ONTO Wallet: Creating a Secure and User-Friendly Web3 Experience

Author: Thor, GoPlus Chinese Community

Web3 represents the next era of the internet, signifying decentralization, privacy protection, composability, permanent storage, ownership of data, and value creation. These features herald infinite possibilities while also bringing new challenges. In fact, the cumbersome Web3 operational experience imposes a significant cognitive cost on new users. On the other hand, the Web3 industry in a decentralized context is fraught with risks, much like the Wild West, filled with various scams, phishing attacks, and other security hazards that deter new users.

ONTO Wallet aims to address the two major pain points of Web3 by providing a data client based on a DID decentralized identity system to enhance the cumbersome user experience of Web3, and by integrating multiple API security service solutions provided by the secure solution GoPlus to improve the security of the user transaction environment. ONTO Wallet hopes to provide users with an entry point into Web3, allowing them to seamlessly enter the decentralized world with a low barrier while efficiently and securely managing their crypto assets and digital identities.

Usability and Smooth User Experience

For a newcomer, Web3 is an entirely new domain with a user experience vastly different from Web2. If you are a novice in the crypto world, switching from Web2 to Web3 usage habits can be quite uncomfortable.

ONTO Wallet has optimized the Web3 user experience in several aspects to provide a seamless interaction experience for crypto users, aiming to reduce the cognitive cost and operational threshold for new users.

1) Decentralized Identity System ------ The Passport to the Web3 World

In the Web2 world, digital identities are platform-centric, with each user having multiple identities across various platforms by registering different accounts. All data generated by users is tied to these platform identities, and platforms monetize by collecting and controlling personal information and the data produced. In other words, accounts on different Web2 platforms do not interconnect, and users cannot own or control their identity data.

Web3 promises to return data ownership to users to change this situation. All interactions of Web3 users are based on wallet addresses, and a series of activities around the address constitute the digital identity of Web3 users ------ a decentralized identity system (DID), which builds the user's identity profile in the decentralized digital world.

Unlike the scenario in Web2 where users log into different platforms using multiple sets of email and password combinations, users can log in and access various dApps using ONTO's unique digital identity and data system (ONT ID), even accessing broader functionalities within the Web3 ecosystem. ONT ID serves as the passport to the Web3 world, allowing users to control on-chain assets and manage identity data, thereby better protecting data privacy.

2) More Readable Domain Resolution Solutions

We know that crypto wallet addresses consist of long strings of alphanumeric characters. ONTO Wallet integrates domain solutions like FIO Crypto Handles and Unstoppable Domains to convert these wallet addresses into human-readable domain names, allowing access to Web3 dApps and providing multi-chain support.

3) Multi-Chain Support

For new users, a difficult concept to grasp is that the tens of thousands of crypto assets in the market are not supported by a single wallet. The mainstream crypto wallet MetaMask supports crypto tokens in the Ethereum ecosystem but does not support Bitcoin, along with dozens of other public chains and their respective supported wallets, making it very costly for new buyers, traders, and investors to learn.

ONTO Wallet supports multi-chain asset management, allowing users to easily manage various categories of crypto assets across more than 40 blockchains with a single ONT ID, from tokens and NFTs to privacy data.

Currently, ONTO supports over 40 public chains, including Ethereum, BNB Chain, Ontology, Polkadot, and Polygon.

4) Support for Accessing NFT Markets and Over 1000 dApps

ONTO Wallet supports displaying, sending, receiving, and trading NFTs, and allows users seamless access to over 1000 dApps from different public chains. Seamless access experience means that users can switch to addresses on other chains directly within the dApp without repeatedly switching tabs, aiming to provide the best user experience.

5) Built-in Native Token Trading and Bridging Functions

ONTO Wallet provides in-app native trading and bridging functions, allowing users to trade assets instantly at optimal rates (the aggregated trading service provider is OpenOcean, and the bridge is PolyNetwork).

6) Address Scanning Function, Automatically Detecting Digital Assets and NFTs

ONTO Wallet features a unique address scanning function that can detect and add digital assets and NFTs with balances in user addresses in real-time, obtaining relevant market prices and information about related tokens and projects. With this function, users do not need to manually add assets or worry about forgetting what assets they have.

Providing Multi-Dimensional Security Assurance

Unlike Web2, security issues are even more critical in the Web3 domain, as security risks are related to assets for Web3 users, potentially leading to millions in property loss, and the decentralized nature means that lost assets are harder to recover.

