The abstract ecology of bottom-up accounts: what wallets and infrastructure are worthy of attention

Original Author: Flamie

Introduction

As an open platform, Ethereum provides extensive support for DApps. However, its main disadvantage is that the user experience is relatively complicated, such as how to use the little fox wallet. In order to improve this problem, EIP-4337 was proposed to solve the complexity of user experience through Account Abstraction.

Through AA, previous functions such as signature verification, Gas payment, and replay protection will all change. Smart contract accounts can initiate requests without EOA, reducing dependence on operators. To put it simply, through account abstraction, users can enjoy a minimal account usage process and reduce the cognitive requirements for the underlying process, just as easy as using an email account. The implementation of EIP-4337 not only improves user experience, but also brings more customization and functionality to Ethereum, such as custom signature options and different payment methods.

At present, projects exploring and cultivating in the direction of AA are springing up like mushrooms. Let’s start with the AA wallet ecology:

• I. AA wallets: Braavos, Argent, Gnosis Safe, Avocado
• II. AA wallet infrastructure: Biconomy, Gelato, Pimlico, Candide, Unipass

I. AA Wallet

Braavos

Braavos is a smart contract wallet built on Starknet with a multi-layer security design designed to protect users' digital assets from potential threats. First of all, Braavos adopts a hot-cold separation architecture to safely store the user's private key in an offline device, away from the risk of network attacks. This way of offline storage greatly reduces the possibility of private keys being hacked.

Secondly, Braavos uses multi-signature technology, which requires multiple authorized signatures to perform important operations, such as asset transfers. This mechanism increases the security of the transaction. Even if one of the user's devices is compromised, the hacker cannot complete important operations alone. Additionally, Braavos supports biometric technologies such as fingerprint and facial recognition for an additional layer of authentication. This two-factor authentication ensures that only authorized users can access their wallets and perform sensitive operations.

In response to potential cyber attacks, Braavos also uses anti-phishing technology and secure network communication protocols. It authenticates the information sent to the user and ensures that the user only communicates with authenticated and legitimate servers.

Money

Argent is an Ethereum-based smart contract wallet designed to provide a simple, secure and easy-to-use blockchain experience. It provides users with an intuitive interface that enables them to manage digital assets, send and receive cryptocurrencies, and interact with DApps without cumbersome technical steps. Argent also uses multi-signature, each transaction requires multiple authorized signatures to complete, so that even if a hacker breaks into a user's device, sensitive operations cannot be performed individually. This multi-signature mechanism provides an additional layer of security, ensuring that user assets are protected from unauthorized access.

Argent offers two options for private key management, the first is to save private keys to iCloud and use biometrics or PIN for authentication. This method is indeed very convenient, but given that there have been many incidents of private keys being stolen due to iCloud, this method is less secure.

The second is through private key sharing, where the private key is divided into multiple copies and kept in the hands of different guardians. Because Argent uses a security mechanism called Guardian mode. Users can choose to trust and authorize one or more trusted contacts as their Guardians. When users perform sensitive operations or encounter risks, Guardians will participate in the transaction confirmation and authorization process. This security mechanism ensures that even if users lose access or encounter problems, they can restore and protect their wallets through Guardians. Users can set as many guardians as they want and define their own thresholds, which increases the flexibility of user settings. This reduces the complexity of the setup process, and we can configure it in a private and trustless manner. However, it also has the disadvantage that the wallet we create is not compatible with any other non-custodial wallet using normal wallet standards. We need to keep hoping that the project doesn't go out of business and that our guardians are safe and sound.

Argent also provides an advanced malicious behavior detection system. It identifies potential risks and unusual activities by analyzing users' transaction patterns and behavioral patterns. If the system detects a suspicious operation, it will issue an alert and ask the user for further confirmation or to take necessary security measures. In addition, Argent also provides users with integrated support for hardware wallets. Users can use hardware wallets to store their private keys, further enhancing their security. This offline storage method prevents the private key from being obtained by network attacks, greatly reducing potential risks.

Gnosis Safe

Gnosis Safe is a smart contract wallet that supports multiple EVM chains and is one of the most trusted smart contract wallets on the market today.

Gnosis Safe uses a multi-signature mechanism. This means that multiple authorized persons need to be approved before any transfer of assets can take place. Each authorizer has its own private key and needs to participate in the transfer operation to ensure that assets can only be transferred according to pre-set rules and conditions. This mechanism effectively prevents single points of failure and potential security risks, because attackers need to obtain multiple private keys to steal assets.

Gnosis Safe supports hardware wallet integration. Users can connect a hardware wallet (such as a Ledger or Trezor) with Gnosis Safe, so that the private key will be safely stored on the hardware device and jointly approved with other signers, providing an additional layer of security. This design is such that even in the presence of malware or cyber-attacks, users' private keys are not exposed in an unsafe environment.

In addition, Gnosis Safe supports modular extensions. Users can choose to add different modules to enhance the functionality and security of their wallet. For example, a module for executing smart contracts could be added, or an audit module could be added to monitor transaction activity in wallets. This modular design allows users to customize and enhance wallet security according to their needs and preferences.

Avocado

Avocado is a smart contract wallet dedicated to providing a safe and secure crypto asset management and trading experience. It adopts a series of designs to ensure the security of the wallet and protect users' assets from potential risks and attacks.

