Introduction
BLOK Capital approached CoinFabrik to help them to specify and implement a prototype of a new asset management protocol. The product requirements were pretty straightforward: the solution should be decentralized and users must be in full custody of their tokens while letting a wealth manager chosen by them to invest their crypto assets on their behalf.
First steps
Working closely with BLOK Capital stakeholders, we started by going through the requirements in order to reach a solid understanding of our customer’s vision. This collaborative effort between BLOK Capital and CoinFabrik’s product and technical experts was key to successfully defining the features that would comprise BLOK’s prototype and validating its technical feasibility.
Taking into account the main product propositions -decentralization, self custody and wallet management by a third party- we immediately recognized the potential for innovation. Naturally, our focus shifted to crafting an architecture that could support such a product while meeting all the stipulated requirements.
After extensive research, we arrived at the conclusion that the newly introduced Ethereum standard, ERC-4337, could precisely align with BLOK’s goals.
Why ERC-4337?
ERC-4337, introduced in February 2023, marks a significant milestone toward web3 mass adoption. It empowers the implementation of robust and versatile wallets, setting it apart from traditional crypto wallets. ERC-4337 wallets, unlike their conventional counterparts, function as smart contracts, enabling the integration of exciting additional features. Furthermore, ERC-4337 promises a superior user experience by offering features like social authentication, account recovery, and reduced transaction fees for users.
ERC-4337 account abstraction
ERC-4337 account abstraction, in simple terms, is a way to make using cryptocurrencies more flexible and user-friendly.
Imagine your cryptocurrency wallet as a house with a locked front door. With traditional wallets, you need to use a specific key to open your door, just like you need a private key to access your cryptocurrency. ERC-4337, however, allows you to have a smart front door that can open in different ways, not just with a key.
Here’s how it works:
Keyless Entry
Instead of just using a key (private key), you can set up your front door to recognize your face, your voice, or even a secret code. In cryptocurrency terms, this means you can access your funds not just with a private key but with other methods like biometrics (your fingerprint or face), passwords, or even multi-factor authentication.
Multiple Ways In
With ERC-4337, you can have multiple ways to access your funds. It’s like having a front door that opens not just for you but also for your family members or trusted friends. In cryptocurrency, this could mean you can share access to your funds with someone you trust, like a financial advisor, without giving them your private key. They can help you manage your money without having full control.
Cost Savings
ERC-4337 can also help save on transaction fees. Think of it like having a discount card for your favorite store. You get to pay less when you use it. Similarly, with ERC-4337, you might pay fewer fees when you make transactions on the blockchain.
So, ERC-4337 account abstraction is like upgrading your cryptocurrency wallet’s front door to be smarter, more secure, and more versatile. It gives you different ways to access your funds, allows you to share access with trusted people, and might even save you some money in the process.
ERC-4337 main components
First, it’s important to go through the main components of the ERC-4337 architecture.
UserOperation: These are pseudo-transaction objects used to execute transactions with Smart Accounts. They capture the user’s intention of what they want to do.
Bundler: Bundlers are actors that package UserOperations from a mempool and send them to the EntryPoint contract on the blockchain. They listen to at least one UserOperation mempool, run simulations, group an array of UserOperations, and relay packets to the EntryPoint.
EntryPoint: EntryPoint is a unique contract that serves as a central entity for all Smart Accounts and Paymaster ERC-4337. It coordinates the verification and execution of a UserOperation. For this reason, it’s crucial that all implementations of an EntryPoint are audited and immutable.
Verification Loop: It verifies that each UserOperation is valid by comparing it with both the Smart Account and the Paymaster contract.
Execution Loop: It sends each UserOperation to the Smart Account. The verification cycle also ensures that the Smart Account or Paymaster contract can cover the maximum gas cost for each user operation.
Smart Accounts: These are end-user accounts. At a minimum, they must verify whether they will accept a user operation during the verification cycle. Additional features can be added to support other account functions, such as social recovery and multiple operations.
Additional functionalities provided by ERC-4337 standard include:
Paymaster: It sponsors the gas fees for a UserOperation, and two things are required. One is to check whether it accepts the UserOperation during the verification cycle. The other is to execute the required fee logic in the execution loop.
Aggregator: It is an entity trusted by contract accounts to validate signatures. They are often used to aggregate signatures from multiple user operations together.
A real-world application: ERC-4337 frameworks and user authentication
After some research on the available smart wallets solutions based upon ERC-4337 we decided to use the framework offered by ZeroDev.
ZeroDev framework allows to create both custodial and non-custodial wallets, use powerful features -such as gas sponsoring, transaction batching or social recovery- and extend the wallet functionality with custom built plugins.
Getting into details, every smart wallet created with ZeroDev is a smart contract known as Kernel, which includes the minimum wallet features. However, the nice part is that this Kernel contract supports the addition of almost any advanced wallet logic.
On the other hand, another important feature of ZeroDev is the splitting of transactions into validation and execution phases.
As its name implies, validators indicate how a transaction will be validated before being executed. In this phase, entryPoint calls the function validateUserOp of the Kernel contract and the transaction can be executed in 3 different ways:
- Sudo mode (0x0): predetermined validator that checks that the transaction is signed by the owner.
- Plugin mode (0x1): the Kernel contract searches for the validator that will use the functions selector of the calldata file.
- Enable mode (0x2): the kernel contract enables a validator by associating the current function selector with the validator.
As for the executors, these are smart contracts that implement the additional functions of the smart wallet. This means that when calling kernel.someFunction(), someFunction() logic is implemented in the executor instead of in the Kernel contract itself, which simplifies development.
User authentication and wallet deployment
One of our concerns was to take advantage of the options that ERC-4337 offers to implement a simple user experience, especially considering the learning curve of traditional crypto wallets, which is sometimes challenging for non-crypto users.
A key element of crypto wallets user experience is user authentication. For this, we relied on Web3Auth, which is an infrastructure solution for web3 wallets and apps that allows the implementation of social authentication -Google, Facebook, X (former Twitter)- into a web3 dApp.
Once logged in, it is possible to get the address of the Smart Wallet without the need to deploy it in the blockchain, as the address is abstracted from the final signature obtained by Web3Auth. The wallet will be deployed only after a userOperation is performed with the new address.
The following image illustrates the prototype architecture:
Gas sponsorship
A great ERC-4337 feature is the possibility to sponsor transaction fees both in gwei and in ERC-20 tokens. To achieve this it is necessary to set different gas policies. ZeroDev allows the implementation of three different types of policies:
- Project policies
- Contract policies
- Wallet policies
These can be configured with the API, where it is also possible to set fees limits:
- Amount of gas
- Amount of requests
- Gas price
- Amount of gas per transaction
Example: Create UserOperation
This code snippet shows the creation of a function that executes a userOperation. ZeroDev’s SDK has sendUserOperation function, which expects the following parameters:
- Target: address of the contract to interact with.
- Data: all the information of the function that will be executed (contract abi, function name, function arguments.
const userOperation = await zeroDevSigner.sendUserOperation({ target: contract.target, data: encodeFunctionData({ abi, functionName: "functionName", args: [ "Argm1","Argm2" ], }),