Deep Dive on Solana Ecosystem Self-custody Wallet UX

14 min readJan 5, 2024

One of the key challenges in the crypto world is to increase the adoption by the populace just how the traditional fintech has been inseparable from daily life. We can blanket this user group and generalise it to the web2 users, who find the migration to explore the blockchain communities being a hurdle. From my experience as a product manager in a centralised exchange, it is one thing to educate the masses about crypto as an asset class worth investing in, but it does not necessarily translate into their exposure to decentralised finance (DeFi) products.

This is not just a matter of the bearish market report and political climate, as summarised brilliantly by Messari here. It is put in the spotlight that the crypto world faces primary cultural challenges including the lower size of the happy crypto investors and the huge gap in technical understanding among the decision-makers. Despite the institutions addressed in the report being mainly US-based, the key takeaways apply to the general public.

The world of DeFi is elusive at best for mass user adoption due to the concept being inherently different from the centralised finance (CeFi) user journey. For a start, the entity (a human being here, to be precise) is represented by a wallet address instead of a string of a username or SSO (single sign-on). A wallet account is the primary critical step for any users to onboard themselves into diverse web3 platforms, from investing to social media. Therefore, without this self-custody wallet ownership, users’ entry point to the rich decentralisation experience is invisible. This is not a difficult concept to bridge as we have the web2 equivalent. The concept of a “wallet” that can connect you to many different dApps is similar to a Google or Apple iCloud account, a key to unlock your login into different websites or apps nowadays.

However, with the lack of awareness of how to access this self-custody wallet and attempts made by the users to familiarise themselves, web3 adoption is still led by centralised exchanges, according to this survey led by Coinbase Institute. The world represented by the survey results is aware of the crypto space and blockchain technology. Only, their exposure to actual web3 utilisation is still low. The stark contrast between CeFi and DeFi adoption is accentuated by the following:

Centralised exchanges are still the main entry point
Payment, NFT, and trading are the top use cases of web3 products, while lending, staking, and other decentralised services are still relatively unknown

The report gist is a nod towards McKinsey’s report that ruthlessly mentions that the UX of web3 is not ready for mainstream adoption, from three points:

Poorly designed UI
Major improvements in the underlying technology are needed to provide a seamless flow
User’s lack of knowledge causes them to expect the same level of protection from the centralised entities

Other aspects also come into the foreground of the battle in adoption, such as security, rug pull scams, and data privacy. This report even displays the nuance of the “old world” vs crypto by their words of choice in titling their charts, for example, pitting the “familiar” models and the “decentralised” model of loans.

As a newbie in web3 DeFi, I also had my fair share of rookie mistakes, such as transferring between chains and not having the native tokens to bridge my asset. I learnt by doing, which was catalysed by the closing of Binance off-ramping services in the UK including my unfortunately taken down preferred methods of P2P, which forced me to look for alternatives.

The experience made me ponder, if I who can call myself a little more tech-savvy than the general population, still made a costly mistake, what about the way less tech-savvy users, such as the underbanked and no-coiners?

In retrospect, my mistake was caused by my mind that was not readily switching lanes when making my ETH transfer to Metamask from Binance. I regularly need to do international remittance, which involves transferring and off-ramping between centralised exchanges. But I forgot that when I transferred my coins to a self-custody wallet, the destination wallet did not automatically consolidate the amount, as the assets are kept separately if they arrived in separate chains.

Coming from a product management background where the industry of web2 fintech has matured with different tailored services, I would like to benchmark several self-custody wallets in the Solana ecosystem and propose improvements.

The wallets in this article are:

Glow
Phantom
Trust Wallet
Solflare
Backpack

The criterion is each must be mobile-friendly since we are catering to the user demographic that is widely familiar with on-the-go fintech experience. All apps were downloaded from the UK Apple App Store.

To benchmark the wallets in this article, I start with the product management framework of defining the JTBD (Jobs to be Done), normally called an epic. Note: for you who are familiar with the user story in the product framework, the epics below seem like a user story at first. But each has a deep complexity which warrants the level of epic, instead of merely a story. The user persona is the web2 general users who can derive similarities in the long-standing banking practice but lack knowledge in DeFi.

(Framework adapted from ProductSchool template, summarising the survey and adoption trend as points on customer’s insights)

Using the user story mapping template here, each epic can be broken down into a zoomed-in journey.

1/ As a user, I can onboard myself to a self-custody wallet so that I can start getting exposure to web3 platforms.

In this epic, creating a new wallet is preferred over importing a new wallet under the assumption that the user has never created a DeFi wallet before.

