Crypto adoption is on the up – even amidst the bear market of 2022, the market saw an increase in wallets and transactions. In June 2023 we saw 15 million active wallets, more than twice as many as two years ago when prices were still elevated.
Such interest spawns out of a number of reasons – from lower fees, higher speed, and better security, to its nature as a shield against the forces of inflation and its provision of greater opportunities on the global stage.
Source: State of Crypto 2023 by a16z
But, we’re still in the early days of the development of the crypto industry. If we compare the growth rates of Internet users and crypto users, the resulting trend will be very similar. If the crypto industry develops effectively, simultaneously solving all the problems that place the masses in adoption, then by the end of this decade we should theoretically expect the first billion crypto users.
Source: State of Crypto 2023 by a16z
Nevertheless, noting the benefits, adoption isn’t as widespread as we should expect, especially in the non-custodial market. The reason? The gaping education gap. Blockchain technologies are simply very difficult to get your head around. In order to use an EOA, or an ‘Externally Owned Account’ such as an account fromMetamask wallet, the average user needs to understand terms such as ‘seed phrase’, ‘private and public keys’, ‘smart contracts’, ‘gas fees’ – there’s no getting around it either, as if mistakes are made, funds are lost.
Sad stories about self-custody wallets
As a result, for years, the community has been on a quest for simplification. Indeed, now, with the concept of ‘Account Abstraction’, we’re almost there. That’s why, today, we’ll be exploring the wheres, the whats, and the whys, while evaluating the two different categories of solutions.
What is Account Abstraction?
As we covered briefly, the main barrier to the widespread adoption of cryptocurrencies lies in their complexity of use. EOAs are effectively public-private key pairs, where the user acts as both the ‘Signer’ of transactions and the ‘Account’. They’re responsible for both the validation and execution of transactions – in other words, that’s a lot of weight to put on the old lady looking to send money to her grandson for his birthday.
Aside from the amount of conceptual knowledge that is needed to perform a transaction on the blockchain, use needs to be void of error. As there’s no third-party custodian to deal with lost passwords and two-factor authentication, if the password is lost, the funds are lost in tandem.
As such, most people who are interacting with the blockchain do so on a custodian-only basis, instructing centralized platforms such as Binance to hold their private keys on their behalf.
Of course, there are privacy concerns here – especially when we consider the recent FTX debacle. Centralization was never the dream of the blockchain, so a solution regarding the usability of non-custodial platforms has always been a priority.
That’s where account abstraction comes in. In layman’s terms, this is the practice of decoupling the relationship between the account holding the assets and the signer by making the account itself a smart contract.
Of course, such an idea isn’t new, and was always on the Ethereum roadmap, being proposed back in different EIPs since 2016.
Recently, however, with EIP-4337 being announced in 2021, the dream is finally becoming a reality with application layer solutions. Any dApp developer would be able to utilize the proposal to do things such as: sponsoring user transaction fees; enabling additional security features such as on-chain transaction monitoring; utilizing social logins to introduce non-custodial guardians and providing account recovery. Recently, on March 2nd, 2023, the community deployed the smart contracts necessary for the implementation of EIP-4337 to the main Ethereum network. Then major infrastructure players such as Alchemy, Biconomy, Gelato Network and etc. released core account abstraction infrastructure components.
Moreover, with the advent of advanced layer-2 mechanics, ZK-Rollup solutions such as StarkNet and ZKsync offer native account abstraction on the protocol layer.
In theory, account abstraction and the flexibility it provides is an ideal solution to the aforementioned barriers to blockchain entry. However, there’s one main reason why a solution hasn’t been crowned, and that lies in the increased security risks.
The extensibility of transactions increases the attack vector surface area, owing to the fact that every component ought to be secured individually and holistically.
Nevertheless, every day, our heroes crawl closer to the finish line, and the risks facing account abstraction are diminishing day by day. As such, it’s worthwhile digging deeper into the kinds of solutions available.
