Apple just killed Local Storage: what that means for Burner Wallets

Browser based wallets known as “Burner Wallets” have become a popular part of the cryptocurrency ecosystem. Today, there are many variations of these wallets, such as the original xdai.io, the Dai Card, or the hundreds of wallets that have been deployed through the Burner Factory.

The one thing all these wallets have in common: they all store the user’s private key in the browser’s Local Storage. Wallets use Local Storage so they can remain non-custodial, while still letting users send transactions without installing any apps or extensions.

Unfortunately, a recent change by Apple to Safari its Webkit engine threatens this storage model.

What exactly is changing?

A recent blog post by Apple’s Webkit announced that it will begin enforcing a “7-Day Cap on All Script-Writeable Storage”.

This change was intended to disrupt third-party tracking, but has the side effect of effectively killing client-only Progressive Web Apps.

Apple’s post is light on details about how this policy will be implemented. Based on Twitter responses and a thread on Hacker News, it appears that every iOS will keep a “clock” for how long it has been since the user has visited a site. However, this clock is only incremented on days that the user opens that app. This means if you don’t open Safari over the weekend, your expiration clock won’t increase.

Note that on iOS devices, third party apps are forced to use Webkit for web rendering. That means that other browsers like Chrome or Brave on iOS will likely be subject to these same restrictions.

What does this mean for Burner Wallets?

Mainly, this emphasizes what we already knew: Burner Wallets (in their current form) aren’t good for holding assets long-term. This change currently only affects Safari users, but it’s possible other browsers may follow suit at some point. If you’re keeping money in a Burner Wallet, you should back up that key.

Currently, this won’t affect the primary use cases of Burner Wallets: events (ex. ETHDenver, Dappy hours) and demoing new technology (Fuel Burner, Dai Card).

Events such as hackathons and dappy hours take place over hours or days, nobody is expected to keep using their BuffiDai tokens after the event is over. Furthermore, many of these events use unbacked, “play-tokens” anyways, so no value would be lost.

How can Burner Wallets adapt?

Just because most Burner Wallets today aren’t used for storing significant funds, doesn’t mean that wallets can’t eventually hold real money.

So how do we work around Apple’s new restrictions?

Thankfully, there is one exception to this new rule:

…the seven-day cap on script-writable storage is gated on “after seven days of Safari use without user interaction on the site.” That is the case in Safari. Web applications added to the home screen are not part of Safari and thus have their own counter of days of use.

Websites added as “apps” to the home screen get a pass.

Unfortunately, there’s no “easy” way to prompt a user to add a website to their home screen, users must find the button hidden inside Safari’s “share” panel. Future Burner Wallets will likely display warnings to Safari users, prompting them to add the wallet to the home screen & secure their funds.

“Add to Home Screen” will allow web apps to maintain their storage longer than 7 days

However, this is just a band-aid on the problem. The true solution is to not make accounts completely dependent on a locally stored key.

ETHDenver 2020 introduced an exciting new Burner Wallet feature: counterfactual contract wallets. Contract wallets allow us to separate the “wallet” that custodies funds from the private key that signs transactions. Contract wallets can accept transactions from multiple signers, meta-transactions, support social-recovery, etc.

These contract wallets can be combined with third-party key-management services such as Fortmatic. Having your storage cleared isn’t a problem if you know you can just log in to Fortmatic with your email address.

These technologies are still in the experimental phase, however this new policy by Apple will definitely expedite their development.

TLDR: Apple’s new policy is frustrating, but our wallets will live to burn another day. 🔥🔥🔥

Thoughts? Contact me on Twitter at @dmihal, or join our Telegram group.

If you’d like to support this project, please consider making a contribution on Gitcoin grants. Gitcoin CLR Matching runs until April 7th, so every contribution can have a big impact!

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Ulord Project Progress(From September 23, 2021 to September 29, 2021)

Omen-cron

Capdax — Factual Findings

7 Things You Need To Know If You Want To Take The Crypto Market By Storm In 2018.

Sustainability & Crypto Token Prices (Feb’21 Monthly Reads)

The Peanut butter and Jelly of Crypto Miners: HEX & MATIC

Research Trail—PCHAIN (PAI, was PCH)

7 Smart Ethereum Price Prediction Methods for HODL’ers

7 Smart Ethereum Price Prediction Methods for HODLers

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Mihal

David Mihal

More from Medium

The Graph’s role in Web 3.0

Shopify Hydrogen: Cache overview

Launching your Startup on a Droplet

Automated Market Maker: What is AMM and its role in DeFi?