Good Morning!

Delivering interesting content every single week on Web3, Security, Crypto, NFTs, Design & AI.

It's FREE, Takes less than 5-minutes to read, and you are guaranteed to learn something.

Subscribe to get valuable Web3 News, Useful Resources and Insights every week to your Inbox!

If you like my work, you can collect this post. It costs less than 2 MATIC. 100 copies available.

In this article, I will summarize Account Abstraction, a game-changer in web3 user experience. It is said to reduce hacking, facilitate the widespread adoption of web3, and solve problems with traditional MetaMask wallets and other EOAs in use today.

Introduction to Account Abstraction

Blockchain technology has revolutionized the way we think about transactions and data storage. With its decentralized and secure nature, it has the potential to transform a wide range of industries, from finance to healthcare to supply chain management. However, as with any new technology, there are still challenges to be overcome. One of these challenges is the complexity of smart contracts and the need for users to hold and manage cryptocurrency in their accounts in order to execute them.

This is where account abstraction comes in. Account abstraction is a concept in blockchain technology that allows developers to create more complex smart contracts by abstracting away the need for users to hold and manage cryptocurrency in their accounts. In this deep dive, we'll explore what account abstraction is, how it works, and its potential benefits and drawbacks.

Let’s dive into it!

What is Account Abstraction?

Account abstraction is a concept in blockchain technology that allows developers to create more complex smart contracts by abstracting away the need for users to hold and manage cryptocurrency in their accounts. In traditional blockchain systems, users need to hold cryptocurrency in their accounts in order to execute smart contracts. However, with account abstraction, users can execute smart contracts without the need for cryptocurrency in their accounts.

This is achieved by abstracting away the need for users to hold and manage cryptocurrency in their accounts, and instead allowing smart contracts to interact directly with the blockchain. This means that users can execute smart contracts without having to worry about managing their cryptocurrency holdings, which can be a complex and time-consuming process.

A better UX is essential for widespread adoption of web3. Saying farewell to traditional MetaMask wallets and other EOAs is necessary. Signing multiple times before performing a transaction will no longer be required, thus reducing the risk of hacks.

This is all possible with Account Abstraction.

Account Abstraction converts an EOA into a smart contract, allowing a web3 wallet to be programmable by the user.

Account Abstraction = make user accounts work more like smart contracts.

Why is Account Abstraction Important?

Account abstraction is important because it enables more complex smart contracts. With traditional blockchain systems, smart contracts are limited by the need for users to hold and manage cryptocurrency in their accounts. This means that smart contracts can only execute transactions that involve cryptocurrency.

However, with account abstraction, smart contracts can execute transactions that don't involve cryptocurrency. This means that developers can create more sophisticated applications on the blockchain, such as decentralized exchanges, prediction markets, and more.

Account abstraction also makes it easier for users to interact with smart contracts. With traditional blockchain systems, users need to hold and manage cryptocurrency in their accounts in order to execute smart contracts. This can be a barrier to entry for many users, as managing cryptocurrency holdings can be complex and time-consuming. With account abstraction, users can execute smart contracts without having to worry about managing their cryptocurrency holdings, which can make it easier for them to interact with blockchain applications.

Ethereum Accounts & Transactions Recap

Let’s get through the boring stuff first. To understand account abstraction, we first need to understand what an account actually is when talking about Ethereum.

What Are Ethereum Accounts?

Ethereum has two different types of “accounts”:

You can think of a contract account as code (smart contracts) living on the blockchain that defines how the account behaves, and think of EOAs as a person ( although a person could have many EOAs).

You probably are already familiar with EOAs. Your MetaMask wallet is an EOA. EOAs are made up of a cryptographic pair of keys: public and private keys that control account activities.

Contract accounts, however, don’t have a private key. They’re smart contracts that are controlled by the logic of the code within them; they’re not controlled by a user.

