ERC-4337, or Account Abstraction, is a token wallet standard for the Ethereum network that aims to provide a more secure and functional framework for token creation. This standard changes the architecture of Ethereum wallets and makes them simpler and more user-friendly. It seeks to eliminate the existence of two types of accounts
externally owned accounts and
contract accounts
by unifying them under a single type.
This would enable features like:
Social recovery: recovering your wallet with the help of whitelisted accounts instead of seed phrases.
Multi-signature: requiring multiple signatures to authorize a transaction.
Gas abstraction: paying transaction fees with any token instead of ETH.
Custom logic: programming your own rules for validating transactions.
One of the main benefits of ERC-4337 is that it enables bundled and sponsored transactions with discounted transaction fees.
It would increase the adoption and usability of Ethereum by making it more accessible and convenient for users.
It would enhance the security and flexibility of Ethereum wallets by allowing users to customize their own account logic.
It would reduce the complexity and overhead of managing multiple types of accounts on Ethereum.
It would create new possibilities for innovation and interoperability on Ethereum by enabling smart contract wallets to interact with other contracts directly.
ERC-4337 works by using a higher-level system called bundlers to process user operations.
User operations are objects that contain the user's intent and other data for verification, along with signatures.
Bundlers retrieve user operations from a mempool and return the desired result to the wallet.
This way, users can customize their own accounts with different features and logic without depending on centralized relayers or changing the consensus layer of Ethereum.
Bundlers are actors that retrieve user operations from the mempool and package them into a transaction for batch verification and execution. They can be block builders running special-purpose code or users that can relay transactions to block builders through a bundle marketplace like Flashbots.
An example use case of ERC-4337 is UniPass, a wallet that allows users to create an account with just an email address and password without needing a seed phrase or private key. UniPass uses ERC-4337 user operations to interact with smart contracts on Ethereum without paying gas fees directly. Instead, it uses paymasters to sponsor gas fees and bundlers to process user operations.
More secure: ERC-4337 introduces built-in access controls, permissions, and a more flexible token supply model, making it more secure than existing token standards. This helps to reduce the risk of hacks or other security breaches.
More functional: ERC-4337 also introduces a more flexible token supply model, enabling developers to create tokens with a variable supply. This allows for more complex and dynamic token economics.
Improved user experience: The built-in access controls and permissions allow users to create smart accounts that can perform automated payments, set time-based spending limits, or recover lost accounts without needing a seed phrase or private key. This simplifies the onboarding process and reduces user friction.
More secure than ERC-20, as it allows users to store their keys locally and set up access controls for token transfers.
More functional than ERC-721 and ERC-1155, as it allows users to create tokens with a variable supply and perform automated payments.
More user-friendly than existing smart contract wallets, as it eliminates the need for seed phrases, private keys, or relayers.
More decentralized and censorship-resistant than previous approaches to account abstraction, as it uses a unified mempool that does not depend on centralized intermediaries.
More complex: It requires a higher-level system of bundlers to process user operations.
More experimental: It is still an experimental standard that may have unforeseen issues or challenges.
ERC-4337 benefits developers and users in different ways.
For developers, it provides a more secure and functional framework for token creation, enabling them to create more robust and flexible dApps.
ERC-4337 allows them to create smart accounts with different features and logic depending on their needs.
For example, they can create tokens that have a dynamic supply, a governance mechanism, or a fee-sharing model. They can also create tokens that are compatible with different EVM-based blockchains.
For users, it offers a more seamless and user-friendly experience when interacting with dApps.
ERC-4337 allows them to use smart accounts that can handle the esoteric blockchain stuff. The standard’s built-in access controls and permissions make it easier for users to understand how their tokens are being used and to protect their assets. Users can also program different mechanisms to enable their private keys to be retrieved without writing down seed phrases.
For example, they can use bundlers to pay for transactions with any token or even get sponsored transactions with discounted fees.
They can also use smart accounts with built-in access controls and permissions to protect their assets and privacy.
Moreover, they can use smart accounts with different mechanisms to recover their private keys without relying on seed phrases.
ERC-4337 could enable more flexible and creative NFT designs by allowing developers to define custom token metadata, such as images, videos, audio, text, etc. This could enhance the aesthetic and functional value of NFTs and their interoperability with other dApps.
ERC-4337 could improve the user experience and security of NFT transactions by allowing users to pay gas fees in any token rather than only in ETH. This could lower the friction and cost of buying and selling NFTs and protect users from volatility and network congestion.
