Podcast Notes | Interview with MetaMask Co-Founder: Why MetaMask Snap Is So Important?
TechFlow Selected TechFlow Selected
Podcast Notes | Interview with MetaMask Co-Founder: Why MetaMask Snap Is So Important?
Will MetaMask Snap be the "Chrome extension" moment for cryptocurrency? Is it the way to attract the next billion crypto users?
Navigating Web3 tides with focused insightsCompiled & Edited: TechFlow
Recently, MetaMask launched MetaMask Snaps at Permissionless II. With this feature, users can achieve interoperability with Bitcoin and non-EVM blockchains, among other capabilities.
When leading wallets begin expanding their ecosystems by integrating more tokens and functionalities across chains, is this the "Chrome extension" moment for crypto? Could this be the way to attract the next billion crypto users?
In this episode, Dan Finlay, co-founder of MetaMask, provides an in-depth introduction to the new Snap feature and shares his outlook on its future development and potential impact.
Host: Ryan, Bankless
Guest: Dan Finlay, Co-Founder of MetaMask
Podcast Source: Bankless
Original Title: "Why MetaMask Snaps is a Big Deal with Co-Founder, Dan Finlay"
Episode: Link
Release Date: September 16
How MetaMask Snaps Work
-
Dan explained that MetaMask Snaps are like plugins designed for the MetaMask wallet, with one key function being enhanced transaction security. Through Snaps, users can install transaction security providers that simulate transactions and predict outcomes, helping users avoid risks such as phishing attacks.
-
Dan outlined Snap functionalities, emphasizing their ability to extend MetaMask’s API. Currently, there are three main ways to expand the wallet using Snaps:
-
1) Transaction Security: Snaps help ensure transaction safety by simulating and predicting outcomes to prevent risks.
-
2) Integration Add-ons: Snaps allow external developers to build functional plugins for MetaMask and add support for their protocols. When users log into a website, it can interact with a specific Snap in their wallet, going beyond just interacting with MetaMask’s standard API. For example, a Snap could provide signing and confirmation display features.
-
3) Notifications: Snaps also enable notification capabilities. For instance, a Snap called Push allows dApps to notify users of relevant information after obtaining permission.
-
-
The host noted that even though this is a beta version of Snaps, over 30 different Snaps are already available for use and download.
-
Dan detailed how Snaps work: when dApps want to interact with a specific blockchain or protocol, they can prompt users to install the corresponding Snap, enabling a richer and more seamless experience.
-
Dan highlighted the Transaction Insights feature, which allows users to preview and understand the details of a transaction before confirming it. This helps users better identify potentially malicious transactions and avoid losses.
-
On enhancing wallet security, Dan mentioned the “spiderweb model.” In this model, instead of relying on a single security strategy, multiple strategies and tools are used together to strengthen protection. This multi-layered approach offers comprehensive defense—so even if one layer fails or is bypassed, others remain effective in safeguarding the user.
Features and Objectives of MetaMask Snaps
-
Dan focused on the current features and goals available to MetaMask users, including supported chains and methods of integration.
-
Regarding chain compatibility, MetaMask has made significant progress. Dan emphasized that to make cryptocurrency safer and easier to use for more people, they’ve developed a suite of security tools aimed at lowering the barrier to entry for new users. With the latest release of Snaps, MetaMask not only enhances its functionality but also expands multi-chain support, moving well beyond Ethereum-only compatibility.
-
He further explained that whenever MetaMask considers adding new features or interacting with new blockchain networks, user fund and data security are always the top priority. Security remains a core consideration throughout development and deployment, with the goal of ensuring users always feel safe and confident using MetaMask.
-
On integration methods, Dan noted that developers don’t need to create a Snap for every application. The purpose of Snaps is to extend the wallet’s API to make it richer. Developers can browse the growing menu of existing Snaps—a growing set of functionalities that enable deeper interaction with users. The APIs are designed to be simple and familiar, especially for developers who have previously built dApps using the Ethereum provider.
-
For developers who want a component of their app to follow users across websites—especially those aiming to make transactions easier to read—building a Snap is an excellent choice.
