By Jerry Luo
TLDR
Currently, there are two mainstream wallet types on Ethereum: EOA and SCW. However, both face issues of low execution efficiency and inability to initiate transactions independently. After several explorations, Ethereum developers have found that the optimal solution at the present stage is to achieve account abstraction through ERC4337.
-
The ERC4337 wallet separates the private key from the account entity through Bundler, enabling batch processing of transactions and the ability to initiate transactions proactively. Additionally, the built-in code of the smart contract wallet allows for the automated processing of transactions based on external information.
-
However, this proposal still faces challenges from other solutions such as protocol-level account abstraction and native account abstraction wallets. Moreover, the entry contract for ERC4337 was only launched on the Ethereum mainnet in March of this year, and many issues are yet to be explored, leading to significant uncertainty about the final solution. Lastly, due to the single point nature of the Entry Point contract, ERC4337 is greatly restricted in terms of upgrades.
-
To address these issues, the developers of ERC4337 have also optimized through supplementary EIP proposals without modifying the entry contract. For the incompatibility between Dapps of the EOA era and ERC4337, supporters of ERC4337 have independently developed numerous wallet projects and Dapp projects focused on interacting with ERC4337 wallets. These projects provide various interactions that EOA accounts could enjoy in Defi and Socialfi, optimizing their operability.
In summary, ERC4337 remains the best solution for implementing account abstraction at the current stage. Through the compensation contract of Paymaster, the threshold for user participation in Defi is lowered, allowing projects to offer 0 gas or low gas transactions to attract more users. By packaging and batch processing transactions, the user experience in Socialfi and gamefi is greatly optimized, providing a more diverse range of interaction options for participants in Socialfi and gamefi.
1. Background
The trade-off between decentralization and convenience has always been a major challenge for crypto participants. Embracing decentralization requires giving up the convenience of web2 operations, transitioning from simple button clicks to managing mnemonic phrases, signing private keys, and setting nonce values. However, pursuing convenience is hindered by the collapses of centralized institutions like FTX and JPEX, making it impossible to ignore the importance of account ownership. To address this issue, Ethereum developers have made a series of attempts to give web3 accounts the convenience of web2 - account abstraction. At this year's ETHCC conference, Ethereum founder Vitalik Buterin summarized these attempts, with ERC4337 standard receiving the most consensus among developers.
2. ERC4337 Account Abstraction Principle
In the process of separating control and ownership from the account entity, ERC4337 mainly involves three objects: UserOperation, Bundler, and on-chain contracts. UserOperation contains the user's input, Bundler completes the process of packaging and triggering transactions, and the on-chain contract consists of Entry Point, Paymaster Contract, and Wallet Contract, mainly implementing complex validation and execution logic.
-
UserOperation: UserOperation contains all the information submitted by the user related to the transaction. The image below shows the parameters required in UserOperation compared to those required for initiating a transaction with a regular EOA account.
The biggest difference lies in the fact that the ERC4337 wallet can specify the sender, unlike EOA where the default ECDSA recovery address is the transaction initiator, thus achieving the separation of account entity and ownership. Additionally, ERC4337 also introduces the paymasterAndData parameter for setting specific information for the compensation contract. The specific role of the compensation contract will also be explained later.
