4. Account Abstraction - Kernel Library

You have a smartphone and, probably, a smart TV. Now, we want to make "smart wallets". It's great for user experience and security. It gives us a lot more flexibility in terms of what accounts really are and how we can use them. **Account abstraction is the ability to program the key functionality of your account. It is [live today](https://twitter.com/erc4337/status/1631087958949531648).** Currently, you get a twelve or twenty-four word secret phrase (or some other version of a private key) that you must remember at all costs, otherwise you lose your account. The stakes are high and the learning curve steep and scary. Instead of relying only on keys, which are tightly coupled to Externally Owned Accounts (EOAs), we can make all addresses into smart contracts only. This means your account is a smart contract, which can be programmed to provide and protect access in various ways which are much more flexible and do not depend only upon one critical seed phrase. Making every account into a smart contract only, and removing EOAs, requires pretty deep protocol chanes to Ethereum. Therefore, this work (encapsulated in [EIP 4337](https://ethereum-magicians.org/t/erc-4337-account-abstraction-via-entry-point-contract-specification/7160)) has taken a long time, because the scale of changes it represents, and the cascading effects these changes have, are large and fairly unpredictable. In response to this, we have seen various Layer 2 solutions try to adopt EIP 4337 natively: most prominently StarkNet, with Optimism doing a lot of research and work to try and implement it too. This highlights how Layer 2s not only provide scale to Ethereum, but also provide dynamic, lower risk environments in which to test potential changes to the core protocol and see how they are used, implemented, and attacked before moving them into production on Layer 1. Back on topic, the authors of EIP 4337 specify "the key goal of account abstraction: **allow users to use smart contract wallets containing arbitrary verification logic instead of EOAs as their primary account.**" Currently, on Ethereum, a transaction is valid if and only if: 1. There's sufficient balance to pay gas. 2. The nonce is correct. 3. It has a valid digital signature AA is asking us "what cool things can we do if we are authenticated by anything other than a key?" ## Wider Thoughts While not perhaps as mathematically visionary as erasure encoding, this particular EIP is included in this section of the library because it illustrates how the work required to build planetary-scale consensus systems happens not just at the level of research, cryptography, protocol design and implementation; but also at the level of infrastructure for people to use and at the level of social communication. For instance, Account Abstraction present a far more robust security model, not necessarily when analysed through the lens of the protocol itsel, but certainly when looked at through *how people tend to use it*. Having one root key, encapsulated in a twelve or twenty-four word phrase (that is the be all and end all) has resulted in multiple catastrophic losses for people, even those supposedly highly skilled and with a deep understanding of the underlying cryptography. It's like recognizing that Professors of Moral Philosophy are no more likely to be moral people than anyone else, and thereafter creating specific practices that move us all closer toward more secure (or more moral) ways of living well together. All that said, we recommend you take a look through the resources below, because there are aspects of this work which are enormously innovative from a technical perspective - like the unified mempool it may require, and the effect it has on our models for censorship resistance. This second and critical point is [summed up Vitalik well](https://notes.ethereum.org/@vbuterin/pbs_censorship_resistance): > ERC 4337 fundamentally changes the game theory of censorship resistance because of decouples the Ethereum-level concept of a _transaction_ from the economic concept of an _object of user intent_. Ultimately, we are trying to secure the censorship resistance of objects of user intent. When the two are the same (as they are today), this boils down to securing censorship resistance of transactions. In ERC 4337, however, a transaction becomes a _wrapper_ containing many objects of user intent (in ERC 4337 called _user operations_). ## Further Resources 1. [Account Abstraction Panel - Starkware Sessions '23'](https://www.youtube.com/watch?v=g7_4KxgARvI) - this panel provides clear insight into two critical aspects of account abstraction: a. "gas abstraction" (i.e. the ability pay fees in a token that is not the network's native token), "pay masters" and the various use cases these enable: i. privacy preserving accounts ii. better onboarding iii. gaming and other low value context "session keys" b. "nonce abstraction" (i.e. moving away from linearly incrementing nonces so that I can for e.g. require mutliple signers for big transactions, craft such a transaction and - while waiting for those signers - still use my account for lower value transaction) 2. [WTF is Account Abstraction](https://www.argent.xyz/blog/wtf-is-account-abstraction/) from some of the people involved from the start. 5. [Account abstraction for everyone](https://camiinthisthang.substack.com/p/account-abstraction-for-everyone) for things explained from another angle. 6. [AA Panel at Devcon VI](https://www.youtube.com/watch?v=WsZBymiyT-8). 7. An [early presentation of the work by Dror and Yoav](https://docs.google.com/presentation/d/1MN9V8mVTL3eIJfxqVCoOgc7UZje38ELijjOX5TZqJT0/edit#slide=id.p), followed by their [DevCon VI presentation](https://docs.google.com/presentation/d/1oBU9XhMPAMADw5I0G7AChE_NhanA0tKAlq7EtaLHkZU/edit#slide=id.p). 8. [The unified mempool](https://notes.ethereum.org/@yoav/unified-erc-4337-mempool) for those who want to dive *real* deep. 9. [4337 Development Blog](https://hackmd.io/@erc4337) for the ongoing juicy technical detail. 10. [Latest work on bundlers](https://twitter.com/johnrising_/status/1610801588783943681) because, "ERC-4337 is one of the most exciting (but understated and misunderstood) developments in the Ethereum ecosystem right now." 11. [Account Abstraction Security Pyramid](https://www.youtube.com/watch?v=FrxAdJYhSY8) - more practical insights into how to build a wallet that leverages account abstraction and uses it in the context of Hardware Security Modules with particular elliptic curves, or Trusted Execution Environments. This talk is included for an example of the application of Account Abstraction, rather than for specific details on the EIP. ## Actors [Argent](https://www.argent.xyz/argent-x/) [Fuel](https://www.fuel.network/) [Soul Wallet](https://github.com/proofofsoulprotocol/soul-wallet-contract/blob/main/contracts/SmartWallet.sol) [Braavos](https://braavos.app/) Author: cryptowanderer