Skip to main content

Vitalik's Ideal Wallet Vision: How Spritz Implements Passkeys, Social Recovery & Account Abstraction

· 9 min read
Anonymous
Anonymous
Spritz Team

In December 2024, Vitalik Buterin published "What I would love to see in a wallet" — a detailed wishlist for the ideal Ethereum wallet. It wasn't just about sending tokens. It was about reimagining how users interact with Web3: seamless cross-chain experiences, robust account security, ZK-wrapped identities, and privacy that actually works.

At Spritz, we've been building exactly this — not just for finance, but for communication.

Why Your Wallet Matters More Than You Think

Vitalik opens with a critical insight that frames everything:

"Wallets are the window between a user and the Ethereum world, and a user only benefits from any decentralization, censorship resistance, security, privacy, or other properties that Ethereum and its applications offer to the extent that the wallet itself also has these properties."

This is exactly why we built Spritz Wallets the way we did. Every Spritz user — regardless of how they sign up — gets a Safe Smart Account powered by ERC-4337 account abstraction. Whether you connect with MetaMask, create a passkey, or verify with World ID, you get the same underlying wallet architecture: secure, recoverable, and portable across chains.

The wallet isn't just for sending money. It's your identity in a decentralized world.

Passkey Authentication: Why It's the Future of Crypto Wallet Security

Vitalik highlights passkeys as a significant security improvement for Web3 wallets:

"Recently, we have started to see more wallets based on passkeys. Passkeys can be backed up on your devices only, making them a type of personal-device solution, or backed up in the cloud... Realistically, passkeys are a valuable security gain for ordinary users."

Spritz has gone all-in on passkeys.

When you create a Spritz account with email, World ID, or Alien ID, you're prompted to create a passkey. This passkey uses WebAuthn with P-256 elliptic curve cryptography — the same standard used by Apple Face ID, Windows Hello, and hardware security keys.

Here's what makes our implementation special:

FeatureImplementation
Phishing resistancePasskeys are origin-bound to spritz.chat — they simply won't work on malicious sites
Hardware protectionPrivate keys never leave the Secure Enclave/TPM
Biometric verificationEvery signature requires Face ID, Touch ID, or PIN
Cross-device supportSign transactions on your laptop using your phone's passkey

The passkey becomes an owner of your Safe Smart Account, letting you sign blockchain transactions with a biometric prompt — no seed phrases, no browser extensions, no phishing risk.

ZK-Wrapped Identity: World ID, Email Login & Proof of Personhood

This is where Vitalik's vision gets truly exciting for mainstream adoption:

"With ZK-SNARKs, we have a fourth option: ZK-wrapped centralized ID. This genre includes zk-email, Anon Aadhaar, Myna Wallet, and many others. Basically, you can take many forms of (corporate or governmental) centralized ID, and turn it into an Ethereum address."

Vitalik specifically calls out that ZK-wrapped centralized ID is "uniquely noob-friendly" — it lets users leverage familiar identity systems while maintaining Web3 properties.

Spritz supports exactly this pattern:

  • World ID — Proof of personhood via Worldcoin's iris-scanning orbs. Your nullifier_hash becomes your Spritz identity, completely unlinkable to your real-world identity.
  • Alien ID — Another proof-of-personhood protocol. Your verified alienAddress becomes your identity.
  • Email — Coming full circle to Vitalik's mention of zk-email. Sign up with your email, create a passkey, and you have a full Web3 identity.

The critical insight is that all of these authentication methods funnel into the same wallet architecture. Whether you're a crypto native with a hardware wallet or a first-timer with just an email address, you get:

  1. A Spritz ID for social features (profiles, friends, messages)
  2. A Safe Smart Account for on-chain transactions
  3. Passkey-based signing for security

Social Recovery Wallets: How Guardian-Based Security Works

Vitalik's security model centers on a concept called guardians — and it solves the biggest problem in crypto: losing access to your funds:

"A user's account has two layers of keys: a primary key, and N guardians. The primary key is able to do low-value and non-financial operations. A majority of the guardians is required to do either (i) high-value operations, like sending away the entire value in the account, or (ii) change the primary key or any of the guardians."

Spritz implements this through Recovery Signers. After your Safe is deployed, you can add an EOA (like your MetaMask wallet or a trusted friend's address) as a backup owner. If you lose your passkey, the recovery signer can help you regain access.

┌─────────────────────────────────────────────────┐
│              Spritz Safe Account                │
├─────────────────────────────────────────────────┤
│  Primary Signer: Passkey (WebAuthn P-256)      │
│  Recovery Signer: EOA Wallet (optional)         │
│  Threshold: 1 of N (any signer can act)        │
└─────────────────────────────────────────────────┘

This isn't full N-of-M multisig recovery yet — but the architecture supports it. Safe Smart Accounts can have multiple owners with customizable thresholds. We're building toward a future where you could have:

  • Your passkey (primary)
  • A trusted friend's wallet (guardian)
  • A zk-email recovery address (guardian)
  • A World ID-linked recovery (guardian)

All protected by the same battle-tested Safe contracts that secure billions in assets.