-
Bundler: Bundler is essentially an EOA account. For the incoming UserOperation, it first verifies the logic code related to the validateOp function of the Wallet Contract in the calldata. If it contains codes such as TIMESTAMP, BLOCKHASH, or accesses outside of wallet storage, Bundler will reject this UserOperation to prevent a form of attack called malicious simulation.After verification, Bundler will package multiple incoming UserOperations and broadcast them to the public or private mempool after verification. Additionally, since smart contracts in Ethereum must be triggered by EOA accounts, Bundler will need to interact with the Entry Point Contract to execute the UserOperation. In this process, Bundler can adjust the maximum priority fee and the actual gas difference, as well as sort the MEV profits in the bundled transactions. Therefore, the rise of ERC4337 may bring a new mining method for Bundler miners in Ethereum. Entry Point: The Entry Point is a smart contract used to validate and execute the contents of the UserOperation, triggered by Bundler, achieving the separation of Bundler and the smart contract wallet. Additionally, in ERC4337, each Wallet Contract is assigned a special authentication to the Entry Point contract address when created, granting special permissions during the interaction process. When Bundler calls the Entry Point contract, it triggers the handleOps function, which first checks if the wallet has enough gas to compensate Bundler. If not, the transaction is rolled back. Furthermore, the smart contract wallet can choose to have the Paymaster contract pay for this gas, which will be discussed later. If all verifications pass, the internal _executeUserOp function in the contract will gradually execute the contents of the UserOperation's calldata, calling the corresponding functions in the smart contract wallet. After completion, any remaining gas is compensated to Bundler. Wallet Contract: The Wallet Contract is essentially a smart contract wallet with a multiCall function that can batch process data from UserOperation's calldata, significantly reducing gas consumption. However, unlike the execution process of a regular smart contract, in the multiCall function, the contents of the UserOperation are not executed directly but are divided into the validateOp and executeOp processes. If the contents of the UserOperation cannot pass the validateOp, the execution is automatically terminated, and all gas consumption during the process is borne by Bundler. Once the executeOp function is executed, regardless of the reason for the termination of the contract execution, the gas consumption is borne by the Wallet Contract. This mechanism effectively ensures that Bundler can obtain legitimate profits through its packaging behavior and prevents malicious Bundler-initiated Dos attacks from consuming the eth stored in the Wallet Contract. Paymaster: Paymaster is not mandatory in ERC4337. When the paymasterAndData parameter in the UserOperation is not empty, the specified Paymaster contract will pay the gas on behalf of Bundler. During this process, Bundler triggers the validatePaymasterOp function in the Paymaster, which checks if the Paymaster has sufficient balance to support the gas payment and pays the gas for the specified UserOperation according to the user's custom requirements. It is worth noting that ERC4337 itself does not specify a standard for prioritizing the use of Paymaster, and Bundler needs to select the optimal Paymaster based on the off-chain records of past payments by Paymaster and eliminate lower-quality Paymasters. This process creates competition among Paymasters, contributing to network efficiency. Signature Aggregator: Since ERC4337 supports non-ECDSA signature algorithms, UserOperations using different signature algorithms are first classified, and then Bundler aggregates transactions of the same type through the Signature Aggregator to generate an aggregate signature, reducing gas consumption significantly through a single verification. Overall, in this process, users first send UserOperations containing custom parameters to Bundler. If there is a paymasterAndData parameter, the compensation contract is called to pay the gas fee. If there is an initCode parameter, the user will create a new smart contract wallet according to the logic in it. Finally, to reduce gas consumption during the verification process, ERC4337 adopts the method of batch transaction packaging, using the Signature Aggregator to package UserOperations of the same type into an aggregate signature for single verification. When the off-chain Bundler's simulated verification and on-chain actual verification both pass, the smart contract wallet successfully executes the user's custom functions in the UserOperation and refunds the excess gas to Bundler as a reward. In comparison, initiating a transaction using an EOA account appears to be much simpler, requiring a specific EOA account to sign the transaction data and broadcast it to the entire network. The broadcasted transaction is verified by nodes and then queued for packaging, and finally recorded on the chain by nodes selected through the POS mechanism. This process is very straightforward, without intermediaries like Bundler and Entry Point contracts, resulting in relatively low gas consumption. Additionally, security is only related to the ECDSA encryption algorithm, without inherent security risks from complex contract logic. However, in this process, the private key and account control are uniquely bound and cannot be changed, and each transaction must be signed and verified individually, without the ability for automated processing.
In conclusion, ERC4337 achieves the separation of private key and account ownership, reduces gas consumption in complex transaction processes through batch processing, eliminates the Ethereum balance access threshold for wallets through compensation contracts, and enables diverse signature methods and customized account functions through smart contract wallets. These improvements greatly enhance the convenience and diversity of web3 account usage.
3. Current Types of Ethereum Wallets and Their Advantages and Disadvantages
-
EOA (Externally Owned Account): Ethereum EOA accounts are controlled by private key signatures, which are generated by a 12-word mnemonic phrase. Although EOA accounts have operational autonomy and can initiate transactions, ensuring ownership of EOA accounts requires the careful storage of a 64-digit hexadecimal number or 12 mnemonic words, which is inconvenient for users. Additionally, EOA accounts involved in identity authentication transactions require individual signatures, which is very inconvenient. It is equivalent to requiring separate confirmations for every change in status and permission behind each transaction. Finally, initiating transactions using EOA accounts requires preloading Ethereum into the account, which also raises the threshold for wallet usage.
-
SCW (Smart Contract Wallet): Smart contract wallets have significantly improved convenience and automation compared to EOA wallets. Through built-in smart contract code, they can package transactions and automatically execute complex operations according to user intent. However, SCWs have much lower permissions than EOAs and cannot execute transactions automatically; transaction initiation requires an EOA account trigger.
-
MPC (Multi-Party Computation Wallet): MPC wallets disperse the private key to multiple parties for safekeeping and then concatenate them when a signature is required. This may sound similar to a multi-signature wallet, but in essence, they are quite different. Firstly, MPC only has one private key; it is just fragmented for safekeeping. Secondly, multi-signature verification is entirely done through on-chain smart contracts, while MPC's threshold setting and signature generation are done off-chain. MPC wallets effectively avoid single point of failure, eliminating concerns about losing account ownership due to the loss of a private key in an EOA. However, the off-chain signature generation process in MPC wallets is centralized and requires strict review processes to prevent potential malicious activities. Additionally, most MPC wallets are currently custom products and not open-source, making it difficult to modularize and embed them in the development process, increasing development costs. It is important to note that MPC wallets and the AA wallets mentioned later do not compete. MPC addresses the pain point of private key storage, while AA addresses the pain point of improving transaction process flexibility, and both can be used in combination in future development.
-
AA (Account Abstraction): The concept of account abstraction can be traced back to EIP86 in 2017, which proposed to turn all accounts into contracts, allowing users to define their own security models. However, this proposal involved changes to the Ethereum consensus layer, which presented high difficulty and a series of potential security issues. Therefore, EIP86 and subsequent proposals involving changes to the Ethereum consensus or protocol layer, represented by EIP86, have been indefinitely shelved. It wasn't until the proposal of EIP2938, which greatly reduced changes to the underlying Ethereum layer and addressed security issues through setting memory pool rules for nodes, that the overall approach to account abstraction shifted to how to achieve account abstraction only by changing the smart contract layer. In 2021, ERC4337 was proposed, which thoroughly achieved account abstraction under the premise of only making changes at the smart contract layer. In March of this year, the Entry Point contract of ERC4337 was deployed on Ethereum, marking the era of account abstraction in ERC4337.
4. Challenges and Responses
4.1 Undefined Account Abstraction Standards
-
Consensus Layer Account Abstraction: Firstly, for account abstraction on Layer1 of Ethereum, ERC4337 is not the only solution. The consensus layer account abstraction led by EIP2938 has only been temporarily shelved, not completely rejected. Perhaps from the current perspective, the benefits of account abstraction cannot drive developers to make changes at the underlying Ethereum layer. However, as the development of ERC4337-style account abstraction reaches a bottleneck, people will seek better user experiences. At that time, raising the permissions of contract accounts to allow them to initiate transactions autonomously, removing Bundler, and reducing the complexity and cost of transactions in the consensus layer account abstraction scheme may once again enter everyone's consideration.
-
Undetermined EIP Proposals: Secondly, ERC4337 has been in effect for less than a year and is still being discovered and improved. Because changes cannot be made to the Entry Point, most of the temporarily proposed optimizations for ERC4337 involve Bundler and opcode optimizations, such as the endorser contract in EIP-1589, which can prevent MEV attacks, and the opcode added in EIP-3974, which delegates EOA account control to smart contract accounts involving consensus layer changes. Whether these proposals can be adopted is still subject to discussion within the Ethereum development community.
-
Layer2 Native Account Abstraction: Finally, there are various types of native account abstraction wallets on Layer2, such as Starknet and Zksync Era. Starknet uses ECDSA signatures different from Ethereum, significantly reducing the cost of signature and verification processes, thereby greatly reducing gas consumption. Additionally, in Starknet, only contract accounts are considered top-level accounts by default, and they can initiate transactions directly without complex contract layer operations, providing developers with a more flexible and rich application design environment.
4.4 Improvements to ERC4337
-
EIP Proposal Improvements: Although the ERC4337 standard itself is difficult to change, we can supplement ERC4337 by proposing new EIPs. For example, EIP5189, proposed in June 2022, reduces the risk of Bundler selection and further prevents malicious attacks by MEV bots by introducing the endoser contract. Additionally, there are many 4337-related proposals pending review, such as EIP3074 and EIP5003.
-
Supplementing Cross-Chain Protocols: The fundamental solution to Ethereum Layer1 and Layer2 cross-chain issues is to start from the underlying cross-chain bridge. Users can set the receiving address on the receiving network themselves, but this improvement comes with high costs, involving the redeployment of cross-chain bridges and security issues with new contracts. Currently, the ideal solution is to set up a trusted third-party EOA account to act as an intermediary between ERC4337 wallets and cross-chain bridges. This intermediary must hold a large amount of ETH or Layer2 tokens as collateral and pledge excess assets each time it helps execute a cross-chain transaction, receiving the pledged tokens back and providing a reward once the receiving smart contract wallet receives the transfer.
-
Self-Built Dapps for ERC4337: Since the deployment of the entry point contract in March of this year, numerous wallet projects developed based on ERC4337 have landed on Ethereum. These projects are compatible with ERC4337 wallets, such as the highly scalable smart contract wallet project ZeroDev Kernel and the wallet abstraction project MynaWallet, which is officially partnered with the Japanese government. These projects have formed a large ecosystem of account abstraction wallets. Despite the cautious attitude of traditional wallet providers, the usage of UserOperation on Ethereum has continued to grow rapidly since March, indicating rapid expansion.
5. Opportunities Brought by ERC4337
5.1 Miners Bundler under ERC4337
ERC4377 introduced Bundler to separate the account body from the account control. Only an EOA account with a certain amount of Ethereum can act as a Bundler. Compared to traditional mining under the POW mechanism, this new mining method has almost zero investment costs and no potential legal risks.
Compared to staking mining under the POS mechanism, Bundler has a very low participation threshold, requiring only the retention of gas that can interact with the Entry Point contract once.
The fundamental reason for this difference is that the difficulty of Bundler's malicious behavior is much greater than that of validator nodes, and the profits from malicious behavior are much smaller than those of validator nodes. Therefore, there is no need to stake a large amount of Ethereum to ensure the balance of rewards and penalties in the overall operation of the ERC4377 protocol.
Finally, compared to staking rewards in liquidity pools, Bundler has a shorter lock-up period, providing higher liquidity for assets. In the face of significant selling pressure on Ethereum, users can withdraw their assets in a timely manner to minimize losses.
Given the various advantages mentioned above, Bundler is likely to become a new type of investment on Ethereum in the future, and may further give rise to Bundler pools similar to Bitcoin mining pools and Ethereum staking pools, characterized by low costs, stable returns, and high liquidity.
5.2 Intent-Centric under ERC4337
Intent-centric, which focuses on "intent," means that users do not need to understand the specific execution steps when performing operations. Instead, the program automatically executes modular operations at the underlying level based on user needs. For new investors entering the web3 space, various signatures and gas settings in transactions are very unfriendly. Therefore, even if they are interested in crypto, they often have to rely on CEX for investment and cannot enter the true web3 world. The root cause of this phenomenon lies in the difference in operational intent between DEX and CEX.
For example, if someone wants to maximize their profits by swapping their USDT for ETH through a DEX, they first need to select the best pool from many trading pools, then sign and authorize the Dapp for certain permissions, sign and confirm the pledge of USDT into the liquidity pool, and finally sign and confirm the extraction of an equivalent amount of ETH from the liquidity pool. Each of the above steps is based on behavioral operations, where each operation corresponds to an underlying behavior. However, in CEX, operations are all based on intent.
