Role: Product Designer (Team of 3 Designers) Focus: Transaction Flows, Security UX, Error States

Corepass is a privacy-first decentralized Web3 wallet built on the Core Blockchain Network. As an alternative to MetaMask and Trust Wallet, Corepass uniquely requires Digital Identity verification to create a compliance-ready ecosystem while maintaining user privacy. All identity data remains private and under the user's control and apps in the Core Blockchain ecosystem pays users a small fee for requesting KYC documents during the onboarding process.

The browser extension enables users to store cryptocurrency securely, send and receive assets, and connect to Web3 and DeFi applications on the web for all Web3 native transactions such as asset swaps, NFT minting, trading, signing contracts, etc, all with enhanced security through mobile-first authentication.

Unlike popular wallets such as Metamask, we made the deliberate decision to restrict browser extension login to mobile app authentication only (no seed phrase entry allowed). This approach significantly reduces the attack surface for users. Browser extensions are vulnerable to clipboard hijacking, keylogging malware, and phishing sites that mimic wallet interfaces. By requiring users to authenticate through their mobile app via QR code, we eliminate the risk of users accidentally exposing their seed phrases on potentially compromised computers. The mobile app becomes the secure vault, while the browser extension acts as a convenient interface that can be safely reset without fear of permanent loss. This architecture means even if a user's computer is compromised, their assets remain protected by their mobile device's security layer.

Designing transaction flows for a Web3 wallet requires balancing security, compliance, and usability. Users need to understand exactly what they're signing without feeling overwhelmed by technical blockchain details. For Corepass, this challenge was amplified by our mobile-first security model where users cannot access the browser extension without their mobile app.

My focus was on three critical transaction experiences:

Making gasless transactions understandable and trustworthy

Presenting split transactions (multiple recipients) clearly

Designing a secure password recovery flow that respects our no-seed-phrase policy

Gasless Transaction Signatures Designed the flow for signing gasless transactions on the Core blockchain (Gasless transactions are operations that don't cost network fees), used for verifying wallet ownership, voting, or approving contract functions. The challenge was presenting technical blockchain actions in intuitive, human-readable terms that build trust and prevent users from unknowingly granting access to malicious contracts.

Split Transactions The Core blockchain supports sending assets to multiple recipients in a single transaction. I designed the interface for "Split Transactions," enabling scenarios like automated tax payments or multi-party settlements. The idea is that a user buying items from a store could pay the merchant while simultaneously sending a 1% tax to a separate audit wallet, all in one transaction.

Forgot Password Recovery Created a secure password recovery flow that maintains Corepass's security-first approach. Since the browser extension doesn't support seed phrase login, I designed a flow where users reset their extension and re-add their wallet via QR code from their Corepass mobile app. This maintains security while providing a clear recovery path.

Security Through Clarity Web3 transactions can be exploited if users don't understand what they're signing. I focused on breaking down complex blockchain operations into clear, scannable information hierarchies. Every transaction screen answers: What am I doing? Who am I interacting with? What will this cost?

Mobile-First Security Model As mentioned, our mobile-only authentication approach eliminates common browser vulnerabilities like clipboard hijacking and keylogging. The mobile app serves as the secure vault, with the browser extension acting as a resettable interface. This meant every flow I designed had to work within this constraint, and had to make the decision feel like a benefit to users rather than a limitation.

Progressive Disclosure For split transactions, I used progressive disclosure to prevent information overload. The main screen shows essential transaction details, while expandable sections reveal recipient breakdowns. This keeps the interface clean while providing transparency for users who want deeper details.

Trust Indicators I incorporated visual trust signals throughout the app, using verified request sources, clear network fee displays, and explicit "what happens next" messaging. For gasless transactions especially, I added contextual explainers to help users understand why they're signing and what permissions they're granting.

The Corepass mobile app has reached 500+ downloads and is actively integrated across the Core blockchain ecosystem, including the native explorer (Blockindex) and trading platform (Ping Exchange). The browser extension is currently in development (2025), with the transaction flows I designed forming the core user experience.

Security Can Be Intuitive I learned that strong security doesn't have to create friction. By designing our mobile-only authentication as a deliberate feature rather than a limitation, we actually increased user confidence. The key was clear communication about why this approach protects them.

Complex Transactions Need Context Split transactions could have been overwhelming, but I discovered that users adapt quickly when you show them familiar patterns. Breaking down multi-recipient payments into scannable lists with clear amounts and percentages made the complexity feel manageable.

Transparency Builds Trust In Web3, users are vulnerable to malicious contracts and phishing. I learned that over-communicating (i.e: showing request sources, explaining transaction types, breaking down costs) isn't hand-holding, it's essential. Users who understand what they're signing are safer and more confident.

Recovery Flows Matter Designing the forgot password flow taught me that error states and recovery paths are just as important as happy paths. Users will forget passwords. The difference between frustration and confidence is how clearly you guide them back.