ERC 4337: Account Abstraction an Overview for Auditors
Smart contract wallets are a hot new topic. But it seems like many people don't understand them, leaving us as auditors responsible for understanding the risks they introduce. ERC4337 Consists of five key parts. At a high level, their mechanics are exciting. To get an understanding of account abstraction and all the parts that make it up we must first understand its transaction flow which is different from a traditional Ethereum transaction.
ERC4337 Transaction Flow
Traditional Flow and UserOperations
Let's first start by reviewing what transaction flow currently looks like on the network. Imagine Bob, decides he wants to send 1 ETH. Essentially he'll sign a message with his private key with his intent to send 1 ETH to another wallet. He will distribute this to the network and it will end up in the mempool. Miners will then get this transaction and validate it in a block.
But the way Account Abstraction introduces a new type of transaction called a UserOperation. A user can create this user operation with specific calldata to be executed. These operations are then sent to a UserOperation Mempool. A bundler will then pick up these user operations and bundle them together. This bundled transaction gets sent to an entry-point contract.
EntryPoint and Execution
The Entrypoint contract will do three things when it receives these bundled transactions. First, it will check the signature is valid, next it will validate whether the paymaster signed off on the transaction or if there is enough gas sent with the transaction to execute it on the chain.
A paymaster is a sponsor for gas fees for bundled transactions. For auditors, it's important to note that a faulty paymaster could introduce DOS attacks if checks are not implemented correctly.
The EntryPoint contract is a global singleton contract that validates and executes UserOps. It has two phases the verification loop and the execution loop. The verification loop makes sure the paymaster has enough to cover the execution cost and the execution loop executes the bundle. All implementations need to be immutable and audited as well. Currently, there is one implementation that is deployed on chain with more to come.
Security Concerns
As we know with new EIPs there will be new and unique bugs introduced that will be a top priority for all security auditors. Not only should we want to keep the users of our Account Abstraction wallets safe, but we also want to benefit by being the first auditors to uncover novel issues as this leads to huge rewards.
Stay tuned for my next article on Account Abstraction where I'll be diving deeper into the Systemic Overview of how AA works.
Thanks for reading and follow me on Twitter if you liked the content!