To achieve the intent of exchanging the user's USDT for ETH in the most profitable way, only a market order is needed. Users do not need to set specific order prices or understand them. Although some people have suggested that completing this series of processes on their own can provide a more specific understanding of the trading process and prevent inherent problems in modular processes, in general, very few people have this ability. Most people just need a modular process that can implement their intent without the need to understand the specific operations behind it.
At the same time, manual operations have a higher risk compared to modular processes that have undergone long-term testing.
Before the birth of ERC4337 account abstraction, EOA accounts had low execution efficiency, requiring users to sign and confirm each transaction, thus the intent-centric applications for modular processing of transactions on Ethereum have been slow to develop. However, in ERC4337, by introducing UserOperation and Bundler, transactions are not immediately put into the main memory pool and wait for on-chain confirmation after each signature. Instead, the transactions (UserOperation in ERC4337) are first sent to the secondary memory pool and mixed with other UserOperations from the user's or other users' accounts, waiting for the Bundler to bundle these UserOperations together and submit them to the entry contract for validation and execution.
In this process, users only need to declare or sign their preferences, and the specific process is selected and executed by Bundlers according to existing consensus or contract logic, without the need for user participation in any specific process. In Dapps, we can design intent-centric logic, where users only need to sign their intent when they want to achieve a certain goal, without having to choose and sign each transaction as before. It can be anticipated that with the comprehensive promotion of ERC4337, intent-centric Dapps will become popular on Ethereum, greatly reducing the entry barriers to web3.
5.3 Defi under ERC4337
In the previous bull market, Defi was closely integrated with EOA accounts, enhancing the diversity of on-chain interactions for crypto investors and providing various financial methods such as staking, liquidity provision, and lending, ultimately leading to the Defi Summer. However, the complex transaction process and on-chain costs have set a huge barrier for ordinary users to participate, hindering the further promotion of Defi. After the integration of ERC4337 wallets with Defi, intent-centric interaction methods can be provided, giving users an experience close to CEX. Additionally, through the Paymaster in ERC4337, gas-free transactions can be achieved, and some operators can use this method to lower the barriers to Defi and attract more participants. However, unlike Socialfi and gamefi, Defi involves a large number of token transfers and staking, requiring high security. The contract layer of account abstraction is relatively complex and prone to security vulnerabilities, leading to potential loss of user assets. Furthermore, since the U.S. government issued a ban on many privacy contracts such as Tornado, many Defi platforms strictly review or even suspend interactions with these contract addresses. Therefore, there are many incompatibilities between smart contract wallets and existing Defi systems, and there is even a possibility of being mistakenly blacklisted during interactions with Defi contracts, which poses significant obstacles to the promotion of ERC4337 wallets in Defi.
5.4 Full-Chain Games under ERC4337
Unlike the early "semi-chain" games in gamefi, which only processed game assets and items on-chain in a decentralized manner to ensure their asset security, full-chain games write the core logic and economic models of the game into on-chain smart contracts, enabling on-chain game interactions and achieving full-process decentralization and high security. However, current web3 games have paid a huge price to achieve full-chain. Firstly, there is a significant increase in gas fees. Every interaction involving on-chain games, items, and scenes needs to be recorded on-chain, resulting in a significant increase in game costs.
To address this issue, the interaction logic of current full-chain games is often very simple, limiting the user's trading experience. Additionally, if traditional EOA accounts are used, the interaction process in full-chain games must endure a cumbersome verification process, requiring confirmation for each interaction, greatly reducing the gaming experience. However, with the introduction of account abstraction, transaction costs are greatly reduced, and the transaction confirmation process only requires BLS aggregate signatures and one verification, significantly saving gas consumption in the cryptographic verification process.
Furthermore, through batched transactions, the previous process of confirming each interaction is eliminated. Additionally, the introduction of personalized smart contract accounts can provide convenience for the modular construction of full-chain games, thereby improving development efficiency. However, to date, the combination of account abstraction and full-chain games has mostly appeared on Layer2 solutions such as StarkNet, in projects like loot realms and cartridge, which have implemented native account abstraction. The reason for this is not that Ethereum is unsuitable for the combination of full-chain games and ERC4337 wallets, but rather that the Entry Point contract was only deployed on-chain in March of this year, so most full-chain games based on ERC4337 on Ethereum are still under development.
