Author: Bing Ventures

Introduction: EIP-4337 standardizes smart contract wallets and their related infrastructure, creating a public standard. In terms of enhancing user experience, account abstraction wallets provide more flexible and programmable features by introducing advanced pseudo-transactions and step-by-step processing. It allows wallets to upgrade without updating the Ethereum core protocol and offers more customization options. Overall, Ethereum's account abstraction wallet solution has greater potential in user experience and functional expansion, but it still requires continuous improvement in security.

Account abstraction is still in its early stages, with low adoption rates, and many Layer 2 solutions have yet to support account abstraction, which increases the learning and usage costs for users.

Account abstraction wallets aim to lower the entry barrier for personal wallets by introducing a layer of proxy mechanisms while providing a simpler and more user-friendly account system. It uses smart contracts as the vehicle for wallets and adds a proxy between the user and the smart contract, helping users complete interactions with the blockchain. This way, users can operate using traditional account systems (like email, mobile, etc.) without directly dealing with complex concepts like private keys and mnemonic phrases.

The author believes that security is crucial in account abstraction. Due to the irreversible and immutable nature of blockchain transactions, once a user's account is attacked, it can lead to irretrievable losses. Therefore, when designing account abstraction wallets, all aspects of security must be considered, including account management and usage, private key storage and protection, transaction confirmation and authorization, etc.

This issue of Bing Ventures aims to explore how to balance user experience and security by analyzing the security logic and vulnerabilities of account abstraction wallet projects, and to consider the future development direction of wallet abstraction solutions.

Security Logic of Account Abstraction Wallets

There are multiple technical improvements and standardization initiatives in the field of account abstraction on Ethereum, such as EIP-4337. These proposals have promoted the development and unification of account abstraction wallet projects, providing users with a more consistent and reliable experience. The main line of development for account abstraction is to provide a method through ERC-4337 that allows top-level Ethereum transactions to be initiated by contracts rather than externally owned accounts (EOA) without requiring changes to the consensus layer protocol. It achieves user operation verification and packaging by replicating the transaction mempool functionality in a higher-level system, and includes it as a "bundle transaction" in Ethereum blocks.

The goal of ERC-4337 is to achieve wallet flexibility and upgradability, including features like multi-signature and social recovery, as well as more efficient and simplified signature algorithms and post-quantum secure signature algorithms. The main line of development for account abstraction wallets also includes flexibility in wallet verification logic, allowing for the addition of arbitrary signature and nonce verification logic, and supporting wallet upgrades. Specific security logic includes:

• Verification Logic: Account abstraction wallets ensure the legality and security of user operations through verification logic (such as signature and nonces comparison algorithms).
• Entry Point Control: To protect wallets from attacks, account abstraction wallets place complex smart contract techniques in entry point contracts, restricting operations and fee payments to be triggered only by trusted entry points.
• Independent Verification and Execution Layers: The verification and execution of account abstraction wallets are divided into two functions, handling the verification and execution steps of user operations separately, thus enhancing security and flexibility.
• Simulated Execution and Verification: The verification of user operations can be checked for legality through simulated execution, ensuring that it has the same effect when actually added to a block, thus preventing potential DoS attacks.

The emphasis on security and decentralization in account abstraction wallets is commendable. By adopting multi-signature, private key storage, and protection techniques, these wallet applications aim to ensure the security of users' assets and the credibility of transactions. However, these security measures are not completely immune to attacks and vulnerabilities, so continuous research and improvement are still needed. Currently, the market's focus remains on the technology paradigm itself, rather than the true needs of user experience.

Security Risks of Abstract Wallets

Private key storage is one of the most common security vulnerabilities. Account abstraction wallets need to ensure that users' private keys are stored securely and take appropriate measures to protect the keys from unauthorized access. Meanwhile, network attacks are another key issue in wallet abstraction. Attackers may exploit phishing, malware, or other means to obtain users' private keys, thereby stealing users' digital assets.

Wallets process transactions by replicating the memory pool through contracts, and users no longer conduct transactions directly. Users send UserOperations to a higher-level memory pool through the wallet, while miners or bundlers are responsible for packaging and sending them to the Entry Point contract and coordinating the execution of the wallet CA, ensuring appropriate transaction fee compensation. This scheme guarantees the security of the wallet by limiting transactions to those initiated by specific trusted gateways (Entry Points) and completing wallet operations through executing instructions in contracts, paying Gas, and incrementing Nonce. By initiating through trusted Entry Points, contract wallets can perform various instruction actions and Gas payments, thus providing highly programmable functionality.

