

4.2 Binance and OKX

Comparing the MPC and SA of these two companies, the underlying logic is essentially the same. In driving transactions, OKX will pop up a set of intent authorization signing pages, which, combined with the logic of verifying intent within TEE, allows for a higher degree of user authorization, but also increases the user's understanding cost.

Binance's MPC, on the other hand, is more influenced by its existing technical framework (MPC has limitations in multi-chain expansion). After introducing TEE, users need to encrypt and transmit a shard from their local device to TEE. OKX's approach involves encrypting the user's local mnemonic phrase and transmitting it to TEE.

As a user, there is no need to worry too much about security risks here; the reliable communication between TEE and the client is very mature, theoretically completely eliminating man-in-the-middle attacks. After all, as long as asymmetric encryption is done using TEE's public key, only the private key can decrypt it. There are also some differences in user experience details, such as how long MPC and private keys remain in TEE and how they are renewed. These are engineering issues and will not be elaborated on.

Analyzing the design motivations, the benefits of this design primarily lie in migration costs, avoiding the cold start problem where users must migrate assets to experience new advanced features. For example, Coinbase's setup focuses on the payment sector, allowing traditional e-commerce service providers without local private key management experience to call private keys via API for on-chain operations. Binance's setup is used in the CeDeFi sector, making it easier for users who usually look at K-lines to directly operate and purchase on-chain assets while ignoring gas fees, slippage, and multi-chain issues.

5. Conclusion

How to evaluate 2025 and what to expect for the future? I believe this year is a year of silence for wallets, as well as a year of transformation. It has not made much noise but has been quietly working on significant matters. In today's multi-chain environment, simply creating a usable tool is no longer sufficient to sustain a large-scale wallet team (and its supporting infrastructure); it inevitably requires various value-added services to thrive. Coincidentally, this year is also a year of application explosion, with the Perps sector experiencing a rebirth, and RWA (stock direction), prediction markets, and payments all showing improvement.

The market is gradually shifting from fat memes to diverse DEX demands. Moreover, memes only appear to be large due to rapid trading and high transaction volumes, but in reality, it has always been the same group of people playing, with changing hotspots but little user growth. Combined with various TEE-backed new custody systems that leverage the reputations of exchanges.

Furthermore, in the larger trend, AI will become increasingly powerful, and AI trading will also emerge. Previously, wallets were designed only for humans, not for AI. Therefore, I foresee that next year will see a richer explosion of applications, as the underlying technology has matured. There will certainly be a gap period in between, as TEE is still a play for large exchanges, and they are unlikely to easily open external access like Coinbase.

Additionally, using funds on DEXs is just one part of user demand; there is a much larger segment of users who simply want to earn stable returns. Coupled with various subsidies and airdrops during promotional periods, along with attractive APYs, they will be very satisfied. CeDeFi products that can yield on-chain returns will be the first landing place for many CEX users (note that this refers to CeDeFi with independent addresses; shared address models like Bitget's will not yield).

Finally, this year has also seen significant advancements in cryptographic technology, such as passkeys, although this article does not cover them. However, more public chains like Ethereum and Solana are gradually integrating R1 curves (which devices with passkeys default support) through precompiled contracts, so wallets that incorporate passkeys are also a potential future trend (though their recovery and cross-device synchronization are challenging). After all, any product that can streamline high-frequency demands will eventually find its place.