Application-level solutions on L1s: smart contract plus off-chain infrastructure
We’ve spoken to some degree regarding the Ethereum Improvement Proposals that change the way the network works. Since 2016, the idea of Account Abstraction has certainly been a desirable integration.
Notably, in 2018, smart-contract wallets were introduced to secure user assets. At this point, social recovery became possible for the first time, with on-chain fraud monitoring – all without providing custody to a third party. In 2020 with EIP-2938, a new kind of transaction was developed that would enable smart contracts to act as top-level accounts. Not long after came EIP-3074 which made existing EOAs behave similarly to smart contracts, allowing users to simply delegate EOA control to a smart contract. Then, in 2021, EIP-4337 hit the Ethereum roadmap, which is where we are today.
The main idea of the proposal was to standardize the off-chain infrastructure required to write and operate smart-contract wallets. Notably, with a clear separation of validation and execution when it comes to non-custodial user actions on the blockchain.
Source: The road to account abstraction by Vitalik Buterin
So, what’s going on behind the scenes when it comes to EIP-4337? Firstly, the transaction pathway involves the UserOperation being sent to a high-level mempool (effectively, a queue where transactions are sorted and stored before being added to a new block). Then, a bundler wraps up a group of UserOperations into a bundle transaction, which is then sent to the EntryPoint contract with fees being paid by the bundler.
Then, the EntryPoint contract does two things. First of all, it verifies the target wallet’s transaction and then it executes the call. As we looked at it, there’s a clear separation between validation and execution here – something incredibly important for account abstraction.
Such an approach can be used for building new-generation crypto wallets for EVM blockchains, where users will be able to take advantage of advanced security features such as social recovery, key-changing, multi-sig and etc.
Using a real-world example, Safe Wallet by Gnosis – a multisig smart contract wallet that runs on EVM blockchains. The wallet itself requires transaction confirmation from not one but several wallet holders, each holding a different signature. It is worth noting that Safe is probably the very first smart contract wallet that has become widespread and at the moment about 60 billion assets are stored in more than 3 million wallets.
The official Safe wallet cannot be called a very powerful account abstraction wallet that implements all the features that this new concept gives, it basically has only multi-sig functionality. Safe positions itself more as an open protocol on the basis of which it is possible to build a next-generation crypto wallet thanks to its extensible design. More recently, Safe has supported EIP-4337 as a standard and released the Safe {Core} account abstraction SDK for external developers.
However, application-layer technologies on the Ethereum mainnet come with noticeable drawbacks.
Smart contracts, for example, don’t just expand the applications of blockchain technology, but they also increase the surface area for attack. These contracts are usually written in a high-level language such as solidity, before being compiled into bytecode and deployed to the blockchain by the contract owner, where they’ll run on various virtual machines. The complexity means that novel attack vectors arise, increasing the likelihood of transaction order dependence attacks, false top-up attacks, and replay attacks – all usually occurring on the application layer.
Secondly, since the entire Ethereum ecosystem is built around EOAs, many Dapps are incompatible with smart contract wallets. This is largely a result of smart contract wallets being seen somewhat as ‘second-class’ citizens on Ethereum.
Account abstraction infrastructure for application level
- Biconomy (Smart Account Contract, Bundler, Paymaster, SDK)
- StackUp (Smart Account Contract, Bundler, Paymaster, SDK)
- Safe (Smart Account Contract, SDK)
- Web3Auth (Key management)
Wallets built on top
- Safe (based on Safe)
- Worldcoin (based on Safe)
- Ambire
- Sequence
- Pluser (beta, based on Safe)
- Sout wallet (beta, based on Safe)
- And more…
Protocol-level solutions on L2s: native account abstraction
The solutions to application layer vulnerabilities lie in the development of a layer-2 solution, designed to be used with account abstraction.
In other words, a sidechain that can move the process of account abstraction to the protocol layer. StarkNet and ZkSynce are fantastic examples of L2s with native account abstraction realization inspired by erc-4337. The main difference from EIP 4337 on L1 is that native accounts here are first-class citizens of the protocol.
