Conversation with MetaMask Lianchuang: Why MetaMask Snap is so important

Compiled & organized: Shenchao TechFlow

Recently MetaMask released MetaMask Snaps on Permissionless II. Users can use this function to achieve interoperability with Bitcoin and non-EVM blockchains.

As industry-leading wallets begin to expand their ecosystems to integrate more on-chain tokens and features, will this be cryptocurrency’s “Chrome extension” moment? Is this the way to attract cryptocurrency’s next billion users?

In this episode, Dan, Lianchuang of MetaMask, gave an in-depth introduction to the new feature Snap and looked forward to its future development and possible impact.

Host: Ryan, Bankless

Speaker: Dan Finlay, founder of MetaMask

原标题：《Why MetaMask Snaps is a Big Deal with Co-Founder, Dan FinIay》

How MetaMask Snaps works

• Dan introduced that MetaMask Snaps is like a plug-in designed for the MetaMask wallet, and one of its important functions is to enhance transaction security. Through Snaps, users can install transaction security providers that can simulate transactions and predict the results of transactions, thereby helping users avoid possible risks such as phishing attacks.
• Dan explained the functionality of Snaps, emphasizing that they provide MetaMask with the ability to extend the API. Currently, there are three main ways to expand your wallet using Snaps:
• 1. Transaction security: Snaps can help users ensure the security of transactions, predict the results of transactions, and avoid risks.
• 2. Adding integrations: Snaps allows external developers to build functional plugins for MetaMask and add support for its protocol. When a user logs into a website, the website can interact with one of the user’s Snaps, not just with the API provided by MetaMask. For example, Snaps can provide users with the ability to sign and display confirmations. *3) Notification: Snaps also provides notification function. For example, there is a Snap called Push that allows Dapps to notify users of relevant information after obtaining their permission.
• The moderator mentioned that although this is a Beta version of Snaps, there are already over 30 different Snaps for people to use and download. *Dan explains in detail how to use Snaps. When Dapps want to interact with a specific blockchain or protocol, they can require users to install the corresponding Snap, resulting in a richer and seamless experience. *Dan specifically mentioned the Transaction Insights feature, which allows users to preview and understand the details of their upcoming transactions before confirming them. This gives users insight into the content of transactions, and users can better identify these potentially malicious transactions and avoid losses.
• In terms of increasing wallet security, Dan mentioned the “spider web model”. In this model, instead of relying on a single security policy, multiple policies and tools are used to enhance security, providing users with more comprehensive and powerful security protection through multiple layers of protection and policies. Even if one policy fails or is bypassed, other policies can still protect users.

Function and purpose of MetaMask Snaps

• Dan focused on the functions and purposes currently available to MetaMask users, including: compatible chains and ways to achieve compatibility.
• In terms of chain compatibility, MetaMask has made significant expansion and progress. Dan emphasized that in order to enable more people to use cryptocurrency safely and easily, they provide a series of security tools aimed at lowering the threshold for new users to enter the cryptocurrency field. With the latest Snaps release, MetaMask has not only enhanced its functionality but also expanded its support for multiple chains, going beyond just supporting Ethereum.
• He further explained that when MetaMask considers adding new features or interacting with new blockchain networks, they always put the security of users’ funds and data first. Security is a core element that the MetaMask team always considers when developing and releasing new features, and their goal is to ensure that users always feel safe and confident when using MetaMask.
• Regarding the way to achieve compatibility, Dan mentioned that developers do not have to make a Snap for every application. The purpose of Snaps is to extend the wallet’s API functionality and make it richer. Developers can check out the existing Snap menu, a growing feature set that allows developers to have richer interactions with users. The APIs are designed to be very simple and should be very familiar to developers who have written Dapps using Ethereum providers before.
• Making a Snap is a great option for developers who want a component of their app to accompany users and be used on other sites, especially developers who want to make transactions easier to read.
• When asked if Snaps are a strategy for the MetaMask team to expand their development capabilities, Dan confirmed that this is their strategy. This approach allows them to more quickly develop and roll out the features their users want. Dan mentioned that in order to take full advantage of the diversity of blockchains, wallets need to be flexible. Their long-term goal is to make Snaps completely open and permissionless.
• Dan shared some ideas for future Snaps, such as guiding users through links that contain information such as recommended links, gas subsidies, and permissions. He also mentioned that future Snaps will be able to share permissions between each other and even outside the wallet. Dan’s vision is that Snaps will make MetaMask more invisible while still allowing users to create scalable and secure contracts.