The key takeaway here is that code defines what contract accounts do, and users control what EOAs do. This matters because smart contracts have the capability to do anything you can write in code, whereas EOAs can basically just sign transactions.

What Are Ethereum Transactions?

Every time you want to write information to the blockchain, such as transfer tokens, or mint an NFT, a transaction needs to occur. Transactions need to be signed by an EOA, and an EOA also has to pay the associated gas fees.

A transaction is initiated by an EOA, and can be sent to either:

• Another EOA, for example, an EOA transferring ETH to another EOA.

• A contract account, for example, minting an NFT from a drop.

ERC-4337 = an Ethereum standard that achieves account abstraction on the protocol, the same features a bank would without having to trust a bank.

How Web3 Works Today: EOAs & A Poor UX

Performing actions on the blockchain today is typically slow and tedious. Every time you want to write new information to the blockchain, you sign a transaction from your EOA to do so.

Once you’re familiar with the process, this becomes the standard experience.

For new users, however, it’s a nightmare.

The process of starting from scratch and interacting with a web3 application for the very first time is enough to put anyone off from entering the space, and that’s just the beginning.

Here’s a step-by-step experience that a new user goes through to perform their first action on a decentralized application from a fresh EOA:

EOAs Are Extremely Risky

You’re likely already familiar with somebody you know losing access to their EOA by either accidentally sharing or losing access to their private key. Some examples:

The level of responsibility you have with traditional EOAs is dangerously high.

There’s even a saying for it: “not your keys, not your crypto”; referring to the fact that if somebody else ever has your private key at any point (such as a centralized exchange), they have the power to control your funds; this point has been proven countless times in the past.

The harsh reality is that private keys are easy to lose and impossible to recover.

EOAs Have Limited Capabilities

As we touched on earlier, EOAs are very limited in their capabilities.

From your EOA, you’re usually performing one of two typical actions:

1. Submitting a transaction to transfer tokens to another EOA

2. Submitting a transaction that executes a function on a contract account

Whoever has the private key can sign messages and initiate any transactions the EOA can handle. Knowing the private key of an EOA gives you the power to perform everything that an EOA is capable of. It’s all or nothing.

EOAs Will Never Enable Mainstream Adoption

In the real world, losing your credit card doesn’t mean you are completely doomed.

There are rules in place that allow you to do things like set payment limits, stop transactions, detect fraud, change funds to a new account, only allow funds to be transferred under certain conditions, etc.

In web3, if you make one mistake, your entire account is compromised and unrecoverable. EOAs even compared to centralized stores of currency is… 💩.

We’ve dunked on EOAs enough, let’s finally discuss the solution.

EOAs have three key features:

1. A balance to represent ETH owned by the user

2. A nonce to ensure the uniqueness of each transaction

3. An address to distinguish the uniqueness of the EOA.

What secures an EOA?

An EOA is secured by a signer or keypair, which prevents unauthorized access. It consists of two keys: private and public. The private key signs transactions, while the public key verifies signatures. Losing your key means losing access to your account. To stay safe, you can use a hardware wallet to store your keys. However, this hinders mass adoption of web3 and leaves the user vulnerable to hacks from the random signing of transactions.

Account Abstraction offers a solution. By transforming an EOA into a smart contract, it allows the user to define valid transactions without the need for a private key.

With account abstraction, EOAs transform into smart contracts, enabling transaction authorization to be programmable by users.

• Users can use multiple signers for added security against fraud.

• With Account Abstraction, users can approve and transfer tokens in a single transaction, enabling batch transactions.

• Code can be written to recover funds in a wallet, eliminating the need for private keys.

• A code can also be written to temporarily halt fund transfers during recovery efforts.

• Gas fees can be paid in any token, and projects can cover these costs for users.

• Account Abstraction enables plug-ins. Plug-ins make accounts more flexible and modular by enabling new features through third-party development during account creation and allowing users to add or remove features afterwards like an app store for your account.

