How Bad Crypto User-Experience Costs People Millions

Glue
5 min readJun 14, 2024

--

It’s common knowledge among people working in the crypto industry that its user experience leaves a lot to be desired. But in many cases this issue is interpreted superficially, as simply a barrier to adoption. If only we had X, we’d be so much further ahead… Cue-in the futuristic mega-city memes with “account abstraction” or some other flavor of the month feature.

But if we go down one level or two to meet real users, it’d be easy to see how bad user experience is not just about the initial entry to the ecosystem. It’s about them staying with their money intact.

“Bad user experience” is sometimes conflated with “ugly app,” but that’s not all there is to it. Case in point, banking apps are in most cases terrible: they’re clunky, confusing and require quite a bit of learning to start using. But they’ve been around long enough that we’ve just gotten used to their antics.

The real issue with crypto UX is its complete lack of safety, and this is where banks win hands down. Fixing this mismatch is one of the most important missions at Glue — but before we show you how we’re planning to do that, let’s go through the many ways users can lose money in crypto and why.

Wallet drainers and signatures

People lost hundreds of millions to wallet drainer scams in 2023 alone, very often with no recourse or ability to punish those responsible. For some crypto power users, it might be easy to think that these victims should’ve been more careful, and to underestimate the magnitude of the problem.

Wallet drainers usually work by making users sign cryptographic signatures giving them full control over their tokens and assets. They exploit well-meaning features, like the Permit system, which was originally designed to save users money by making approvals gasless, i.e. not requiring them to make a full-blown transaction to start interacting with smart contracts.

Wallet signatures are just terribly dangerous from a UX perspective. Legitimate signatures with the Permit system look like gibberish, and projects are currently normalizing signing-in to a dApp by first signing a message with their wallet. Combine the two things and you have the ideal recipe of a drainer scam: a user lands on a fake version of a dApp, signs a message purporting to be a simple log-in signature, and loses all their money.

Keeping things simple, transparent and easy to understand is key — and signatures are an easy example of something that should be rethought of completely.

The utopia of holding your own keys

Imagine if every time you paid for something online with a credit card, there was a chance you’d land on a malicious website and lose all the money in your bank account with absolutely no way of getting it back.

Scams like these do actually happen with traditional systems, let’s not kid ourselves here.

But in most cases, banks will have many security precautions in place to prevent people from doing something dumb, such as sending all their money to a scammer. These systems might be a bit overzealous at times, and maybe they don’t fit the idea of radical self-sovereignty, but they do work for the average person.

We used to hold our own keys in the form of gold coins and paper bills, but banks still prevailed over time as the preferred way of storing value. That of course carries its own can of worms — banks could easily fail on you, and historically they often did.

Still, trying to force everyone to store their own private keys is a recipe for losing money and users. Giving up custody altogether is not a solution either.

Thankfully, there are middle grounds — one of them is the Crypto Two-Factor Authentication on Glue, which enables multisignature accounts by default. This system helps give users some security guardrails without them ever losing control of their assets, making it win-win.

Why are crypto scams so common, anyway?

The thing that makes crypto so dangerous is, by far, its lack of recourse once bad things do happen.

All transactions are final and nearly instant, meaning that once you’ve lost the money, chances are it’s gone for good. While crypto is traceable, investigations usually require quite a few resources and knowledge, and enforcement is patchy at best.

More centralized ecosystems tend to be a bit better for the end-users. USDC and USDT, both centralized stablecoins, have blacklisting functions that can freeze a particular wallet’s funds. These companies will then usually re-emit the frozen money to their rightful owners.

Another example of centralization being sometimes useful is the case of Munchables, a protocol on the Blast chain that got “hacked” due to placing too much trust into a person who was, apparently, a developer from North Korea.

That story had a relatively happy ending, as the hacker returned all funds without even requesting a ransom. We can only speculate why, but perhaps one reason is because the hacker had no way to move the money out of Blast. All third-party bridges closed their gates right away, and the main Blast bridge was essentially controlled by the team and was subject to massive delays.

Transactions being immutable and impossible to change is an important feature of censorship-proof cryptocurrencies. But it is also arguably the number one reason why people lose so much money with crypto.

Going beyond the tradeoffs of centralization and decentralization

There’s a common misconception that safety features make a system inherently more centralized, or that they need centralization in order to work. From this perspective, making user experience safer would be tantamount to compromising the ideals of Web3 and defeating its purpose.

We’ve only begun to scratch the surface of what can be done with programmable money and blockchains, and the technology will evolve to go beyond existing tradeoffs. You can think of laptop vs. desktop computers in the early 2000s, where the former were portable but weak, while the latter were powerful but bulky. Today, laptops can easily handle even the most demanding tasks, and desktop computers are mostly a niche item.

The philosophy behind Glue is to use present-day technology to make a safe and decentralized system. For example, the introduction of 2FA accounts with multisig allows us to safely implement guardrails for users without any custody risk. Our users can approach the ecosystem from one app, minimizing risk of phishing, but they can always explore beyond it when they’re ready. We can introduce “centralized” services like asset insurance and customer support while recruiting third party companies to do it, maintaining competition and decentralization.

There will surely be more innovative solutions in the future to improve UX in crypto. You can join our community now as we continue on this journey!

Official Links Website | Glue Hub | Twitter | Telegram | Telegram Announcements | Reddit | YouTube

--

--

Glue
Glue

Written by Glue

Glue, the blockchain ecosystem. Accessible, secure, user-friendly blockchain ecosystem for everyone. Visit us: https://glue.net/

No responses yet