After unveiling our Alembic Connect Demo at ETHCC this year, Cometh is proud to introduce the finalized version of its biometric smart wallet, now named Cometh Connect!
Serving as an Account Abstraction-as-a-Service (AAaS), Cometh Connect empowers users to create, utilize, and expand smart wallets with the tip of your finger(print).
Engaging with anything web3 involves a lot of onboarding. Users must install specific software, set up new accounts, and navigate unfamiliar interfaces, all while grasping new terminologies and experiences. Wallets, the primary gateway to Web3,can be non-intuitive at best, confusing at worst: with challenges like understanding 24-word private keys, secure storage, gas, transaction fees, and more.
This complexity can make users want to abandon the process and give up (for now) Web3 activities. Yet, to use dApps and access Web3, a wallet is essential, and currently, there’s no easy way to obtain one. Addressing this onboarding challenge is a priority for Web3. So how to get around the need for a wallet while making the user experience more fluid ?
Enter Cometh Connect.
Cometh Connect simplifies how a user interacts with the blockchain and drastically improves the onboarding experience, going as far as completely abstracting wallets from users while using non-custodial solutions — offering a web2-like experience within web3.
Cometh Connect lets users create and manage wallets using only their biometrics, securely stored on their device’s secure enclave, whether it’s a smartphone or laptop. Cometh Connect also enables sponsored transactions, allowing dApps to manage users’ transaction fees, making the concept of gas fees invisible to users . Essentially, end-users won’t need to pay gas fees on their favorite dApps, ever.
Building Cometh Connect
Safe at its Core
Cometh Connect is built on the Gnosis Safe smart contract wallet, recognized as the gold standard in the industry. Gnosis Safe is currently the most widely used smart contract wallet on the EVM (Ethereum Virtual Machine) and safeguards over 40 billion dollars in capital. Having undergone rigorous audits and extensive testing in production, Safes have become the go-to smart contract wallet. However, they can be complex for beginners and may lack flexibility. Cometh Connect enhances the Safe wallet by incorporating numerous features through its own SDK and dedicated APIs. Cometh Connect is also available on all networks where the Gnosis Safe Factory is deployed — which is most EVM chains today.
Biometric signers
A Safe is controlled by one or multiple signers who sign a transaction from their individual wallets, enabling the smart contract wallet to execute the transaction. Currently, these signers primarily consist of Externally Owned Accounts (EOAs), which means users have to rely on the legacy wallet experience to interact with their Safe, including managing private keys.
Cometh Connect supports the use of multiple biometric signers.You can control your smart wallet with nothing else other than your FaceID or your fingerprints thanks to the WebAuthn standard found in most devices today.
WebAuthn is the current Web2 sign-on standard used by the majority of online services who’ve implemented passwordless sign-ons.It uses public key cryptography to register and authenticate users, and its security is achieved via biometrics and storage processes. It operates at a systemic level such as TouchID/FaceID on iOS, Hello for windows, or FIDO on Android.
It’s revolutionized the way we interact online, removing the need to remember all the different passwords and it has become way more secure: it’s much harder to hack someone’s face or fingerprint than it is a password.
WebAuthn stores private keys in your device’s secure enclave, turning it into a hardware wallet everyone already carries. With Cometh Connect, sign transactions using your biometrics — a familiar process for most users, suitable for both web and mobile.
It’s simple, fast and really easy to apprehend. Don’t trust us, verify with our demo:
Creating the Biometric Signer
Ethereum and its EVM currently uses Elliptical Curve cryptography for its signing algorithm. Several different curves exist, defined by different mathematical equations, but Ethereum itself uses secp256k1 for its own algorithm called ECDSA. Used also on Bitcoin, it generates and verifies all digital signatures. Whenever a transaction is made, users utilize their private keys to sign using the ECDSA algorithm.
The problem lies with the fact that this specific curve is not available with WebAuthn today. Instead, WebAuthn works with the secp256r1 elliptical curve, a curve natively supported in all smartphones and almost all the web browsers! Cometh allied with Ledger and successfully applied the secp256r1 elliptical curve on Ethereum to create secure authentication and signing for transactions/smart contracts. The resulting signature can be verified on-chain by a smart contract. This Biometric Signer was built using several cryptography techniques such as Shamir trick and Windowed method (learn more here).