What's preventing the adoption of this in Ethereum?

Most Ethereum wallets today are EOAs with limited security and user experience that cannot be programmed. Most dapps on Ethereum are not compatible with smart contract wallets as the Ethereum ecosystem is primarily built around EOAs.

History of Account Abstraction Proposals

Okay, this sounds great. Why aren’t we already doing this today? Before we answer that, let’s quickly give a brief overview of the history of account abstraction proposals dating back to 2016, and explore why EIP-4337 is different.

2016: EIP-86 — Proposal allowing users to create “account contracts” that perform any desired signature/nonce checks instead of using the mechanism that is currently hard-coded into transaction processing.

2020: EIP-2938 — Proposal to create a new transaction with type AA_TX_TYPE. Transactions of this type are referred to as "AA transactions".

2020: EIP-3074 — Proposal allowing users to delegate control of their EOA to a smart contract. Would allow any EOA to act like a smart contract wallet without deploying a contract.

None of these proposals have been merged into Ethereum. They are all currently in the “stagnant” category; meaning they have been inactive for a period of 6 months or greater.

Part of the reason for these proposals not being merged is that they require consensus-layer protocol changes to the Ethereum network.

Until 2021, when EIP-4337 was proposed; account abstraction on Ethereum without a consensus layer change required!

These bundlers can bundle many user operations into a standard L1 transaction, which is then sent to a specific contract called the entry point. When the transaction reaches the entry point contract, it orchestrates the validation and execution of the user operation by calling two wallet methods. The first method validates the transaction by checking with the wallet logic if it is acceptable to execute that operation and if it allows for paying the fee to execute it. The second method performs the execution. This approach shows a clear divide between the logic validation and execution for Ethereum accounts.

EIP-4337: Account Abstraction Using Alt Mempool

EIP-4337 introduces a “pseudo-transaction” object called a UserOperation; a structure that describes a transaction to be sent on behalf of a user.

User Operations go into an “alt mempool”; which is essentially a waiting room for storing information on unconfirmed transactions.

Nodes on the Ethereum network can choose to act as a “bundler”. Bundlers pick up user operations from the mempool, and package multiple user operations into a single transaction known as a “bundle transaction”.

Once they create a bundle transaction, they send it to a global “ singleton” smart contract known as the “EntryPoint”. There is only one EntryPoint smart contract on the entire blockchain. The bundler calls a function on the EntryPoint smart contract called handleOps.

This function receives the bundle transaction, and calls a special function on each account: validateUserOp. Each smart contract wallet must implement this function.

validateUserOp` should verify the operation's signature, and pay the fee if the account considers the operation valid, before continuing to execute the operation.

Each smart contract wallet also must implement a second function: expected to be called “execute" to actually perform the operation that is sent in by the EntryPoint contract.

A simplified flow of this can be seen below:

credit: Jarrod Watts

Why Does This Matter?

Contract accounts are the next evolution of wallets required to provide a much-needed improvement to the UX of web3.

The possibilities are really endless for what this change enables:

• Creating wallets for your users under the hood when they sign up for your app

• Session keys for web3 games (allow any X transaction for Y amount of time without the need for signatures on each transaction)

• Team wallets to use decentralized applications with tiered permissions

  ---

Exciting features of ERC-4337 include:

- Wallet recovery

- Multi-sign transactions

- Bundle transactions

- Custom limits and 2FA

- Gasless and Sponsored transactions

Wallet recovery - Imagine you lost the key to your house, but your neighbor has a spare key. Similarly, if you lose your wallet key, with ERC-4337 you can use Social Recovery to get your wallet back.

Multi-Sign Transactions - With ERC-4337, you can create transactions that need approval from multiple people. This helps keep things secure and decentralized.

Bundle Transactions - ERC-4337 allows you to combine multiple actions into one transaction. For example, you can create and sell an NFT at the same time, or send and receive money in one go.

