Charles Hoskinson, Cardano’s founder, argues that smartphone secure chips should replace dedicated hardware wallets as crypto’s primary custody layer, eliminating direct private key management for retail users. Speaking at Consensus 2026 on May 8, Hoskinson contended that users “should probably never have their private keys” and that “something should have the private keys for the users”—positioning Apple’s Secure Enclave, Google’s Android Keystore, and Samsung Knox as superior alternatives to Ledger and Trezor devices.
The Private Key Problem Driving Phone-Native Solutions
Private key custody has remained crypto’s primary retail adoption bottleneck since Bitcoin’s launch. Users lose seed phrases, photograph them insecurely, store them in cloud services, or forget them entirely. Hardware wallets solved extraction risk but introduced friction that mainstream adoption rejected. Phone-based secure hardware changes the equation: biometric authentication is already normalized via passkeys, which FIDO reports reached 5 billion active instances globally as of May 7, 2026. Seventy-five percent of consumers have enabled at least one passkey. Hoskinson’s argument rests on a simple premise: phones already have isolated cryptographic circuits; why duplicate that infrastructure?
Smart Wallets Signal Market Readiness
The infrastructure for seedless, phone-native custody already exists. Coinbase’s smart wallet demonstrates passkey-based onboarding using Apple and Google authentication. Ethereum’s EIP-4337 standard has enabled 26 million smart wallets and processed 170 million UserOperations, enabling transaction delegation without exposing private keys. EIP-7702 extends this with programmable spending limits and account abstraction. Adoption timelines suggest acceleration: industry projections place phone-primary self-custody at 70-85% of new retail users by 2028. The infrastructure is ahead of the narrative.
Security Theater vs. Real Attack Surface
Hoskinson’s framing omits critical vulnerabilities. Key non-extractability does not guarantee transaction security. CertiK’s analysis of the Bybit breach showed that attackers deceived signers into authorizing malicious transactions despite keys remaining hardware-locked. A compromised phone OS or malicious wallet app could invoke hardware-backed keys without explicit user awareness. Meanwhile, impersonation scams grew 1,400% in 2025, with AI-enabled variants producing 4.5x returns versus traditional attacks. Phone-based wallets inherit the same social engineering risk as hardware wallets while introducing a new attack surface: OS-level compromise. The approval UX—critical to preventing unauthorized signing—remains undefined across Apple, Google, and Samsung implementations.
Manufacturers Silent; Timeline Unclear
Neither Apple, Google, nor Samsung has officially committed to native crypto wallet integration. No public roadmap exists for when these features ship or how approval flows will function. Hoskinson’s argument assumes manufacturers will prioritize custody features for an industry they have historically avoided. Until hardware makers confirm timelines, phone-first custody remains a technical possibility without a commercial pathway. The 2028 projection depends on announcements that have not yet occurred.