ERC-4337 could empower NFT owners and creators by enabling smart accounts that can hold any assets, execute any type of logic, and communicate with any other contract. This could allow for more complex and customized NFT features, such as royalties, auctions, lending, fractionalization, etc. Smart accounts could also implement social recovery mechanisms to help users recover their lost or stolen NFTs.
ERC-4337 could increase the adoption and innovation of NFTs on Ethereum by reducing scalability issues and gas costs on the network. By using bundlers that can batch and process transactions off-chain before submitting them to the main chain as a single transaction, ERC-4337 could enable faster and cheaper NFT minting and trading.
ERC-4337 could enable more secure and flexible DeFi protocols by allowing developers to create smart accounts that can hold assets, execute any strategy, and communicate with any other contract.
ERC-4337 could improve the user experience and accessibility of DeFi transactions by allowing users to pay gas fees in any token rather than only in ETH.
ERC-4337 could enhance the scalability and efficiency of DeFi transactions by reducing congestion and gas costs on the network.
ERC-4337 could enable a more decentralized and resilient infrastructure by introducing bundlers, a special class of actors that can batch and process transactions off-chain before submitting them to the main chain as a single transaction.
ERC-4337 could enable a more user-friendly and secure infrastructure by introducing smart accounts, a new type of account that can hold any type of assets, execute any type of logic, and communicate with any other contract.
ERC-4337 could enable more innovative and interoperable infrastructure by introducing user operations, a new type of pseudo-transaction object that can be signed by smart accounts and sent to a separate mempool.
ERC-4337 could enable more user-centric and customizable web3 applications by allowing users to create and manage their own smart accounts that can interact with any decentralized protocol or service. Users could choose their own security settings, transaction parameters, gas payment methods, etc.
ERC-4337 could enable more seamless and intuitive web3 experiences by allowing users to sign transactions with any device or platform that supports WalletConnect, a standard for connecting web3 wallets across different applications. Users could also use QR codes or NFC tags to initiate transactions without needing a browser extension or app.
ERC-4337 could enable more collaborative and innovative web3 communities by allowing users to join and create smart account collectives that can pool resources, share governance, and execute transactions together. Users could also participate in social experiments, games, and challenges that leverage smart account features.
dApps that require a more dynamic token supply can use ERC-4337 to create tokens with a variable supply, meaning that they can increase or decrease the number of tokens in circulation according to their needs. For example,
dApps (token creation platforms) that require more complex token structures can use ERC-4337 to define custom token metadata, meaning that they can include additional information about their tokens. For example,
decentralized exchanges and marketplaces that want to offer more seamless and user-friendly trading experiences for their users. ERC-4337 improves the trading experience by allowing users to use smart accounts that can pay gas fees in any token, customize transaction parameters, and execute atomic swaps.
a dApp that creates non-fungible tokens (NFTs) could use ERC-4337 to add attributes such as name, description, image, rarity, etc., to their tokens.
dApps that want to offer account recovery and group-access wallets can use ERC-4337 to enable account abstraction, meaning that they can allow users to use smart contract wallets instead of externally owned accounts (EOAs).
dApps that want to enable bundled and sponsored transactions with discounted transaction fees can use ERC-4337 to leverage a separate mempool for user operations. For example,
ERC-4337 could enable more innovation and collaboration by allowing users to join and create DAOs that can pool resources, share governance, and execute transactions together.
a dApp that offers gaming services could use ERC-4337 to let users send multiple actions in one transaction (bundling), or pay for their transactions using tokens instead of gas (sponsoring).
For example, a user could create a smart account that can swap tokens on Uniswap, borrow tokens on Aave, or stake tokens on Compound using only ERC-20 tokens as inputs and outputs.
The user would sign a transaction request with their private key and send it to a bundler, which is a node service that aggregates and submits transaction requests to the network. The bundler would pay the gas fees for the transaction and receive a fee from the user in any ERC-20 token of their choice.
The smart account would execute the transaction request logic on behalf of the user, verifying that the bundler followed the rules and did not censor or tamper with the request. The smart account would also handle the refund or reimbursement of the bundler's gas fees, either by deducting it from the user's output tokens or by using a pre-approved allowance mechanism.
This way, the user could access various DeFi services on Ethereum without needing ETH or worrying about gas prices. The user could also benefit from enhanced security and flexibility of their smart account, which could implement custom logic, rules, or conditions for their transactions.
One of the features of ERC-4337 is built-in access controls, which allow developers to set permissions for token transfers and other actions. This could enable users to delegate voting to their ERC-4337 account by first creating a smart contract account that implements their voting logic.
