Mainstream use of Web3 products is the ultimate goal for every builder, and Oasis is focused on building robust and versatile privacy frameworks for crypto developers to create these products. At the forefront of Web3 innovation, right now, sits the concept of Account Abstraction that promises to accelerate adoption through radically simplified user experiences.
The purpose of this article is to provide an overview of the history, development and potential of Account Abstraction in Web3. Following a panel discussion hosted by the Oasis Foundation and a keynote speech by Vitalik Buterin on the same topic, ETHCC 2023 was buzzing with discussions on this topic. Oasis technology can play a key role in accelerating Account Abstraction capabilities popularized by ERC 4337.
View the panel discussion at the Oasis Rendezvous embedded below.
What is Account Abstraction?
The essence of account abstraction is removing the complexities involved with signing and completing blockchain transactions by offering greater flexibility, diversity and security to user operations. Web3 developers look to account abstraction as a promising framework for transforming on-chain transactions and accounts into a simpler user-friendly form that is reminiscent of Web2 accounts, such as Venmo.
Validating on-chain activity has always required users to sign transactions with their unique public-private key pairs. Even though this method is effective, it can also unnecessarily steepen the learning curve for new users who want to explore Web3. Account abstraction aims to substitute key signing with programmable entities that abstract away these on-chain functionalities, which creates a seamless surface-level user experience free from worrying about or fully understanding the deep technical mechanics of on-chain transactions.
Digging a bit deeper, signature abstraction is an important subset of the industry-wide account abstraction project that introduces different signing algorithms to approve transactions. Also, account abstraction could introduce the possibility of transferrable accounts, which enables a set of keys controlling an abstracted account the user could share with a counterparty. For example, users may decide to share their account with a trusted third party so that access can quickly and easily be restored in the event that a user loses their private keys.
In short, account abstraction introduces a myriad of new features for Web3 accounts. But, before continuing, here are a few key definitions to better understand account abstraction terms:
- Signature: A signature is the data passed from the party that controls a key pair along with the transaction nonce during the onchain verification process.
- Paymaster: A contract or entity that manages gas or sponsors gas fees for users. Paymasters can receive various tokens from users and manage risk from these assets while paying gas fees in a network’s native tokens. Paymasters can be fully on-chain services or hybrid off- and on-chain tools.
- Bundler: A decentralized and permissionless relayer network accepts multiple user operations and wraps them into a transaction that is propagated to a public mempool. Account abstraction on Oasis Sapphire, however, does not require using a bundler. Bundlers are often built with protections from network overload that can be caused by user-transaction spam.
A Brief History of Account Abstraction
Early ideas and discussion around Ethereum changes related to account abstraction date back to 2016. Early users and core developers have understood that for years, the native method of creating and confirming transactions is not ideal for large-scale adoption. Pursuing account abstraction was a core strategy to implement more flexibility and security in user account management.
All these ideas culminated in the creation of ERC 4337 in 2021 — with a unique twist. Instead of introducing consensus-layer changes to Ethereum, account abstraction could happen outside of the base protocol. From the proposal itself, the authors wrote, “Instead of adding new protocol features and changing the bottom-layer transaction type, this proposal instead introduces a higher-layer pseudo-transaction object […].” This marked a significant shift in approach from earlier proposals.
Most importantly, account abstraction is the first practical approach suggested by the Web3 developer community for giving smart contracts the same functionality as Externally Owned Accounts (EOAs). Contract accounts are controlled by code, and EOAs are controlled by private keys. Now, the two types of accounts have hybrid functionality, which is what unlocks the powerful new opportunities for Web3 account management features. In short, account abstraction is the effort to use contract accounts as private key-controlled wallets.
Today, account abstraction and the possibilities unlocked by ERC 4337 are a central point of enthusiastic discussion at conferences like ETHCC, on social media and in long-form content like this blog post. Click here to watch the account abstraction keynote speech delivered by Vitalik Buterin.
Oasis Sapphire and EIP 4337
Beyond the account abstraction solution proposed in ERC 4337, Oasis Sapphire has the potential to offer a simpler architecture, while offering all of the same benefits as well as enabling some additional ones not possible through 4337-style account abstraction.
ERC 4337 introduces an ingenious solution for account abstraction without core protocol changes. This solution, however, requires added complexity through alternative mempools and third-party services like bundlers and relayers. Oasis Sapphire proposes a simpler solution to account abstraction for the entire EVM ecosystem.
By design, every smart contract on Oasis Sapphire can do lots of things. For example, Sapphire contracts can create and manage its own private keys, encrypt and decrypt data, generate cryptographically secure random numbers, and sign or verify signatures. These functionalities mean that smart contracts on Sapphire have not only the same EOA functionality as ERC 4337, but they also offer the same benefits as hardware security modules or browser plugins without requiring third-party services, complex MPC protocols or additional client-side downloads and hardware.
By combining its confidential state with native support for contract managed accounts, Sapphire offers tremendous potential to the future utility of account abstraction as a whole. For example, Sapphire allows a contract on Oasis to control the private key for a wallet on another chain, and that private key data is kept confidential even though it is part of the smart contract state. So, a contract on Oasis can directly sign transactions on any other chain that is used for trading, portfolio balancing, voting or any other use case. Alternatively, Sapphire contracts also enable new ways to sign transactions by using tools like Apple FaceID and TouchID, Android Biometrics or WebAuthN.
Privacy Considerations for Account Abstraction
The importance of building robust privacy for Web3 before mainstream adoption happens cannot be overstated. Improving user experiences through account abstraction elevates the utility that can be offered by both network native applications and cross-chain applications leveraging the Oasis Privacy Layer to bring Oasis Sapphire’s Smart Privacy benefits to any EVM network.
On one hand, simpler interfaces and account management tools attracting new users require better privacy because of the expected influx of personal data managed by Web3 applications as user growth occurs. Web2 financial tools are notoriously inept at securely storing and processing user data. An industry-wide push for elevating Web3 accounts via EIP 4337 needs to be paired with a focus on privacy.
In other cases, account abstraction can create unique possibilities for users to create rules that govern their own privacy. For example, an autonomous contract that controls spending limits for an account can require a TOTP authentication before initiating new transactions. The Sapphire runtime on Oasis can support this functionality, given that, of course, a user would not want this information publicly viewable on a blockchain. Smart Privacy in a world with account abstraction can enable both the onchain authentication and activity privacy.
The Future of Account Abstraction
Account Abstraction is more than just a user interface upgrade. EIP 4337 introduces a vision of Web3 user experiences with familiar features from Web2 powered by the innovative infrastructure of blockchain. But, there are still many problems to solve, limitations to explore and building to compete.
With any upgrade to Web3 technology, the most important ingredient for success is collaborative building. Engineers excited about account abstraction should compare code, publish more libraries, and chat with each other as these ideas are refined. The room for collaboration and shared development is almost infinite.
If account abstraction and its potential for privacy applications are of interest, readers are encouraged to join the official Oasis Discord to chat with thousands of other builders and creators. Contributing to Web3 account abstraction is only a matter of finding what can be done and who to do it with.