Onboarding is tricky, especially if the flow is less familiar to the users. That is the reason many apps nowadays look and feel the same, which is to reduce the friction of onboarding a new user in light of similarity. However, web3 came with its own set of technological rules. I don’t call it limitation because the underlying stack itself is a whole other species than the centralised apps.

An anecdote of the familiarity is how the gesture on the keyboard, for example, on MacOS, is less standardised across apps, potentially confusing the users. I am an active Miro user on my Macbook. To zoom in or out using my mouse, I simply need to scroll up or down. To move left or right, I use right click and drag to shift the canvas as I wish. However, due to my Miro being majority signed using my corporate account, and I don’t like signing out and in several times every time I want to switch between my office job and articles I write, I need to use another diagramming tool, such as Clickup. There was a learning curve in using Clickup since the gesture to zoom in and out is different (it uses a Cmd button and scroll up or down movement, similar to Figma).

The onboarding flow of each wallet is presented below.

Better visibility for the screenshots

Analysis

Back to the wallets, as a web2 user, the first noticeable difference is not having to input an email, phone number, or link the SSO to sign up. The wallets benchmarked here also feature helpful captions. However, some are more generous than others in cautioning the users about the seed (secret recovery) phrases.

The seed phrases themselves are not supposed to be a new concept for the DeFi converts because a recovery phrase is known to services like Authenticator or even Google. Some wallets emphasise the importance of this phrase more than others:

Trust Wallet allows the phrase backup to iCloud, which somewhat defeats the purpose of self-custody if we think that iCloud is a centralised service from Apple. But I understand the reason to bridge the familiarity and the safety feeling, as addressed in McKinsey’s report. It is the caveat of providing a decentralised service to web2 users who expect the same level of protection.
Solflare displays 6 screens (+1 actually, my secret phrase screen), or 50% of the onboarding real estate, to accentuate the importance of the self-custody wallet, which means it’s the user’s sole responsibility to remember the recovery phrase. The highlight here is the step that quizzes the user about the first and second words of the seed phrase.

However, Trust Wallet places an extra checklist style to confirm the user’s awareness of how important it is to keep their seed phrase secure. They go further by mentioning bad examples of keeping the phrase: screenshots, text files, or emails. The message is clear: digital saving is not recommended.

As for Glow, the further security configurations are a little hidden in the Settings menu:

recovery phrase is reached from Backup > Recovery Phrase. However, similar to Trust Wallet, the recovery phrase is stored on Apple Keychain, which, again, sounds counter-intuitive to the self-custody purpose.
Face ID (biometrics) is also on the Settings page

Therefore, it’s a matter of priority between security, fast onboarding, and comfort.

I classify these mobile apps as B2C since they cater to end users. Referring to an excellent article about product onboarding by Productify, the five wallets I benchmark have a good grip on the interface complexity and clear instructions to proceed. However, my minor issue is the cognitive load at the beginning of Backpack where users have to select the chain. Assuming the lack of knowledge, this can pose a potential pause or even a funnel drop. I created one example of the homepage supporting multiple chains in a later section.

I want to also address another complex situation with web3 onboarding. In web2 centralised services, the companies track every movement of the users when interacting with the platforms. For instance, we have trackers or tag managers, due to data being the king, the jargon in this AI era. However, similar to the Apple iCloud storage above, this means handing the personal data to the app creators. Despite the wallet itself being a self-custody, where the app creators do not have any access to how much a user has, the behaviour data itself is still recorded. Oftentimes, the Registration to Activation step (I still refer to the article by Productify above) is a company’s OKR (Objective Key Result). Therefore, this is also a noteworthy item to keep in mind when a user wants to use a self-custody wallet.

Based on the benchmark, I define the problem statement and propose the high-level wireframe for the improvements below.

Problem Statement

How can a web2 user set up a new self-custody wallet?
What security measures must be introduced to the users right at the setup stage? How complex could it be so as not to overwhelm them?
Do we want to incorporate a sense of security of any third-party providers, e.g. Keychain, or strictly limit it to written/memory of the seed phrase?

Solution

We allow the users to create a new wallet (although the button for importing a wallet is shown), with more coach marks/feature discovery
Passcode and biometrics are selected for the security measure
We want to emphasise the ownership of the wallet. Therefore, there is no online mechanism to store the seed phrase.

Proposed Flow

Figma HERE

Landing Page

Provide the options to the users either to create a new wallet or import wallet
If Import Wallet, allow for hot or cold/hardware wallet

Passcode Creation

This is the 1st stepper. Show 3-stepper bar to inform the users visually of how long it should take before reaching the homepage.
Create a 6-digit passcode
Ask user to confirm the 6-digit passcode

Biometrics Page

Detect whether a user’s phone supports biometrics
Turn On the biometrics if opted in
Allow the option for setting it up later

Seed Phrase landing page

The copy must be clear of the role of a secret recovery phrase
The copy must inform the users that this phrase can only be stored by the users

Seed phrase checklist

User must check the checklist before being able to proceed
Key points: Write the phrase down. Don’t share it to anyone. Digital safekeeping is not safe.