-
When asked whether Snaps represent MetaMask’s strategy to scale development capacity, Dan confirmed it is. This approach enables faster development and rollout of user-requested features. Dan added that to fully leverage blockchain diversity, wallets must be flexible. Their long-term goal is to make Snaps completely open and permissionless.
-
Dan shared some future visions for Snaps, such as links that guide users with recommended chains, gas subsidies, and permissions. He also mentioned that future Snaps will be able to share permissions not only with each other but even outside the wallet. Dan’s vision is for Snaps to make MetaMask more invisible while still allowing users to create extensible and secure contracts.
The Development Journey & Security of Snaps
-
Dan described the development process behind MetaMask Snaps. He recalled having the idea about wallet extensibility around five years ago. Initially, the concept seemed crazy, but by year-end, they had built a prototype and began believing it was feasible. At first, the team worked on Snaps alongside other projects, but later decided to commit fully—marking the first time they formed a dedicated team for a single feature.
-
Dan repeatedly stressed the importance of security. He clearly stated that while MetaMask aims to introduce new features and extensibility, they will never compromise user security—it remains the top priority throughout development.
-
Dan addressed the challenge of securely interacting with strangers, computers, and new software. To solve this, they actually built an operating system kernel and integrated it into MetaMask—an environment that allows third-party code execution under strict constraints.
-
MetaMask uses a two-layer isolation mechanism to ensure secure execution of third-party code. First, they use an iframe; second, they employ a JavaScript-level isolation zone based on language-specific features. These dual layers ensure third-party code runs strictly within defined boundaries, unable to access or modify MetaMask’s core functions or sensitive user data.
-
This design ensures that even if a user installs a malicious Snap or third-party extension, it cannot operate beyond its authorized scope, thereby protecting user security.
-
Despite these security measures, Dan said their goal is to make the system increasingly permissionless without sacrificing safety. They aim to create a distributed operating system kernel dedicated to handling cryptographic, decentralized protocols while maintaining robust user protection.
-
When the host asked why Snap development took so long, Dan explained that they weren't simply building a new feature—they were solving a genuine technical challenge.
-
Dan emphasized that the core problem they’re tackling is actually a large and complex one. Solving it required deep research and extensive development—not just coding, but also advanced study in cryptography, security, and decentralization technologies.
-
Dan compared MetaMask’s architecture to firmware layers in hardware wallets. Similar to how the Ledger team describes private key isolation, MetaMask applies comparable methods to protect user private keys.
TechFlow Note: "Firmware layer" refers to the software layer in hardware wallets responsible for storing and executing basic operations, typically managing how private keys are securely stored, handled, and used.
-
The host asked whether installing a Snap poses security risks. Dan explained they implemented two primary strategies to minimize risk: all Snaps undergo audits, and each Snap comes with a defined list of permissions specifying exactly what functions it can access.
-
Dan mentioned they aim to gradually decentralize the audit process until it evolves into a trust network or DAO. For Snaps requiring signing capabilities, they can only access associated keys—not all of the user’s keys.
-
Many Snaps require network permissions because they can’t run locally. However, if a Snap only needs access to transaction data and doesn’t require network access, user data remains private since it cannot be sent to external servers.
-
The host asked about the risks of installing a Snap that doesn’t require key signing—like a transaction simulator. Dan clarified that such a Snap would need transaction data to perform simulations but would not have access to the user’s private keys.
MetaMask’s Future Plans
-
The host brought up trends in account abstraction and smart contract wallets and asked whether MetaMask has plans to enter this space.
-
Dan explained that MetaMask has long held the position of planning a plugin system for accounts. Rather than developing new types of smart contract accounts themselves, they intend to provide a platform where other developers or teams can build these account plugins for MetaMask. This approach encourages innovation and allows multiple smart contract account solutions to coexist on the platform.
-
While account abstraction and smart contract wallets are promising areas, MetaMask’s current core focus remains building a secure, extensible kernel. This kernel—the heart of MetaMask—enables safe execution of third-party code like Snaps while preserving user security.
-
Because of this focus, Dan believes MetaMask may not build the best contract account itself. Instead, they prefer to provide the infrastructure for the community and other developers to innovate and create those solutions.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
深潮TechFlow
