One of the greatest challenges faced throughout the Web3 ecosystem is striking a balance between real ownership of digital assets and a seamless user experience. Historically, two main custodial models for private keys (accounts) have existed: user custody and app custody. User custody offers full self-sovereignty and exclusive control of assets. Conversely, app custody offers great UX and smooth, walletless onboarding for the mainstream. Both approaches offer various trade-offs, however, both leave the feeling that something is missing.
Fortunately, the Flow Blockchain has a solution to this problem, leveraging its native support for account linking. Using account linking, dApps may delegate access of app-custodied accounts to an external user-custodied wallet. Custodianship is effectively shared between the user and the dApp, giving birth to a hybrid custodial model!
Sounds awesome – but how do I build it? In essence, building an account-linking dApp is a two-part process:
- Mange app-custodied accounts – this means finding a custodial solution to control users’ app accounts and provide access when authenticated via some identity provider (walletless onboarding). This is the tricky part!
- Link accounts to user-custodied wallets – this is very straight forward! Account linking can be implemented using standardized, community-built smart contracts. These expose various APIs which allow for fine-tuned access to child (app) accounts to be delegated to parent (user) accounts.
As mentioned, the crux of implementing an account linking dApp is the app custody component. There are concerns regarding security, compliance, liability, and scalability. Furthermore, walletless onboarding requires authenticating users to access their app accounts; this means infrastructure for sending emails, user management, and/or integrations with OAuth providers must established. Building in-house custodial infrastructure is achievable (see Flow Wallet API), however, developers may prefer to use a third-party custody provider based on their own circumstances. This is where Magic Link comes in to play.
The following demo is a very simple account linking dApp built using Magic Link. The dApp has two modes:
Child mode - The user logs into their app-custodied (child) account using Magic Link. In this mode, the user may mint & destroy NFTs in their app account. There are no transaction approval prompts and the user is able to manage their assets with first-class UX. From this mode, they may link their parent wallet from the user menu.
Parent mode - The user logs into their user-custodied account using their wallet. If they have linked child accounts to this wallet, they will appear here. If the user has not linked an account, they must return to child mode to establish this linking. Please note that this mode if mostly for demonstrative purposes, but a dApp developer will typically only be concerned with the “child mode”.
From the parent mode, the user can exercise their ability to control assets in child accounts, despite authorizing transactions from their wallet. This mode serves two key purposes:
Firstly, this demo demonstrates how a hybrid custodianship has been established where both the app and user accounts share ownership of these assets.
Secondly, it juxtaposes the app custody + account linking model against the user-custody model of dApp development. A stark UX contrast is evident; user custody has clunky transaction approvals and scares away mainstream users by requiring a wallet, whereas app custody with account linking presents a seamless experience
A demonstration video and helpful resources are below. Happy Building!
Magic Link Integration with Flow - Watch Video