Redline DAO in-depth research: Why are we optimistic about the future of Web3 wallets?

Author: Ggg, Redline DAO

In 2010, Ethereum founder Vitalik Buterin had a warlock account in World of Warcraft. One day, Blizzard decided to nerf the warlock character, removing the damage component of the life siphon spell. He cried himself to sleep and realized the horrors that centralized servers could bring. Thus, he decided to quit and create the decentralized network Ethereum. In November 2022, the world's largest derivatives exchange FTX was exposed for misappropriating user funds, and founder SBF was arrested by Bahamian police, preparing to be extradited to the U.S. for trial.

From the warlock player who was inexplicably backstabbed by Blizzard 13 years ago to the FTX victims fighting for their rights today, we increasingly recognize the importance of the phrase "Not your key, not your coin": even with third-party audits/regulatory bodies, centralized servers can still arbitrarily tamper with and embellish data. In a decentralized network, the on-chain ledger is transparent and immutable. As long as we hold the private key to our accounts, we have absolute control over our personal assets. Decentralization is wonderful, but what is the cost?

Living in a blockchain network, we are the primary custodians of our personal assets. Most users, when choosing an on-chain wallet, face the critical trade-off: how much risk and responsibility am I willing to take for my assets? Taking traditional financial institutions as an example:

• For users pursuing security, they prefer to place their money in cumbersome but large banks: the safety of funds in large banks (risk) > strict account opening procedures (responsibility).

• For users pursuing usability, they simply keep their money in WeChat and Alipay, which conveniently facilitate P2P transactions and only require an ID card and phone number for registration, even though WeChat and Alipay are just two publicly listed companies rather than state-supported banking institutions: WeChat's convenience (responsibility) > WeChat's operational status (risk).

Back to web3, we have two ways to store assets in web3: custodial wallets and non-custodial wallets. Before that, we need a brief introduction to the principles of wallets:

Wallets and Private Keys

The generation of an account is the process of creating a private key. On Ethereum, there are two types of accounts: EOA accounts (External Owned Account) and contract accounts (smart contracts deployed on-chain through EOA accounts):

1. Taking EOA accounts as an example,

EOA address

• By generating a 256-bit random number as a private key, deriving the corresponding public key through the private key using the SHA3 algorithm, and then calculating the address (the last 20 bytes of the original hash) through keccak-256, we obtain a personal account corresponding to a unique private key. In this process, the private key generates 12 mnemonic words, which we can use to derive the private key again.

• Currently, the most mainstream dApp wallets on major chains are EOA wallets, such as Metamask, Phantom (Solana), BSC Wallet (BSC), and Keplr (Cosmos).

• Smart accounts are segments of EVM code deployed on-chain through EOA accounts, capable of achieving different functionalities. However, unlike EOA accounts, contract accounts do not have private keys and cannot initiate actions on their own; they can only be called by EOA accounts. Therefore, the ultimate control of a smart contract wallet = the private key of the EOA account used to deploy the contract. Under this understanding, smart contract accounts are also controlled by private keys. As long as the wallet address is a contract, it is a smart contract wallet.

• Smart contract wallets are divided into multisig wallets and abstract accounts:

• Multisig wallets: As early as 2013, multisig wallets became the primary choice for fund organizations. This technology was initially developed in the Bitcoin ecosystem, and there are now excellent multisig wallets on Ethereum (such as Gnosis Safe): the Ethereum Foundation uses a 4-of-7 multisig wallet (i.e., creating a smart contract to store funds, controlled by 7 EOA accounts, where only signatures from 4 out of 7 EOA accounts can complete the signing).

• Abstract accounts control contract addresses through a single EOA wallet, simulating EOA functionality using smart contracts. Popular projects like Argent and Loopring belong to abstract accounts.

Apecoin Contract Address

3. After the account is created, participating in any on-chain activity requires the involvement of the private key.

• According to teacher Liao Xuefeng:

In a decentralized network, there is no trust institution like a bank. To reach a transaction between two nodes, a mechanism for secure transactions under zero trust must be established.

Suppose Xiao Ming and Xiao Hong wish to complete a transaction. One way to create a transaction is for Xiao Hong to claim that Xiao Ming gave him 10,000 yuan, which is clearly untrustworthy;

Another way to create a transaction is for Xiao Ming to claim that he gave Xiao Hong 10,000 yuan. As long as it can be verified that this statement was indeed made by Xiao Ming and that he actually has 10,000 yuan, then this transaction is considered valid.

• How to verify Xiao Ming's statement?

1. A signature created through the private key allows the verifier to confirm the origin of the statement: anyone can verify the digital signature and the transfer result against the public key. Since only Xiao Ming, who possesses the private key, can initiate this statement, it can be assured that this statement was indeed made by him.

2. In the Ethereum network, such transactions include not only P2P transfer transactions but also calls to smart contracts.

3. Therefore, when we use wallets in our daily lives, we are essentially invoking the local private key through the wallet platform to complete on-chain signing.

Wallet Security, Threshold, and Resistance to Censorship

Everything about wallets revolves around private keys. A wallet is essentially a tool for 1. creating private keys, 2. safeguarding private keys, 3. using private keys, 4. backing up private keys, and 5. recovering private keys. The current mainstream private key backup/recovery solution is mnemonic phrases, which are the 12/24 word combinations that appear when registering a wallet:

1. Mnemonic phrases can derive the plaintext of the private key. When users migrate their wallets to a new device, they only need to enter the mnemonic phrase in the wallet app to derive the private key and regain control of the wallet.

2. For users, the private key = mnemonic phrase, but these two concepts are still distinct in the daily use of wallets: the mnemonic phrase is a backup recovery solution for the user's private key.

3. An analogy: the mnemonic phrase is like making a copy of your key. When your key is lost, you can regenerate an identical key using the mnemonic phrase.

Since the private key is our only credential for interacting with the blockchain network, our responsibility is to safeguard our wallet's private key and mnemonic phrase. The safest way to create an account is certainly in an offline environment, generating random numbers (private keys) and addresses through code running the SHA256 algorithm. However, this is undoubtedly too high a threshold for most users. Therefore, when choosing a wallet, users need to consider three points: security, threshold, and resistance to censorship:

1. Security: How high is the cost for hackers to crack the wallet's private key/mnemonic phrase?

   Taking hardware wallets as an example, hackers can only obtain user private keys through phishing or offline theft.

2. Threshold: How user-friendly is the wallet?

   The registration process for Metamask requires users to record 12 mnemonic phrases, and when changing devices, they need to re-enter the 12 mnemonic phrases, while Binance's exchange registration and device switching can be completed with a single click through email login.

3. Resistance to censorship: Is the ultimate control of the wallet in the user's hands?

   If the wallet app saves the user's imported mnemonic phrases in plaintext and uploads them to the server, hackers can steal the user's wallet by cracking the server. Even without hacker attacks, there is the possibility of the Slope project team embezzling, failing to achieve resistance to censorship.

   Wallets are mainly divided into two categories: non-custodial wallets and centralized custodial wallets.

4. Non-custodial wallets: Users safeguard their mnemonic phrases themselves.

   a. Taking the mainstream wallet Metamask as an example, MetaMask is a non-custodial (or self-custodial) cryptocurrency wallet. Non-custodial means that MetaMask does not store any data about the wallet, and private key data is stored locally in the browser or mobile application. When users need to perform on-chain signing activities, Metamask will call the private key from local files for signing. If the user's private key and mnemonic phrase are lost/stolen, Metamask cannot help the user recover, and the user's assets will be permanently lost. b. The most recognized secure hardware wallets (such as Ledger) generate private keys and wallet addresses offline using a hardware device. The public key of the address is imported into web wallets like Metamask, and when a signature is needed, it is confirmed offline through the Ledger hardware. Since the private key never touches the internet, it is difficult for hackers to steal the private key from the hardware wallet. However, if the user loses the mnemonic phrase or falls victim to phishing, the protective effect of the hardware wallet is nullified, and the user's assets can still be stolen.

5. Custodial wallets

Exchange wallets like Coinbase/Binance adopt a custodial wallet approach. The difference is that the account displayed in Coinbase does not mean the user holds their own private key; it is merely a bookkeeping number displayed in the Coinbase program rather than on-chain assets shown on Etherscan. It can be understood that users trust Coinbase to hold their assets rather than owning them, so Coinbase accounts cannot interact with dApps like Uniswap.

