Open in app

Sign in

Write

Sign in

Introduction to MetaMask Snaps

The Road to ERC-4337 and Account Abstraction

Veridise
Veridise
6 min readSep 7, 2023

--

One of the largest obstacles that prevent everyday users from adopting blockchain technologies is user experience.

Currently, Web3 users have a steep learning curve to overcome before they start using dApps and other blockchain tech on a daily basis. Seed phrases, unfamiliar jargon and complicated logins are just a few of the things that people need to deal with when transitioning from Web2 to Web3.

The more complexity is involved, the higher the chance of making mistakes — which makes it easy to understand why people are hesitant to enter the world of decentralization and asset self-custody.

In order to remove the friction of getting into Web3, developers and marketers have been working on improving the user experience and getting the blockchain ecosystem to a point where anyone can join easily and confidently.

One way to do so is account abstraction, or smart accounts — a way to use smart contracts as EOAs (externally owned accounts) for blockchain transactions and authentication. Unlike EOA, smart accounts allow for UX improvements like account recovery, transaction batching, paying for gas in stablecoins, built-in multisigs, etc. The Ethereum community even introduced ERC-4337 — a unified standard that makes account abstraction easier and more attainable.

However, while the industry agrees better UX is the way to go, enabling and adopting account abstraction and ERC-4337 directly is not easy or even possible for many Web3 projects. This is why some products decide to take alternative routes and today we’ll talk about that.

One of the most popular EOA wallets in the world to date is MetaMask.The MetaMask team admits that account smart accounts and better UX are the way to bring the next huge wave of users to Web3, and has figured out a way to “deliver the benefits of account abstraction without compromising on the MetaMask wallet users know and love”, as they state in a blogpost.

This is why they introduced MetaMask Flask — a permissionless innovation platform that allows developers to build custom features on top of existing MetaMask infrastructure.

“Using Snaps, developers can extend the functionality of your MetaMask wallet to support different account abstraction use cases. From session keys to complete smart account integrations built with MetaMask — all built with Snaps — we have seen developers rise to the challenge of using MetaMask to democratize access to account abstraction for users,” the MetaMask team wrote.

What are MetaMask Snaps

MetaMask Flask is a development platform for the MetaMask wallet software. It allows Web3 developers to experiment with new features that will eventually be integrated into MetaMask.

One of these new features is Snaps, a plug-in system that allows users to install plugins that extend MetaMask with custom functionality.

A Snap enables traditional websites to access Web3 functionalities, show additional information to users when they send transactions, and perform actions for users at scheduled intervals. For example, whenever a user tries to transfer ERC20 tokens using MetaMask, a fraud detection Snap could check the recipient of the transfer against a list of known scammers.

As another example, a wallet Snap could provide integration with non-Ethereum blockchains, allowing users to perform transactions on these other blockchains from a website that supports the wallet Snap.

How do MetaMask Snaps work?

Snaps are implemented as JavaScript/TypeScript applications where developers implement one or more of three functionalities (transaction insights, RPC requests, cron jobs) as JavaScript/TypeScript methods.

Because a Snap can consist of arbitrary code that can access a user’s MetaMask wallet, all Snaps are run in a special environment that is designed with security in mind. Thus, they differ in several ways from ordinary JavaScript or TypeScript code that would be found on, say, a web page or a Node.js application. In particular, the code will be executed in a “sandbox” that limits the JavaScript APIs that can be accessed.

Furthermore, to prevent Snaps from hogging system resources, all Snaps are meant to be “short-lived” in that they do not take too long to generate transaction insights or process RPC requests. Snaps that time out will be terminated by the MetaMask extension.

For more details on how Snaps work, we refer the interested reader to the official documentation.

What can you do with MetaMask Snaps

There are many other use cases of MetaMask Snaps, but the main use case that is emphasized by MetaMask themselves is the ability to use Snaps to build user interfaces for account abstraction-style on-chain wallet smart contracts.

Account abstraction gives developers a lot of freedom to create a wallet with whatever custom authentication schemes, access controls, or other features that can be used to control transactions from the wallet.

But actually accessing the custom wallet functionality would require the user to construct and send non-trivial transactions to the wallet smart contract. A Web3 developer could create a Snap that serves as the user interface for such a wallet so that users don’t have to care about technical details — similar to how a bank might create a phone app that talks to the bank’s servers.

How do you use MetaMask Snaps

As Snaps are currently a beta feature of MetaMask, users will need to install the MetaMask Flask browser extension as the first step towards using a Snap.

When a user interacts with a web page that supports a Snap, the user will automatically be shown a dialog that prompts the user to install the Snap. This dialog will show information such as a description of the Snap and what kinds of permissions it is allowed to access. For example, a Snap that submits transactions to a blockchain might request permission for internet access and permission to access account private keys.

The user must then “connect” the Snap to the website, which will grant permission to the website to access that Snap’s functionality. What the user does with the snap will depend on which of the three major types of functionality (though note that they are not mutually exclusive) it supports:

  • Transaction insights: before a user signs a transaction, a Snap that provides transaction insights will display additional information about the transaction in a popup. This will help make the user make an informed choice about whether to actually sign the transaction. The fraud detection example Snap we discussed earlier is an example of a transaction insights Snap.
  • RPC requests: a Snap that processes JSON-RPC requests enables dApps (websites) and Snaps to communicate with the Snap. The user will not actually access this type of functionality directly; rather, the Snap will typically serve as part of the plumbing behind the website/dApp that the user is interacting with. The wallet example Snap we discussed earlier is an example of a Snap that processes JSON-RPC requests.
  • Cron jobs: a Snap that supports cron jobs allows the user to schedule actions that will be automatically performed for the user at regular intervals.

Our work with Snaps

Although the MetaMask Snaps platform is designed with security in mind, Snap developers still need to be careful to avoid introducing security vulnerabilities in their own Snaps.

Of particular importance are social engineering attack vectors. Since Snaps will be directly used by everyday users, they should be designed in a way that helps users avoid getting defrauded or confused.

For example, when we performed a security audit for a wallet Snap, we observed that the wallet does not show full transaction details when a user wants to send funds. Before the developers fixed the wallet, a hacker could trick a user into giving away all of their ERC20 tokens, and there would be no way for the user to know what would be going on!

Snap developers should also be on the lookout for traditional web application vulnerabilities. As it is possible for websites to access a Snap functionality, hackers may try to seize user funds, steal sensitive information, or perform unauthorized actions by exploiting cross-site scripting or query injection vulnerabilities. In the audit of the same wallet Snap we mentioned above, the developers confirmed and fixed a bug that would allow a phishing website to silently steal the account credentials of a user!

Securing MetaMask Snaps

Snaps are making MetaMask, the world’s most popular crypto wallet, even easier to use on a daily basis. As more developers work on Snaps, it will be increasingly important to have the Snaps audited to avoid security issues and scams.

If you are working on a Snap and would be interested in a security assessment, get in touch with us today:

🤙 Request a MetaMask Snap audit

Want to learn more about this? Connect with us:

Twitter | Lens Protocol | LinkedIn | Github | Request Audit

Metamask
Blockchain
Security Services
Account Abstraction
Web3

--

--

Veridise
Veridise

Written by Veridise

255 Followers

Hardening blockchain security with formal methods. We write about blockchain & zero-knowledge proof security. Contact us for industry-leading security audits.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams