The A-Z of ERC - 4337

Ethereum’s ERC – 4337 Account Abstraction Smart Contract

Wed Mar 15 2023

The A-Z of ERC - 4337

This popular blockchain platform predominantly worked with two different types of accounts, viz.,

  1. Externally Owned Accounts (EOA) – Refers to a kind of account that can be accessed with the help of a private key, with a known ‘seed phrase.’
  2. Contract Accounts– Refers to a code that defines the behavior of an account over the blockchain. It is controlled by logic and code.

Let’s understand these two aspects in detail.

Externally Owned Accounts (EOA)

EOAs are sort of existing wallets on Ethereum that are pushed by third-party wallets, like ‘Metamask.’ The access to the same is via a ‘private key,’ meaning, that if one loses their private key, they will not be able to access or log into their respective account(s). The cryptographic pair of keys, private and public keys, control the account activities. The overall effort of the EOA is controlled by the user, including signing the transactions and paying the corresponding gas fees. Through a transaction commenced by EOA, it can either be sent to another EOA or a contract account.

As of a few months earlier, signing a transaction over a blockchain requires an EOA. However, for newcomers, the process gets quite tedious. Starting from account creation to continuing after transaction confirmation, the mid-way processes herein include storage of private keys, purchase of funds, fund transfer, transaction initiation, gas fee payment, and waiting for the transaction. Besides, the implementation of EOAs can be vaguely risky. One needs to be very responsible while dealing with such an account. Losing private keys can cause the user to lose access to their funds. Sharing private keys could also be very risky, as the one having access to the private key has control over the account and transactions linked to it. Thereby, it is impossible to recover private keys.

Contract Accounts

Talking about contract accounts, they don’t require a private key for functioning and are moreover a kind of code, that is controlled through logic. The code regulates the functionality of the contract account. Any transaction initiated by an EOA can be sent to a contract code. However, contract accounts are more flexible than EOAs.

Comparing the two, we’ve:

It is thus clear that contract accounts have a higher caliber in comparison to EOAs.

Account Abstraction

Account abstraction is a notion that allows users to use smart contract wallets instead of EOAs, for transactions. As discussed above, contract accounts prove to be more beneficial than EOAs. Thus, the implementation of account abstraction reduces the risks associated with EOAs, like losing one’s private key, involvement of any third-party wallet, etc.

History of Account Abstraction

The timeline for account abstraction proposals is as follows: (These three proposals were never merged into Ethereum as they required consensus-layer protocol changes to the Ethereum network.)

EIP-4337 and ERC-4337

EIP stands for Ethereum Improvement Proposal, whereas ERC stands for Ethereum Request for Comment. EIP is a kind of idea concerning technical changes in the Ethereum ecosystem. ERC is the modified form of EIP; as soon as the on-chain governance model accepts, authorizes, and confirms the changes, EIP becomes an ERC. EIP is divided into many elements including ERC, Protocols, Programming Tools, and other eth-system-relevant elements. ERC is among one such element and deals broadly with protocol and development standards. ERC-4337 is an Ethereum standard that has the motive to “supercharge” the user accounts into smart contracts, by implementing account abstraction. It aims to bring smart contract functionality to wallets or make them identical to the wallet. Through the smart contract code entities can perform several tasks including multiple-task handling, multi-factor authentication handling, initiation, and sustenance of crypto subscriptions, autopay options, account recovery et al.

ERC-4337 Vantage

ERC-4337 was proposed in the year 2021, while its implementation took place in 2023, after checking its compatibility with the zero consensus-layer protocol changes. Smart contracts also cut out the likelihood of human error. ERC eases account handling since it has zero dependencies on the seed phrase. It also permits standard user onboarding using mobile devices. Any changes on the chains that are compatible with the Ethereum Virtual Machine are easy to implement. ERC-4337 is also adaptable to future signature schemes like BLS Boneh-Lynn-Shacham and Quantum resistance, making the network less susceptible to attacks.

Smart contract accounts powered with ERC-4337 comprise certain user-specific advantages. Owing to reimagined cryptographic key storage, mobile hardware can work as efficiently as a hardware wallet. It permits multiple account recovery options like a standard google or even a bank account. The UX is clean and accessible, due to the courtesy of internally linked invisible develop-specific traits. The relay system employed here is decentralized, which makes them more secure and censorship-resistant.

Technical Aspects of ERC-4337

  1. Stage 1: UserOperation Creation

    • The user’s intent for work is sent out as UserOperation.
    • It’s an entity that corresponds to the users or applications that want to proceed toward account abstraction.
    • This part is like an unconfirmed transaction.
  2. Stage 2: Bundler Processing

    • This involves bundling the UserOperation bits into an alternate mempool.
    • An alternate mempool is sort of like a waiting room for the ERC-4337-powered transactions handled by Bundlers. Bundlers are validators who earn incentives and move the transactions forward toward the conclusion.
    • User Operations mempool can coexist with the standard mempool.
  3. Stage 3: EntryPoint Contract

    • Here the bundled transactions are directed across to the EntryPoint contract.
    • The EntryPoint contract is a uniform piece of code for the blockchain’s reference.
    • This is where the handleOps function delegates everything to the EntryPoint smart contact.
  4. Stage 4: Validation and Execution

    • Here the EntryPoint contract interacts with the user’s smart contract wallet.
    • The EntryPoint contract calls a validateUserOp function to recognize and identify the UserOp with the contract wallet.
    • The smart contract account (wallet) should implement the ExecuteUserOp function to ensure that the transaction concludes.

A more sequenced detailed process could be:

EIP-4337 inaugurates a “pseudo-transaction” object called a UserOperation, which is a structure describing the transaction to be sent on behalf of a user. Next, the UserOperation goes into an “alt mempool”, which is a kind of waiting room for storing information on unconfirmed transactions.

The nodes on the Ethereum network can select to function as a “bundler”. Bundlers pick up user operations from the mempool, and package multiple user operations into a single transaction known as a “bundle transaction”.

After the bundle transaction is created, it is sent to a global “singleton” smart contract, referred to as the EntryPoint. There is only one EntryPoint smart contract on the entire blockchain. The bundler calls a function on the EntryPoint smart contract called handleOps.

This function accepts the bundle transaction and calls another special function on each account: validateUserOp. Every smart contract wallet should implement this function. This function must also authenticate the operation’s signature, and pay the fee if the account reflects the operation as “valid”, before continuing to execute the operation.

Each and every smart contract wallet must administer a second function. It is projected to be called ‘execute’ to in fact accomplish the operation that is directed by the EntryPoint contract.

Thereby, with the implementation of EIP-4337 and powering ERC-4337, new horizons for the blockchain are unfolded, especially, account abstraction. This in turn invites more users and gives a more streamlined experience.

Leave a comment

To make a comment, please send an e-mail using the button below. Your e-mail address won't be shared and will be deleted from our records after the comment is published. If you don't want your real name to be credited alongside your comment, please specify the name you would like to use. If you would like your name to link to a specific URL, please share that as well. Thank you.

Comment via email
Nikhil M
Nikhil M

Entrepreneur / Privacy Freak / Humanist / Blockchain / Ethereum / Elixir / Digital Security / Online Privacy

Tags Recent Blogs