Seed phrase view page

Upon clicking ‘Show my phrase’, show the recovery phrase
Allow user to skip without showing the phrase

Seed phrase view page

Show the 12-word phrase
CTA button must have a clear copy that it is to be clicked after the phrase is written down

Seed phrase confirmation page

Quiz the user about their phrase
Error message to show on each row, preventing to continue to the next row, so as not to waste a user’s time

Next, onto the transaction epic. Due to the limited off-ramping options, I consolidated the deposit and withdrawal into one epic.

2/ As a user, I can deposit some funds to my new wallet and withdraw to fiat so that I can start making transactions on DeFi.

Benchmarking the on-ramp user journey made me realise that CeFi is still an integral part of topping up the self-custody wallet. The only available options to add some crypto assets into the self-custody wallets are:

Buying. Buying requires the possession of fiat money somewhere, most likely a bank, which implicitly means this account has been KYC-ed. Moreover, with the regulatory standards, the bank options are also limited.
Transferring from another wallet. To be MECE (mutually exclusive, collectively exhaustive) with the flow of buying above, the other wallet in question means the CEX wallet, and we know that the CEX wallet requires KYC as well.

On one hand, it means preserving the level of trust or safety expectation from the web2 users as addressed by the McKinsey report above. On the other hand, for those users who are sold the idea of full decentralisation in a DeFi wallet, this may lead to disappointment. In a user story which reflects the hero’s journey, it feels like the hero comes out to explore a new world, only to find out that the new kingdom’s promise for adventure falls flat.

Analysis

From the benchmarked wallets, only Glow and Trust Wallet enable the buying option. Both partner with Moonpay, the payment gateway for on- and off-ramping (Note: Moonpay is also used by Kraken, a CEX). From MoonPay, multiple payment options are possible, such as bank transfers, credit or debit cards, and Apple/Google Pay. I’m a Moonpay user as well and that means I’m KYC-ed at Moonpay.

Although not straightforward, this on-ramping method for web2 users might bridge the familiar to the new experience. Seeing the familiar symbols of the payment methods eases the process and reduces the cognitive load.

As for the off-ramp journey, all the five benchmarked wallets do not facilitate off-ramp to fiat transactions.

There is also a likelihood that users feel their expectations are misunderstood that they need to do KYC eventually with the centralised ramping platforms.

This is not advised as the philosophy of a hero’s journey wants users to win.

To ensure a better experience, we can mitigate it by informing users early on that they might need to submit their ID documents to do on/off-ramp, rather than dark UX.

Problem Statement

How can a web2 user get the hang of a DeFi wallet immediately?
What visuals would make them understand better about the fund movement?
How could we introduce the concept of different chains (for a wallet supporting multiple chains)?

Solution

The implicit value we want to convey to the users is to treat this wallet as their electronic wallet to serve the main purposes of:

Storing their assets
As their web3 identity
As an authenticator for web3 activities

I propose a tweak on the naming to emphasise that this functions like a wallet in CeFi to smoothen the learning curve. Therefore, I want to adopt the web2 banking feature naming to act as familiar visuals.

My suggestion for the on- and off-ramp transactions are the terms used on the homepage.

Buy does not sound intuitive at first. The Buy/Sell terms come from the philosophy of trading, that asset is a commodity to sell and buy, and fiat is the medium of exchange. However,

to help users familiarise themselves with the DeFi wallet
to promote the idea that crypto assets can also be a payment method,

we can follow the TradFi banking terms, seeing crypto as digital money.

I put the benchmark from my previous role here, where we put the main activities of the users: depositing (called top up), scanning and making payment, transferring out their balance, and receiving.

Proposed Flow

Without going too much into the options to present on the homepage, the DeFi wallet redesign would look like this.

Figma HERE

The 4 main buttons on the Homepage are Deposit, Withdraw, Send, and Receive.
Deposit: Connects to on-ramp services. Educate users that these are from the third-party service, which requires KYC. Also allows connection to bank cards, PayPal, Stripe, etc.
Withdraw: Connects to off-ramp services. Educate users that these are from the third-party service, which requires KYC. Also allows connection to bank cards, PayPal, Stripe, etc.
Send: Educate users that transferring crypto assets via different chains risks losing them.
Receive: Educate users that transferring crypto assets via different chains risks losing them.