Comment on page
What is ERC-4337
How Does Account Abstraction Work? An Introduction to ERC-4337
Account abstraction is an innovation that could fix your Ethereum wallet — and potentially enable mass adoption of crypto.
This topic is very technical, but let's keep things as simple and understandable as possible.
Account abstraction is a proposal to change the architecture of Ethereum wallets and make them simpler and more user-friendly. If implemented, it would be a game-changer for adoption. Account abstraction would enable features like:
- Social recovery: recovering your wallet with the help of whitelisted accounts instead of seed phrases.
- Multi-signature security: basically two-factor authentication for crypto wallets.
- Improved transactions: bundling several transactions into one and allowing protocols to pay for user transactions.
Losing your password to a web2 account is mildly irritating. But as long as you can access your email account, you are just one recovery mail away from a new one.
Losing your password to your hot wallet can range from "very annoying" to "ruinous." If you didn't store the seed phrase to recover the account, your funds are gone.
Being constantly at risk of losing everything is not very appealing to new crypto users. That is why many balk at the idea of using crypto or prefer a centralized exchange. Moreover, the user experience of managing a non-custodial wallet with no recovery option besides an obscure seed phrase is a nightmare for new users.
Account abstraction fixes this. But to understand how account abstraction works, you have to understand how Ethereum accounts work.
There are two types of Ethereum accounts:Externally owned accounts (EOA) and contract accounts.EOA are "regular accounts" like MetaMask wallets. You use them to send and receive tokens and interact with smart contracts.Contract accounts are smart contracts. Reminder: smart contracts are "vending machines running on code" — they are programmed to perform fixed functions like token swaps when you execute the code. And you execute the code by paying gas fees.
Contract accounts have their own code. Externally owned accounts don't. And because contract accounts have their own code, they can do a lot more than externally owned accounts. For example, they can create new contracts, something that EOA can't do.
Most importantly, contract accounts have no private keys. They are controlled by code. EOA are controlled by a person, hence "externally owned."Currently, the account and the account owner (the entity controlling the public and private key) are identical. But we would want to decouple the account from the account owner. Ideally, the owner could restore access to the account without access to the private keys.
Account abstraction enables this.
The biggest change it enables is to turn EOA into contract accounts. Instead of controlling a "regular wallet," you control a smart contract that controls your wallet. This enables features like social recovery and whitelisting wallets to generate new ones.
It allows users to use accounts with custom authorization and logic tailored to their needs. It also enables multiple-signer support, requiring transactions to be signed by multiple parties. These can be several wallets or simple features like two-factor authentication.
However, account abstraction is not native to Ethereum. It is native to layer-two chains like zkSync and Starknet, which is why wallets like Argent are deployed on these blockchains. Several Ethereum Improvement Proposals (EIPs) have tried to remedy this, with EIP-4337 being the latest one.For further reading, Argent wrote a three-part blog post series diving into the technicalities of how account abstraction works on a contract level.
Since account abstraction is not native to Ethereum, several EIPs have had a go at change over the years. Both EIP-2938 and EIP-3074 aimed to improve account abstraction. In simple terms, EIP-2938 wanted to enable smart contracts to act as top-level accounts, while EIP-3074 aimed to allow existing EOAs to delegate control to a smart contract. Both EIPs are now deprecated, with EIP-4337 being the latest to try to improve the situation.
EIP-4337 is designed to emulate account abstraction. In other words, it keeps the distinction between EOAs (the "regular accounts") and contract accounts (the smart contracts). But it would simplify writing and operating smart contract wallets on Ethereum by mutualizing some of the on-chain and off-chain infrastructure required.
First and foremost, it would make self-custody available to the mainstream. Account abstraction keeps self-custody! It is just a more intuitive way of approaching wallet recovery. But account abstraction would have further benefits.
Instead of tediously having to navigate through multiple transactions to get one action like a token swap done, account abstraction enables multi-call transactions. In other words, transactions in one tap. Imagine swapping tokens in mere seconds without having to sign multiple contract interactions. Heaven!
Session keys would allow users to grant smart contracts access to their wallet for a certain period of time, for a fixed amount of gas fees, or transaction volume. This can come in handy for web3 games, for example. Instead of granting access to your wallet every time, you'd be able to approve smart contract interactions on your own terms.
Vitalik Buterin says it is his “preferred method for securing a wallet."
The goal of social recovery is to protect people if they lose access to their account without using seed phrases. However, they still have custody of their wallets. Social recovery would allow you to recover access with the help of previously whitelisted addresses, such as those of trusted friends and family.
Account abstraction enables 2FA, keeping a list of scam addresses and blocking transactions to and from them, and transfer limits on accounts. You could also use off-chain services for additional protection, like a security service to verify the authenticity of an NFT collection.
Plugins would extend the functionality of your account. Think of them like apps or browser extensions that you can use for gaming, social recovery, session keys, and more.
Other benefits would be:
- Paying gas in any token.
- Enabling protocols to pay for gas.
- Enabling phones to become hardware wallets.
- Enhanced upgradeability of accounts.