For example, the account could check the proposal details and compare them with the user’s preferences, such as risk level, return rate, social impact, etc. The account could then vote accordingly or abstain if none of the proposals match the user’s criteria.
The user would then sign a message offline that authorizes their account to vote on their behalf for a certain period of time or until revoked. The message would include the address of the DAO contract and the amount of tokens delegated.
The user would then send the message to a bundler, who would include it in a block along with other user operations. The DAO contract would then recognize the message and update its records accordingly. It would also allow the ERC-4337 account to vote on proposals using the delegated tokens as long as the authorization is valid.
The ERC-4337 account would then execute its voting logic whenever there is a new proposal and send its vote to a bundler who would include it in a block. This way, the user could delegate their votes to their ERC-4337 account without having to be online or pay gas fees for every vote. They could also benefit from the features of ERC-4337, such as custom fees, offline signing, and social recovery.
This makes sense as it would allow users to authorize their account to vote on their behalf for a certain period of time or until revoked. The account could then vote accordingly or abstain if none of the proposals match the user’s criteria. The user would then send the message to a bundler, who would include it in a block along with other user operations. The DAO contract would then recognize the message and update its records accordingly. It would also allow the ERC-4337 account to vote on proposals using the delegated tokens as long as the authorization is valid.
However, there are some drawbacks and challenges with this use case which I have noticed, and these are some answers to the best of my knowledge.
However, please note that these are not definitive or comprehensive answers, and we may need to do more research and testing before implementing them.
How would users ensure their voting strategy is secure and aligned with their preferences?
One possible solution is using a well-tested and audited smart contract template to create ERC-4337 accounts with voting logic.
Alternatively, users could hire reputable developers or use trusted platforms to create their custom voting logic, review the code of their account contract before deploying it and verify that it matches their expectations.
How would users revoke their authorization if they change their minds or want to vote differently?
One possible solution is to include a revocation mechanism in the user operation message that authorizes the account to vote on behalf of the user.
For example, the message could have an expiry time or a nonce that can be used to invalidate it.
Alternatively, users could send another message to revoke their previous authorization.
How would users monitor and verify that their votes are being cast correctly by their account?
One possible solution is to use a public explorer or a dashboard that tracks the votes cast by ERC-4337 accounts on different DAOs.
Users could also subscribe to notifications or alerts when their account votes on a proposal.
Additionally, users could check the state of their account contract on-chain and verify that it matches their voting logic.
How would users deal with possible censorship or denial-of-service attacks by bundlers or other actors?
One possible solution is to use multiple bundlers or bundle marketplaces to increase the chances of getting user operations included in blocks.
Users could also incentivize bundlers by offering higher fees for serving their operations.
Additionally, users could rely on reputation systems or social networks to identify trustworthy bundlers.
One way to use ERC-4337 is to create a social media platform that is decentralized and not controlled by any company or government.
Users can post content using their Smart Accounts and prove that they own them with their signatures. They can also tip each other for their content using any token they want.
They don’t need to pay gas fees for every transaction because someone else pays for them and gets a tip in return. This someone else is called a bundler, and they help users send their transactions to the network.
This way, users can have a better experience on social media without having to worry about gas fees or losing their accounts. They can also have more control over their content and identity without depending on any third party.
For example, the account could have functions to mint new NFTs using the user’s signature or image data, to buy NFTs from various marketplaces using the user’s funds or tokens, to sell NFTs at a specified price or condition using the user’s approval or signature, or to trade NFTs with other users using the user’s consent or criteria.
The user would then sign a message offline that authorizes their account to perform these actions for a certain period of time or until revoked. The message would include the address of the ERC-4337 account and the amount of funds or tokens delegated. The user would then send the message to a bundler, who would include it in a block along with other user operations.
The ERC-4337 account would then execute its NFT logic whenever there is an opportunity or trigger and send its transaction to a bundler who would include it in a block.
This way, the user could delegate their NFT transactions to their ERC-4337 account without having to be online or pay gas fees for every transaction. They could also benefit from the features of ERC-4337, such as custom fees, offline signing, social recovery, and custom metadata.
In simpler terms, imagine these two (very similar) scenarios
Imagine you have a special account that can do things for you on the internet without you having to be online or pay fees.
For example, this account can create digital artwork for you using your signature or image data.
It can also buy and sell these artworks on different websites using your money or tokens. It can also trade these artworks with other people based on your preferences or rules.
You just need to tell this account what you want it to do and for how long by sending it a message. This message is like a permission slip that lets this account act on your behalf. This is what ERC-4337 allows you to do with your NFTs.
Let’s say you want to create your own NFT collection of digital paintings.
