Updated: December 4, 2025 — Crypto wallets are evolving from simple key containers into programmable identity, finance, and commerce gateways. This article analyzes the market, leading actors, the latest news, and what it all means for builders and users.
TL;DR
- Fees on major Ethereum Layer-2s fell sharply after the Dencun/EIP‑4844 upgrade, accelerating smart account and mobile-first wallet UX. ([blog.ethereum.org](https://blog.ethereum.org/2024/02/27/dencun-mainnet-announcement?utm_source=openai))
- Smart accounts (ERC‑4337 and Safe) and MPC wallets are converging on “seedless” recovery via passkeys and social/enterprise policies. ([rhinestone.dev](https://www.rhinestone.dev/blog/account-abstraction-2024-1d35f811f391?utm_source=openai))
- Security remains a moving target: recent high-profile supply‑chain and front‑end compromises (e.g., Bybit via Safe UI; Ledger Connect Kit 2023) are pushing wallets toward clear-signing, transaction simulation, and code integrity hardening. ([reuters.com](https://www.reuters.com/technology/cybersecurity/fbi-says-north-korea-was-responsible-15-billion-bybit-hack-2025-02-27/?utm_source=openai))
- Regulation is crystallizing: EU MiCA is live with national transition periods into 2026; in the U.S., 1099‑DA starts phasing in from 2025 and wallet-by-wallet cost‑basis rules apply. ([eba.europa.eu](https://www.eba.europa.eu/publications-and-media/press-releases/eu-supervisory-authorities-warn-consumers-risks-and-limited-protection-certain-crypto-assets-and?utm_source=openai))
Market snapshot (2025)
Wallets now span four pillars: consumer self‑custody (MetaMask, Base app, Trust Wallet), hardware “signers” (Ledger), smart‑account platforms (Safe, Argent), and institutional MPC custody (Fireblocks, Copper). On Ethereum, lower L2 fees and account abstraction are shifting UX toward seedless onboarding and bundled actions, while institutions standardize on policy‑based MPC. ([ethereum.org](https://ethereum.org/en/roadmap/dencun/?utm_source=openai))
Technology drivers
1) Data availability cuts and L2-first UX
Ethereum’s March 13, 2024 Dencun upgrade introduced EIP‑4844 “blobs,” reducing L2 data costs and enabling near‑penny transactions on many rollups. Wallets can now default to L2 settlement with fewer fee shocks, opening room for features like subsidized gas (paymasters), batched flows, and on‑ramp-to‑L2 journeys by default. ([blog.ethereum.org](https://blog.ethereum.org/2024/02/27/dencun-mainnet-announcement?utm_source=openai))
2) Account Abstraction (AA) and Smart Accounts
AA lets wallets become programmable accounts with built‑in recovery, session keys, and sponsored gas. In 2024, deployments of ERC‑4337 smart accounts and Safe accounts surged; by Q1 2025, Messari reported 41.6M+ total Safe accounts with 116.7M quarterly transactions (heavily driven by specific ecosystems). This momentum is reshaping onboarding and security defaults. ([rhinestone.dev](https://www.rhinestone.dev/blog/account-abstraction-2024-1d35f811f391?utm_source=openai))
3) MPC for consumers and institutions
MPC splits signing authority across independent shares, eliminating single private‑key exposure and enabling granular policies. Enterprises continue standardizing on Fireblocks’ MPC stack (e.g., Euronet cross‑border payments), while consumer wallets like ZenGo push “no seed phrase” experiences and 3FA recovery. ([globenewswire.com](https://www.globenewswire.com/de/news-release/2025/10/16/3167975/0/en/Euronet-Chooses-Fireblocks-to-Support-Cross-Border-Stablecoin-Payments.html?utm_source=openai))
4) Passkeys and seedless recovery
Passkeys (WebAuthn/FIDO2) are moving mainstream in wallets. Coinbase’s smart wallet and Trust Wallet’s SWIFT AA wallet use passkeys for seedless access and gas abstraction—critical for mobile onboarding. The approach trades some decentralization for usability; builders must design for portability, redundancy, and vendor neutrality. ([help.coinbase.com](https://help.coinbase.com/en-gb/wallet/getting-started/smart-wallet-passkeys?utm_source=openai))
Competitive landscape and key actors
Hardware “signers” and clear‑signing
Ledger reframed its devices as universal “signers,” launched the Nano Gen5 (~$179) and a revamped Ledger Wallet app, emphasizing clear‑signing, mobile connectivity, and identity use cases as wallets expand beyond assets to attestations. ([coindesk.com](https://www.coindesk.com/tech/2025/10/23/ledger-unveils-usd179-nano-gen5-built-for-identity-in-an-ai-driven-world?utm_source=openai))
Consumer wallets