It can be foreseen that many full-chain games based on ERC4337 will soon land on Ethereum, greatly improving the interactive experience and reducing interaction costs for full-chain games. Additionally, some existing large-scale full-chain games on Ethereum, such as Dark Forest and Wolf Games, may consider making changes to the contract layer to be compatible with interactions with ERC4337 accounts.
5.5 Socialfi under ERC4337
Due to the binding mechanism of private key accounts and the limited interaction capabilities of EOA accounts, Socialfi has long faced high participation barriers and account management difficulties. Poor user experience greatly limits the development potential of SocialFi projects. The introduction of account abstraction will completely change this situation, but the trade-offs between convenience, recoverability, and security need to be balanced based on the specific importance of web3 accounts in Socialfi.
Firstly, the separation of private keys and account control eliminates the need for users to store complex and disordered private keys or mnemonic phrases, and allows for dynamic adjustments to account passwords. For example, the ERC4337 project Ambire, launched at the end of 2021, achieved the creation and private key recovery of web3 accounts through email.
Secondly, the batch processing transactions provided by ERC4337 solve the web3 entry barriers mentioned at the beginning of this article. What can be solved with one button in web2 can also be solved with one button in web3.
Finally, the introduction of custom code logic in ERC4337 accounts is closer to the personalized design of web2 accounts, allowing each Socialfi account to introduce different account functions according to its preferences, similar to how users can choose to open channels in QQ based on their preferences.
6. Future Prospects
As of the time of writing, the number of web3 users is approximately around 300 million, accounting for only about 4% of the global population of 6 billion internet users, indicating significant room for growth. To catch up with the scale of web2 and surpass the milestone of 1 billion users, lower participation barriers and more account customization features are prerequisites. Among all the options to achieve this goal, ERC4337 has relatively lower risks, a mature framework, and has received recognition from the Ethereum Foundation and major developers. Therefore, since the deployment of the Entry Point contract on Ethereum, the number of account abstraction users has experienced explosive growth.
Although ERC4337 has gained widespread recognition and promotion from the Ethereum community, it still faces many issues in practical implementation.
Firstly, there is the pending standard of ERC4377. Many supplementary proposals are still under review, so the final overall implementation form is currently uncertain, which poses a significant obstacle to the development of ERC4377 ecosystem projects.
Secondly, there is the update cost of ERC4377. Once the Entry Point contract is deployed, it requires a high cost for the majority of wallets across the network to uniformly cover the original addresses for the update to be completed.
Lastly, there is the issue of incompatibility with existing Dapps and cross-chain bridges. To achieve the comprehensive implementation of ERC4337, existing Dapps on Ethereum need extensive upgrades, facing extremely high security risks and costs.
However, ERC4377 has actively responded to the above issues. For example, by adding external smart contracts to improve the bundling efficiency of Bundlers, adding opcodes to enhance the permissions of smart contract accounts, and supplementing EIP proposals to address the difficulty of upgrading Entry Points.
Furthermore, in the face of the incompatibility with traditional Dapps, ERC4337 actively builds its own ecosystem, promoting the wider application of account abstraction wallets on Ethereum. The comprehensive implementation of ERC4337 wallets can achieve evm intent-centric at the Ethereum Virtual Machine level, and evm intent-centric can further abstract operations in Dapps to achieve the user-centric simplicity seen in web2.
If intent-centric can be fully implemented in Ethereum Dapps, Defi, gamefi, and almost all sectors that require simplicity of operations and automation will greatly optimize user experience, attracting more people from outside the industry to participate. However, sectors like Defi, which directly involve token transfers, may be more conservative in their incremental growth, as they have stricter security requirements. On the other hand, Socialfi and gamefi are more concerned with user experience and relatively downplay security. However, due to the limitations of EOA accounts, they have been unable to carry out complex interaction designs.
Through ERC4337, these sectors can address the two major issues of previously high user barriers and poor user experience, leading to a significant increase in user volume, and may even serve as the main breakthrough point in the next bull market.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
-