Source: Binance

Overall, in custodial wallets, the project team holds the mnemonic phrases on behalf of users, making the threshold for registration and recovery low, but the wallet's security depends on the project team rather than the users themselves, and the project team has actual control over the wallet; in non-custodial wallets, the mnemonic phrases are in the user's hands, making the threshold for registration and recovery high, but both security and resistance to censorship are very high. Deficiencies of the Mnemonic Phrase Solution

As WEB3 continues to advance, more demands and application scenarios have emerged, and the on-chain ecosystem is thriving. The DeFi Summer of 2021 attracted a large number of users who originally traded only on exchanges to migrate their assets on-chain. By March 2022, MetaMask's monthly active users had reached 30 million. However, at the same time, the mnemonic phrase, as the most mainstream account recovery solution, has become a primary target for hackers: for ordinary users, the most common wallet theft incidents occur when mnemonic phrases are copied to the clipboard or when local private key files are stolen from phishing websites.

• When hackers attack, they need to weigh the cost of the attack against the potential rewards. All private keys (12 mnemonic phrases) are subsets of a dictionary; if hackers exhaust all permutations of the dictionary, they can access all on-chain assets. However, this cost-benefit ratio is poor; if the dictionary exhausts all combinations through brute force algorithms;

• The current mainstream mnemonic phrases consist of 12 English words, with a total vocabulary of 2048 words. This means there are 2048^12 = 5.44e39 combinations (5444517870735000000000000000000000000000);

• To use such massive computational power, hackers could already control the BTC network through a 51% attack;

• Therefore, a more rewarding method for hackers is to obtain users' mnemonic phrases through phishing or steal the private keys stored on users' local devices.

Continuing with Metamask as an example, hackers can obtain saved mnemonic phrases and private keys in two places:

1. Mnemonic phrases

   a. After creating a wallet, users need to safeguard the generated mnemonic phrases. It is generally recommended to write them down on paper and keep them safe. However, some lazy individuals may copy and paste them into a doc file or even save them in WeChat chat records; b. If hackers have already installed malicious software on the user's phone/computer that constantly monitors the user's clipboard, they can steal the recently created private key. For example, QuickQ VPN was reported to have copied users' clipboard to steal mnemonic phrases.

2. Private keys

   a. At the same time, Metamask generally encrypts the private key and saves it on the local device where the wallet was created for easy access. If the Metamask extension is installed on Chrome:

i. On Windows, the storage location for Metamask's private key is:
C:\Users\USER_NAME\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn.
ii. On Mac, the storage location is: Library > Application Support > Google > Chrome > Default > Local Extension Settings > nkbihfbeogaeaoehlefnkodbefgpgknn b. Thus, the security of Metamask depends on the security of Chrome. Once Chrome's firewall is breached by hackers, they can obtain the user's address private key and transfer all assets. This is why hardware wallets are superior in security compared to Metamask and other plugin wallets.

Aside from Metamask, some non-custodial wallets even fail to achieve high resistance to censorship, such as the Slope wallet theft incident on Solana: the Slope mobile application sent mnemonic phrases to their Sentry server via TLS when creating Phantom wallets, and these mnemonic phrases were subsequently stored in plaintext, meaning anyone with access to Sentry could access user private keys. In addition, there are more wallet security incidents worth reflecting on:

EOA Account Theft

1. Fenbushi Capital founder's wallet was stolen:

Shen Bo's wallet was stolen due to a mnemonic phrase leak. The wallet used at the time was Trust Wallet, and the stolen amount included approximately 38.23 million USDC, 1,607 ETH, 720,000 USDT, and 4.13 BTC.

2. Wintermute's wallet was attacked, resulting in losses of approximately $160 million. The reason for the theft was that Wintermute used Profanity to create a Vanity wallet (starting with 0x0000000) to save on gas fees when calling smart contracts:

The purpose of Profanity's design is to help people generate accounts with special visual effects, such as accounts starting or ending with special characters. On the other hand, some developers use it to generate accounts that start with many zeros. After obtaining the first 32-bit private key SeedPrivateKey, Profanity iteratively modifies this private key through a fixed algorithm to collide with the desired account address, up to 2 million times (the figure comes from an article disclosed by 1inch). When the PublicKey is known, we can exhaustively search for SeedPrivateKey and Iterator to obtain SeedPrivateKey, with a computational load of approximately 2^32 multiplied by 2 million times, which can be completed by powerful graphics cards in days or even hours.

Contract Account Theft

1. Paraswap's contract deployment address was stolen:

According to a report from Slow Mist: the hacker address (0xf358..7036) has obtained the private key permissions of ParaSwap Deployer and QANplatform Deployer. The hacker extracted $1,000 from ParaSwap Deployer and transferred it to the QANplatform deployer address as a test. After analyzing 0xf358..7036 using the AML platform, we found that the hacker also stole The SolaVerse Deployer and several other premium address. As of now, the hacker has stolen over $170,000 in funds.

2. The Ronin bridge was hacked in March this year, resulting in losses of 173,600 ETH and 25.5 million USDC:

The hacker fabricated a non-existent company and contacted a senior engineer from Axie through LinkedIn and WhatsApp, luring him with a new job opportunity, even arranging an interview and offering a generous salary. However, the offer document was malicious, successfully infiltrating the Axie system and stealing the private key of the EOA address deployed by the engineer.

The mnemonic phrase solution is not only a primary target for hackers but also a high barrier preventing new users from entering WEB3.

1. When creating a wallet, for security reasons, users need to manually write down 12 words, and this piece of paper should ideally not be photographed. Even when using trusted open-source password storage software (like 1password), we cannot conveniently copy and paste for saving due to the risk of clipboard theft.

2. When recovering a wallet, i.e., when changing login devices, users need to dig out this piece of paper and re-enter the 12 words.

Keeping a piece of paper with 12 words written on it sounds unreliable and not very web3: we look forward to a future living in the metaverse, but our account security relies on a piece of paper invented in the Song Dynasty. Thus, these two steps are enough to deter most web2 players, as in the web2 world, most registration processes can be completed with a single click using a Google account/iOS account login. New Solutions for Account Recovery Without Mnemonic Phrases To lower the barrier for wallets and attract more users into WEB3, we need to use social account login solutions like Web2, without compromising wallet security and resistance to censorship. Thus, we need a more convenient and secure account recovery solution, and all discussions currently point to one conclusion: no mnemonic phrases. There are currently two implementations of no mnemonic phrases: MPC solutions and social recovery solutions.

1. MPC Solution: Private keys are jointly computed by multiple parties, thus avoiding single-point failures caused by user-end private key loss/theft.

• It can be understood as: MPC is a 3FA, where each verification method holds a key fragment. The lock does not have a single key; if one key fragment is lost, the user can recover the lost key fragment using other verification methods.

1. Social Recovery Solution: Funds are stored in a smart contract, controlled by EOA wallets through multisig/sigle-signature solutions, and trusted third-party guardians are designated. When the EOA wallet's private key is lost, the contract's control can be changed through the third-party guardian, so users do not need to save mnemonic phrases.

• Current discussions typically place social recovery alongside abstract account wallets. It is important to note that the social recovery solution is a standard and function on smart contracts, proposed in EIP-2429 in 2019, allowing users to change the control private key of the contract through guardians; the recently discussed EIP-4337 is about account abstraction, which we will discuss in the following sections.

MPC Solution

The MPC solution involves multiple parties jointly creating private key fragments when creating an EOA wallet. In 2019, the paper "Two-Party Elliptic Curve Digital Signatures Based on Secure Multi-Party Computation" was published at CRYPTO 2019, officially bringing the implementation of MPC into the public eye. MPC stands for Secure Multi-Party Computation.

1. Multi-Party Computation (MPC) is a branch of cryptographic technology that began with Andrew C. Yao's pioneering work nearly 40 years ago. Using multi-party computation, the generation of private keys no longer needs to be completed at a single point but can be jointly computed and held by a group of mutually distrustful parties (n parties) (n key fragments), a technology known as DKG (Distributed Key Generation).

2. The generation of distributed keys can be done in a way that allows for different types of access structures: the conventional "t out of n" (as long as t out of n key fragments participate in the signing, it can be proven to be a valid signature) setup can withstand up to t arbitrary failures in operations related to the private key without compromising security.

3. The threshold signature scheme (TSS) is a term for the combination of distributed key generation (DKG) and distributed signing.

4. Additionally, when one party's private key fragment is lost/exposed, the MPC solution supports recovery and replacement of the private key fragment, achieving account security without needing to change accounts.

The MPC solution ensures that there is no complete private key during account creation, usage, storage, backup, and recovery. By jointly generating/holding private key fragments and using the "t out of n" TSS threshold signature scheme, it achieves higher convenience than wallets like Metamask that generate/hold private keys at a single point. Security and resistance to censorship: compared to traditional mnemonic phrase solutions, it significantly enhances user security, even rivaling hardware wallets.

1. Security

   a. No private key/mnemonic phrase: During the wallet generation process, all parties (wallet project parties and users) generate private key fragments through MPC, and the complete private key never appears throughout the process, which can be understood as MPC being a true no-private-key wallet;

   b. The cost of hacker attacks is greatly increased: even if hackers invade the user's local device, they can only obtain private key fragments. Only when hackers control both the wallet provider's server and the user's local device can they steal the user's assets.

2. Threshold:

   Social login: Users can create accounts on MPC wallets using email and other identity verification methods (assuming the MPC wallet adopts a 2/2 signing scheme, meaning both private key fragments must be used simultaneously to sign).

3. Resistance to censorship:

   Centralized institutions (wallet providers/backup devices) only hold private key fragments and cannot control the user's account.

Social Recovery Solution

The social recovery solution is deployed on smart contract accounts. A smart contract wallet can be understood as a contract deployed on-chain to manage funds using an EOA account, similar to ordinary smart contracts, where the deployer's EOA wallet has control over the smart contract.

• A smart contract wallet is not a no-private-key solution, as the controlling EOA wallet has a private key;
• However, the smart contract wallet can change the user's signing private key through the social recovery solution;
• The social recovery solution allows guardians to provide a new key after your key is lost.

Two years after the EIP-2929 proposal, in 2021, Vitalik first proposed the application case of social recovery wallets in a forum:

1. When creating a smart contract wallet, users can designate other EOA addresses as "guardians," and the "guardian" addresses need to sign on-chain to confirm, incurring gas fees;

2. The user's EOA account serves as the "signing private key," which can be used to approve transactions;

3. At least 3 (or more) "guardian" EOA accounts cannot approve transactions but can change the "signing private key." Changing the "signing private key" also requires the "guardians" to incur gas fees for signature confirmation;

4. The signing private key has the function of adding or removing guardians, but the entire process requires a period (usually 1-3 days).

5. In daily usage scenarios, users can use the smart contract wallet with social recovery functionality like a regular wallet (such as Argent and Loopring), confirming transactions with their signing keys. Thus, each transaction can be quickly completed through a single confirmation, just like in traditional wallets (like Metamask):

a. Create private keys

The abstract account wallet's private key creation is no different from Metamask. b. Safeguard private keys

Since the controlling EOA wallet is only used as a "signing private key" and can transfer control through guardians, users do not need to specifically safeguard mnemonic phrases. c. Use private keys ○ Contract wallets also perform transfers/transactions, as they need to call contracts, so they will be more expensive than MPC wallets and traditional wallets;

○ However, because they call contracts, they support using non-native tokens (like USDC/USDT) to pay, which will undoubtedly greatly reduce the interaction difficulty for new Web3 players: in principle, the project party swaps the user's USDC for ETH in the same transaction to pay for gas fees. d. Backup private keys The private key backup steps for abstract account wallets are replaced by "guardians," but this is counterintuitive and high-cost:

① When users first use web3, they want to register a wallet but need to find three trusted friends who already have EOA wallets in web3 to become their guardians, incurring gas fees;

② If users want to compensate their friends for gas fees by making three transfers with the newly created wallet, creating a wallet would require a total of 6 gas fees, while creating an MPC wallet incurs no cost.
e. Recover private keys If users lose their signing keys, they can apply to use the social recovery function. Users need to contact their guardians to have them sign a special transaction (either the user or the guardians pay gas fees) to change the registered signing public key in the wallet contract to a new signing key. This is much simpler: guardians can view recovery requests and sign by accessing a webpage, such as security.loopring.

However, in terms of private key security, it does not reach the height of MPC wallets:

1. Cost of being attacked: Hackers can still obtain the complete private key by invading user devices. In other words, using a smart contract wallet merely provides an additional means of recovering the private key in the event of loss.

