Original author: Flamie

Introduction

Ethereum, as an open platform, provides extensive support for DApps. However, its main drawback is the relatively complex user experience, such as how to use the MetaMask wallet. To address this issue, EIP-4337 was proposed, aiming to solve the complexity of the user experience through Account Abstraction.

With AA, functions such as signature verification, gas payment, and replay protection will change. Smart contract accounts can initiate requests without relying on EOAs, reducing reliance on operators. In simple terms, with account abstraction, users can enjoy a streamlined account usage process, reducing the cognitive requirements for underlying processes, just like using an email account. The implementation of EIP-4337 not only improves the user experience but also brings more customization and functionality to Ethereum, such as custom signature options and different payment methods.

Currently, projects exploring and developing in the direction of AA are emerging like mushrooms after rain. Below, let's take a closer look at the AA wallet ecosystem:

• I. AA Wallets: Braavos, Argent, Gnosis Safe, Avocado

• II. AA Wallet Infrastructure: Biconomy, Gelato, Pimlico, Candide, Unipass

I. AA Wallets

Braavos

Braavos is a smart contract wallet built on Starknet, which adopts a multi-layered security design aimed at protecting users' digital assets from potential threats. First, Braavos employs a cold-hot separation architecture, securely storing users' private keys in offline devices, away from the risk of network attacks. This offline storage method greatly reduces the possibility of private key intrusion by hackers.

Secondly, Braavos uses multi-signature technology which requires multiple authorized signatures to perform important operations such as asset transfers. This mechanism enhances the security of transactions, so even if a user's device is compromised, hackers cannot carry out important operations alone. Additionally, Braavos supports biometric authentication technologies such as fingerprint and facial recognition to add an extra layer of identity verification. This dual-factor authentication ensures that only authorized users can access their wallets and perform sensitive operations.

To counter potential network attacks, Braavos also employs anti-phishing techniques and secure network communication protocols. It verifies the information sent to users and ensures that users only communicate with legitimate servers that have been verified.

Argent

Argent is an Ethereum-based smart contract wallet designed to provide a simple, secure, and user-friendly blockchain experience. It offers users an intuitive interface to manage digital assets, send and receive cryptocurrencies, and interact with DApps without the need for complex technical steps. Argent also utilizes multi-signature technology where each transaction requires multiple authorized signatures to be completed. This means that even if a hacker compromises a user's device, they cannot perform sensitive operations independently. This multi-signature mechanism adds an extra layer of security to ensure that users' assets are not subject to unauthorized access.

Argent offers two options for private key management. The first option is to store the private keys in iCloud and use biometric authentication or a PIN to verify identity. While this method is convenient, it has lower security due to past incidents of private keys being stolen because of iCloud.

The second option is through private key sharing, where the private key is split into multiple parts and stored with different guardians. Argent employs a security mechanism called the Guardian mode. Users can choose to trust and authorize one or more trusted contacts as their guardians. When users perform sensitive operations or encounter risks, guardians are involved in the transaction confirmation and authorization process. This security mechanism ensures that even if users lose access or encounter issues, they can recover and protect their wallets through their guardians. Users can set any number of guardians based on their needs and define their own threshold, increasing the flexibility of user settings. This approach reduces complexity during the setup process and allows for configuration in a private and trustless manner. However, it also has a drawback that our wallets created are incompatible with any other non-custodial wallet using standard wallet standards. We constantly hope that this project will not fail and that our guardians will remain safe.

Argent also provides an advanced malicious behavior detection system. It identifies potential risks and abnormal activities by analyzing users' transaction patterns and behavior patterns. If suspicious operations are detected, the system will issue an alert and require users to further confirm or take necessary security measures. In addition, Argent also offers integrated support for hardware wallets. Users can use hardware wallets to store their private keys, further enhancing their security. This offline storage method makes it impossible for private keys to be obtained through network attacks, greatly reducing potential risks.

Gnosis Safe

Gnosis Safe is a smart contract wallet that supports multiple EVM chains and is one of the most trusted smart contract wallets in the market.

Gnosis Safe adopts a multi-signature mechanism. This means that before any asset transfer, approval from multiple authorizers is required. Each authorizer has their own private key and needs to participate in the transfer operation, ensuring that assets can only be transferred according to predefined rules and conditions. This mechanism effectively prevents single points of failure and potential security risks, as attackers would need to obtain multiple private keys to steal assets.

Gnosis Safe supports hardware wallet integration. Users can connect hardware wallets (such as Ledger or Trezor) to Gnosis Safe, securely storing private keys in hardware devices and participating in joint approvals with other signers, providing an additional security layer. This design ensures that even in the presence of malicious software or network attacks, users' private keys are not exposed to insecure environments.

In addition, Gnosis Safe also supports modular extension. Users can choose to add different modules to enhance the functionality and security of their wallets. For example, they can add modules for executing smart contracts, or add audit modules to monitor transaction activities in the wallet. This modular design allows users to customize and enhance the security of their wallets based on their needs and preferences.

Avocado

Avocado is a smart contract wallet that aims to provide a secure and reliable encrypted asset management and trading experience. It adopts a series of designs to ensure the security of the wallet and protect users' assets from potential risks and attacks.

Avocado encrypts the private key using encryption algorithms and stores it locally on the device, ensuring that the private key is not leaked to third parties. Additionally, it protects network communication using the Transport Layer Security (TLS) protocol to prevent man-in-the-middle attacks and data tampering. Avocado also supports hardware wallet integration and incorporates decentralized identity verification and multi-factor authentication technologies such as fingerprint and facial recognition to ensure that only authorized users can access the wallet and perform transactions. This design effectively prevents unauthorized access and asset theft.

