Author: imToken
On November 13, Vitalik Buterin announced the signing of the "Trustless Manifesto," aimed at reflecting on the trust model of Web3 and proposing three laws to determine whether a system achieves Trustless: no key secrets (protocol steps do not rely on private information of a single actor), no indispensable intermediaries (participants are replaceable and open), and no unverifiable results (state changes can be reproduced from public data).
Notably, shortly after, on November 18, the Ethereum Foundation's account abstraction team proposed the "Ethereum Interop Layer" (EIL) plan, which is built on the ERC-4337 account abstraction standard and the principles of the "Trustless Manifesto."
Although the market has often criticized the Ethereum decision-making layer for being too theoretical, objectively speaking, this is not limited to philosophical discussions. If we want Web3 to reach billions of people, is the existing account model sufficiently "accessible"? When users permanently lose assets due to losing their private keys, have we truly achieved "self-sovereignty"? These questions are crucial.
This article will also start from the "Manifesto" to explain why Ethereum needs account abstraction (AA), what the limitations of EOAs are, and what the next-generation account experience represented by AA looks like.
1. What are the problems with traditional accounts (EOA)?
As we know, the vast majority of accounts on the Ethereum network are still EOAs, which are controlled by a pair of public and private keys, usually represented in the form of a 12 or 24-word "mnemonic phrase." This forms the most significant feature of cryptocurrency security in the eyes of newcomers—"private key/mnemonic phrase equals assets":
As long as the user holds the private key/mnemonic phrase for that address, the assets completely belong to the user. No one, whether an exchange or a miner, can freeze, confiscate, or operate on your behalf.
However, at the same time, this complete decentralization also acts as a double-edged sword, setting a very high threshold for the widespread adoption of assets:
- Cognitive threshold: Users must understand basic concepts such as public keys/addresses, private keys/mnemonic phrases, and Gas fees.
- Storage risk: Under the traditional EOA model, ownership is extremely fragile. Since "private key = account," once the private key is lost or stolen, ownership is instantly lost and cannot be recovered, with no customer service or platform recovery options available.
In simple terms, under the EOA mechanism, everyone is the primary responsible party for the security of their assets. This is why we often see new users repeatedly reminded that mnemonic phrases cannot be screenshot, cannot be stored in cloud drives, and should ideally be handwritten with multiple backups.
In addition, EOAs have a typical feature that requires having ETH in the account to send any tokens as miner fees (Gas), which means that many new users, even if they have 1000 USDT in their account, cannot take any action because they lack ETH.
Objectively speaking, this experience of "having to buy one type of money to spend another" greatly hinders the adoption of Web3.
Finally, there is the cumbersome process akin to "signing and sealing," as the logic of EOAs is "hard-coded" on-chain, with very limited functionality.
For example, when you buy and sell tokens on a decentralized exchange (DEX), you often need to click "Approve" once, sign once, and pay a fee; then click "Swap" again, sign again, and pay another fee. The entire operation process is not only cumbersome but also costly.
In the "Trustless Manifesto," there is an important concept called "Accessibility." If a system is technically trustless, but the operation is so complex that only geeks can use it, then it is difficult to truly serve the public and cannot be called "trustless public infrastructure."
It is precisely because of the aforementioned flaws in EOAs that explorations in directions like account abstraction (AA) have emerged.
2. What is account abstraction (AA)?
To put it simply, if traditional EOA accounts are like the single-function "old Nokia," then AA (smart contract accounts) can be understood as an upgraded, programmable "smartphone."
From a developmental perspective, the underlying technical standards of AA have undergone multiple rounds of iteration and expansion, including proposals like ERC-4337, EIP-7702, and EIP-3074. However, as ordinary users, we only need to remember that the essence of AA is to decouple accounts from private keys, turning accounts into a piece of code (smart contract):
Because accounts essentially become code, their logic is no longer rigid but programmable.
This means we can write various complex logics into the account, such as "who can use it," "how much can be transferred daily," and "who pays the fees," which were previously impossible within the EOA itself and had to rely on complex external contract wrappers.
Thus, the gameplay of AA accounts can be diverse. For example, traditional EOA security completely relies on that piece of paper with the mnemonic phrase; if lost, it is lost with no remedy. In contrast, AA accounts support "social recovery," allowing you to set up n guardians (your other device, trusted friends, or even third-party institutions). When you lose your key, you can generate a new key through the guardians' signatures and regain control of your account.
At the same time, traditional EOAs require having ETH as Gas to send any tokens, which is a significant barrier for new users. AA accounts support Paymaster (payment mechanism), allowing applications to pay Gas for you, or you can directly use USDT in your account to pay Gas, even achieving seamless interaction.
Therefore, it is said that if EOA is a single-function "old Nokia," then AA (smart contract accounts) is a programmable "smartphone." By decoupling accounts from control logic, accounts are no longer solely controlled by private keys but by code (smart contracts), allowing for the addition of more features and security.
After all, for Web3 to reach billions of people, it must bring more behaviors on-chain and reduce the psychological burden and operational costs for users.
3. What can AA accounts bring to ordinary users?
Overall, for ordinary users, we do not need to understand the underlying code logic; we just need to know that after upgrading to AA accounts, our Web3 experience will undergo the following qualitative leap:
First, thanks to mechanisms like social recovery, we can hope to completely say goodbye to mnemonic phrase anxiety.
This is also one of the core values of AA. Because accounts are decoupled from private keys, you can set more user-friendly security logic, such as setting up 3-5 "guardians" (like your other phone/address, trusted friends, etc.).
On this basis, if we accidentally lose our current phone, we can generate a "new key" through the guardians to regain control of the original account.
In short, the account is still there, the assets are still there, we just have a new key, which is much closer to the experience of modern financial services.
In addition, AA accounts support a feature called Paymaster, which completely breaks the "must hold ETH" curse.
For example, any project wanting to promote its services can actively pay Gas fees for potential customer groups to attract users, and users can feel Gas fees just like using a Web2 app.
Of course, if your account only has USDC, AA also allows you to directly use USDC to pay Gas fees, with automatic conversion in the background, so you no longer need to buy a little ETH just to make a transfer.
Moreover, through smart contract accounts, multiple operations can be packaged into a single transaction (atomic), saving time and money—taking the DEX transaction mentioned earlier as an example, previously requiring "approve -> sign -> trade -> sign," now AA can complete all steps with one click.
And since it is an atomic transaction, it means that either all steps succeed at once, or they all fail, preventing wasted Gas due to a failure in any single step, making it safe and efficient.
Finally, due to the inherent smart contract logic, AA accounts can achieve fine-grained permission management, just like our bank accounts.
This means we can assign different levels to different accounts and set "daily limits" based on actual situations—such as requiring multiple signatures for amounts over 1000 U, while allowing payments under 1000 U without a password; or setting "black and white lists" to only allow interactions with specific secure contracts.
Even if the private key is stolen by a hacker, due to the limits and whitelist restrictions, it is very difficult for the hacker to transfer all your assets in a short time.
Conclusion
As advocated by the "Trustless Manifesto," a truly "trustless" system should not only belong to cryptographers and geeks but should be accessible (Accessibility).
Account abstraction (AA) is not about overthrowing Ethereum but a return to "human-centered" design. It compensates for human weaknesses in key management through the flexibility of code logic, clearing the last barrier to the large-scale adoption of Web3.
With wallets like imToken gradually supporting AA features, we have reason to believe that the future of Web3 will be a free network that offers a smooth experience akin to Web2 while upholding "self-sovereignty."
And you just need to enjoy this change.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