2. Low resistance to censorship: Since the social recovery solution requires designating "guardians," there is a possibility of collusion among "guardians."

3. The main risks of social recovery are: ① Collusion: If some users know they are part of a recovery, they may be interested in executing recovery attacks; ② Targeted attacks: External agents may know the recovery owner and target the weakest points needed to execute recovery attacks; ③ General exposure: If attackers manage to infect a large user base's environment dependencies and gain access to multiple identities, they may also have side effects on unaffected users through recovery.

MPC Solution vs. Social Recovery Solution: Security, Threshold, Resistance to Censorship The Future of Mass Adoption: Web3 Wallets With the emergence of account recovery solutions without mnemonic phrases, we can expect a new generation of Web3 wallets that allow registration and login using email. We have selected representative projects from MPC wallets and abstract account wallets for analysis: both have achieved low thresholds without mnemonic phrases for user access, and we will evaluate them based on security and resistance to censorship------

Bitizen

In the MPC wallet, Bitizen has thoroughly achieved resistance to censorship and convenience by adopting a 2/3 TSS scheme. Let's analyze its security and resistance to censorship:

1. Security:

   a. Creation

   To achieve strong resistance to censorship, after completing wallet registration, users can back up private key fragments via Bluetooth using a second device, adopting a 2/3 TSS scheme: Bitizen server, user local device, and user second device.

   b. Safeguarding

   Since no complete private key was generated during the wallet creation process, there are no mnemonic phrases: the user's Bitizen account will be linked to the user's cloud storage and email, allowing users to log in with just their email to use the Bitizen wallet normally.

   c. Usage

   ① Users can authenticate via facial recognition to obtain the private key fragments stored in Bitizen's cloud and the local device for signing (2/3);

   ② After the second device backs up the private key fragments via Bluetooth, they can be stored completely offline and need not be used regularly (signing can be completed by Bitizen's server and the user's primary device).

   d. Backup

① Backing up local private key fragments to the user's cloud;
② When users need to log in to a new device, they only need to log in via email and facial recognition, and Bitizen will request users to restore the backup of private key fragments from the cloud.
e. Recovery

① Similarly, if users lose their device or accidentally delete Bitizen's local files, they can recover private key fragments through the cloud;
② If users cannot log in to the cloud, Bitizen will recalculate private key fragments using the server's private key fragments and the user's second backup device, allowing users to resume normal use.

Source: Bitizen

1. Resistance to censorship:

   The 2/3 TSS scheme gives users absolute control over their wallets (2/3 of the private key fragments are in the user's hands). Even if Bitizen shuts down or runs away, users can still exercise control over their wallets.

Unipass

Taking Unipass as an example of an abstract account wallet, Unipass combines the advantages of smart contracts and MPC wallets:

1. In transactions, any tokens supported by the wallet (mainstream, liquid tokens) can be used to pay gas fees;

   In safeguarding private keys, it uses MPC (2/2) and TSS technology to generate private keys in a distributed manner, thus eliminating the possibility of a hacker obtaining the private key at a single point------the private key is divided into two pieces, one stored on Unipass's server and the other on the user's local device;

2. In recovering private keys, Unipass uses the DomainKeys Identified Mail (DKIM) scheme, allowing users to use their email addresses as "guardians" instead of other EOA addresses, significantly lowering the threshold for users to find guardians: guardians do not need to use blockchain, only their email is required.

Source: Unipass Low Threshold ---> High Usability Low-threshold wallets are not the endpoint of wallet applications. The current Web3 infrastructure still has a certain distance compared to traditional finance in Web2. The automatic deduction and recurring payment functions provided by Visa offer great convenience to users, but implementing them on Ethereum still poses certain challenges. Abstract accounts may be the next narrative for highly usable blockchain wallets: Visa published an article "Auto Payments for Self-Custodial Wallets," exploring the use of abstract account wallets like Argent on the StarNet network to achieve automatic programmable payments, allowing users to make automatic payments with self-custodial wallets without signing each transaction. How exactly do abstract accounts achieve this? This concept has actually been around for a long time.

