原文标题：《 一文读懂新上线的「ERC-4337」：不再需要助记词，Web3 大规模采用要来了？ 》
Author: Heimi, Bai Ze Research Institute
NFT and Web3 have been making waves, but the process of buying and storing them still needs to be simplified for crypto newbies.
I remember the first time I traded on Uniswap, I didn't even know what I was doing. Creating an encrypted wallet and connecting it to the DeFi protocol is a nightmare.
Currently, the only way for users to interact with blockchain-specific smart contracts is with their EOAs (externally owned accounts). A separate transaction signature is still required for each act, from sending funds to the DeFi liquidity pool, to transferring NFT to the market for sale to other accounts.
While many of us encryption veterans have embraced the process, beginners? Most people will not enjoy creating and using EOAs when they have already experienced the convenience of traditional banking.
This is still a challenge to get new users into the Web3 space.
This is where the ERC-4337 comes in.
This article will delve into ERC-4337, learn about its features, and explore its impact on the crypto industry and Web3.
Ethereum has two different types of "accounts" :
You can think of a contract account (CA) as code on a blockchain (smart contract) and an EOA as a person (although one person can have multiple EOAs).
Your MetaMask wallet is an EOA. An EOA consists of a pair of encryption keys: a public key and a private key that control account activity.
However, the contract account has no private key. They are smart contracts, controlled by the logic of the code in them, not by the user. Smart contracts have the ability to do anything you can write in code, whereas EOAs basically just sign transactions.
The key takeaway: the code defines what the contract account does, and the user controls it. EOA What to do.
Every time you want to write information to the blockchain, such as transferring a Token, or casting an NFT, you need to make a transaction. The transaction needs to be signed by the EOA and the EOA also needs to pay the Gas fees associated with the transaction.
Transactions are initiated by the EOA and can be sent to:
Another EOA, for example, an EOA transfers ETH to another EOA.
A CA, for example, casts NFT.
Performing operations on a blockchain is often slow and tedious. Every time you want to write new information to the blockchain, you need to sign a transaction from your EOA in order to do so.
Since you're already familiar with the process, it becomes a standard experience.
For new users, however, it can be a nightmare.
The following figure shows how a new user performs their first action on a decentralized application (dApp) with a new EOA:
These steps are brutal for any new user, whether knowledgeable about blockchain technology or not.
But the problems for new users don't end there.
You may already know friends who have lost access to their EOAs due to accidental disclosure or loss of a private key.
There is even a saying in the crypto industry: "Not your keys, Not your crypto". This means that if someone else, such as a hacker, has your private key, they can control your money. This has been proved countless times in the past.
That's the harsh reality. Private keys are easy to lose and never get back.
As we mentioned earlier, EOAs have very limited capabilities.
In EOA, you typically perform two types of operations:
提交交易，将 Token 转移到另一个 EOA
Submit a trade to perform a function on a contract account
In the real world, losing your bank card doesn't mean you're Game Over.
There are rules that allow you to change funds to new accounts, enforce payment limits, freeze bank cards, and only allow transfers of funds under certain conditions.
In Web3, however, if you make a mistake, your entire account is compromised and can't be recovered.
As a result, EOAs are even worse than centralized money stores.
So is there a solution?
Account abstraction is a proposal to allow users to use cas.
But why? What can CA do that EOAs cannot do?
The functions of CA are much more flexible than EOAs. (Because smart contracts can define different rules and configurations in their code)
Here are some examples of use cases:
These are just some of the features that CA can provide over EOAs. Here's the key: contract accounts are code. This means that you can write anything in code and implement it in CA.
That sounds great, but why don't we do it right now? Before we answer that question, let's take a quick look at the history of proposals regarding account abstraction since 2016. Every proposed technology upgrade to the Ethereum ecosystem originally started with the EIP (Ethereum Improvement Proposal).
2016: EIP-86 -- Proposal to allow users to create "account contracts" that perform any required signature/random number checks, rather than using the current mechanism hard-coded into transaction processing.
2020: EIP-2938 -- Proposal to create a new trading standard of type AA_TX_TYPE. This type of transaction is called an "AA transaction."
2020: IP-3074 -- Proposal to allow users to delegate control of their EOAs to smart contracts. Allow any EOA to act as a wallet without deploying a contract.
None of these proposals have yet been implemented into Ethereum, and they all currently fall into the "stalled" category. That means they have been on hold for six months or more.
These proposals were not implemented in part because they required changes to the consensus layer protocol of the Ethereum network. (The "consensus layer" can be simply understood as the back end of the Ethereum system.)
Until 2021, IP-4337 was proposed to implement account abstraction on Ethereum without changing the consensus layer!
At WalletCon in Denver on March 1, 2023, the Ethereum Foundation developers announced that the core contract for ERC-4337 had been audited by OpenZeppelin and passed various tests. At present, the audited contract has been successfully deployed on the main Ethereum network and several test networks, and can also be operated on various EVM compatible chains, including Polygon, Optimism, Arbitrum, BNB Smart Chain, Avalanche and Gnosis Chain.
Once on-chain governance accepts, authorizes, and validates an EIP, it becomes an ERC (Ethereum solicits opinions, mainly dealing with protocols and development standards).
That's why we had IP-4337, and that's why we had ERC-4337.
