Account Abstraction 101:
a Comprehensive Guide
Account Abstraction is the UX and security breakthrough needed for self-custodial crypto wallets to scale to the masses on Starknet, the L2 network over Ethereum. Here’s everything you need to know.
Let’s face it. Self-custodial crypto wallets are long due for an upgrade. The UX is clunky and complex and, unlike Web2 bank accounts, there are very few security features.
Instead, users are accountable for protecting their private keys, where one wrong move can completely wipe away their funds. The cost and likelihood of error are massive, and even the most experienced crypto users have lost control of their accounts with one wrong or careless move.
At Braavos, our mission is to make crypto simple and secure for everyday users. And truthfully, we have a long way to go.
But few innovations will be as successful as account abstraction in helping us reach this goal.
Cited by Vitalik Buterin as a “long-time dream” for the Ethereum developer community, account abstraction is a critical upgrade in wallet structure that provides users with greater security, more flexibility, and, most importantly, a significantly better user experience.
Account abstraction reduces the friction of self-custodial wallet products, allowing everyday users to safely store their assets and customize their security preferences. All without facing the risks that come along with losing their private key.
Finally, this technology is the fundamental UX breakthrough needed for non-custodial blockchain wallets to scale to millions of mainstream crypto-users.
But before diving deep into the world of account abstraction, let’s recap how Ethereum Accounts work under the hood.
How Do Ethereum Accounts Work?
Today, there are two types of accounts on Ethereum: Externally Owned Accounts (EOAs) and Contract Accounts. Before we go any further, it’s important to make clear that the term account abstraction is sometimes used interchangeably with smart contract wallets, and for the remainder of the article, the former will be used to discuss the topic.
Popular wallets like MetaMask and Coinbase Wallet are examples of externally owned accounts, or accounts held by something external to the blockchain. To prove account ownership, EOAs use a cryptographic object called a signer, comprised of both a private and public key. Also known as a key pair, these two keys work together to initiate and pay for all on-chain transactions using Ethereum’s ECDSA signature scheme on the Secp256k1 elliptic curve.
While the private key signs the transaction, the Ethereum Virtual Machine (EVM) verifies ownership of the account using an account address derived from the last 20 bytes of the Keccak-256 hash of the public key.
Therefore, the account responsible for holding your tokens and the signer responsible for authorizing the transfer of these tokens are the same. This logic is hard-coded into the EVM.
If the signer (your private key) is compromised, so are the funds within the account. Inversely, if the owner of the account loses their private key, the account is forever inaccessible.
Unfortunately, both scenarios have become commonplace in our community leading to the loss of hundreds of millions of dollars worth of digital assets.
This coupling, and the consequences mentioned above, are the exact problem that account abstraction aims to solve.
What is Account Abstraction and Why is it Important?
As the name suggests, account abstraction abstracts away the strong coupling of an account from an externally owned account as the only way to package and send transactions to the chain, turning every account into a programmable smart contract.
From there, each contract account can be deployed and tailored with custom authorization logic to seamlessly meet any user’s or application’s needs.
Instead of signing transactions on the client side and sending them directly to the blockchain, as you would with MetaMask, account abstraction requires transactions to be first signed on the client side (think Braavos Wallet app) and then passed through an account smart contract on the blockchain. Only once approved by the verification logic of the account’s smart contract and run through its execution logic, it goes through to your dApp of choice.
Account abstraction opens the door for creativity in wallet design, letting developers integrate more efficient and post-quantum-safe signature algorithms, along with built-in paymaster mechanisms that allow for the payment, or developer sponsorship, of gas fees in any ERC20 token.
While technically possible to achieve this with smart contract wallets today, Ethereum’s existing infrastructure still requires everything to be packaged in a transaction originating from an EDSCA-secured EOA. That’s why developers across the globe are working on proposals like EIP-4337 to achieve the same progress without altering any consensus-level protocols.
And while legacy blockchains like Ethereum are naturally slower to adapt to changes, layer-two blockchains like StarkNet have launched with account abstraction built-in to the protocol from day one, serving as the backbone for the next generation of self-custodial wallets like Braavos.
The Benefits of Account Abstraction and Braavos Wallet
Whereas EOAs are somewhat limited in functionality, the custom logic of account abstraction allows self-custodial smart contract wallets like Braavos like hardware signer, multi-factor authentication, multi-call, and account segmentation.
Let’s break each down a bit further.
Rather than securing digital assets with a seed phrase or a hardware wallet, Hardware Signers tap into the secure enclave of iOS and Android devices to turn smartphones into hardware wallets.
Comprised of a secure subsystem in a user’s mobile device and an account smart contract, Hardware Signers can be used to biometrically sign transactions, ensuring that only the owner of the account is approving the transaction.
In November 2022, Braavos rolled out its Hardware Signer feature marking the first time a mobile device’s built-in security chip has been used to generate keys, sign transactions, and verify them on the blockchain. And with over 6 billion mobile phones on earth, we are confident that smartphones will eventually take over hardware wallets as the safest form of self-custodial storage.
Multi-call enables users to batch multiple transactions into one atomic transaction. Whereas providing liquidity on decentralized exchanges usually requires three transactions for token approvals and deposits, multi-call simplifies this into a seamless one-tap experience.
Not only does this make transactions quicker and cheaper, but it also lets users approve the exact amount they want to deposit. This improves security by removing the need for infinite approval.
Account abstraction lets developers customize their account’s security levels and use various devices to approve transactions.
Similar to our standard Web2 email or SMS-based two-factor authentication, programmable logic can mandate the signature of 2 factors or more (whether through a device, a security question, or biometrics) prior to approving a transaction.
‘Do Not Interact’ Lists
Account Abstraction unlocks the potential for a slew of customizable safety features, such as automatically blocking transactions associated with predetermined lists of addresses.
While in traditional finance our money is often spread between checking and savings accounts, in crypto, we haven’t had that luxury. Account abstraction allows us to embed segmentation within the smart contract account, using logic to set parameters around things such as daily withdrawal limits, transaction time delay, or 2FA for larger purchases.
The beauty of account abstraction lies in its limitless potential. And when coupled with the power of StarkNet’s validity rollups, this is only the beginning. Our team is deeply committed to building the industry’s most secure and intuitive self-custodial smart contract-based wallet and we truly believe it will be the catalyst for the next large wave of mainstream crypto adoption. We’d love for you to join us along for the ride.