Once a user is onboarded with their Biometric Signer, they remain in total control. There is no sharded key scheme or Multi-party computation (MPC) bypassing the key custody: the key to use the wallet sits in the user’s hardware.
Multiple devices
A biometric signer, managed by the Webauthn standard, is dedicated to a particular device.
Meaning, each device has its own secure enclave and its own keys.
A biometric signer created on your iPhone 12 is a different signer than the one created on your Macbook, even if you have the same biometrics !
This feature is inherent to the WebAuthn standard and paramount for its security. Someone with access to your biometrics won’t be able to connect on another device than your own.
However, you need to be able to access your wallet on several different devices — not only for convenience but also for security: you may lose your phone or computer. Cometh Connect allows you to add as many devices as you wish, with as many biometric signers as you need.
Adding a new device is quick and straightforward. In under a minute, a new biometric signer linked to the device is created. However, a previous signer of the wallet, such as from the first registered device, must approve the request.
Similarly, you can just as easily remove devices and their associated signers.
Cometh Connect simplifies wallet use while ensuring users maintain full control. Users can access their wallets with just a fingerprint, and, using the Safe infrastructure, can also add traditional EOAs via Metamask or Ledger as signers.Therefore, advanced users have the option to add any new owner to their safe (e.g., Ledger) and remove any signer (such as WebAuthn) if they want.
A brand new user can therefore start his experience with a single biometric-signer for his account, and add different types of signers as his web 3 knowledge improves over time, or as his assets grow in value.
Account Recovery
Cometh Connect enables Account Recovery, allowing a third party to be designated as a guardian. In the event that access to the wallet is lost, guardians can initiate a recovery procedure, allowing the user to regain access to their smart wallet through a new authentication provider.
It’s crucial to underline that guardians have limited capabilities; they can solely
initiate a recovery request and are incapable of conducting transactions or accessing the safe’s funds. However, to prevent potential abuse, where a malicious guardian might attempt to designate their addresses as new owners of the safe, we have instituted a recovery period between the request’s initiation and its finalization. During this period, if a user detects an unauthorized recovery request on their safe, they have the authority to cancel the request.
Furthermore, it’s worth noting that users retain the flexibility to modify the composition of their guardians and enable or disable the social recovery module at their discretion, providing them with full control over their security measures.
Cometh Connect is a smart-wallet as a service, making any dAPP able to offer their own account recovery service if needed, especially by combining their usual “web2” client account to the social recovery service. For instance, they can serve as guardians for clients, who can then recover access using their standard web2 accounts.
Down the road, Cometh Connect will also enable social recovery, allowing users to designate friends, family or other trusted addresses they own as guardians.
Gasless transaction
Cometh Connect is built with native sponsored transactions management. By default, any transaction sent from the smart wallet is routed through a relayer that handles the gas payment. As a result, the user experience is seamless: simply click a button (and use your fingerprint if needed ), and your transaction is sent to the blockchain. You don’t even need to understand what a transaction is or what gas fees are. Transactions identified as sponsored will be completely free for the user, while non-sponsored transactions are executed only if sufficient funds are available within the smart wallet to reimburse the relayer.
Cometh Connect also comes with a feature paramount to the economy of any dAPP implementing a wallet for their users : there is no initial gas cost to create and assign a wallet to a user. Thanks to smart contract properties, the address of the smart wallet is defined for each user without deploying the wallet itself. Assets can be sent to his wallet before its deployment ! The gas fee necessary to deploy the wallet on the blockchain will only be paid if the user decides to use his wallet ie. to make his first transaction.
This translates to an important economic factor for the dAPP as they will only pay the gas deployment fee of their real, active users, instead of any users joining.
Adoption in web3 is mainly a question of user experience. Without similar or even better experience than traditional web applications, blockchains and decentralized applications won’t reach mainstream audiences. Cometh Connect offers a seamless experience for any dAPP.
It’s your dApp gateway for adoption.
You can check out our documentation here to get started.
You can also reach out to us here.
Follow us on Twitter for all updates and you can join our Discord if you have questions for the team!
