Account abstraction will rapidly improve the security and user experience by executing programmable smart contracts to perform user-specific functions.
EOAs are the most common wallets where users relinquish control of their accounts when interacting with applications, making them more susceptible to malicious activity.
Implementing versions of account abstraction on Ethereum will take time; however, some ecosystems are already incorporating these features into their respective blockchains.
Before diving into what account abstraction is, it is essential to understand how traditional blockchain transactions work. Typically, a user sends a specific amount of cryptocurrency from their wallet to another wallet. This transaction is recorded on the blockchain, and the receiving wallet is credited with the amount of cryptocurrency sent.
However, if users want to execute a smart contract (e.g., trade on a DEX), they relinquish control of their wallet to the smart contract. This means that the smart contract now has control of the user’s funds and can execute specific actions based on the conditions outlined in the smart contract. This is a common attack vector malicious actors exploit and is a vulnerable transaction step since most users are unaware of all the conditions of a particular smart contract.
While traditional systems work for common transactions, it limits the capabilities of smart contracts, increases the risk of security breaches, and ultimately a loss of funds.
Accounts on Ethereum
There are two main types of accounts on Ethereum:
Externally Owned Accounts (EOA) are used to send and receive ETH and interact with smart contracts. They are controlled by an Elliptic Curve Digital Signature Algorithm (ECDSA) key, which is cryptography used to sign and verify digital transactions and involve generating a private key and a corresponding public key.
Contract Accounts are created by deploying a smart contract on the Ethereum blockchain. These accounts hold the code and state of the smart contract and can send and receive ETH or other tokens as well as interact with other contracts or EOAs.
What is Account Abstraction?
Broadly speaking, account abstraction is a term used in blockchain that refers to the ability to separate the control of a user’s funds from the execution of smart contracts. In simpler terms, it is the ability to use smart contracts to manage funds without requiring users to transfer control of their funds to the smart contract. Account abstraction is an important concept in blockchain, as it can substantially improve the users’ experience and security, without relinquishing full access to your wallet.
For example: MetaMask, a common browser-based wallet is an EOA. It does not have the ability to program smart contracts onto it, therefore, limiting its usage to application interactions where users give up control of their account. Whereas contract accounts can deploy smart contracts, improving the wallets functionality and customization.
Why Account Abstraction?
The capabilities of EOAs have limitations that generally don’t necessarily promote or foster the adoption for the next wave of users. Private key management is difficult, and some users don’t want to be responsible for securing their keys.
The purported benefits of custodial or non-custodial wallets revolve around securing a wallet’s private key. Are mainstream users technically savvy enough to secure their private keys? Or is it better for a custodian to manage a user’s private key?
The mantra “not your keys, not your wallet”, holds true because the holder of a private key has complete control over a wallet. For example, if your private key is not stored or saved anywhere and you lose it, it is virtually unrecoverable, along with the funds held in that wallet.
Additionally, EOAs lack access-control granularity. This means that you can’t implement spending policies or rules and are required to have an ETH balance to perform transactions.
Let’s say you’re very risk-averse about wallet security and would only ever want to transact $25 or less on any given day, or you want to auto-pay for a monthly news subscription. These examples are currently unavailable under traditional EOAs, but account abstraction is a solution.
Examples and Benefits
A few benefits of account abstraction include more flexible recovery, signature abstraction, roles and policies, and gas abstraction.
Account abstraction would enable flexibility where users could create rules and dedicate a wallet(s) to transfer funds if wallet activity is dormant for 1+ years (e.g., dead man’s switch). If a wallet owner became deceased, their funds would automatically be sent to a “beneficiary”, rather than being lost forever. Session keys are another example where users could elect to allow smart contracts to control a user’s wallet from a particular address for a specified period (e.g., gaming).
Lastly, another example is gas-abstraction. Instead of users paying gas in ETH, requiring a constant ETH balance, users could pay gas in any ERC-20 token (e.g., DOGE). Additionally, users could batch transactions which would reduce gas costs.