Let’s deep dive into the implementation of account abstraction on StarkNet. Just like with EIP 443, there’s a meta to validate each transaction. Indeed, the Validate function makes sure that any submitted transaction was initiated by the account owner, and won’t take up any additional resources during execution, while the execute function abstracts away the remaining actions performed by a transaction.
Another key task of these layer-2 solutions is to verify off-chain signatures – something that was proposed on the mainnet with EIP-1272. Indeed, that’s something that StarkNet does quite well with Argent X, a browser wallet based on StarkNet’s existing infrastructure – the account in the signed data coming from off-chain messages makes sure that if multiple account contracts are using the same key, the signature requested by a dApp for a specific account cannot be used for the purpose of alternate account authentication.
As a matter of fact, the app is the first wallet to exist on StarkNet, and has a browser extension for Chrome and Firefox. It’s multi-account, enables users to send and receive NFTs, and is 100% open source. In layman’s terms, Argent X realizes the benefits of the StarkNet infrastructure on the front end.
Moreover, just like application-layer infrastructure, these layer-2 applications also enable the connection of guardians, where accounts can be re-programmed to suit new keys. Social recovery is 100% non-custodial as you can decide who the guardian is and change it any time you wish.
There are also some fantastic benefits when it comes to gaming. For example, session keys being available with logic customizability means that variables such as time and contracts to be interacted with can be altered depending on the use case.
Native account abstraction implementation
- ZKSync
- Starknet
Wallets built on top
- Argent (ZkSync and Starknet)
- Raise Finance (beta, ZkSync)
The current state of account abstraction
It is difficult to count how many account abstraction wallets there are on the market, but I found 2 Dune dashboards with statistics. The first one features 400k+ ERC-4337 wallets from different EVM networks (Base, Avalanche, Optimism, BSC, Arbitrum, Ethereum, Polygon), the second shows that there are 4m+ Safe wallets from different EVM networks (all supported by Safe chains).
Source: https://dune.com/niftytable/account-abstraction
Source: https://dune.com/safe/all
Speaking about Safe. Most recently, the sensational Worldcoin project released its World app to the public with a built-in non-custodial crypto-wallet and World Orb device through which the identity verification process is organized around the world.
Thus, in just a few weeks, they onboarded 2+ million users who received proof-of-personhood Id from Worldcoin to their crypto wallets created in the World app. The project developers decided to apply the concept of account abstraction in the development of the World App. Under the hood, this smart contract wallet uses Safe{Core}, an account abstraction stack by Safe.
Now, through account abstraction, they organize only a gas-less experience for their users, but in future releases, they are going to support account recovery and other interesting features that the AA concept allows them to implement. To date, the World App is the largest deployer of Safe wallets, among 4m+ Safe wallets, 1.5m was created by Worldcoin for their users.
Source: https://dune.com/hashed_official/worldcoin-dashboard
Considering the amount of infrastructure and the number of created smart wallets, the figure is not yet impressive, we will write off the fact that it is now a crypto winter and a certain maximum number of crypto users has been reached.
But it cannot be denied that will be ready for the next bullish trend and the flow of new crypto users will be onboarded through account abstraction wallets, and not through EOA wallets. And I think the example of a Worldcoin launch will make account abstractions wallets even more popular.
Final thoughts
In terms of a conclusion – one thing is clear. Layer-2 solutions are in no way inferior to the mainnet Ethereum Improvement Proposals, and instead, largely build upon them. Much like layer-2 solutions are designed with greater speed and lower transaction fees in mind, native account abstraction with these features in-built are great alternatives to the shortcomings of the Ethereum mainnet.
With crypto adoption increasing day by day, it’s important that we solve the problems associated with a confusing interface so that a bad taste is not left in the mouths of regulators and ordinary users alike.
That’s why realizing true account abstraction – be it through the application-level powers of the Ethereum mainnet or the up-and-coming layer-2 projects that bring this concept to the protocol level – has never been more important for the widespread adoption of blockchain technologies.
This article was originally published by Nazhmudin B. on Hackernoon.