You have a smart contract account that can mint new NFTs using your signature or image data. You also have some funds or tokens in this account that you want to use for buying and selling NFTs.
You sign a message offline that tells this account to mint 10 new NFTs using your image data and to sell them on OpenSea for 0.1 ETH each.
You also tell this account to buy any NFTs from CryptoPunks that are below 100 ETH and to trade any NFTs from CryptoKitties with other users based on their rarity.
You set the duration of this message to one week or until you revoke it. You send this message to a bundler, who includes it in a block along with other user operations.
Your smart contract account then executes its logic whenever there is an opportunity or trigger and sends its transactions to another bundler who includes them in a block.
This way, you can create and manage your own NFT collection without having to be online or pay gas fees for every transaction.
Now that we have discussed the use cases of ERC_4337, here are some of the challenges of implementing ERC-4337
Finding a way to handle different scenarios and corner cases that may arise when bundling user operations, such as reordering, replaying, censoring, or invalidating them.
Ensuring that the bundlers and entry points are decentralized and censorship-resistant, and do not depend on a single entity or relayer.
Increased DoS vulnerability: Protecting the network and the bundlers from denial-of-service (DoS) attacks by malicious users who may try to send user operations that consume too much gas or fail to pay fees.
ERC-4337 introduces some restrictions on the verification logic of Smart Accounts, such as limiting the gas used during validation, banning certain opcodes, and preventing non-deterministic behavior.
These restrictions aim to reduce the attack surface and protect bundlers from unpaid work or griefing by malicious users or contracts.
Providing a user-friendly interface and experience for users who want to use ERC-4337 accounts without having to deal with complex technical details.
ERC-4337 can make it easier for new users to join the decentralized world of crypto without having to learn about complicated seed phrases or wallets. Users can use social logins or other methods to create instant wallets on any EVM blockchain.
For example, Stackup is a service that allows users to create ERC-4337-enabled wallets using their email, phone number, Google account, or Facebook account. Users can also receive free gas tokens from Stackup to start using their wallets without having to buy ETH first.
ERC-4337 can enable more functionality and flexibility for user accounts, such as gasless transactions, gas sponsorship, custom transaction flows, and more. Users can have more control and convenience over their accounts and transactions.
For example, users can use ERC-4337-enabled wallets to send multiple transactions in one batch, such as transferring ERC-20 tokens to different recipients. Users can also use ERC-4337-enabled wallets to delegate their gas fees to other parties who are willing to pay for them in exchange for some benefits.
ERC-4337 can enhance user security by allowing users to use smart contracts as their accounts, which can implement various security features such as time locks, multi-signatures, recovery mechanisms, etc. Users can also avoid losing access to their funds due to lost seed phrases or hacked wallets.
For example, users can use ERC-4337-enabled wallets to set up two-factor authentication using biometric data or other methods. Users can also use ERC-4337-enabled wallets to recover their accounts using social recovery via a group of trusted friends or a commercial service.
ERC-4337 is an Ethereum standard for the Ethereum network that aims to provide a more secure and functional framework for token creation, enabling smart contracts to act as first-class citizens on the blockchain. It also allows users to pay gas fees in any token, rather than only in ETH.
There are many reasons to question the ERC-4337 implementation, but we should be bullish on ERC-4337 based on the following three points:
Developers can create more complex and customized tokens without worrying about compatibility issues or security risks. Users can interact with dApps more easily and cheaply by using any token they prefer to pay for transactions.
By using an alternative mempool called "bundlers", ERC-4337 transactions can be batched and processed off-chain, before being submitted to the main chain as a single transaction. This reduces the load on miners and validators and allows for faster confirmation times.
Smart accounts are self-contained contracts that can hold any type of asset, execute any type of logic, and communicate with any other contract. They can also implement advanced features such as meta-transactions, social recovery, multi-signature schemes, etc. Smart accounts give users more control and flexibility over their funds and identity on Ethereum.
Thank you for reading through. Please subscribe below to get regular post updates.
I’d also appreciate it if you shared this with your friends, who would enjoy reading this.
You can contact me here: Twitter and LinkedIn.
My previous research:
Account abstraction’ supercharges Ethereum wallets: Dummies guide
Everything you need to know about Ethereum’s new token standard, ERC-4337.
Ethereum's ERC-4337 Account Abstraction Smart Contract is Live.
Ethereum Users May Soon Be Able To Retrieve Lost Private Keys.
Stackup Brings Account Abstraction to Ethereum with ERC-4337.
Ethereum Says ERC-4337 Deployed, Tested, Beginning Era of Smart Accounts.