- MetaMask: Smart Transactions introduced pre‑simulation, MEV protection, and higher success rates; 2025 roadmap adds ERC‑5792 batched flows for one‑click actions. ([metamask.io](https://metamask.io/news/introducing-smart-transactions?utm_source=openai))
- Coinbase (Base app): Coinbase Wallet rebranded to “Base app,” tying identity, smart accounts, payments, and mini‑apps into a single onchain super‑app. ([coindesk.com](https://www.coindesk.com/tech/2025/07/17/coinbase-wallet-becomes-base-app-in-major-rebrand?utm_source=openai))
- Trust Wallet SWIFT: AA‑powered “SWIFT” targets gas abstraction in 200+ tokens and passkey‑based security to reduce setup friction. ([trustwallet.com](https://trustwallet.com/blog/announcements/introducing-trust-wallet-swift?utm_source=openai))
Institutional stacks
Institutions lean into MPC with orchestration, governance, and policy engines—Fireblocks extended its network integrations and acquired Dynamic to bridge custody and consumer onboarding, signaling a custody‑to‑commerce stack for enterprises. ([theblock.co](https://www.theblock.co/post/299324/fireblocks-partners-with-coinbase-international-to-extend-security-governance-and-policy-support?utm_source=openai))
Security events shaping wallet design
The Bybit/Safe UI incident (February 2025)
A targeted front‑end compromise of Safe’s web interface helped attackers redirect a routine Bybit cold‑to‑warm transfer, leading to a ~$1.5B theft later attributed by the FBI to North Korean actors. While Safe’s smart contracts were not compromised, the attack highlighted supply‑chain and UI integrity risk for multisig flows. Expect more hardware‑verified “what‑you‑see‑is‑what‑you‑sign,” deterministic builds, and client‑side verification in wallets. ([reuters.com](https://www.reuters.com/technology/cybersecurity/fbi-says-north-korea-was-responsible-15-billion-bybit-hack-2025-02-27/?utm_source=openai))
Our take: Builders should pin and verify static assets, enforce content‑security policies, cryptographically sign front‑end bundles, and require independent transaction simulation before signing—especially for privileged treasury flows. ([dfns.co](https://www.dfns.co/article/the-bybit-safe-hack?utm_source=openai))
Ledger Connect Kit (December 2023) and the ecosystem response
A malicious NPM package version of Ledger’s Connect Kit briefly propagated to dApps; although patched quickly, it demonstrated industry‑wide supply‑chain risk. Wallets increasingly combine allow‑listed dependencies, runtime transaction simulation, and hardware‑level prompts to mitigate such attacks. ([ledger.com](https://www.ledger.com/blog/security-incident-report?utm_source=openai))
Regulation watch: what changes for wallets
EU MiCA enters the operational phase
ESMA finalized initial CASP rules in 2024. MiCA investor protections and CASP authorization are phasing in, with many Member States granting transitional regimes through as late as July 1, 2026 (e.g., Spain). Wallet providers partnering with exchanges/payment firms will face clearer disclosures, complaints handling, and marketing limits. ([esma.europa.eu](https://www.esma.europa.eu/press-news/esma-news/esma-finalises-first-rules-crypto-asset-service-providers?utm_source=openai))
Supervisory scrutiny also increased in 2025, as ESMA warned against firms over‑marketing MiCA status across regulated and unregulated products. Expect stricter claims policing in wallet marketing. ([reuters.com](https://www.reuters.com/sustainability/boards-policy-regulation/european-securities-regulator-warns-about-crypto-firms-misleading-customers-2025-07-11/?utm_source=openai))
United States tax reporting and cost basis
Final IRS rules phase in Form 1099‑DA: brokers report gross proceeds for 2025 transactions; basis reporting starts for some sales in 2026, with transitional penalty relief. Separately, taxpayers must adopt wallet‑by‑wallet (or account‑by‑account) cost‑basis tracking beginning January 1, 2025—ending prior “universal pool” practices. Wallet UX will need embedded tax‑lot tools and exportable records. ([irs.gov](https://www.irs.gov/newsroom/final-regulations-and-related-irs-guidance-for-reporting-by-brokers-on-sales-and-exchanges-of-digital-assets?utm_source=openai))
Where wallets are headed (2025–2027)
- Seedless by default: Passkeys + social/guardian recovery across AA smart accounts and MPC stacks, with hardware as optional high‑assurance factors. ([help.coinbase.com](https://help.coinbase.com/en-gb/wallet/getting-started/smart-wallet-passkeys?utm_source=openai))
