en
Back to the list

Metamask Criticism: Is Your Identity Truly Safe on Web3?

source-logo  coinnounce.com 01 December 2022 09:53, UTC

MetaMask, the most popular cryptocurrency wallet service, received criticism last week after a revision to its terms of service revealed that it was exchanging users' IP addresses with Infura, a piece of blockchain infrastructure developed by MetaMask's developer, ConsenSys. (1)

The top cryptocurrency wallet provider MetaMask faced criticism last week after changing its terms of service to reveal that it shared user IP information with Infura, a component of the blockchain infrastructure developed by MetaMask's developer ConsenSys.

To provide users with a practical way to store and trade their cryptocurrencies without relying on centralized exchanges such as Coinbase and Binance, ConsenSys, a development, and research company led by Ethereum co-founder Joe Lubin, created MetaMask.

What is Metamask?

MetaMask is a "hot wallet," (2) meaning it is placed on your smartphone or internet browser and is constantly communicating with the Internet, contrary to "cold" wallets, which allow users to store their crypto keys on a type of USB thumb drive.

"Hot wallets" are convenient because you only need to remember a login and password rather than a physical thumb drive. Still, theoretically, they are more susceptible to attacks and data breaches because they are constantly linked to the Internet.

But hot wallets like MetaMask are theoretically more private and safe than letting someone else manage your money compared to centralized exchanges.

Many users were horrified to hear that identifying information could have been exposed to Infura, meaning their transaction history was not as anonymous as they once assumed after it was revealed that MetaMask was sharing IP information with Infura, which sparked fury on Twitter.

Nothing is Fully Decentralized

The FTX fiasco and the MetaMask debate from last week brought back a well-worn phrase in the crypto community: "not your keys, not your crypto."

Your money could be taken or misused if you keep it on a centralized platform (as in the case of FTX, which loaned out user funds without users knowing).

Your MetaMask money is only accessible to you. Therefore downloading a hot wallet was meant to be a safer solution to the "not your keys" issue. Users tried to figure out how to use the wallet without linking it to Infura, a so-called RPC service that MetaMask utilizes to communicate with the Ethereum blockchain. However, when they found that MetaMask was also susceptible to centralizing parties.

Although ConsenSys acknowledged in a statement that using MetaMask without Infura is technically conceivable, users do understand that doing so would be confusing and unworkable, necessitating the creation of a new method for extracting data from the Ethereum blockchain.

As the crypto industry rises from the ashes of the FTX, the MetaMask dispute and the anti-centralization discourse that accompanied it serve as a sobering reminder of a harsh reality that it must face: The user experience of crypto has been heavily influenced by centralized intermediaries.

"Centralization," the concept of influence and monitoring from major parties, is considered anathema to the basic, post-2008 ideals upon which the technology was built in the cryptocurrency industry, especially inside the Ethereum ecosystem.

You Need Centralization to Reach Decentralizations!

Around 70% of all Bitcoin transactions were processed by Mt. Gox (3), the first significant cryptocurrency exchange, during its breach in 2014, resulting in the loss of customer assets.

The Mt. Gox catastrophe was meant to remind us of the risks associated with centralized parties in the cryptocurrency space and a call to self-custody and basic principles once again.

Where Do You Keep Your Cryptos?

Despite early indications that consumers switched to decentralized platforms in response to FTX, most people still store and trade their cryptocurrency on centralized platforms like Binance, Coinbase, and Kraken.

It's challenging to advise someone to purchase a cold wallet and utilize Uniswap to exchange cryptocurrency when so many attractive, simple-to-use centralized platforms are available.

It's difficult to conceive that conventional financial institutions won't eventually fill the hole they leave behind with their own strictly controlled crypto entry points, even if more of today's centralized incumbents fail.

Furthermore, the technology that allows ordinary users to access cryptocurrency is not the only one that has given the power to centralized intermediaries; even the fundamental technology that underlies blockchains has not been immune to centralization.

True Decentralization is Expensive

To publish and authenticate transactions, the validators that run Ethereum's blockchain "stake" some amount of cryptocurrency alongside it. However, staking is technically challenging, and incorrectly establishing a staking node can result in severe fines.

However, staking is technically challenging, and incorrectly establishing a staking node can result in severe fines.

As a result, more users invest through centralized platforms like Coinbase and Binance, where they can also earn incentives. Due to their significant influence on the Ethereum ecosystem, even community-driven "decentralized" staking systems like Lido have angered decentralization maximalists.

Creating blocks, which is technically challenging, is how validators gather user transactions and add them to the blockchain. Validators increasingly use third parties like Flashbots to generate blocks to extract MEV—added profit that clever sequencing transactions may make.

The widespread use of the Flashbots block builders, while convenient and profitable, has raised concerns that some transactions, such as those connected to Ethereum addresses authorized by the U.S. Treasury Department, may find it more difficult to enter the blockchain because Flashbots omits the transactions from blocks to appease regulators.

The widespread use of the Flashbots block builders, while convenient and profitable, has raised concerns that some transactions, such as those connected to Ethereum addresses authorized by the U.S. Treasury Department, may find it more difficult to enter the blockchain because Flashbots omits the transactions from blocks to appease regulators.

While technically adept, ideologically motivated cryptocurrency users might find ways to operate and conduct transactions on blockchains per the movement's founding principles, retail investors and financial institutions will continue to favor simple-to-use intermediaries that forego decentralization in favor of simplicity and capitalism.

coinnounce.com