Snaps Development Journey & Security

• Dan introduced the development process of MetaMask Snaps. Dan mentioned that they had the idea that the wallet should be scalable about five years ago. During the first year, the idea sounded crazy, but by the end of the year, they had built a prototype and began to believe that the feature was possible. Their team initially tried to develop Snaps while working on other things, but later decided to go all-in. This is the first time they have set up a dedicated team for a specific feature.
• Dan has emphasized the importance of security many times. He made it clear that although MetaMask hopes to introduce new features and extensibility, they will never sacrifice user safety, which is their primary consideration during development.
• Dan mentioned the issue of how to interact safely with strangers, computers, and new software. He explained that to solve these problems, they actually built an operating system kernel and integrated it into MetaMask, which allowed them to run third-party code but severely restricted it at runtime.
• MetaMask uses a two-layer isolation mechanism to ensure the safe operation of third-party code. First, they used an iframe, then an isolated area based on JavaScript language-level features. These two layers of isolation ensure that third-party code can only run within strictly defined boundaries and cannot access or modify MetaMask’s core functionality or users’ sensitive data.
• In this way, even if the user installs a malicious Snap or third-party extension, it cannot operate beyond its authorized scope, thus protecting the user’s security.
• Although MetaMask has implemented these security measures, Dan stated that their goal is to make the system more permissionless while ensuring security. They hope to create a distributed operating system kernel specifically designed to handle cryptography-based decentralized protocols while ensuring user security.
• When the moderator asked why the development of Snaps took so long, Dan explained that they were faced with not just developing a new feature, but solving a real technical challenge.
• Dan emphasized that the core problem they are dealing with is actually a big and complex problem. In order to solve this problem, they need to conduct in-depth research and a lot of development work. It’s not just about writing code, it’s about diving into cryptography, security, and decentralized technology. *Dan compared the design of MetaMask to the firmware layers of hardware wallets. He mentioned that similar to how the Ledger team described how to isolate private keys, MetaMask also adopted a similar approach to ensure the security of users’ private keys.

Note: The “firmware layer” refers to the software layer in a hardware wallet that is used to store and perform basic operations, and is generally responsible for how to securely store, manage, and use private keys.

• The moderator asked whether installing Snap would pose a security risk. Dan explains that to minimize risk, they employ two main security strategies. First, all Snaps are audited. Second, each Snap has a list of permissions that specify what features the Snap can access. *Dan mentioned that they hope to gradually decentralize the audit process until it becomes a trust-based network or DAO. For those Snaps that require signing capabilities, they only have access to the keys associated with them, rather than all of the user’s keys. *Many Snaps require network permissions as they cannot be run locally. But if a Snap only needs access to transaction data and does not require network permissions, then the user’s data is effectively private because it cannot be sent to external servers.
• The moderator asked, if a Snap is installed that does not require key signing, such as a Snap that simulates transactions, what risks does this pose? Dan explained that this Snap requires access to transaction data to perform simulations, but it does not access the user’s private key.

Future plans for MetaMask

• The moderator mentioned the trend of account abstraction and smart contract wallets, and asked MetaMask if it has plans to enter this field.
• Dan explained that the MetaMask team’s long-standing position was that it planned to create a plug-in system for accounts. Instead of developing these new smart contract accounts themselves, MetaMask will provide a platform that allows other developers or teams to create these account plug-ins for MetaMask. This approach encourages innovation and allows many different smart contract account solutions to be implemented on MetaMask.
• While account abstraction and smart contract wallets are an interesting and promising area, the current core focus of the MetaMask team is creating a secure scalable core. This kernel is the core component of MetaMask, allowing it to run third-party code such as Snaps while keeping users safe.
• Due to this core focus, Dan believes that MetaMask may not make the best contract accounts on its own. Instead, they prefer to provide a platform for the community and other developers to create these solutions.