- One‑tap actions: ERC‑5792 batching, paymasters, and L2 fee predictability standardize near‑invisible signing flows. ([metamask.io](https://metamask.io/news/metamask-roadmap-2025?utm_source=openai))
- Trusted display + integrity: Clear‑signing on hardware, deterministic front‑ends, and runtime simulation become table stakes for consumer and treasury wallets. ([ledger.com](https://www.ledger.com/blog-introducing-ledger-nano-gen5-ledger-wallet?utm_source=openai))
- Compliance UX: Built‑in travel rule support, MiCA disclosures, and 1099‑DA‑ready exports in mainstream wallets. ([esma.europa.eu](https://www.esma.europa.eu/press-news/esma-news/esma-finalises-first-rules-crypto-asset-service-providers?utm_source=openai))
Interview: Pascal Gauthier (Ledger) on “signers,” identity and mainstream UX
Edited for clarity; based on public statements and product announcements in October–November 2025.
Q: Why reposition hardware wallets as “signers”?
Gauthier: Devices should confirm exactly what you sign, everywhere you sign—assets, smart contracts, and increasingly identity attestations. The strategy is to make secure signing universal and effortless. ([coindesk.com](https://www.coindesk.com/tech/2025/10/23/ledger-unveils-usd179-nano-gen5-built-for-identity-in-an-ai-driven-world?utm_source=openai))
Q: What’s changing in the companion app?
Gauthier: “Ledger Wallet” evolves from an asset dashboard into a control center with faster processing and direct dApp connectivity (e.g., 1inch), while keeping critical confirmations on-device via clear‑signing. ([ledger.com](https://www.ledger.com/blog-introducing-ledger-nano-gen5-ledger-wallet?utm_source=openai))
Q: Biggest security lessons from industry incidents?
Gauthier: Supply‑chain resilience and human‑factor defenses matter as much as cryptography. Expect more hardware‑verified screens, signed updates, and layered alerts so users see what they sign. ([ledger.com](https://www.ledger.com/blog/security-incident-report?utm_source=openai))
How builders should react now
- Adopt AA/MPC hybrids: Use smart accounts for UX and policy logic, MPC for key‑share resilience. Offer passkeys plus optional hardware factors.
- Default to L2: Route on‑ramps and flows to low‑cost rollups; abstract gas with paymasters, and batch common paths (“approve + swap”). ([ethereum.org](https://ethereum.org/en/roadmap/dencun/?utm_source=openai))
- Ship integrity guarantees: Signed web assets, CSPs, subresource integrity, deterministic builds, on‑device previews, and independent simulation. ([blockaid.io](https://www.blockaid.io/blog/attack-report-ledger-connect-kit?utm_source=openai))
- Be compliance‑ready: Exports for 1099‑DA and wallet‑level basis; MiCA‑aligned disclosures and complaints handling workflows. ([irs.gov](https://www.irs.gov/newsroom/final-regulations-and-related-irs-guidance-for-reporting-by-brokers-on-sales-and-exchanges-of-digital-assets?utm_source=openai))
Recent news to watch and our reactions
- Ledger launches Nano Gen5 and Ledger Wallet: Hardware “signers” shift beyond assets to identity attestations; expect wallets to anchor broader “proofs” in 2026. ([ledger.com](https://www.ledger.com/blog-introducing-ledger-nano-gen5-ledger-wallet?utm_source=openai))
- Ethereum Dencun (EIP‑4844): Wallets can lean into L2‑first defaults and subsidized gas without UX whiplash. ([blog.ethereum.org](https://blog.ethereum.org/2024/02/27/dencun-mainnet-announcement?utm_source=openai))
- Safe Q1’25 metrics: Smart‑account volume concentration implies wallets should plan for multi‑ecosystem load and anti‑spam throttles. ([messari.io](https://messari.io/report/state-of-safe-q1-2025?utm_source=openai))
- FBI attribution in Bybit case: Reinforces need for signed UIs and out‑of‑band confirmation for treasury flows. ([reuters.com](https://www.reuters.com/technology/cybersecurity/fbi-says-north-korea-was-responsible-15-billion-bybit-hack-2025-02-27/?utm_source=openai))
- IRS finalizes 1099‑DA: Wallets should provide basis‑aware exports and lot controls. ([irs.gov](https://www.irs.gov/newsroom/final-regulations-and-related-irs-guidance-for-reporting-by-brokers-on-sales-and-exchanges-of-digital-assets?utm_source=openai))
- ESMA’s MiCA rules: Expect harmonized disclosures across EU wallet‑exchange stacks; align marketing claims now. ([esma.europa.eu](https://www.esma.europa.eu/press-news/esma-news/esma-finalises-first-rules-crypto-asset-service-providers?utm_source=openai))
FAQ
What’s the difference between a seed phrase, an MPC wallet, and a smart account?
