Rob Behnke
March 16th, 2023
EIP/ERC-4337 is an Ethereum Request for Comments (ERC) designed to enable Account Abstraction. The goal of ERC-4337 is to improve the usability of EVM-compatible blockchains and unlock additional applications of smart contracts without the need to change the underlying Ethereum protocol.
Currently, most accounts on the Ethereum blockchain are Externally Owned Accounts (EOAs). This is an account that is controlled via a set of public and private cryptographic keys.
The other type of account on Ethereum is a contract account. This is an Ethereum account with code associated with it that implements a smart contract.
Historically, if a user wanted to perform a transaction with their blockchain wallet, verification was based on their private key. If that private key was lost or stolen, then the user was locked out of their account. Additionally, the need to manage and secure private keys decreased the usability of blockchain and cryptocurrency.
ERC-4337 is designed to allow verification to be performed by smart contracts instead. Moving verification logic to programmable smart contracts unlocks a variety of new possibilities including:
Multi-signatures
Multi-factor authentication
Social recovery
Upgradeability
One of the main limitations of the base Ethereum protocol is that it requires transactions to originate from an EOA. This increases the complexity of using the blockchain because users need to manage their own keys and pay gas for transactions or rely upon a relayer to do so for them.
ERC-4337 removes this requirement by adding a level of abstraction to how Ethereum works.
Under ERC-4337, a user can perform a transaction via the following process:
User creates a UserOperation that encodes their intent and any required verification data.
UserOperations are sent to a Bundler that bundles many of them into a single transaction.
The Bundler, which is an EOA, initiates an Ethereum transaction and pays the gas for it.
The Bundle transaction triggers a wallet smart contract, which is required to validate the identity of the user and execute the UserOperations included in the bundle.
ERC-4337 implements account abstraction, which has been a goal for Ethereum for some time. Some of the benefits of ERC-4337 include the following:
No Protocol Changes: Changes to the underlying Ethereum protocol are complex and difficult to implement. One of the main selling points of ERC-4337 is that it implements account abstraction without protocol changes.
Decentralization: Historically, many users relied on centralized relayers to interact with the Ethereum blockchain. ERC-4337 replaces this with decentralized Bundlers.
Flexible Validation: Wallet validation is no longer reliant solely on public key cryptography. Users can be validated using biometrics, multi-factor authentication, and other means.
Quantum Safety: Quantum computing is a looming threat to blockchain platforms that rely on quantum-vulnerable algorithms. ERC-4337 makes it possible for users to upgrade to quantum-safe algorithms without major protocol changes.
Usability: ERC-4337 makes it easier for users to interact with the blockchain. This can increase access and expand the potential pool of crypto and blockchain users.
ERC-4337 creates an avenue to dramatically improve the usability and expand the user base of the Ethereum blockchain.
It also has significant potential impacts on the security of the Ethereum blockchain. The new standard has some concerns regarding Denial of Service (DoS) attacks, which are managed to an extent by the protocol. However, these are outweighed by the security benefits that new — and potentially stronger — forms of user verification that it introduces.
ERC-4337 is still in its infancy with alpha implementations currently underway. As the technology matures and blockchain developers start making use of it, its potential impacts on the Ethereum ecosystem will become more apparent.