Skip to main content
JUST TECH SOLUTIONS
6 min read J.P.

Web3 Without a Wallet: Lowering Onboarding Barriers for Non-Crypto Users

Last week, a colleague of mine tried to invite her mother to join a DAO. Her mother is 68 years old, has been using the internet for twenty years, shops online, makes video calls with her grandchildren, and manages her banking digitally. She is, by any reasonable definition, a competent internet user.

The attempt failed after eleven minutes. Not because her mother did not want to join. But because the onboarding process asked her to install a browser extension, write down a seed phrase of twelve words, understand what "gas fees" are, and "sign" a transaction. She closed the tab and said: "Call me when it gets easier."

This is not an edge case. This is the normal case. And it is the biggest unsolved problem in web3.

The Wallet as Gatekeeper

Do not get me wrong: wallets are a brilliant concept. The idea that you control your own digital identity without depending on a central provider is one of the most important innovations of the last decade. But an innovation that can only be used by technically savvy people is not an innovation — it is a prototype.

And that is exactly where we are. MetaMask, the most widely used Ethereum wallet, has approximately 30 million monthly active users. Sounds like a lot — until you compare it to Facebook's 2.7 billion users. Web3 does not even reach one percent of the people who use Web2 daily. And the main reason is not a lack of interest. It is the wallet.

For DAOs, this is particularly problematic. A DAO lives on participation. If 95 percent of potential members fail at onboarding, the DAO does not have a governance problem — it has an access problem. And an access problem you ignore eventually becomes a legitimacy problem.

Account Abstraction: The Technical Bridge

The good news: the Ethereum community has recognized the problem. ERC-4337, the standard for account abstraction, is perhaps the most important step toward mass-market web3. The core idea is elegantly simple: instead of every user needing an Externally Owned Account (EOA) with a private key, accounts themselves become smart contracts.

What does this mean in practice? It means that the rigid link between "owning a private key" and "being able to interact with the blockchain" is broken. A smart contract account can accept any authentication method. Passkeys, biometric data, social login, even email and password. The user does not need to know that a blockchain exists in the background.

Then there are paymasters — smart contracts that pay gas fees on behalf of the user. Imagine joining a DAO and being able to vote, comment on proposals, and participate immediately. No wallet installation, no seed phrase, no gas fees. The DAO or a sponsor covers the transaction costs. The user notices the blockchain about as much as a Gmail user notices SMTP.

Social Login as the Entry Point

Account abstraction alone is not enough. You also need an authentication mechanism that people already know and trust. And that is social login.

Services like Web3Auth or Privy allow users to sign in with a Google, Apple, or email account while generating a cryptographic key in the background. The key is stored via a distributed key management system — no single provider has access to the complete key. From the user's perspective, it is a normal login. From a technical perspective, a web3 account is being created.

I can already hear the objections: "But that is not really decentralized!" And yes, you are right. A social login via Google is not self-sovereign. But here is the decisive question: what is more decentralized — a user with a Google-based web3 account, or a user who has no web3 account at all because they failed at onboarding?

Perfect is the enemy of good enough. And "good enough" here means: getting people through the door.

The Migration Path: From Custodial to Self-Custodial

The truly elegant part of this approach is that it does not end in a dead end. A user who starts with social login can gradually migrate toward greater sovereignty. The path typically looks like this:

Stage 1: Custodial. The user signs in with Google. A smart contract account is created. Keys are managed by the service. The user can participate in the DAO but has no direct control over their key.

Stage 2: Semi-custodial. The user adds a passkey or hardware device as an additional authentication factor. They now have a direct way to recover their account without relying on the social login provider.

Stage 3: Self-custodial. The user removes the social login provider as an authentication method and manages their keys entirely on their own. They have full control and full responsibility.

This migration path is possible because account abstraction allows authentication methods to be changed after account creation. With a classic EOA, this is not possible — your private key is your account. With a smart contract account, the account is independent of the authentication method.

What This Means for DAO Developers

If you are building a DAO or a DAO application today, you should offer wallet-based login as one option among several, not as a prerequisite. Concretely, this means:

Integrate a social login provider like Web3Auth or Privy. Configure a paymaster that covers gas fees for new users during their first weeks. Design the onboarding so that not a single step requires web3 knowledge. No seed phrases, no wallet extensions, no jargon. And offer a clearly documented path to self-custody for users who want to take that step.

The most important test: could your mother complete the onboarding process? Not your tech-enthusiast friend. Not your colleague who already has three wallets. Your mother. If the answer is "no," you still have work to do.

The Cost of the Status Quo

I sometimes hear the argument that wallet-less onboarding dilutes the "purity" of web3. That users need to understand what they are using. That self-responsibility must not be optional.

This argument reminds me of the Linux community in the early 2000s, which refused to build graphical installers because "anyone who wants to use Linux should also master the command line." The result was that Linux remained irrelevant on the desktop for years. It was only when Ubuntu came along and said "Linux for human beings" that things changed.

Web3 needs its Ubuntu moment. Not because simplification is a compromise, but because it is a prerequisite for relevance. A DAO with ten technically brilliant members is less powerful than a DAO with ten thousand ordinary people. Decentralization only works at scale. And scale only comes with accessibility.

The technology is ready. ERC-4337 is live. The social login providers work. The migration paths have been designed. What is missing is the decision to actually use them. And that decision starts with every single DAO that is designing its onboarding today.

Because if your onboarding page still has "Connect Wallet" as the only button, you are essentially saying: "We only want people who are already here." And for an organization that calls itself decentralized and open, that is a pretty exclusive statement.

Back to Blog