SafetyDetectives spoke with Clarisse Hagège, the co-founder and CEO of Dfns, about web3 wallets, the challenges of developing an open-source crypto wallet, the impact of WebAuth, and more.
Can you please introduce yourself and talk about what motivated you to co-found Dfns?
My name is Clarisse Hagège, I’m the co-founder and CEO of Dfns. I had been working for Goldman Sachs, Bank of America Merrill Lynch, and Crédit Agricole Corporate Investment Bank since the global financial crisis broke out in 2007. Throughout my entire career as an investment banker, I have had the opportunity to explore and gauge the subtle complexity of today’s modern financial system on top of which economies all run. Trade and export finance, FX, interest rate derivatives, loan syndication, equity and debt capital markets, M&A, project and optimisation financing, securitization, cash and wealth management: I had seen all the faces of finance and knew exactly what it would require from crypto to re-bank the world. However, I quickly understood that it would require a security revolution for blockchain mass adoption to happen.
I wanted to take a break from my job and I was offered to join a startup acceleration program. There, a blockchain company called Starname asked me to help launch their Initial Coin Offering. My role was to sell IOV tokens to investors, which I did successfully. However, when it came down to closing the deal, I had to warn investors about what they were actually buying: a private key. Most investors would get confused when I explained that the key was the only access to their tokens and why it was so important to keep it in protective custody. As a result, they would turn down the offer the second they understood that losing the private key meant losing all the assets. The risk was simply too big.
Crypto was promising people financial freedom, but asking them the impossible at the same time. In 2019, every user needed to insert their assets in military-grade hardware and hide it. In the eyes of the fringe cypherpunk community for instance, self-custody was—and still is—a good thing. Yet, the institutional investors I dealt with did drop out of the ICO because of security concerns and cumbersome processes. Nothing else. As I kept reading about the crypto wallet space and its underlying technology, the situation seemed even more unsustainable in my mind. And in October 2019 during the Berlin Blockchain Week Summit, I met with Ouriel Ohayon (the founder of ZenGo) who told me about Multi-Party Computation (MPC) and Threshold Signature Scheme (TSS) that could decentralize and abstract away the key. I asked why he didn’t want to market this technology as a B2B solution for other apps, to which he answered that he was focused on his B2C app.
That was my aha and wow-moment at the same time. So, I resigned in January 2020 to start a wallet-as-a-service platform. My aim was to bridge the gap between fiat and crypto by removing all key-related vulnerabilities and risks, and reinstating the comfort of good old trustworthy traditional finance. My bet was that crypto needed to remove all single points of failure before it could go mainstream and deliver its promise of financial freedom for all. That’s how it all started.
Today, Dfns is the most secure wallet-as-a-service infrastructure in Web3. Founded in 2020 in Paris, Dfns is also a Techstars-backed, SOC 2-certified company that has raised over $20M since its creation. We provide an API-first KMS designed to provide app developers with secure, plug-and-play access to blockchains based on a decentralized, MPC-driven key management network with built-in recovery mechanisms. Dfns is designed with focus on developer experience to maximize programmability, minimize high-touch implementations, and provide granular sets of permissions, controls and policies via secure API credentials. We support 30+ blockchains and 1,000+ tokens.
Our mission is to become one of the favorite building blocks in crypto and provide enablement technology for builders devoted to making the future of finance safe and delightful.
What are the top services or features that make Dfns stand out?
- Programmable APIs: Dfns has the most programmatic and granular wallet APIs in the market today. We bring SaaS best practices to secure key management so developers don’t have to deal with complex blockchains and time-consuming security setups.
- Trust-minimized Security: We provide a decentralized key management network with built-in recovery mechanisms, operated by fault-resilient T3+/4 data centers. Our API is accessible through 2FA enforcement via WebAuthn 3.0.
- Multichain: We support 30+ blockchains, 1,000+ tokens, and can add new blockchains in less than 3 weeks.
- DeFi-compatible: Our APIs can automate arbitrary smart contract calls and broadcast any transactions on-chain using templated payloads.
- Cost-efficient: No transaction fees, no bps on AUM, we price like a normal SaaS with subscriptions only.
- Scalable: Our network can create millions of wallets without failing to assure high speed and low costs.
- Compliant: We enable transfer limits, approval workflows, and other role-based policies and permissions. We offer both omnibus and segregated wallets to prevent commingling of assets. We enable composable key deployment schemes allowing apps to remain custodial or non-custodial
Can you explain the importance of relying on open-source and battle-tested standards for handling private keys and personal data in web3 wallets?
For one, Web3 can be unforgiving – there is no tolerance for mistakes. An unforeseen error can lead to lost funds and devastating consequences for users. That’s why it’s absolutely essential to lean on well audited standards that have already been tested and have held up to intense scrutiny.
Another huge factor is trust, which is why relying on open source standards is essential. It’s important to us that users can look up exactly how their data is handled. They should be able to see what security researchers think of the tech we use and even read our code and perform an audit themselves if they’d like. The point of our tech is to keep users in total control of their funds while leveraging technology to make their Web3 experience more convenient. It’s important that they can see for themselves how that process works – if we hide our tech behind closed doors they might think we’re trying to hoodwink them. We want to show off our responsible and secure codebase.
What specific challenges did Dfns face while designing a wallet around the paradigm of open-source and battle-tested standards?
You have to pick the right open-source libraries and standards and stick to them during the implementation phase, but there is no specific challenge per se. Every application builds atop OSS libs and dependencies.
How does WebAuthn enhance the security of web3 wallets? Could you provide some insights into its mechanisms and benefits?
- WebAuthn is the same open-source standard that Apple, Yubico, Google, and other tech companies use to access biometric authentication in phones and other products (such as TouchID). This means that it has been battle tested across the globe and held up to intense scrutiny. The fact that it’s open source means that anyone is able to audit the code and flag concerns, leading to robust security.
- Another key element of WebAuthn is that it ensures all personal data is encrypted on your device. This means that it doesn’t introduce any new attack vectors, unlike other ID verification solutions which store personal data with third parties.
- Finally, WebAuthn allows us to rely on biometrics – a difficult and expensive piece of data to purchase on the black market, rather than using IDs or social security numbers, which can be relatively inexpensive. This makes sure we don’t make our customers attractive targets for attacks.
In terms of user experience, how does relying on established standards and technologies like WebAuthn impact the usability and accessibility of web3 wallets?
We need to make web3 accessible to everyone. The least technical people I know use biometrics to interact with their phones and apps every day without ever giving it a second thought. By bringing this UX to web3, Dfns is opening a new frontier of applications to billions of potential users.
Leveraging existing technology when possible is also a recipe for success in general. When we write new code we pick our battles, designing new tech that enables features not possible any other way. Every time we write new code, we need to have it closely reviewed and audited, release it open source, and give our users time to review it. It’s efficient to use existing trusted tech when available.