Overview

• What is Ethereum ERC-4337?

• How Does it Work?

• Advantages

• Disadvantages

• Summary

What is Ethereum ERC-4337?

On March 21st, a new token standard called ERC-4337 was deployed to the Ethereum Mainnet. This upgrade enables Ethereum wallets to function as programmable smart contracts through account abstraction. Unlike the consensus-layer protocol changes, this new standard depends on a high-layer infrastructure and provides various advantages to users, including the ability to retrieve lost private keys, automate payments, enable sponsored transactions, and create multi-sig wallets.

The ERC-4337 update has made it possible to combine third-party external accounts and smart contract-based contract accounts together. This gives users additional choices for retrieving their private keys, such as using two-factor authentication or biometric security measures that were previously not available. This is especially important to note as it provides a much more simplistic user experience for those not wanting to scribble down a 12 or 24-word seed phrase. It also enables smartphones to be used as “hardware wallets” due to their security modules.

This is a significant development as many wallets have remained inactive due to lost private keys, however, new users of the protocol will no longer suffer the same fate if they choose to use the new features. The implementation of these smart contracts could potentially facilitate the entry of the next wave of users into the blockchain space, resolving the long-standing question of how we achieve mass adoption.

How Does it Work?

ERC-4337 has been implemented via EntryPoint, enabling Ethereum External Owned Accounts (EOA) to merge with Contract Accounts (CA) to function as smart contracts and automate complex tasks. These EOAs are most commonly found as user wallets, such as MetaMask. However, the issue with these types of wallets is that only the account owner can send payments, and if they lose their private keys, they cannot gain access again. CAs (Contract Accounts), on the other hand, are managed by code and do not require private keys, however, they cannot initiate transactions themselves. By combining the two, users can enjoy several benefits and create built-in mechanisms to keep their assets safe.

Platforms such as Gnosis Safe already have features that enable social recovery. However, maintaining these features requires introducing a centralized layer increasing the chance of new attack vectors. With ERC-4337, a new mempool was put in place for user operations that are handled by ‘bundlers.’

Bundlers work similarly to miners and validators, but for account functionality. Instead of submitting a transaction, they submit a user operation to the mempool, which would then be passed to the bundlers for inclusion in Ethereum blocks or other EVM chains. A unique (and very cool feature) of bundlers is that they pay for the gas of the transaction, and then are compensated by either the user’s account or a third party known as a “paymaster.” This gives dApps or wallet providers the option to pay for the gas if they so choose.

The features in this new standard are optional, meaning users can decide whether or not they want to use them, and will be provided through crypto wallet providers rather than requiring an actual protocol-level change in Ethereum. Developers have already begun building with the latest EntryPoint version, which recently successfully passed its audit by OpenZeppelin.

Although the upgrade will change certain aspects to regular Ethereum mempools, certain properties like the ones below will be maintained:

• Minimalistic centralization as everything is done through a Peer-to-Peer (P2P) mempool.

• EIP1559 support to simplify fee settings.

• Easier wallet creation through deterministic CREATE2 addresses.

• DoS protection as attackers are required to pay 7500+ gas.

Advantages

• Stateful verification logic enables wallets to change their public keys or upgrade their code, assuming they are published with “DELEGATECALL.”

• Custom execution step logic for wallet flexibility, such as making atomic multi-operations.

• Flexible verification logic enables the “validateUserOp” function to add an arbitrary signature and nonce verification logic.

• Extra security through quantum-safe wallets. Users are able to individually upgrade their wallets.

Disadvantages

• More expensive gas than regular transactions (however these transactions can be sponsored by other parties.)

• Slower transaction queuing as accounts cannot send more than one transaction at a time to the mempool.

• Slightly increased chance of DoS attacks due to verification logic being more complex than a single ECDSA verification.

Summary

In summary, the deployment of the ERC-4337 token standard to Mainnet enables Ethereum wallets to function as programmable smart contracts. The update combines third-party external accounts and smart contract-based contract accounts to provide users with additional choices for securing their accounts, automating payments, creating multi-sig wallets, and sponsoring gas transactions.

As the features in this new standard are optional, users can decide whether or not they want to use them. While the upgrade offers several advantages, such as extra security and quantum-safe wallets, it also has some disadvantages, such as more expensive gas than regular transactions and slower transaction queuing.

ERC-4337 could potentially facilitate the entry of the next wave of users into the space and resolve the long-standing question of how we achieve mass adoption, keep an eye on this space…