Like any new and unregulated technology, the early crypto industry resembles the Wild West, filled with various scams, frauds, phishing, and hacking incidents, where a careless mistake can lead to property loss. The emergence of various new scams and hacking incidents poses significant security risks, deterring new users.

ONTO Wallet prioritizes asset security as its highest priority. ONTO itself is a decentralized data client that does not store any data, making it immune to external attacks. Additionally, ONTO integrates multiple API security service solutions provided by the Web3 security infrastructure GoPlus to offer security detection and alerts for users in various scenarios such as token trading, NFT trading, transfers, and application authorization, minimizing the occurrence of security incidents.

Token Detection

When users conduct token transactions in ONTO Wallet, the token security detection service is automatically triggered. This service performs real-time security detection and assessment of the transaction token from several dimensions, including the token's basic information, contract security, transaction security, and information security. If any issues are detected, users will receive risk alerts.

Moreover, users can also view the introduction page of any token to check the risk detection level, whether it is "risky" or "safe."

By clicking to the next page, users can further view more detailed security information and richer security risks about the token:

The powerful token security detection service of ONTO Wallet is supported by the free Token Security API provided by GoPlus, which is one of the most comprehensive and accurate security services for token data currently available on the market. As of October 21, 2022, the number of covered currencies reached 1,600,904 (this database is automatically updated in real-time daily with thousands of new entries, ensuring the fastest and latest coverage of new tokens), with daily call volumes reaching 2 to 3 million times.

Address Detection Service

When users perform transfer transactions using ONTO Wallet, it automatically detects the receiving address for the transfer, identifying various risk behavior indicators related to phishing activities, ransom activities, coin theft attacks, malicious mining, money laundering, mixing, and financial crimes. If an address is deemed malicious, users will receive a security warning, informing them that the address is malicious and advising against proceeding with the operation.

The malicious address detection service of ONTO Wallet is supported by GoPlus's powerful malicious address detection API service. This API solution supports multiple public chains, including Ethereum, BNB Chain, Polygon, HECOP, Arbitrum, and Avalanche, aggregating data sources from various security companies such as SlowMist and BlockSec. It leads the market in terms of coverage (across multiple public chains), cross-asset (supporting both ERC 20 and NFTs), sample diversity (data sources and sample analysis models from multiple security companies), timeliness of inclusion (rapidly updating and including the latest malicious assets on the market, Note: The most frequent occurrence of black addresses is in the category of malicious assets), and completeness (currently, the cumulative number of black addresses has exceeded 100,000, and this dynamic sample library continues to update and grow).

Currently, GoPlus provides free API access services to partners, whereas other AML services on the market are mostly paid, especially for financial institutions, which charge very high fees.

NFT Security Detection

The built-in NFT market of ONTO Wallet integrates NFT security detection services. If a security risk is detected in a certain NFT project, a risk alert will be triggered, and users can click to jump to the corresponding security report.

The NFT security detection service of ONTO Wallet is also realized through the integration of GoPlus's NFT security detection service.

In response to the rampant NFT scams and counterfeit NFT schemes in the current NFT market, GoPlus conducts contract-level security detection on NFTs, assessing over 20 contract security detection items such as "whether the contract is open-source, whether there are proxies, whether there are malicious behaviors, and whether there is a black history," to identify and detect the authenticity of NFT projects in the market, preventing users from being deceived and suffering property losses.

GoPlus's NFT security detection service is free and currently supports Ethereum, BNB Chain, and Polygon public chains. Additionally, GoPlus's NFT security detection service is not only the most comprehensive in terms of data (covering over 160M) but also has the most certified NFTs (over 4M+ certified NFTs).

Authorization Contract V1 Version:

ONTO Wallet allows users to seamlessly access over 1000 dApps from different public chains. When users use decentralized applications in ONTO Wallet, ONTO will perform security detection on the authorized contract addresses. If any risks are found, the authorized address will display a red risk indicator, reminding users not to proceed with the "confirm" authorization operation, ensuring the security of user assets.

This solution of ONTO Wallet utilizes GoPlus's free security detection service for authorization contracts (V1 version). This version mainly provides a series of information related to the open-source nature, proxies, and contract creators of authorized contracts, building a complete whitelist database by collecting authorized contracts from major legitimate dApps in the market, and combining it with a malicious address database and on-chain data analysis to achieve rapid updates of the malicious address database, maximizing the protection of user asset security.