Cross-Chain & Multi-Chain Wallet Experience: One Address, Every L2

One of Vitalik's core requests for improved wallet UX:

"Your wallet should be able to give you an address... and click 'send'. The wallet should automatically process that send in whatever way it can."

Spritz Wallets are deterministic across all EVM chains. The same passkey produces the same Safe address on Base, Ethereum, Arbitrum, Optimism, Polygon, and more. No chain switching, no bridging confusion — just one address that works everywhere.

Decentralized Messaging: Extending Wallet Privacy to Communication

Vitalik's blog focuses on wallets for financial transactions, but at Spritz, we've extended these principles to communication — because privacy doesn't stop at your tokens.

What good is a secure, private wallet if your messages go through a centralized server that logs metadata?

That's why Spritz is built on Logos Messaging (the evolution of Whisper → Waku). Messages travel peer-to-peer, encrypted end-to-end. No central server sees who you're talking to.

As we covered in our previous post, Vitalik has consistently advocated for decentralized messaging infrastructure. He even donated 128 ETH each to Session and SimpleX Chat — projects building privacy-first messaging without phone numbers.

Spritz combines both visions:

  • Wallet-based identity (no phone numbers)
  • Decentralized messaging (Logos/Waku)
  • Account abstraction (Safe + ERC-4337)
  • Passkey authentication (WebAuthn)

AI-Powered Wallet Security: The Next Frontier

Vitalik ends with a fascinating look at where wallets are headed:

"Through natural language input, eye tracking, or eventually more direct BCI, together with knowledge of your history... a 'wallet' could get a clear intuitive idea of what you want to do. AI could then translate that intuition into a concrete 'action plan'... If a user does interact with a third-party application, the AI should think adversarially on the user's behalf."

At Spritz, we're already exploring AI integration through our AI Agents feature. Users can create AI agents backed by knowledge bases, monetized via x402 payments. But the real potential is in AI-assisted security — agents that can:

  • Warn you before signing suspicious transactions
  • Detect phishing attempts in messages
  • Explain what a contract interaction will actually do
  • Suggest safer alternatives

The decentralized, passkey-secured wallet becomes the foundation for trusted AI assistance.

Building the Cypherpunk Future

Vitalik's wishlist isn't just about convenience — it's about reclaiming the original cypherpunk vision of Web3. Wallets that protect users from both external attackers and their own mistakes. Identities that don't require phone numbers or government IDs. Communication that can't be surveilled or censored.

Spritz is building toward this future:

Vitalik's WishlistSpritz Implementation
Passkey authentication✅ WebAuthn P-256 via Safe
ZK-wrapped centralized ID✅ World ID, Alien ID, Email
Social recovery✅ Recovery signers (expanding to full guardians)
Cross-L2 addresses✅ Deterministic Safe addresses
Privacy-preserving✅ Logos Messaging (peer-to-peer)
Dapp security🔄 Building toward on-chain verification

We're not there yet. No one is. But every feature we ship moves closer to the world Vitalik describes — one where users have true sovereignty over their digital lives.

That's the future we're building. That's Spritz.

Frequently Asked Questions

What is account abstraction (ERC-4337)?

Account abstraction (ERC-4337) allows smart contracts to act as wallets instead of traditional externally owned accounts (EOAs). This enables features like batched transactions, social recovery, and passkey authentication. Spritz uses Safe Smart Accounts with ERC-4337 to give every user these benefits automatically.

How do passkeys work with crypto wallets?

Passkeys use WebAuthn and P-256 elliptic curve cryptography to create phishing-resistant authentication. When you create a passkey, your device generates a private key that never leaves the Secure Enclave (iPhone) or TPM (Windows/Android). The passkey can then sign blockchain transactions using biometric verification (Face ID, Touch ID, or PIN), eliminating seed phrases entirely.

What is a ZK-wrapped ID?

A ZK-wrapped ID uses zero-knowledge proofs to turn traditional identity (email, government ID, or proof-of-personhood) into an Ethereum address without revealing the underlying identity. For example, World ID verifies you're human without knowing who you are, and the resulting nullifier_hash becomes your blockchain identity.

What is social recovery in crypto?

Social recovery lets you designate trusted "guardians" (friends, family, or services) who can help you regain access to your wallet if you lose your primary key. Unlike seed phrases that can be lost forever, social recovery provides a safety net. Spritz implements this through Safe Smart Accounts with multiple signers.

Get Started with Spritz

Ready to experience the wallet of the future? Try Spritz — create an account with just an email or World ID, and get a secure Smart Wallet automatically.

Further Reading:

Share this post: