Omar Piñeiro

There seems to be some consensus that Blockchain technology and the web3 concept have the potential to completely transform the way we interact with the digital world. This revolution is based on the fact that each transaction, i.e. interaction with a digital service, will be "signed" by the user and immutably recorded in a Blockchain network, leaving an irrefutable trace of all the digital activity. For this purpose, the user needs a digital wallet, which will be in charge of signing and recording the transactions. One of the main barriers to adoption is the low usability of digital wallets. However, one of the main barriers to adoption is the low usability of digital wallets. Users who wish to make transactions on a Blockchain network must follow a series of steps that can be confusing and discouraging, and by no means trivial even for experienced users, let alone non-technical users. How to create and upload a digital wallet The steps to follow, without being exhaustive, are these: Create the wallet, which is a pair of chained cryptographic keys. You can choose a provider, e.g. Metamask, to create it for you, just for the sake of simplicity. Store the key pair, public and private, to ensure that you have access to the wallet. Create an account with an Exchange, a kind of bank specialized in these transactions. Go through a KYC (Know Your Customer) process to activate the Exchange account. Transfer funds from your FIAT currency (Euro, Dollar, Pounds...) account to your Exchange account. Buy cryptocurrency from the Blockchain network you are going to use, like someone who buys shares at the exchange. Only when the wallet is created and loaded, the user can start sending transactions to the Blockchain. To do so, it is necessary for him to "sign" the transaction with the private key associated with his wallet, initiate the transaction, pay the cost of executing it and, finally, wait for it to be confirmed. These transactions have an associated cost that depends, among other factors, on the computing capacity of the Blockchain network needed to execute them, so it is necessary that the wallet has sufficient funds to execute them. ⚠️ It must be taken into account that this cost is assumed by the user and must be paid in the cryptocurrency of the Blockchain network where it is operating. Therefore, the last step (6) is to "buy cryptocurrency", which also requires that this particular currency can be exchanged at the exchange house where it has been registered. Risks of digital wallets Some of the risks associated with the wallet are: Losing the key pair. This would mean losing access to the wallet and irretrievably losing all the funds in it. As Blockchain networks are decentralized and the wallet depends on the user, there is no third party, such as a bank in traditional accounts, to restore the credentials. That a third party gets hold of such a key pair (by phishing, or any other technique that leads to obtaining these keys) and transfers all the funds to your wallet, leaving the user without them. It is therefore necessary to take precautions and it is not enough to store them in order to recover them, but to do so with the appropriate security measures to minimize the risk of theft. Carrying out a transaction on a contract with unknown functionality and having it 'empty' the wallet. These contracts, or smart contracts, are decentralized programs whose functionality can be executed by other contracts and/or wallets. Thus, it is important to know in advance what is going to be executed, since it could be executing a transaction that 'empties' the wallet of funds. Ethereum Account Abstraction for simpler and more secure trading The Blockchain industry is aware of these problems and risks and has defined a mechanism that allows to operate in Blockchain networks in a simpler and safer way. Thanks to this mechanism, known as Account Abstraction, defined in the Ethereum community standard ERC4337, the user does not need to create any wallet, nor store any public/private key pair and risk a third party getting hold of them and losing the funds. There is also no need to worry about acquiring funds for transactions. Account Abstraction consists of the following elements, which are completely transparent to the user: Smart Account: a smart contract that acts as a wallet. Smart Account Factory: a smart contract dedicated to creating new Smart Accounts. User Operation: it is a meta transaction (it contains the details of a transaction to be executed on behalf of the Smart Account). Entrypoint: it is in charge of making the necessary checks and executing the User Operations, now as transactions. Bundler: an element in charge of receiving the User Operations sent by users, packaging them if necessary, and sending them to the Entrypoint. Paymaster: it is responsible for sponsoring the transactions, i.e. paying the funds necessary for their execution on behalf of the Smart Account. Therefore, the flow to perform a transaction for the first time is as follows: Create a Smart Account, or contract-controlled account: This account is created transparently to the user by being able to use any credential that will act as a unique identifier to generate it. From a simple email address and password, creating a Smart Account would be, for the user, exactly the same as logging into their email, to two-factor authentication (2FA) or any other authentication method. This eliminates the need to generate and store public/private key pairs. The Smart Account Factory contract is called for creation. Initiate the transaction, which will reach the Bundler and redirect it to the Entrypoint to be executed. Wait for the transaction to be confirmed. Advantages of account abstraction Account abstraction opens up a whole world of possibilities. Some of the main practical applications are shown below: Sponsored transactions This is the most direct and popular application of account abstraction and has been discussed earlier in this article. Thanks to sponsored transactions, it is no longer necessary to manage funds or pay directly for transactions made. The typical use case for this type of transaction is that of a service provider who bears the cost of the user's transaction. As opposed to a traditional transaction where the signer assumes the cost, with this mechanism the signer and therefore the responsible party and owner of the transaction does not have to be the same account that assumes the funds necessary for the registration. ✅ This allows service providers to offer their customers this service, freeing them from the need to acquire "crypto" funds in their accounts, doing all the management for them, simplifying the balance sheets of companies operating in Blockchain networks. Transaction lots Another application of account abstraction is the ability to perform multiple transactions in one, grouping them into a lot and saving a not inconsiderable amount of the cost that would be involved in executing each transaction separately. This helps to create a more scalable and cost-effective Blockchain experience, in the style of what Layer 2 Blockchain solutions and rollups enable. Account Abstraction can also be applied to these types of solutions, further increasing their benefits. ✅ As an example of a use case for lots of transactions is a user who wants to make several small payments. Instead of making a transaction for each payment, the user can group them into a single transaction and would be saving costs for its execution. Multi-signature accounts A wallet has only one owner and does not allow transactions with the approval of third parties. Account abstraction solves this problem with multi-signature accounts, where a transaction must necessarily be signed by several members before it can be executed. ✅ A use case of multi-signature accounts can be to execute a transaction that requires the approval of all the administrators of a company. Account recovery Multi-signature accounts subcase. Thanks to account abstraction, users no longer have to store the private key of their wallet. However, they still rely on an access credential. In the event that the owner of a Smart Account loses this access credential, they lose access to their account. Account recovery solves this problem so that the owner of a Smart Account can authorize a third party to access his account. Once authorized, if the Smart Account owner loses the credentials, they can recover their account by asking the authorized third party to identify themselves as the account owner. These are just a few practical applications of account abstraction. As Smart Accounts are accounts controlled by a smart contract, they depend on the logic of the contract and a myriad of conditions can be implemented to authorize the execution of transactions. Account abstraction is set to transform Web3 by vastly improving the user experience and increasing account customization and security. ◾ More information: ERC-4337 Standar → Cyber Security Blockchain Cryptocurrencies: the worrisome phenomenon of rug-pulling (and how to protect yourself) November 28, 2023 Photo by rc.xyz NFT gallery in Unsplash