What types of financial services and how will these services be offered to users?
Non-custodial blockchain wallets are the gate to Web3. They are essential building blocks in enabling users to engage with various DeFi protocols, from moving funds, staking, and yield farming to lending and borrowing.
In contrast, custodial wallets, such as centralized exchanges, provide all the ‘security’ users need while giving them the minimum flexibility. In the other spectrum, open-source wallets such as Metamask offer full access and expose the user to infinite ways to get hacked. As we believe in giving the user the most freedom and flexibility available, we acknowledge that some of our users will initially be beginners to crypto. That aligns with our core mission of bringing millions of newcomers into the dua ecosystem.
We believe that users should fully control their private keys, so we will implement an in-app wallet that is fully non-custodial. Users will be able to generate their web3 identities in the app. To maintain an enjoyable user experience for all users (crypto- and non-crypto-savvy), users will undergo the process of creating a wallet only if preferred so in the setting section. They will have the ability to either create a new wallet, import an existing wallet or export it via the secret phrase.
After the launch of the first version, we want to make sure that existing users get prompted with a notification that will inform them of the possibility of creating an account within the application. The app will notify new users if they wish to generate a wallet directly after signing up.
Users will be prompted to create their crypto wallets with us as they sign in. We will create their crypto identity using a piece of their data that we already have. We will ask for a new data set as a PIN that they will remember on their own without us having it. In this manner, we ensure we don’t store any keys in our backend or the complete data needed to recover their account. In this case, even in extreme cases of cyber-attacks - the user accounts would be safe because they belong to the user.
We support multiple accounts within our in-app wallet, and each is safely encrypted in the front end of the application using the secret phrase provided by the user.
The first version of the wallet will require users to remember the mnemonic phrase. For security reasons, they will also set up a PIN, which is necessary to access funds or sign any transaction on the blockchain. Since users are the only owners of the private key, if the PIN is forgotten, they cannot access their funds anymore. It is planned that users can recover their private keys in case of a loss with a social recovery solution.
User experience is crucial as we want to introduce the following 100 million users to DeFi and web3. Sending funds on blockchain to other users can sometimes be overwhelming. Copying and pasting a 42-character blockchain address is not the most efficient way of transferring funds. That is why we will make it as easy as sending a tweet and make it available to transfer funds only with a username.
Users can fund their wallets from another blockchain wallet supporting ERC-20 or directly via on-ramp solutions, which exchange FIAT currencies for cryptographic tokens. The same applies to withdrawing funds from the wallet. Users can transfer funds from the in-app wallet to other non-custodial wallets or use off-ramp solutions that exchange tokens for FIAT currencies. We plan to implement on- and off-ramp third-party solutions in future iterations of the wallet.
A DUA wallet embedded into the platforms will expose all of our users to crypto services.
They will initially be able to:
- Deposit and
This gradual approach gives users an excellent start to continue using our wallet. In addition, we plan to gradually uncover our users to many decentralized finance protocols that the public uses and deems utilitarian. We plan to initially create an internal framework where we can incorporate integrations with different sets of smart contracts, each providing a function for our users.
Because we expect most of our users to be beginners, and we see it as our mission to onboard them into crypto, we also know the high responsibilities of that role. Therefore, we will aim to reduce friction and provide good user experiences. In this case, a potential cyber-attack or loss of funds is the ultimate bad experience. Numerous studies show that one of the main reasons for skepticism of crypto adaptation is the security aspects of the operation.
For that reason, we have decided to implement the DUA Layer, which helps our protocol and users in two ways:
- Avoids many pitfalls of cyber-attackers and scammers that cause loss of funds,
- Creates an extra DeFi utility for the DUA Token,
- Lowers the fees of interacting with DeFi to the end user
The leading cause of loss of funds we evaluate comes in two folds:
- The user shares their private key or secret phase with a malicious party, usually through social engineering or phishing.
- The user interacts with a malicious address or smart contract that obscures transactions to look normal but is, in fact, malicious. A typical example is providing ERC-20 allowances to malicious contracts.
To solve these issues, we will implement a feature that will take a time limit between when the user requests to see their private key and when they can see it. The limit can be as low as 30 minutes or up to 3 hours. They will be presented with a screen showing common cyber-attacks and scams in that limited time. Hopefully, suppose it is a malicious request. In that case, they will have enough time to reflect and not share their secret with malicious parties.