The ERC-4337 is designed to upgrade user EOAs to "smart accounts" (similar to cas), enabling accounts to operate as smart contracts. This means that each encrypted wallet can have customizable authorization logic to suit the needs of an individual user or application. So some account abstraction use cases can be implemented, such as recovering lost private keys, securing wallets without mnemonics, performing automatic payments, no Gas transactions, and so on.
ERC-4337 adds a new UserOperation memory pool, which is intended to completely replace the current transaction memory pool for account abstraction. Instead of transactions, users send UserOperation objects to Ethereum nodes, and they package a set of these objects into a transaction included in the Ethereum chain. This packaged transaction, called an "entry point" smart contract, handles the UserOperation object and deploys a smart contract wallet for it.
Image: ERC-4337 Transaction process from Nethermind
One of the most obvious benefits of ERC-4337 is that it can make Ethereum more accessible to ordinary users outside the crypto industry. It can solve some of the key issues that users currently face from creating a wallet to using it, making it much simpler to use.
That's how the word "abstract" is understood. As you can see, Ethereum plans to bring new ideas to users' accounts through ERC-4337. Or understood as pulling away, allowing users to get rid of the traditional handling of user accounts like MetaMask -- the over-reliance on mnemonics, personal transaction signatures, and private keys.
Simply put, one of the main features of smart accounts based on ERC-4337 is the introduction of a "social recovery mechanism". If you lose your mnemonic, then you can contact a previously designated "guardian" contract or account to help retrieve access. You can also enable 2FA (two-factor authentication) and biometrics to protect the wallet without necessarily requiring mnemonics.
In addition, you can set automatic payments and time-based spending limits in your wallet to manage your money more efficiently.
Finally, ERC-4337 allows decentralized applications (DApps) to sponsor Gas fees, making transactions cheaper and simpler for users.
Let's take a closer look:
Smart Accounts: Smart accounts, also known as account abstraction, are becoming an important theme in the crypto industry. Visa has even developed an automated, encrypted bill payment system based on smart accounts. With the implementation of ERC-4337, smart accounts can provide more advanced functionality and use cases.
Recover your lost private key: ERC-4337 enables a "social recovery mechanism" so that if you lose your private key, you can restore access to your account by contacting the previously specified user. This addresses one of the most significant risks in the crypto industry -- losing your wallet's private key.
Secure Wallet without mnemonics: With this upgrade, users can use 2FA and biometrics to protect accounts, making them more secure and user-friendly.
Automated trading: The ERC-4337 allows automated trading, including monthly spending limits, AI trading, and adjusting pledge positions. These features make it easier for users to make transactions.
无 Gas 交易：ERC-4337 支持无 Gas 交易，这允许 DeFi、链游、DAO 等 dApp 为用户赞助 Gas 费用，从而使用户的交易更便宜。此功能还允许用户使用 dApp 的 Token 支付 Gas 费用，这可以大幅降低 dApp 的使用成本。
Bundle transactions: Every transaction requires a signature. With account abstraction, it is possible to bundle transactions and send multiple transactions as one to save time and even Gas bills. Similar to a shopping cart, even for 10 markets can complete the package in one transaction.
Pre-approve deals: Let's say you're minting multiple NFT's, or playing a single game. With smart accounts, you can pre-approve transactions based on a custom wallet code and session key set up in advance.
Currently, the ERC-4337 has several potential benefits and drawbacks.
Enhanced security, added functionality, and improved user experience.
引入了内置的访问控制、权限和更灵活的 Token 供应模型，使其比现有 Token 标准更安全。
灵活的 Token 供应模型使开发人员能够创建具有可变供应的 Token ，这对于需要更动态供应的 dApps 及其 Token 来说很有用。
ERC-4337 中的内置访问控制和权限使用户更容易了解其 Token 的使用方式并控制他们与 dApp 的交互。
This leads to a more seamless and user-friendly experience when interacting with Dapps.
One of the most significant drawbacks is that it has yet to be widely adopted by the Ethereum community. As a result, developers may be hesitant to use it until they get more attention and support.
ERC-4337 的另一个缺点是它与其他 Token 标准的兼容性有限。这意味着开发人员可能需要对其现有的 dApp 进行重大更改才能实现它，这可能既耗时又昂贵。
In addition, the added functionality of ERC-4337 may increase the complexity of dApp development, which may pose an even greater challenge to developers unfamiliar with the new standard.
The ERC-4337 has the potential to improve the functionality and security of DApps on the Ethereum network. However, its success depends on whether the Ethereum community is willing to adopt it and whether developers are willing to invest the necessary time and resources to implement it in their Dapps.
I see ERC-4337 as a solution to long-standing usability issues in the crypto industry and Web3. There are already a number of amazing projects implementing incredible use cases. But wallet usage is still an important problem for new users.
The usability and immediacy introduced by the ERC-4337 is a game changer. By merging encrypted wallets with smart contracts to make transactions more secure and efficient, the end result is a more user friendly Web3 experience. It is the catalyst that makes Web3 comparable to the "normal" lifestyle of Internet users, like Coinbase's L2 Base already using ERC-4337.
While the future of ERC-4337 is uncertain, its launch is already generating optimism within the crypto community. As cryptocurrencies and Web3 continue to evolve, ERC-4337 may pave the way for more advances and innovations.