Custom Limits and 2FA - Think of this like setting parental controls on your TV. You can customize how your wallet behaves to fit your needs, like setting limits on how much you can spend or requiring extra verification for certain actions.

Gasless and Sponsored Transactions - This is like getting free shipping on your online orders. With ERC-4337, you can skip paying gas fees for some transactions or have someone else pay them for you.

https://www.adilkazani.com

What is a Multi-sig wallet?

Introduction An account that requires more than one signature to control the assets is referred to as a multi-sig wallet. This can increase security by lowering the possibility of a lost signature and by making it more difficult for an attacker to take control of several signatures. A multi-sig, what is it?

https://www.adilkazani.com

What are Zero-Knowledge Rollups (ZK-rollups)?

developers have a wide range of alternatives when it comes to scaling solutions. In addition to Layer 2 chains like Optimism and Arbitrum, there are side chains like Polygon or xDai, as well as Layer 1 enhancements like Ethereum 2.0 .

https://www.adilkazani.com

What Are Smart Contracts?

What Are Smart Contracts? Introduction Smart contracts were initially defined in the 1990s by Nick Szabo. He described a smart contract back then as a mechanism for formalising and securing computer networks through the use of protocols and user interfaces.

The impact on onchain identity

The functionality that the onchain identity infrastructure will now support will be much richer, safer, and user-friendly. Let's think about it using the following example:

In the EIP-4337 world, smart-contract wallets can interact with each other. Over the years, onchain activity has emerged as a proxy for credit scores, social graphs, status, etc. What if your government had a smart-contract wallet and an Ethereum address. You do in-person KYC once and link specific facts to your account. Your government can now help issue anonymous credentials attesting to facts about your onchain identity such as ''US-citizen'', "not in a ban list," etc. In the future, the government will allow US-based DeFi platforms to serve any account that owns a ''US-citizen'' soulbound NFT. When a user interacts with the DeFi platform, the smart contract checks if the user account is eligible. The logic will be extremely simple and fast to execute with account abstraction.

One of the primary benefits of onchain identity is increased security. Users can prove their identity without revealing sensitive personal information using decentralized identifiers and verifiable credentials. This reduces the risk of identity theft and other types of fraud, providing users with greater confidence when interacting with others online. Onchain identity also offers greater privacy compared to traditional identity systems. With onchain identity, users have more control over their personal data and can choose to reveal only the information necessary for a particular transaction. This reduces personal data exposure to third parties, mitigating the risk of data breaches and other privacy violations.

Finally, onchain identity enables greater interoperability between different applications and platforms. Using a standard set of protocols and technologies, onchain identity can seamlessly integrate with other web3 applications, providing users with a more cohesive and connected experience. Overall, the security, privacy, and interoperability benefits of onchain identity make it a valuable ecosystem component. By giving users greater control over their personal data, onchain identity can help to foster greater trust and collaboration in the decentralized internet. Add EIP 4337 to the equation, and identity facts can be checked by smart contract logic. This can easily enable online social groups based on shared POAPs (can act as proxies for interests), social circles (using social graphs), and professional (using onchain credentials that represent real-world expertise) circles.

From the perspective of cryptography and zero-knowledge proofs: account abstraction will provide greater flexibility in terms of signature schemes and elliptic curves, which are used to generate public and private key pairs used for authentication and encryption. This will enable users to choose the identity verification methods that work best for them, increasing the level of trust and security in the system. For example, ECDSA signatures are extremely expensive to verify with zk. Using a signature scheme that is zk-friendly will enable anonymous credentials and access gating with short proofs that can be generated client-side at blazing fast speeds.

Zero-knowledge proofs were an afterthought in the cryptocurrency world when the need and importance for privacy took the stage. Consequently, the cryptography that supports account authentication and security was not designed with zk-compatibility in mind. The EIP-4337 future brings a lot of promise to all these exciting directions!