This method introduces additional complexity and overhead by breaking the transaction process into multiple steps compared to traditional direct transaction methods. Compared to proposals that require changes to the consensus layer protocol (such as EIP-2938, EIP-3074), EIP-4337 achieves a significant degree of account abstraction without modifying the underlying protocol and transaction types. However, this also leads to higher Gas consumption and potential security vulnerabilities. Additionally, incompatibility with existing wallet protocol workflows may also limit adoption.

To address the above security issues, wallet abstraction solutions can take various measures to enhance security while maintaining a good user experience. For example, some solutions adopt multi-signature to ensure transaction security. Multi-signature means that multiple users' confirmations are required to complete a transaction, significantly reducing the likelihood of successful attacks. Additionally, some solutions use hardware wallets to store users' private keys to enhance security. Hardware wallets typically use physical isolation to protect private keys, preventing them from being stolen.

Balancing User Experience and Security

In the design of account abstraction wallets, security should be regarded as the primary consideration. While providing a good user experience is important, if there are security flaws, users' assets may be at risk. Therefore, wallet developers should prioritize security, adopting strict encryption and authentication measures to ensure that users' private keys and assets are not easily attacked. So, how can we balance security and user experience? The author believes that at least the following points should be weighed:

1. Private Key Management: Account abstraction wallets need to manage users' private keys securely to protect users' assets from potential attacks. This can be achieved through security measures such as encryption algorithms, hardware wallets, and multi-factor authentication. However, overly strict security measures may lead to a decrease in user experience, such as requiring frequent authentication steps. In this regard, wallets need to find a balance to ensure the security of private keys while providing convenient authentication methods, allowing users to easily access their assets.
2. Transaction Confirmation and Speed: Account abstraction wallets need to provide timely transaction confirmations and fast transaction processing to deliver a good user experience. However, while ensuring transaction speed, it is essential to prevent double spending and other fraudulent activities. Wallets can adopt technical measures, such as zero-confirmation transactions and AI automatic risk assessment, to balance security and transaction speed, ensuring the safety of users' assets while providing a fast transaction experience.
3. Multi-Chain Support: The current trend is towards multi-chain development. When considering adopting account abstraction, it is necessary to consider the adoption of AA in different ecosystems and the potential differences, which may introduce uncertainty in the implementation of AA across different chains and virtual machines. If you are an application developer considering adopting AA, you need to consider the workload required to achieve interoperability across multiple chains. Future account abstraction wallets need to support multiple blockchains to meet users' needs across different chains. However, each blockchain has its unique security characteristics and user experience requirements. In balancing security and user experience, wallets need to ensure that the security requirements for each chain are adequately met while providing a consistent and intuitive user interface, allowing users to easily manage and interact with assets across different chains.
4. Costs: The cost of on-chain transactions is a significant factor limiting application development. Even if we assume that most transactions will occur on Layer 2 and fees will be subsidized, large-scale deployment and upgrades may still be expensive. In particular, upgrading wallets now requires upgrading the underlying smart contracts, which may introduce new vulnerabilities and incur high costs.

The Future of Account Abstraction Solutions

Considering both user experience and security factors, Ethereum's account abstraction wallet solutions currently have more potential in terms of development and trends. Account abstraction solutions in the Ethereum ecosystem, such as zkSync, Fuse Network, and zkSafe, provide a higher quality user experience through flexible, secure, and user-friendly designs and implementations. However, there are also security challenges and scalability issues for Ethereum account abstraction wallet solutions, including security risks of smart contracts and scalability challenges when facing high transaction loads. It is important to note that the account abstraction market is still in its early stages, with low adoption rates, thus requiring innovation and development to drive market maturity and popularization.

In the short to medium term, account abstraction wallets will establish an open market by introducing permissionless Bundler, Paymaster, and Signature Aggregator public endpoints, allowing users to access high-quality services at the lowest cost. The ability to quickly and custom-deploy Bundler, Paymaster, and Signature Aggregator will test the capabilities of wallet infrastructure service providers. This competition will drive innovation and improve security and user experience.

At the same time, third-party infrastructure providers (such as Stackup) will develop modular Bundlers and Paymasters, gradually achieving permissionless functionality. Additionally, the development of scaffolding tools for rapid front-end deployment is imminent, enabling developers to focus on business logic development, such as creating dApp development standard libraries similar to ether.js that support account abstraction features, encapsulating functionalities like creating wallets with Web2 social media accounts and emails, creating, signing, sending UserOperations, event listening, and quickly deploying Paymasters and Signature Aggregators. These tools can simplify the integration process for developers with different wallets.

In the medium to long term, new account standards will inevitably emerge, potentially separating accounts from smart contract wallets. This also means that competition in the account abstraction wallet market will become more intense, with increasing functional homogeneity and decreasing technical barriers. Future account abstraction wallets will require more aggressive innovations, including permissionless modular infrastructure, integration with existing services, dApp SDKs, and independent account layers, thus achieving greater flexibility and user convenience.