Avocado uses an encryption algorithm to encrypt the private key and store it on the local device to ensure that the private key will not be leaked to a third party. In addition, it protects network communications through the Transport Layer Encryption (TLS) protocol, preventing man-in-the-middle attacks and data tampering. Avocado also supports hardware wallet integration, and uses technologies such as decentralized authentication and multi-factor authentication (such as fingerprints, facial recognition, etc.) to ensure that only authorized users can access the wallet and perform transaction operations. This design effectively prevents unauthorized access and asset theft.

Additionally, Avocado focuses on user education and security awareness. It provides security tips, warnings, and recommendations to help users understand common wallet security risks and precautions. In addition, it also encourages users to set strong passwords, regularly back up wallets, and regularly update software versions and other best practices to enhance the overall security of the wallet.

Currently, there are AA wallets like Rhinestone, Soul Wallet, Ambire, Patch Wallet, Obvious Wallet, Nest Wallet, etc. available to users. The main difference between them and Argent or Braavos is in the specific functions and designs they can provide.

II. AA Wallet Infrastructure

Biconomy

Biconomy provides an account abstraction mechanism called "Meta Transactions" that allows users to transact without owning an Ethereum wallet or paying transaction fees. Users can use third-party service providers as trusted proxies to send and execute transactions on behalf of users. This account abstraction mechanism simplifies the interaction process between users and Ethereum, and reduces the transaction costs for users.

Biconomy's account abstraction scheme also provides advanced permission management functions. Users can configure and manage various permission settings of the account according to their own needs. For example, users can set different levels of permissions to control account transfers, contract execution, or sensitive operations. In this way, users can better protect and control their accounts according to their own risk appetite and security needs.

It is worth mentioning that, as part of account abstraction, Biconomy introduces the two roles of bundlers and relayers into the programmable layer to process and execute user transaction requests and obtain corresponding rewards. This design makes Biconomy's account abstraction mechanism more scalable and flexible, enabling users to easily use the functions of smart contracts and achieve more efficient transaction processing through bundlers or relayers.

In addition, Biconomy also provides developers with its own SDK development kit, allowing developers to easily integrate and use account abstraction functions to enhance the experience of smart contract wallets. For example, it supports various blockchain networks and smart contract platforms, provides transaction optimization and cost optimization functions, and more. At present, Biconomy is the platform with the largest usage and the most users in the entire AA ecosystem.

Ice-cream

First of all, Gelato simplifies the process of writing and using smart contracts by introducing account abstraction, allowing users to encapsulate complex operation logic into reusable smart contracts.

Gelato's smart contract wallet infrastructure provides the ability to automate the execution of smart contracts. Users can create automated tasks on Gelato, set trigger conditions and perform actions. When the trigger conditions are met, Gelato will automatically perform the corresponding operation without manual intervention from the user. This automation mechanism can help users implement complex logic such as timing tasks and conditional triggers, and improve the efficiency and accuracy of operations.

Gelato allows users to connect their accounts and smart contracts by subscribing to the service. Users can choose to subscribe to specific smart contract events or state changes, and when these events or states occur, Gelato will automatically execute the relevant smart contract operations. In this way, users can abstract the interaction between accounts and smart contracts into higher-level event triggering and automated execution.

Gelato also introduces relayers to support efficient transaction processing. Through these account abstraction mechanisms, Gelato enables users to use higher-level conditions and event triggers to implement smart contract operations without directly dealing with complex smart contract codes and underlying protocols. In this way, non-technical users can easily take advantage of the capabilities of smart contracts and automate specific operations to improve efficiency and convenience.

Pimlico

Pimlico provides an easy-to-use user interface through which users can interact with smart contracts. The user only needs to select the appropriate operation option and provide the necessary parameters, and Pimlico will execute the corresponding smart contract operation on behalf of the user. This method eliminates the need for users to write complex contract call codes, and greatly simplifies the interaction process between users and smart contracts.

In addition, Pimlico also introduced the Paymaster service mechanism. Paymaster is a smart contract that acts as a payment intermediary between the user and the smart contract. When users use Pimlico to interact with smart contracts, Paymaster will be responsible for processing payment transactions. The user simply sends the payment amount to Paymaster, and Paymaster forwards the corresponding payment to the smart contract. The advantage of this is that users do not need to pay a separate handling fee for each transaction, but can pay Paymaster once, and Paymaster will forward it on its behalf.

The Paymaster service mechanism also provides more flexibility and security. For example, different charging models can be implemented, such as fixed fees, percentage fees, etc., which can be flexibly adjusted according to actual needs, such as verifying user identities, implementing access control, etc., to enhance the security and credibility of interactions.

Candide

Candide is a Substrate-based smart contract wallet infrastructure, which features functions such as account abstraction, account recovery, and ERC-20 gas fee payment using Paymaster through entry point contracts. Candide's vision is to drive the adoption of contract accounts on the Ethereum and EVM networks through the Voltaire bundler. The Voltaire bundler is a fast and friendly ERC-4337 compliant bundler.

Unipass

Unipass is a free Web3 account and wallet that provides a one-stop service from private key management to DID and social recovery. Unipass provides a series of functions, including SDK, multi-chain support, decentralized authentication, decentralized transactions, etc., to provide a better account abstraction experience.

It is foreseeable that in the near future, AA will be widely popularized at the application layer, and the changes brought about by account abstraction also contain the possibility of ecological explosion. In Vitalik's latest proposal, the technical path of Rollup + account abstraction has been widely recognized. Up to now, various native Rollups have also launched new versions compatible with account abstraction, such as zkSync and Starknet. With the development of Rollup, the abstraction of accounts that can be combined with Rollup must also develop better and more refined solutions.