Welcome to the Lab
10 Mar, 23
What is Account Abstraction?
- What is Account Abstraction?
- What is Account Abstraction in Ethereum?
- Account Abstraction Security Advantages
- Account Abstraction User Experience Advantages
- The History of Account Abstraction
- The Current State of Account Abstraction
- The Future of Account Abstraction
In this Research Lab article, Innovation Analyst Finn Judell covers the concept of account abstraction in detail, with a focus on account abstraction in the Ethereum network, its history, security and user advantages and what it entails for the future of the practice.
What is Account Abstraction?
While Ethereum has surged in popularity over the last decade, its user base is largely dominated by enthusiasts due to its high technical knowledge barrier to entry. In order for blockchain protocols like Ethereum to become widely adopted, there need to be ways to make the technology easily accessible to non-technical users. Layers of abstraction, such as account abstraction, make it easier for people to create and manage Ethereum accounts.
What is Account Abstraction in Ethereum?
In the context of Ethereum, accounts refer to the addresses that can hold and interact with smart contracts on the Ethereum blockchain. There are two types of accounts on Ethereum: Externally Owned Accounts (EOA) and Contract Accounts (CA). An EOA is made up of a set of keys, public and private which are owned by the account administrator. On the other hand, CA’s have public keys but do not have pirate keys; they are controlled only by smart contract logic. An example of this would be a user who wants to interact with a smart contract; their EOA has to manually sign the digital smart contract to enable the transaction. The EOA pays gas fees and the transaction amount to the contract, whilst the CA will execute the smart contract code. In practice, account abstraction allows CA’s in Ethereum to have the same behaviour as EOA’s – giving user accounts the added benefit of account programmability. Contrary to popular belief, the act of upgrading Ethereum to enable programmability within accounts does not inherently act as a form of abstraction. The abstraction comes from the result of this upgrade, which allows developers to build tools that improve the user experience of Ethereum.
Account Abstraction Security Advantages
Blockchain technology and smart contracts enable secure digital ownership via self-custody. In the current state of blockchain protocols, self-custody is achieved by using a private key to sign transactions on a locally stored account. However, this means that the private key is a central point of failure. If a user loses their private key, it is gone forever and can never be recovered. In fact, up to 20% of the entire Bitcoin supply is unrecoverable by its original owners due to lost or stolen private keys.
Account abstraction on Ethereum allows users to implement social recovery, a method favoured by Ethereum co-founder Vitalik Buterin. This feature enables account holders to generate a new private key in case their original one is lost or stolen. Social recovery can be achieved through custom recovery methods created by external wallets, or by entrusting one or multiple third-party account holders or services. These third parties would effectively hold different parts of your existing private key, when called in tandem they can reveal the whole private key, enabling the administrator to replace the old private key with a new one.
Account abstraction enables developers to build tools that allow users to recover or access accounts using multi-factor authentication. This allows developers to build tools for users to access accounts via SMS, email or other Ethereum accounts. Additionally, account abstraction enables other forms of fraud protection such as daily transfer limits and the ability to disable transactions to blacklisted accounts.
Account Abstraction User Experience Advantages
Account abstraction will greatly affect the way that users interact with application-level smart contracts like decentralised social media and blockchain games through the use of session keys. If a user interacts with a smart contract on Ethereum, they might notice that upon every interaction with a smart contract, that user has to sign a transaction. In decentralised social media platforms such as lenster.xyz, a user must sign a digital contract on their Ethereum account each time they perform actions like liking a post, following another user, or commenting on a post. This dramatically diminishes the user experience due to the significant increase in inconvenience when interacting with the platform. With account abstraction, users are able to pre-approve the rules for interacting with the Dapp so the users can use it as much as they want within those rules without having to sign every single transaction.
Another way that account abstraction can be used to benefit the user experience of a blockchain app is through multi-call smart contract functionality. Many types of transactions need to be signed multiple times to complete a single transaction. Indeed, in order to provide liquidity to a liquidity pool (LP) in Uniswap, a user must sequentially approve both tokens they would like to provide liquidity for and then deposit them into the LP; this requires the user to sign the translation a total of three times. With multi-call, users can complete the transaction in one simple, atomic transaction. As a result, users can save time and money.
These are just some of the possibilities enabled by Ethereum account abstraction – by no means is it the extent of what is possible. The enhanced programmability of Ethereum accounts will provide developers with a broader range of options to improve security measures, including new and untapped possibilities.
