Ethereum developers are working hard to make its blockchain more user-friendly.
One of the disadvantages of cryptography is the cost of simple misses. For example, if a user loses the keys to their crypto account, they could lose access to their crypto holdings forever. Faced with this and other potential pitfalls, it is much easier to lose your money in crypto than in traditional banks.
This article originally appeared in Valid pointsCoinDesk’s weekly newsletter outlining the evolution of Ethereum and its impact on the crypto markets. Subscribe to receive it in your inbox every Wednesday.
Blockchain developers are increasingly recognizing that human error is inevitable, which means pushing crypto into the mainstream will be difficult without built-in security and better usability. One of these innovations is a concept called “Account Abstraction”.
Account Abstraction (AA) aims to use smart contracts to execute crypto transactions, by creating certain validity rules. With AA, users won’t need to sign every transaction with their private keys.
“We’re going to come to a point where using an Ethereum account will be as easy as using a bank,” said Kristof Gazso, co-author of an Ethereum improvement proposal (EIP) on AA. “People won’t have to make this compromise like, ‘Hey, you know, I like decentralization, but also, it’s a pain in the ass to use Ethereum.'”
Ultimately, through AA, developers want to make Ethereum as usable as a traditional fiat bank account, so users can transact more easily, schedule automatic bill payments, and more.
But before understanding how AA could change the nature of how crypto can be used, it is important to understand how Ethereum transactions work today.
Accounts on Ethereum: EOA and CA
On Ethereum, users have the option of creating two types of accounts: external accounts (EOA) and contract accounts (CA). The two account types differ in terms of how they initiate transactions on the Ethereum network.
EOAs, the typical account type for Ethereum users, are the type of account you use if you have used a wallet provider such as Metamask and Coinbase wallet.
With an EOA, users receive a pair of keys: a public key and a private key. Anyone can send funds to an EOA using their public key. But only the account owner – the one with access to the account’s private key, which must be kept secret – can actually initiate transactions from the account.
CAs, better known as “smart contracts,” are like mini computer programs that live on the Ethereum network. These accounts are controlled by a code – not by private keys – but they cannot initiate transactions themselves; an EOA must send a transaction (which you can think of as a message or an instruction) to a certificate authority so that it can perform its own transactions.
The problem with EOAs comes down to human error. “A key has complete administrative control over your account,” said Gazso, the co-author of EIP 4337. “If you lose it, too bad, you’ve lost all control over your account forever.”
If you lose a private key from an EOA account, there is no helpdesk or key recovery process (such as a “reset password” button) that can help you regain it. access to your funds.
“Humans are the biggest security hole in managing Ethereum accounts,” Gazso added. Although there is no hard data on how much ETH is lost due to forgotten keys, Bitcoin accounts use a private key system similar to Ethereum. According to a Chainalysis report, up to 23% of all bitcoins in circulation (or approximately 3.79 million BTC) could be lost forever due to forgotten keys.
And forgotten keys aren’t the only problem. If someone (think hackers) gets their hands on someone’s private key, they gain full control over that person’s funds.
How does account abstraction work?
Account abstraction fixes the shortcomings of EOAs by merging them with CAs – allowing users to create user accounts with built-in security mechanisms and other special features to verify transactions.
As described by Ethereum co-founder Vitalik Buterin in a 2021 blog post“instead of [smart contract code] being just used to implement application logic, it would also be used to implement verification logic (nonces, signatures…) of individual user wallets”
As part of the account abstraction, user accounts could be programmed to include social recovery systems where multiple people – each with their own key – have the ability to return an account to its owner if the owner loses access to the private key.
One could also create “multisig wallets” that would give account ownership to a group – requiring multiple different parties to sign transactions as a sort of additional layer of security.
Accounts under AA could also avoid some of the other hard-coded limitations of EOAs. They could, for example, define how users pay gas charges. Currently, under EOAs on Ethereum, users must pay for gas in ether (ETH). But with AA, one can choose to use a different cryptocurrency to pay for gas (like DOGE), or you can designate someone else (like a relative or friend) to pay gas costs. .
All of these systems can be implemented today using AC, but with a significant degree of complexity and overhead (i.e. gas costs) due to the requirement that all transactions are initiated by an EOA.
How to achieve a full implementation of account abstraction?
There are a bunch of proposals that aim to add AA to Ethereum, the most prominent being EIP-4337. “It’s really the first proposal that achieves account abstraction without requiring a hard fork,” Gazso said.
The main advantage of EIP-4337 is that its implementation will not require any changes to the main Ethereum protocol. The proposal would simply add a new account abstraction layer on top of Ethereum’s core protocol, allowing wallet providers to create user-owned accounts that use smart contracts to define the rules for initiating transactions.
So if all of these tools are currently available, why isn’t account abstraction more prevalent?
The answer to that is momentum. It is obviously not easy to build a new wallet, launch it and ship it to people. “Convincing people to try new technologies, new wallets, is a very difficult task,” Gazso added. That’s why people starting out on their crypto journey look to something that’s been around longer or battle-tested, like a MetaMask wallet.
Finding people to implement these new technologies therefore seems to be the biggest bottleneck for account abstraction. But the tide for that seems to be changing.
What’s cooking with Account Abstraction?
Some Layer 2 on Ethereum pave the way for native AA integration. StarkWare, the company behind the StarkNet blockchain, is already live with Account Abstraction. Eli Ben-Sasson, co-founder and president of StarkWare, told CoinDesk that the account abstraction could be used in the future to “use your facial recognition or biometrics to essentially authorize [crypto] payments,” much like how FaceID can enable credit card payments for iPhone users. “The infrastructure to do this is now possible on Starknet,” Ben-Sasson added.
Last month, Visa also announced its proposal to eventually use Account Abstraction to deploy automatic payments with the StarkNet infrastructure. This would mimic automatic payments to a bank account to pay bills, except now it could be done on the blockchain.
Other companies, such as Gnosis Chain, are looking to integrate Account Abstraction into their infrastructure. Gnosis Chain co-founder Stefan George told CoinDesk, “Slowly interest in AA is growing as more developers and users become aware of the potential.”
Gazso reiterated that 2023 will be “the year of account abstraction”, noting that it is currently one of the most discussed topics in the ecosystem.