In Ethereum Improvement Proposal 4337 (ERC-4337), account abstraction simplifies user interaction and the blockchain. It eliminates the need for users to deal with the complexities of wallets, making blockchain applications (dApps) more accessible to users. For instance, users can use social login to interact with dApps, and there is no need for private keys or seed phrases anymore. In this series of posts, I will provide a high-level overview of the topic in this post and dive into the code in the following ones.
In the current Ethereum framework, there are two different types of accounts:
- Externally Owned Accounts (EOAs) - controlled by user private keys, for instance Metamask;
- Contract Accounts - controlled by the smart contract code.
The new account abstraction proposal aims to combine two types of accounts, as explained in the ERC-4337 proposal. This addition will provide our users with better recovery options, an easier way to pay transaction fees, and the ability to enjoy multi-signatory rights. Ultimately, it will make Ethereum more accessible to a larger audience without dealing with private keys and seed phrase management.
An account abstraction proposal 4337, or in short ERC-4337, describes how the account abstraction works in the Ethereum Virtual Machine.
Let's see it all together in a diagram that is taken from https://twitter.com/ProbablyNoam:
- Users can interact with the blockchain through a pseudo transaction object,
UserOperation, containing the necessary information, such as data and signatures.
- Bundlers group together user intents and merge multiple
UserOperationobjects into one transaction.
- When multiple user operations are included in a transaction, it is sent to the
EntryPointcontract for execution on the chain.
- When a bundle of user operations is executed on the blockchain, it is done on behalf of an external account (EOA). It is important to note that the sender address
fromis the Bundler address, while the recipient
toaddress is the
EntryPointsmart contract address.
- Users can pay transaction fees through the
EntryPointsmart contract, which outlines the rules for such payments. For example, paying gas fees using tokens other than ETH or having the Paymaster fully fund the transaction is possible.
The ERC-4337 enables blockchain interaction with familiar logins, like two-factor authentication, biometrics, or bank login, eliminating the need for seed phrases and private keys.
Users do not interact with smart contracts directly but through an intermediary layer. This helps to mitigate the risk of user funds being stolen by a hacker.
Coworkers and DAO members can share accounts, simplifying multi-signature interactions.
When implementing account abstraction, it is crucial to thoroughly test and ensure that the smart contracts are written securely and accurately. Smart contracts are inherently more susceptible to hacks than externally owned accounts that rely on private keys for security. This poses a significant risk when employing a sophisticated mechanism to pay for transaction fees on behalf of users.
Proposed in ERC-4337, account abstraction is a paradigm shift for Ethereum's usability, security, and user-friendliness. It's success is dependent on the community's adoption rate.