Account-based vs. UTXO-based Blockchains

Before we dive into how account abstraction works, it's important to understand the difference between account-based and UTXO-based blockchains.

Account-based blockchains, such as Ethereum, maintain a state of account balances and allow users to execute transactions that modify this state. In an account-based blockchain, users have accounts that are identified by their public keys. These accounts hold balances of cryptocurrency, which can be transferred to other accounts through transactions.

UTXO-based blockchains, such as Bitcoin, maintain a state of unspent transaction outputs (UTXOs) and allow users to create transactions that consume these UTXOs and create new ones. In a UTXO-based blockchain, users don't have accounts. Instead, they create transactions that consume UTXOs and create new ones.

Account Abstraction in Account-based Blockchains

Account abstraction is primarily used in account-based blockchains, such as Ethereum. In an account-based blockchain, smart contracts are executed by sending transactions to the blockchain. These transactions modify the state of the blockchain by transferring cryptocurrency between accounts or executing smart contract code.

With account abstraction, smart contracts can execute transactions that don't involve cryptocurrency. This is achieved by abstracting away the need for users to hold and manage cryptocurrency in their accounts. Instead, smart contracts can interact directly with the blockchain and modify its state without the need for cryptocurrency transactions.

There are two main types of account abstraction in account-based blockchains: contract-based account abstraction and native account abstraction.

Contract-based Account Abstraction

Contract-based account abstraction is a type of account abstraction that is implemented through smart contracts. In contract-based account abstraction, a smart contract acts as an intermediary between the user and the blockchain.

When a user wants to execute a smart contract, they send a transaction to the smart contract instead of directly to the blockchain. The smart contract then executes the necessary code and sends a transaction to the blockchain to modify its state. This transaction doesn't involve cryptocurrency, as the smart contract has already abstracted away the need for the user to hold and manage cryptocurrency in their account.

Native Account Abstraction

Native account abstraction is a type of account abstraction that is implemented directly in the blockchain protocol. In native account abstraction, the blockchain itself is responsible for abstracting away the need for users to hold and manage cryptocurrency in their accounts.

In native account abstraction, smart contracts can interact directly with the blockchain and modify its state without the need for cryptocurrency transactions. This is achieved through a mechanism called gas abstraction, which allows smart contracts to pay for their own execution costs instead of requiring users to pay for them through cryptocurrency 

Benefits of Account Abstraction

1. More Complex Smart Contracts: Account abstraction enables developers to create more complex smart contracts by abstracting away the need for users to hold and manage cryptocurrency in their accounts. This means that smart contracts can execute transactions that don't involve cryptocurrency, which can enable more sophisticated applications on the blockchain.

2. Easier User Experience: Account abstraction makes it easier for users to interact with smart contracts. With traditional blockchain systems, users need to hold and manage cryptocurrency in their accounts in order to execute smart contracts. This can be a barrier to entry for many users, as managing cryptocurrency holdings can be complex and time-consuming. With account abstraction, users can execute smart contracts without having to worry about managing their cryptocurrency holdings, which can make it easier for them to interact with blockchain applications.

3. Lower Transaction Fees: Account abstraction can potentially lower transaction fees for users. With traditional blockchain systems, users need to pay transaction fees in order to execute smart contracts. These fees can be high, especially during times of high network congestion. With account abstraction, smart contracts can execute transactions that don't involve cryptocurrency, which can potentially lower transaction fees for users.

Drawbacks of Account Abstraction

1. Security Risks: Account abstraction introduces new security risks to the blockchain ecosystem. By abstracting away the need for users to hold and manage cryptocurrency in their accounts, it becomes easier for attackers to exploit vulnerabilities in smart contracts and steal funds.

2. Complexity: Account abstraction adds complexity to the blockchain ecosystem. Developers need to understand how account abstraction works in order to create smart contracts that take advantage of its benefits. This can be a barrier to entry for some developers, especially those who are new to blockchain technology.

