Reddit Onboarded 3M Users onto Web3: Here’s How You Can Too!

Background

Reddit has quietly ushered in an influx of 3 million users into the realm of web3, all without them even realizing they were stepping foot into the exciting world of blockchain technology. This tech giant has now opened the gates for its users to adopt NFTs as their avatars. These NFT avatars can either be obtained for free during exclusive events like the Super Bowl or World Cup, or they can be purchased using convenient payment methods such as credit cards or Apple Pay, allowing users to snag an avatar crafted by a talented artist collaborating with the platform.

The seamlessness of Reddit's launch and implementation has left millions of its users in shock. They were able to effortlessly create a wallet and successfully mint their very own NFTs, all while Reddit cleverly marketed them as "blockchain collectibles," distancing themselves from the negative connotations that the term NFT has accumulated in recent years. The revelation that, with a simple press of a button and a password, users now held complete ownership of these digital treasures was nothing short of a shocking. Suddenly, the door swung wide open for them to explore the realm of buying and selling these blockchain collectibles.

To put this achievement into perspective, even OpenSea, the largest NFT marketplace, boasts around 1.5 million active monthly users in 2023. The fact that Reddit has managed to outshine such a prominent player in the field is truly remarkable.

Captivated by Reddit's remarkable achievement, our team at Metacommerce wanted to dive deeper into the depths of their vault system, and unveil the story of how Reddit accomplished this extraordinary feat, providing millions with a seamless entry point into the captivating world of web3 and NFTs.

The friction

When a non-web3 user wishes to engage in web3 activities, they are typically faced with a series of steps before they can fully immerse themselves. These steps often include creating a wallet, registering an account on an exchange to fund the wallet, transferring tokens to the newly created wallet, to finally utilize the wallet for their desired purposes.

Unfortunately, the media has been saturated with discouraging stories of phishing attacks, crypto scams, and individuals losing their funds. This constant stream of negative publicity understandably creates a sense of unease for new users, making it less appealing for them to venture into the world of web3 projects. Additionally, the responsibility of securely storing private keys can seem daunting and become a hassle, adding another layer of complexity to the process.

However, blockchain technology has a lot to offer, and despite these challenges, we firmly believe in crafting an experience that addresses these concerns. Our aim is to provide an environment that feels familiar, safe, and significantly reduces the friction involved in onboarding new users. By simplifying the process and offering robust security measures, we aim to empower users to confidently embrace the world of web3 and all the opportunities it holds.

How did Reddit do it?

To uncover the details of Reddit's approach, we took the first step of minting our own NFT on their platform to gain firsthand experience as users. During this process, we observed that the wallet's non-custodial nature became evident when we were provided our private keys.

Further exploration of the vault documentation confirmed that password recovery was not an available option. Notably, we discovered the ability to checkout using Apple Pay, suggesting the presence of a cross-platform payment system. Additionally, when prompted with the transaction verification, we were redirected to polyscan, indicating that the operations were conducted on the Polygon network. Upon examining their smart contracts, we came across an interface that resembled a contract interface we had previously encountered, potentially implemented using the Open GSN library. With the necessary insights and information at hand, our next steps involve utilizing our development expertise and fueling our progress with large amounts of coffee to replicate their flow successfully.

The Goal: A Gas-less NFT drop

Inspired by the success of Reddit's vault NFT drops, our vision was to showcase how other projects could also leverage the power of blockchain technology for new users. We aimed to create a user-friendly wallet effortlessly, while ensuring that it remained non-custodial, granting users complete ownership of their NFTs and funds. Additionally, we wanted to incorporate a credit card payment system, allowing non-web3 users to make payments in a way that mirrors their experience of ordering from platforms like Amazon—a familiar and intuitive process where one does not have to worry about gas fees. By simplifying the user journey and embracing familiar payment methods, we aimed to bridge the gap between traditional online transactions and the exciting realm of web3, offering a seamless and accessible experience for all users.

Wallet Abstraction

The initial step in creating our seamless NFT drop involved abstracting the wallet creation process. To streamline user identification, we integrated Google Single Sign-On (SSO), allowing users to be easily identified with a single click. Once authenticated, users could create a new vault by entering a password.

With these two steps performed by the user, we were ready to handle the remaining steps.

Firstly, we combined the uid received from the SSO authentication service with the user's password. By hashing this combination, we generated the user's privateKey. Leveraging the web3-eth-accounts package, we were then able to generate a wallet from that private key. However, as we aimed to prioritize user security and avoid storing their private keys, we employed a clever workaround. Users were asked to sign a mock transaction, enabling us to generate a signature that we stored for verification purposes. All the generated information, except for the privateKey, was stored in our database.

During subsequent login attempts, we followed the same steps. We took the user's uid and password, hashed them, and signed the same mock transaction to generate a signature. This signature was then compared to the stored one for verification. If the signatures matched, the user gained access to their vault, ensuring a secure and seamless login experience.

Paymaster and Relay system

1. Underneath the hood, Reddit used OpenGSN, an open-source meta-transaction provider that allows wallets to execute transactions without having to pay gas. This allows users to interact with the blockchain without having to have any funds in their wallets. Instead Reddit  funded a contract called a Paymaster which will serve as an account that will pay the gas on behalf o the users.

The flow looks something like this:

2. How did Reddit integrate with their existing auth flow, meanwhile keeping private keys secure and away from Reddit’s custody? They did a 2-step authentication for their wallet.

3. To provide users with a familiar check-out experience, Reddit opted for traditional Web2 payment providers like Stripe & Apple pay, which upon fulfillment, will call a web-hook in their service’s API to trigger an on-chain mintNFT call, crediting the requester’s account with the NFT.

Design

Our designs were crafted with simplicity in mind. To begin with, our SSO sign-in with Google offers a straightforward experience, requiring just a single button press. On the subsequent screen, users are presented with an existing vault if they have one, where they can choose to either log in or create a new one. Once authenticated, users can easily select an NFT they wish to mint, and conveniently view it in the "Your NFTs" section once it is minted, accessible from the header. From there, a simple option is provided to withdraw the item to a different account. Users are prompted to enter an address and select the desired quantity of the item. Our project was driven by the goal of simplicity, and through a minimal number of actions and pages, we have achieved precisely that.

‍