Account Abstraction - From EIP-2938 to EIP-4337
With the proposal of EIP-4337, the topic of account abstraction has returned to everyone's attention. The social recovery solution and account abstraction (using smart contracts as EOA wallets, i.e., account abstraction) were proposed before EIP-1271 and have been implemented in wallets like Argent on Layer2 such as StarkNet. What is different about the recently discussed EIP-4337 scheme (account abstraction)?
From EIP-86 in 2015 to the recent hot topic EIP-4337, the core idea of developers revolves around "contracts as wallets." Account abstraction enables users to interact with the mainnet in an intuitive way, allowing precise control over key permissions of accounts. Since the code for EOA accounts has already been defined, modular and functional designs, such as adding batch transfers/social recovery features, cannot be implemented on EOA wallets. Therefore, the breakthrough has been focused on smart contracts. The proposal closest to EIP-4337 is EIP-2938, which also defines a new smart contract operation protocol but requires modifications at the consensus layer, making it difficult for developers to maintain, while the main innovation of EIP-4337 is that it does not require protocol changes at the consensus level on the mainnet.

• In EIP-1237, the signature initiation from contract addresses relies on centralized Relayers for signing, which are centralized and have inconsistent standards among different Relayers, making them incompatible across multiple chains/multiple dApps;
• In EIP-4337, it proposes using Bundler instead of Relayers. Bundlers are decentralized parties, thus enhancing the resistance to censorship of smart contract wallets and unifying the signature standards, significantly reducing the integration difficulty for developers;
• EIP-4337 will have an impact in the future, but currently, it does not enhance the user experience. Therefore, the discussion of this proposal is limited to VCs and developers, more like Move for Aptos, creating excitement among VCs and developer communities. For web3 users, it does not significantly change the user experience whether this Layer1 is written in solidity or Move.

① After all, since the abstract account wallet Argent completed $56.2 million in financing from 2018 to now, after four years of development, it has only 74,000 addresses: just as after the rise of DeFi, cryptocurrency users began to shift from exchanges to using Metamask to mine high APY tokens, leading to the rise of Metamask. Currently, the smart contract wallet craze still needs a new catalyst;

Source: Dune ② Currently, the user deposits on Argent have not exceeded the financing amount!

Source: Dune

③ However, with the implementation of account abstraction proposals on the Ethereum mainnet, it means that Argent users can seamlessly connect from StarkNet to the Ethereum mainnet, and the sparks ignited in this process are also worth looking forward to.

• Use Cases

  ① Fine-grained permission control: refining the single signing permission of EOA: ▽ Granting user A a transfer limit of X tokens in the contract ▽ Granting user B trading permissions for token C in the contract rather than transfer permissions ▽ Automatically transferring the contract's usage rights when it has been unused for a long time

  ② Diverse payment methods for gas: others can pay or any tokens can be used for payment ③ Automatic deductions/automatic refunds

Embracing the Future of Web3 It is often said that there are 4.8 billion web2 users, while web3 users just exceeded 100 million in 2022. We are still in the early, wild stages of blockchain development.

Returning to the question at the beginning of the article: "How much risk and responsibility am I willing to take for my assets?" Is it possible to ensure my wallet is not lost without having to remember my private key?

There has always been traditional VCs questioning: Is there any scenario that only web3 can achieve and web2 cannot? We believe that Web3 wallets are one of the examples that challenge traditional Web2: only in the decentralized network of Web3 can we expect a wallet that meets resistance to censorship, security, and user experience, where users do not have to bear risks or responsibilities. The emergence of such wallets is also an important foundation for the 4.7 billion web2 users to embrace the future of web3: wallets are not only the first entry point for Web3 but also the foundation for the development of on-chain domain names (like ENS), soul-bound tokens, decentralized identifier systems, etc. Without a secure wallet environment, the construction of Web3 Lego will lack a solid foundation.

We need to think more seriously; opportunities for a bear market to take action are few. MPC shows us a more user-friendly and secure future for EOA wallets, adaptable to all current EVM chains. The integration of smart contracts into dApps still has a long way to go. The social recovery solution currently seems like a stopgap, but the future possibilities of smart contracts are exciting. Ultimately, we will have to bet on someone, and we will pay this answer with real money.

2022 was a dark year for cryptocurrencies, but we still believe the future is bright. We are the awakened warlocks in World of Warcraft, and we hope to create a world where no one can take our life siphon (unless a proposal is passed).