The History of Account Abstraction
Account abstraction is not a new topic. In fact, the first steps towards the idea were initially proposed by Buterin in 2016 via EIP-86 and EIP-1014 less than a year after Ethereum began producing blocks. EIP-86 required significant changes to the Ethereum protocol and was not merged; that is, including it into the then forthcoming major protocol upgrade. However, EIP-1014, which proposed the CREATE2 opcode, was merged in 2018 to make it easier for users to receive funds to a pre-calculated address before deploying a smart contract wallet to it.
In 2020, EIP-2938 proposed to introduce a new type of Ethereum transaction, an Account Abstraction transaction, but required the addition of new opcodes to the EVM and posed challenges for replay protection and validating new transactions. That same year, EIP-3074 introduced the opcodes AUTH and AUTHCALL to allow smart contracts to send transactions on behalf of EOAs, but the upgrade necessitated significant changes to the core protocol, potentially posing security risks.
Additionally, some Layer 2 chains that have been developed in the past years, such as Optimism, StarkNet, and zkSync, have introduced account abstraction without making changes to the core protocol.
The Current State of Account Abstraction
EIP-4337, which was announced in September 2021 by Vitalik Buterin and Ethereum researchers. This proposal aims to introduce account abstraction in Ethereum without requiring changes to the core protocol by utilising an alternative mempool. It uses a higher-level system that replicates the functionality of the transactions mempool, where users send UserOperation objects to Ethereum nodes and package them into a single transaction that gets included in the Ethereum chain. This bundle transaction calls the “entry point” smart contract which processes the UserOperation objects and deploys smart contract wallets. The deployed wallet completely handles nonces and signature verification, providing more flexibility for smart contract wallets.
Recently, on the 2nd of March 2023, ERC-4337 was deployed via a smart contract called EntryPoint, according to data on the blockchain explorer website Etherscan and confirmed by Yoav Weiss, a security fellow at the Ethereum Foundation. The Ethereum Foundation is set to reveal the new development at the WalletCon event during the ETHDenver conference on Wednesday at 5 p.m. local time (0:00 UTC). After the announcement, multiple infrastructure providers are expected to unveil their plans to integrate ERC-4337 into their services.
The deployment of ERC-4337 was made easier because it was implemented through the addition of a smart contract, rather than through changes to Ethereum’s core protocol, which would have been more complex to execute given that core protocol changes can be a significant obstacle in introducing EIPs related to account abstraction.
The Future of Account Abstraction
The implementation of account abstraction on the Ethereum main chain has the potential to significantly impact the way in which users manage their accounts. Some developers and advocates anticipate that this technology will lead to the deprecation of EOAs, as the EVM becomes the primary mechanism for transactions. It is expected that the development of wallet plug-ins and other tools will make it easier for non-technical users to securely manage their own accounts, thus promoting the adoption of blockchain technology. Overall, the future of Ethereum and account abstraction is uncertain, but it holds great potential to enhance the user experience and security of the network.
Ultimately, account abstraction is a powerful feature of Ethereum that allows Ethereum accounts to have seamless autonomy and the ability to interact more efficiently with smart contracts. Although the abstraction of Ethereum accounts has proven to be hard to implement due to needed sufficient changes in the core protocol, EIP-4337 introduces a way to implement the upgrade by only interfacing with the EVM. Regardless, layer 2 protocols have already managed to implement account abstraction with great success. There is no doubt that adding the programmability of Ethereum accounts will open the floodgates for developers, enabling innovation to flourish in the area of account security in ways that have yet to be conceptualised.
Zerocap Pty Ltd carries out regulated and unregulated activities.
Spot crypto-asset services and products offered by Zerocap are not regulated by ASIC. Zerocap Pty Ltd is registered with AUSTRAC as a DCE (digital currency exchange) service provider (DCE100635539-001).
Regulated services and products include structured products (derivatives) and funds (managed investment schemes) are available to Wholesale Clients only as per Sections 761GA and 708(10) of the Corporations Act 2001 (Cth) (Sophisticated/Wholesale Client). To serve these products, Zerocap Pty Ltd is a Corporate Authorised Representative (CAR: 001289130) of AFSL 340799
All material in this website is intended for illustrative purposes and general information only. It does not constitute financial advice nor does it take into account your investment objectives, financial situation or particular needs. You should consider the information in light of your objectives, financial situation and needs before making any decision about whether to acquire or dispose of any digital asset. Investments in digital assets can be risky and you may lose your investment. Past performance is no indication of future performance.
Subscribe to the Lab
Subscribe to receive our publications in newsletter format — the best way to stay informed about crypto asset market trends and topics.