This section aims to dive slightly deeper into the “how” of web3, taking a deeper look at the technology used, and covering the different subspaces within web3 that are being developed.
Traditional web applications rely on a stack of technologies to function, and while there is some overlap between traditional application stacks those of web3 applications, the heuristic is that DLT is used in web3 apps anywhere a traditional counterpart could have single points of failure.
The standard way to classify the tech used in any application is into three buckets: frontend, backend, and data storage. Both traditional web apps and decentralized apps (dapps) have these components, though some apps may need neither a backend nor data storage.
In short, frontends are similar between web2 and web3, but the backend in web3 apps is code on the blockchain, and data storage is done with decentralized providers - read on for more!
Before discussing the tech stack, let’s take a quick look at some basic cryptography.
In traditional (synchronous) cryptography, two parties that want to share secrets with each other need to exchange a secret value, known as a private key, that they can use to encrypt messages that they send to each other. If their messages get intercepted, an attacker cannot decipher the messages being sent without the private key. The problem with this type of cryptography is that the participants need to find a secure channel in which to exchange the private key initially.
The development of asynchronous or “public-key” cryptography solved this issue. Here, each of the participants has two keys, one private key which they keep secret and one public key which they publish to the world. If Alice wants to send Bob a message, she uses Bob’s public key to encrypt it, and send the encrypted message to Bob. Bob can then decrypt the message with his private key. Additionally, Alice can “sign” the message with her private key, and Bob can verify that is was Alice who signed the message using her public key.
Because Alice’s private key is private to her, she is the only one that can sign messages using corresponding to her public key, similarly to how only one person can sign their own signature, but this digital signature is far, far more difficult to replicate than one in ink.
Blockchain technology relies on these signatures as a way to verify that every transaction that comes from any given person was actually authorized by that person. Anyone can try to write to the ledger saying “Alice sends $5 to Bob” but only Alice can sign that transaction, because she is the only person that holds her private key.
A crypto wallet is a piece of software that is used to interact with the blockchain. Modern wallets have many features, but the only core feature of any wallet is that it stores the user’s private key or keys. It’s also important that the wallet can create transactions when the user wants to make a transaction, and the wallet should me able to sign that transaction using the stored private key.
Finally, a basic wallet is typically also able to take that signed transaction and send it to the blockchain network for it to be added to the ledger. All of this is accessible through some sort of user interface, typically as a mobile or desktop app, and often as a browser extension.
A common misconception given its name is that a wallet actually stores cryptocurrency like a traditional leather wallet stores cash, but this is not the case, it only stores the information necessary to authorize a transaction. You can think of a crypto wallet less as a wallet holding cash, but rather a wallet holding debit cards - your money isn’t in the debit card, the card simply validates to the bank that it’s you who’s sending money. The card is like the private key, and the wallet which holds the cards is like a crypto wallet which holds private keys.
What a private key actually looks like is 256 random ones and zeros, or 32 random bytes, being 64 hexadecimal characters. Because it’s difficult to memorize 64 digits and also difficult to write them down on paper without making a copying mistake, we can represent this key as a series of 12 or 24 words, which are easier to remember and much easier to copy down.
This is why when you create a crypto wallet using popular services like MetaMask, they will provide a mnemonic or seed phrase for you to write down. This mnemonic can be used to generate many crypto private keys and thus many crypto accounts. It’s also important to understand that your seed phrase or private keys are the only thing you need to fully control a crypto account, if you lose them, you lose access to that crypto forever. If they are stolen, the thief has full access to the corresponding crypto account(s). Keep em safe.
There are also services that provide crypto “wallets” without ever providing the private keys associated with the crypto accounts. These are called custodial wallets and they are not really crypto wallets at all. Realistically, the service that provides this wallet has the actual crypto wallet because they have the private keys. They may make transactions with this wallet on your behalf, but you never really have access to the crypto because you don’t have access to the private key.
As the saying goes, “not your keys, not your crypto.”