In this research column, Xangle dives into Account Abstraction (AA) and ERC4337, which aims to address the crucial issue of UI/UX in blockchain services, and explores potential applications.
Following the EthCC event, a debate has surfaced regarding which sector, between infrastructure and dApps, must evolve for blockchain to achieve mainstream acceptance. It is undeniable that the present Web3 market is wanting in sustainable dApp services with genuine users, and there has been a comparatively lesser emphasis on service areas vis-à-vis infrastructure. Viewing it from this perspective, the argument for pivoting the focus from infrastructure to services certainly carries weight.
However, independent of this viewpoint, it's the author's conviction that blockchain technology still has numerous areas necessitating advancements. It's only with the maturity of such infrastructural development that a killer service, capable of serving hundreds of millions of users, can emerge. The current priorities in the Web3 market are scalability and improvement in the developmental environment. Nonetheless, from a user's standpoint, the UI/UX of blockchain services is equally pivotal. To address such challenges, the Ethereum community has turned its attention to Account Abstraction (AA). After extensive discussions and trial and error, the ERC4337 proposal has been adopted and integrated in the roadmap. This report delves into the concept of AA, explores the structure and significance of ERC4337, and scopes out its potential applications.
2. Blockchain's UX Issues and the Emergence of Account Abstraction (AA)
2-1. Poor UI/UX and the onus of self-custody hinder mainstream Web3 adoption
Two primary factors contribute to the perception of Web3 services as cumbersome and challenging from the user’s standpoint: 1) Suboptimal UI/UX, and 2) The inherent burdens associated with self-custody. The limited user experience in blockchain services isn't solely attributed to scalability constraints but fundamentally stems from the way blockchain mandates users to employ Externally Owned Accounts (EOA).
EOAs are non-programmable, restricted to a predefined mode of usage. This not only poses significant constraints but also necessitates users to possess an understanding of blockchain for seamless use. For instance, EOAs require transactions to be executed individually and necessitate personal key signatures for each transaction (instead of batching the transactions and signing it all at once). Consequently, even straightforward processes like NFT purchases can be time-consuming (refer to the provided illustration). Furthermore, without holding ETH in the wallet for gas fees, even basic transactions like transfers become infeasible. This stands in stark contrast to the Web2 environment, where users can effortlessly register with a single click through platforms like Kakao, Naver, or Google, and subsequently integrate with various apps to enjoy a plethora of services. Thus, for users accustomed to the Web2 service modality, the perceived intricacy and cumbersome nature of Web3 services are unsurprising.
*EOA - Blockchain accounts are divided into EOA and CA (Contract Account). EOAs are externally owned and used for initiating transactions, message signing (verification), and smart contract execution. Wallet services like MetaMask, Coinbase, and Phantom rely on EOAs, which are managed with a private key to only grant access to its possessor. If the private key is compromised, the EOA becomes vulnerable. So wallet users must be cautious not to lose or disclose their private key or seed phrase because once the private key is lost, it’s impossible to recover it. On the other hand, CAs are Ethereum accounts in the form of smart contracts, operating based on embedded code logic and lacking private keys. Therefore, CAs cannot issue transactions on their own and require relevant data from EOAs or other contracts to execute transactions.
Another pivotal concern for Web3 users arises from the self-custody challenges. Traditional financial institutions, like banks, offer built-in safety nets: forgotten passwords can be seamlessly reset after identity verification, and lost cards can be rapidly frozen and reissued through customer support like real-time ARS. In contrast, the Web3 paradigm, anchored by EOAs, doesn't afford such luxuries. The loss of a private key is irreversible. Storing private keys or seed phrases online escalates the risk of cyber-attacks, prompting users to resort to analog solutions like manually jotting them on paper. Even with such precautions, Web3 users are constantly challenged with phishing attempts, scams, and fraudulent schemes. No user, irrespective of their expertise, is immune. A momentary lapse can lead to catastrophic losses, even when the oversight stems not from the individual but from project vulnerabilities. For perspective, as of 2022, the crypto market witnessed an alarming surge in hacking incidents, with damages nearing a staggering $3.8 billion.
2-2. AA introduced as a solution
In computer programming, abstraction refers to the process of distilling the essence of complex data, modules, or systems. Essentially, it masks the technical intricacies of the underlying system behind a simplified API or a high-level interface. This concept is crucial for enhancing user experiences by shielding them from the system's inherent complexities. AA in the blockchain ecosystem embodies this philosophy. At a protocol level, AA ensures that account types remain invisible to the Ethereum protocol. From a user's standpoint, AA conceals the technicalities involved when interacting with Ethereum accounts behind higher-level interfaces. This cloaking act aims to deliver a seamless experience, akin to the user-friendly environments of Web2 platforms. The proposed mechanism to actualize this is the confluence of EOA and CA into a unified entity known as the Smart Contract Wallet (SCW) - sometimes referred to as a Smart Account. This innovative wallet connects the transaction initiation and authorization capabilities of an EOA with the logic execution of a CA. The upshot? A flexible account structure that can embed diverse features to mitigate the complexities of Web3 service usage. However, it's important to note that while AA streamlines protocol interactions, two things remain unchanged: 1) the wallet address that receives funds 2) the personal key granting access to those funds. In other words, while accounts get abstracted from the protocol, they are not abstracted from the user.
