Using threshold ECDSA and passkeys as the foundation for browser-based wallets
04-07, 10:00–10:20 (Europe/Zurich), Surge Stage

This talk will showcase the intersection of threshold cryptography and passkeys and how they can be used to create a new generation of browser-based wallets. These wallets have the ease of use of custodial wallets, but with reduced trust assumptions.

I will use the example of the Oisy Wallet (https://oisy.com/). An open source (https://github.com/dfinity/oisy-wallet) cross-chain wallet hosted on the Internet Computer that supports the novel concept of network custody. Oisy is developed by the Dfinity foundation.


Passkeys offer a transformative step forward when it comes to authenticating users. They offer a secure but user-friendly authentication method that leverages biometrics, PINs or patterns and eliminates the need for seed phrases. Current Ethereum wallets that use passkeys to sign EIP-4337-compatible transactions require P256 signing implemented by a smart contract. This poses implementation risk, which once EIP-7212 is more widely adopted can be mitigated. In this talk I explore a different architecture, where passkeys are used for authentication and threshold ECDSA signs standard Ethereum transactions. This architecture enables the design and implementation of browser-based wallets, sporting a user experience comparable to custodial wallets, but where effectively the private ECDSA key is owned by the network. We name this model network-custody and we’ll showcase Oisy, as the first browser-based wallet on the IC that supports network-custody. Oisy requires no browser extensions or additional mobile app but only needs a standard off-the-shelf web browser

Andronikos is an entrepreneurial technologist who is currently a senior engineering manager at Dfinity Foundation. Andronikos is leading the front-facing teams of the Internet Computer including the Internet Identity and Oisy wallet teams.