The second level of security that we will introduce is an interface-wide whitelist of contract addresses. This interface will limit access to smart contracts that we haven't added to our user list. We know that each user will have a different level of crypto education. Therefore, we will allow interactions with the sets of smart contracts depending on the user's in-app experience and their level of crypto education. Suppose a novice user tries to interact with a malicious smart contract. In that case, our interface will refuse to allow the transaction to occur.
The third feature is the one that pertains to loans and yield generation interactions. Using smart contracts that provide yield or loans is expensive regarding gas fees. It does make sense for the user if they are working with a large number of funds, which we believe will not be the case for our beginner users. We also will introduce a way to limit gas expenditures for our users, so they do not spend all their funds on gas fees during congestion times. Instead, we suggest other times when blockchain activity has decreased. Finally, we will provide a smart contract layer where interactions with yield-generating protocols or loans will be intermediated by us, using different campaigns to encourage users to join them as a group to save gas fees.
Where possible, we will group our user's intentions and collect them together in our smart contract for a batch transaction into the actual DeFi protocol contracts. We are also planning to have a way to provide extra collateral in some instances where it can benefit our users, and it is safe for us to do so.
In these grouped transactions, DUA will hold a small % of returns for the provided added security and usability from users' profits; the collected % will be again redistributed to DUA stakers, strengthening trust in our token holders. In addition, we will encourage users to stake in our governance pools to get lower fees and higher returns from these interactions.
We plan to allow users to make swaps across different tokens by incorporating support for the swapping contracts of the most prominent protocols that enable DeFi decentralized exchanges to process billions of dollars worth of exchange transactions. We will allow direct swapping from our app with the complete set of native functions that DEX’es provide and add security features in the interface layer to support early users while giving them the freedom to turn such options off.
Given that our users move higher balances with our non-custodial wallet, we can create the basis for implementing a crypto-loan protocol supporting functionality within our application. These would be backed by crypto collateral. We would provide users with ways to open the loan, with a rich interface on its performance and an ability to close the loan.
Traditional finance fails to provide returns for simple accounts with higher balances. We believe there are many unexplored options for the crowds in DeFi. We currently have a large user base of people open to exploring crypto offerings, so we believe passive yield derived from protocols in DeFi would be a great way to introduce them.
User data in our ecosystem is the holy grail. Our principles define that we cannot do with it as we please without users’ explicit permission for a specific task and for a limited time. We believe that we can provide our users with value beyond DeFi if they wish to enroll in it. We plan to give users finance opportunities within the traditional finance system through external partnerships.
Our algorithm already has a reputational value and user history. Therefore, our users can apply for a quick loan through an external partner of ours, share the data they agree to share with them, and then receive a loan using traditional means. We will not be a bank, but we will allow external licensed companies to offer these services to our clients with mutual agreement.
In the first phase of our operational plan, we plan to build the infrastructure for our users to interact with DeFi protocols that do not require any KYC.
Given that some initial users won ’t be crypto-savvy, we believe providing extra security and limited protocol interactions is a great advantage for our wallet. For example, Metamask and other wallets are unsecured and unstable, meaning their users can interact directly with millions of addresses and smart contracts on the chain unrestricted.
We believe in total freedom, but we are also aware that onboarding people into that level of freedom has to be done gradually to not expose our users to cyber-attacks, spam, and losses we see happening daily. Therefore our wallet will have a limited set of contracts that it can interact with initially, pre-approved, and the logic they interact with will be written and deployed by the team, keeping the user’s best interest in mind.
We believe regulation should play a role one way or the other for people to adopt blockchain-based financial services massively. Unfortunately, regulation in the current form does not fit the principles of decentralized protocols, and it risks affecting innovation in the space. Different jurisdictions follow different paths when it comes to cryptographic assets. Some are banning them, and some are still in a grey area where rules of conduct are not defined well. In some cases, like in El Salvador, Bitcoin has been adopted as a legal tender. There is a full spectrum of how countries and regulators interpret blockchain and its financial applications in the real world.
In a world where privacy is becoming an issue both when being active on the internet, on social media, and when transacting online, it becomes essential to consider what future lies ahead if we do not address these issues today. We strongly advocate the right of total privacy on the internet, regardless of the service used, and set it as our top priority for our users. Having the right to privacy in transactions does not mean tolerating fraudulent actions. On the contrary, it means taking advantage of the latest technology applications to ensure that every process is compliant but private.
Our vision for the years to come is to be one of the main bridges to web3 and DeFi for underserved communities. We believe that following the path of a potential licensing of our financial services in jurisdictions where underserved communities live is a necessary step towards massive adoption.