Furthermore, Avocado values user education and security awareness. It provides security tips, warnings, and recommendations to help users understand common wallet security risks and preventive measures. Additionally, it encourages users to set strong passwords, regularly back up wallets, and update software versions regularly, among other best practices, to enhance overall wallet security.

Currently, there are also AA wallets available for users to choose from, such as Rhinestone, Soul Wallet, Ambire, Patch Wallet, Obvious Wallet, Nest Wallet, etc. The main differences between them and Argent or Braavos lie in the specific features and designs they can offer.

II. AA Wallet Infrastructure

Biconomy

Biconomy provides an account abstraction mechanism called "Meta Transactions" that allows users to transact on Ethereum without owning an Ethereum wallet or paying transaction fees. Users can use third-party service providers as trust agents to send and execute transactions on their behalf. This account abstraction mechanism simplifies the interaction process between users and Ethereum and reduces users' transaction costs.

Biconomy's account abstraction solution also provides advanced permission management capabilities. Users can configure and manage various permission settings for their accounts according to their needs. For example, users can set different levels of permissions to control account transfers, contract executions, or sensitive operations. This way, users can better protect and control their accounts based on their risk preferences and security requirements.

It is worth mentioning that as part of the account abstraction, Biconomy has introduced the roles of bundlers and relayers into the programmable layer to handle and execute users' transaction requests and receive corresponding rewards. This design makes Biconomy's account abstraction mechanism more scalable and flexible, allowing users to easily use the functionality of smart contracts and achieve more efficient transaction processing through bundlers or relayers.

In addition, Biconomy also provides its own SDK development toolkit for developers to easily integrate and use the account abstraction feature, enhancing the experience of smart contract wallets. For example, it supports various blockchain networks and smart contract platforms, and provides functions for transaction optimization and cost optimization. Currently, Biconomy is the platform with the largest usage and the most users in the entire AA ecosystem.

Gelato

First, Gelato allows users to encapsulate complex logic operations into reusable smart contracts through the introduction of account abstraction, simplifying the process of writing and using smart contracts.

Gelato's smart contract wallet infrastructure provides automated execution of smart contracts. Users can create automated tasks on Gelato, set trigger conditions, and perform actions. When the trigger conditions are met, Gelato will automatically execute the corresponding actions without manual intervention from the user. This automation mechanism helps users achieve tasks on a scheduled basis, condition triggers, and other complex logic to improve operation efficiency and accuracy.

Gelato allows users to connect their accounts and smart contracts through subscription services. Users can choose to subscribe to specific smart contract events or changes in status. When these events or changes occur, Gelato will automatically execute relevant smart contract operations. This way, users can abstract the interaction between their accounts and smart contracts into higher-level event triggers and automated execution.

Gelato also introduces relayers to support efficient transaction processing. Through these mechanisms of account abstraction, Gelato allows users to perform smart contract operations using higher-level conditions and event triggers, without directly dealing with complex smart contract code and underlying protocols. This way, even non-technical users can easily leverage the capabilities of smart contracts and automate specific operations to improve efficiency and convenience.

Pimlico

Pimlico provides an easy-to-use user interface for interacting with smart contracts. Users simply select the appropriate operation options and provide the necessary parameters, and Pimlico will execute the corresponding smart contract operations on behalf of the users. This eliminates the need for users to write complex contract invocation code and greatly simplifies the interaction process between users and smart contracts.

In addition, Pimlico introduces the Paymaster service mechanism. Paymaster is a smart contract that acts as an intermediary for payments between users and smart contracts. When users interact with smart contracts using Pimlico, Paymaster handles the payment transactions. Users only need to send the payment amount to Paymaster, and Paymaster will forward the corresponding payment to the smart contract. The advantage of this approach is that users don't need to pay transaction fees separately for each transaction, but can pay once to Paymaster, which will then forward the payment on their behalf.

The Paymaster service mechanism also provides more flexibility and security. For example, different charging models such as fixed fees, percentage fees, etc., can be implemented and adjusted flexibly according to actual needs. It can also perform user identity verification, access control, and other measures to enhance the security and trustworthiness of the interaction.

Candide

Candide is a Substrate-based smart contract wallet infrastructure that achieves account abstraction, account recovery, and the use of Paymaster for paying gas fees with ERC-20. Candide envisions promoting the adoption of contract accounts on Ethereum and EVM networks through the Voltaire bundler. The Voltaire bundler is a fast and user-friendly ERC-4337 compatible bundler.

Unipass

Unipass is a free Web3 account and wallet that provides a one-stop service for private key management, DID, and social recovery. Unipass offers a range of features including SDK, multi-chain support, decentralized identity verification, decentralized transactions, etc., to provide a better account abstraction experience.

It is foreseeable that in the near future, AA will be widely adopted at the application layer, and the changes brought about by account abstraction also hold the potential for an ecological explosion. In Vitalik's latest proposal showcase, the technical path of Rollup + account abstraction has been widely recognized. So far, native Rollup solutions have also released new versions compatible with account abstraction, such as zkSync and Starknet. As Rollup continues to evolve, combined with account abstraction, it will undoubtedly develop even better and more sophisticated solutions.

References

*Please refer to the official documentation for project analysis sources

Disclaimer

The information in this research report is sourced from publicly disclosed materials, and the opinions expressed in this document are for research purposes only and do not constitute investment advice. The views and forecasts presented in the report are only valid as of the date of issuance and do not have permanent validity.