A seed phrase restores a single private key; MPC splits the signing secret across shares; smart accounts live as programmable contracts with policy‑based recovery and gas features. Many 2025 wallets blend these approaches. ([zengo.com](https://zengo.com/security?utm_source=openai))
Will L2 fees stay low after Dencun?
Fees depend on blob demand and network usage. EIP‑4844 structurally reduced data costs, but wallets should still provide fee estimation and fallback routing. ([ethereum.org](https://ethereum.org/en/roadmap/dencun/?utm_source=openai))
Are passkeys safe for crypto?
Passkeys remove seed handling risks but introduce device/cloud dependencies. Best practice: multiple passkeys across providers, hardware keys as backups, and AA/MPC‑based recoveries. ([help.coinbase.com](https://help.coinbase.com/en-gb/wallet/getting-started/smart-wallet-passkeys?utm_source=openai))
How do new U.S. tax rules affect me?
From January 1, 2025, track cost basis by wallet/account and expect 1099‑DA statements from brokers (gross proceeds in 2025; basis phases in 2026 with relief). Consult a tax professional. ([irs.gov](https://www.irs.gov/instructions/i1099da?utm_source=openai))
What did the Bybit/Safe case change?
It highlighted that front‑end integrity can be the weakest link. Expect more hardware‑verified displays, deterministic builds, and pre‑sign simulations in top wallets. ([businessinsider.com](https://www.businessinsider.com/what-we-know-bybit-crypto-ethereum-hack-2025-2?utm_source=openai))
Related searches
- What is EIP‑4844 and how does it impact wallet UX? ([ethereum.org](https://ethereum.org/en/roadmap/dencun/?utm_source=openai))
- How to set up a passkey‑based smart wallet ([help.coinbase.com](https://help.coinbase.com/en/wallet/getting-started/smart-wallet?utm_source=openai))
- MetaMask Smart Transactions explained ([metamask.io](https://metamask.io/news/introducing-smart-transactions?utm_source=openai))
- MiCA timelines and transitional regimes ([nortonrosefulbright.com](https://www.nortonrosefulbright.com/en/knowledge/publications/2cec201e/regulating-crypto-assets-in-europe-practical-guide-to-mica?utm_source=openai))
- IRS Form 1099‑DA instructions (2025) ([irs.gov](https://www.irs.gov/instructions/i1099da?utm_source=openai))
Select sources
- Ethereum Foundation: Dencun mainnet announcement. ([blog.ethereum.org](https://blog.ethereum.org/2024/02/27/dencun-mainnet-announcement?utm_source=openai))
- Messari: State of Safe Q1 2025. ([messari.io](https://messari.io/report/state-of-safe-q1-2025?utm_source=openai))
- Ledger: Nano Gen5 and Ledger Wallet. ([ledger.com](https://www.ledger.com/blog-introducing-ledger-nano-gen5-ledger-wallet?utm_source=openai))
- Reuters: FBI on Bybit hack. ([reuters.com](https://www.reuters.com/technology/cybersecurity/fbi-says-north-korea-was-responsible-15-billion-bybit-hack-2025-02-27/?utm_source=openai))
- ESMA: first MiCA rules for CASPs. ([esma.europa.eu](https://www.esma.europa.eu/press-news/esma-news/esma-finalises-first-rules-crypto-asset-service-providers?utm_source=openai))
- IRS: final regulations for digital asset reporting. ([irs.gov](https://www.irs.gov/newsroom/final-regulations-and-related-irs-guidance-for-reporting-by-brokers-on-sales-and-exchanges-of-digital-assets?utm_source=openai))
crypto wallet
About the Author