3. Potential for Centralization: Account abstraction has the potential to centralize the blockchain ecosystem. By abstracting away the need for users to hold and manage cryptocurrency in their accounts, it becomes easier for large entities to control the flow of funds on the blockchain.

Argent is another blockchain platform that uses account abstraction. Argent is a mobile wallet that uses contract-based account abstraction to enable users to interact with decentralized applications (dApps) on the Ethereum blockchain without having to manage their own private keys. Argent's approach to account abstraction involves using smart contracts to manage user funds and execute transactions on behalf of users. This enables a more user-friendly experience for interacting with dApps on the Ethereum blockchain. Thank you for bringing this to my attention!

Starknet has been a trailblazer in deploying UX-revolutionizing Account Abstraction, and baking it in at the protocol level. That means Starknet users can natively use AA without having to reprogram their wallets into smart contracts! This is a significant development in the world of blockchain technology, as it enables users to interact with decentralized applications more easily and efficiently. By abstracting away the details of how user accounts are managed, Starknet can provide a more user-friendly experience for interacting with dApps on the blockchain. This can help to increase adoption of blockchain technology and make it more accessible to a wider range of users.

TL;dr

Account Abstraction revolutionizes the web3 user experience by reducing hacks, enabling mainstream adoption of web3, and fixing issues with traditional MetaMask wallets and EOAs. It transforms an EOA into a smart contract, making web3 wallets programmable for user customization. EOAs have a balance, nonce, and address, secured by a private/public key pair.

Account Abstraction eliminates the need for keys by transforming the account into a smart contract, enabling programmable transaction authorization, multiple signers, batch transactions, and gas fee payments in any token. It also enables plug-ins for added flexibility and customization. The main obstacle to adoption is that most Ethereum wallets are EOAs and most dapps are not smart contract wallet compatible. StarkNet is focused on bringing this tech to its ecosystem. Account Abstraction delivers a better user experience, essential for the mass adoption of web3.

I highly suggest going through the following resources.

1. This talk from Devon Bogota

2. Argent’s breakdown of AA as a concept.

3. The original draft for ERC-4337

4. ERC-2771 - on Meta Transactions.

5. https://eips.ethereum.org/EIPS/eip-4337

6. https://ethereum.org/en/roadmap/account-abstraction/

Wrapping Up

In this post, we’ve outlined:

• The fundamental concepts of accounts and transactions on Ethereum.

• How EOAs fall short in terms of web3 user experience.

• What account abstraction does to solve it and how it works under the hood.

Account abstraction is a game changer for web3 and bringing decentralized applications to a mainstream audience.

The power to use smart contracts as your wallet brings endless possibilities and EIP-4337 is the latest proposal of account abstraction that doesn’t require a consensus-layer change.

ADIL 🦂

@kazani351

1/ Account Abstraction is a proposal to improve #Ethereum by abstracting user accounts from contract accounts, enabling new types of transactions and facilitating on-chain identity.

Pratyush Ranjan Tiwari

@PratyushRT

Account abstraction and smart-contract wallets are set to improve the safety of all Ethereum accounts. Just published this blog post exploring the impact this will have on the onchain identity-based infrastructure, apps, and cryptography. 1/2

blog.bigwhalelabs.com/account-abstra…

3

1:10 • 10 Mar 2023

If you're enjoying today's newsletter, why not share it with your friends? They might find it just as informative and entertaining as you do.

Sharing is caring, and by spreading the word about this newsletter, you're helping to support ME and ensure that more great content gets produced in the future. Plus, you'll get to have even more conversations with your friends about the interesting topics covered in each edition.

So go ahead and hit that share button.

Collect this post. 100 copies available. 1 MATIC only.

I hope this was helpful!

Thank you for reading!

If you're interested in following along, feel free to subscribe!

Let’s bust some more in next article.

If you want more, be sure to

FOLLOW ME