We've made the difficult decision to sunset all Stelo products on Oct 31, 2023. This includes the Stelo extension, stelo.com, approvals.xyz and the Stelo API. We didn’t make this decision lightly, and we want to make sure that all our users remain safe from future phishing attacks. To that end, we recommend all users immediately download one of the following products: Pocket Universe, Fire, or Wallet Guard.
When we started working on Stelo, our vision was to solve the hard technical and design problems around security and usability that we thought made crypto inaccessible to the average person. The most pressing such problem, we believed, was the ease with which you could get scammed or phished. So we decided to start with making transactions safe and easy to understand.
By being a critical part of the transaction flow, we believed we could expand into an ecosystem of products including an MPC wallet, fiat onramps/offramps, an API product leveraging the scam/phishing data we'd collect, tools for DAO voting, and more.
By the numbers, this is what we achieved:
- Over 10,000 Stelo extension downloads.
- 1,500 daily active users and 7,000 monthly active users (despite not developing or marketing the product for the last 6 months)
- We protected wallets with assets exceeding $200 million.
- Our platform thwarted hundreds of scams, saving users from potential catastrophes.
In addition to our extension product, we built a developer API for wallets to incorporate our transaction risk engine, a token approvals site, and a fresh take on a universal interface to interact with any smart contract.
However, one year into building the Stelo suite of products, it became clear to us that we had made a number of assumptions that were turning out not to be true – or at least not true on a timeframe that made sense for a startup.
Assumption 1: There would be a data network effect with transaction safety
We were relying on a "data network effect", meaning the more users we had, the more attacks we saw, the better our system would get at detecting and stopping attacks, leading to even more users. In particular, we were betting on an off-chain network effect - that data about websites and URLs would be important. This data would only be accessible to products that were part of the transaction flow and saw which websites the malicious transactions were originating. It turns out, most malicious transactions could be detected simply by looking at the transaction payload and applying simple heuristics.
We learned that we shouldn’t just believe our own narrative when the evidence proves otherwise. We wanted to believe there was a network effect, but we shouldn’t confuse a potential long term effect with the short term reality. This network effect may still play out at scale (it has with almost all fraud networks), but right now we’re not at scale.
We also learned that competition is for losers. No one wins in a crowded market with no barriers to entry and no strong network effects. We need to have an effective strategy to sidestep competition and define a market.
Assumption 2: Every crypto user will have a standalone wallet
We believed that our approach was an index on crypto adoption because all transactions need to be safe. Embedded in this assumption was that all transactions would flow through a dedicated wallet. However, many of the most promising use cases of crypto — gaming, decentralized social, and stablecoins – will likely have embedded wallets that abstract the complexity and risk of using dedicated wallets away from the user. If users don't use wallets directly and don't expose themselves to the risk of phishing, then our suite of products wouldn't add any value.
We learned to make our assumptions explicit and question them when new evidence is revealed. We thought our approach was “de-risked” on what the biggest use-case of crypto would turn out to be. While we understood that we were betting on standalone vs. embedded wallets, we didn’t really pull the string all the way to find the implications. If we had really thought deeply about which solution developers would pick for each product, we may have taken a different approach or picked a different problem.
Assumption 3: Consumer crypto adoption was right around the corner.
Most importantly, we assumed that mass consumer crypto use cases were right around the corner. We’re still excited by many of the cool projects being built, but crypto is not yet mainstream. It’s possible that AAA crypto games or decentralized social might lead to explosive growth very soon but the Stelo suite of products does not provide much benefit to those users nor benefit from that growth. Critically, we don’t believe our current users are representative of the wave of new users we anticipate will arrive with broader adoption. Without the north star of customer feedback from the "right users", we felt like we were flying blind.
We learned that we need to ground ourselves in important end-to-end problems. At the surface level, we were problem focused – we protected people from getting scammed. However, our userbase was, empirically, mostly driven by gambling and speculation which means that if we really think about the end-to-end user problem, it was helping people gamble and speculate. That’s not really a problem we resonate with solving. We don’t need to solve the entire problem from day one, but we should understand the entire user journey and make sure we’re helping users solve an important, enduring problem.
We're back to building and talking to users. As we work on the next generation of Stelo Labs, we're taking these lessons to heart. We’re questioning our own narratives, focused on defining a market, enumerating our assumptions, and grounding ourselves in end-to-end user problems.
We’ll be sharing more about our future plans in the next few weeks. We’d love to hear from you if you have thoughts on our journey! You can find us on LinkedIn and Twitter below.