The introduction of AA, embodied through Smart Contract Wallets (SCW), unlocks a plethora of features that can significantly elevate the user experience on Web3 platforms. As SCWs can execute arbitrary logic like Contract Accounts (CA), they open up opportunities for custom functionalities tailored to user needs. Let's delve deeper into some potential applications:
3. ERC4337: A Simplified Solution for AA
3-1. ERC4337 offers AA without the need for a hard fork
ERC4337 is a proposal to achieve AA in Ethereum without modifying the consensus layer protocol. Instead of altering the bottom-layer transaction type and adding new protocol features, ERC4337 introduces a higher-level pseudo-transaction object called "UserOperation" and constructs a separate mempool for it (see figure below). Users then submit their UserOperations to this mempool, accompanied by other data necessary for transaction signature and verification. Thereafter, an entity known as the bundler aggregates these UserOperations into a single transaction for inclusion in an Ethereum block (similar to a rollup sequencer).
Source: Vitalik Buterin
3-2. Main components of ERC4337: UserOperations, Bundler, Entrypoint, SCW, Paymasters, Aggregator
To be more specific, ERC4337 consists of four main components (UserOperation, Bundler, Entrypoint, Contract Account) and two optional components (Paymasters and Aggregator). Each of these interact seamlessly with each other to implement AA.
However, it is important to note that UserOperations should not be confused with regular transactions. UserOperations differ from regular transactions in three key aspects:
A bundler is an entity that monitors a mempool dedicated to UserOperations, validates UserOperations, and combines them into a single generic transaction to be included in an Ethereum block (similar to a rollup sequencer). The bundler selects UserOperations from a private mempool and submits them to the EntryPoint contract for validation. As an incentive, it receives a portion of the gas fee that users pay when they initiate transactions. The bundler then includes the transaction in the Ethereum block. For this reason, bundlers are often block builders themselves or work with block builders. Once account abstraction is widely accepted, bundlers will theoretically be the only entities that require an EOA.
While each bundler client is currently using its own private mempool, causing fragmentation of UserOperations, a public P2P integrated mempool that enables a one-glance view of UserOperations is in development and is expected to launch around October 2023 at the earliest.
The figure below shows how EntryPoint handles the UserOperations sent by a bundler. By default, the EntryPoint contract must make two loops:
EntryPoint transaction process | Source: ERC4337
Smart Contract Wallet/Smart Account/Contract Account
This is an account used by the user. To support ERC4337, the account must have two functions added: ValidateUserOp and op execution. (ValidateUserOp is a function that takes a UserOperation as input and validates the signature and nonce value of the UserOperation. The op execution function provides guidelines for what the SCW should do based on the instruction received via calldata). There are no fully validated SCW libraries on the market yet, but various projects are developing SDKs. Some of the known ones include the following (see Stakup docs):
Over the past two months, the number of SCWs across all chains has surged, with 290K and 144K created in July and August, respectively. Notably, Zerodev has a dominant market share with more than 90% of the deployments. Its dominance is attributed to Cyberconnect V3’s utilization of the Zerodev solution, just like the Pimlico case.
Paymasters are smart contracts that process ERC4337-based fee logic. They can be configured in various ways, from paying for gas on behalf of users to allowing users to pay for gas with ERC20 tokens. Paymaster is usually operated by the entity that pays for UserOperation gas. It decides whether to accept UserOperation in the verification loop mentioned in EntryPoint and then processes the fee logic in the execution loop. However, unlike UserOperations, Bundler, EntryPoint, and SCW, Paymaster is not a mandatory component to execute ERC4337 transactions.
1. The user creates a UserOperation with the intent (in calldata) and the maximum price a user is willing to pay for the execution of the transaction (gas fee-related parameter).
2. The user wallet passes the UserOperation and the VISA card credentials to the off-chain Paymaster web service. During this process, the Paymaster web service calculates the cost to charge the user and decides whether to authorize the card payment based on the credentials provided.
3. The Paymaster web service sends a digital signature with a set validity period to the user's wallet.
4. The wallet adds the digital signature and on-chain address received from the web service to the Paymaster parameter of the UserOperation and sends it to the Paymaster contract.
5. The Paymaster contract verifies the data and, if everything is in order, proceeds to execute the UserOperation. If any information is incorrect, such as an invalid digital signature or expired validity, the transaction is declined.
VISA Paymaster payment process | Source: VISA
Paymaster snippet by the ETH Infinitism team | Source: Github
Aggregator is a smart contract that combines multiple UserOperation signatures into a single digital signature. Aggregators help reduce calldata costs by combining multiple signatures into one.
4. Rollups Forecasted as the Prime Beneficiary of ERC4337
4-1. UserOperations are most active within rollups
As of August 17, 2023, a total of 91.7 million UserOperations is generated, and the number of wallets with AA functionality stands at 380,000, according to Sixdegree Labs. More than 90% of these transactions and wallets were created in the last two months, indicating that interest in account abstraction has exploded since this summer.
Meanwhile, it's interesting to note that most of the on-chain activity is happening on top of rollups and L2 chains, not the base layer. By May, the number of UserOperations on the Ethereum base layer accounted for less than 1% of the total, with Polygon and Optimism dominating the ERC4337 market.
4-2. The primary reason for heightened on-chain ERC4337 activity on rollups is high gas fees
In rollups, on the other hand, the cost for such gas-intensive ERC4337 transactions can be significantly reduced (see figure below). This makes rollups a far more compelling choice for ERC4337 transactions compared to a base layer.
4-3. Blockchain UX is expected to rapidly improve, centered around the rollup ecosystem
Source: Vitalik Buterin
ERC4337 is an upgrade that will enable account abstraction without the need for a hard fork. Its primary goal is to dramatically enhance user experience, a persistent challenge within the blockchain space. Once the adoption of ERC4337 begins to gain traction, blockchain services will be able to provide Web2-like UX and spark new business models and use cases. This is why ERC4337 is described as the epicenter of UX innovation.