Smart accounts represent the next evolution in blockchain wallet technology, moving beyond traditional private key wallets to offer enhanced security, flexibility, and functionality. If you're managing crypto operations for your business, understanding smart accounts is essential to streamlining your workflows and improving security.
This guide explains what smart accounts are, how they work with the ERC-4337 standard, and how they can transform your team's onchain operations.
Why traditional accounts don’t scale
Ethereum account are traditionally based on external private keys on the secp256k1 curve. What this means is that anyone can generate a private key on this curve and subsequently generate an Ethereum address from the associated public key. As long as the user or entity has control of the private key they have full authority to sign any transaction on behalf of this address. This setup is typically referred to as a externally owned account (EOA) since its owned by an external private key.
Although very simple, this setup has significant down stream consequences to the user experience and security.
No key rotations: the private key is immutably linked to the address
No custom validation: no protocol native way to have varying degrees of access control for authentication and authorization.
No atomic batching: can only support 1 action (e.g. approve and transfers) per transaction
No gas abstraction: all accounts must be paid for with native ETH balance
For almost any business operating onchain, working around these restrictions become an operational nightmare.
Why not just use MPC?
Multi party computation is the concept of securely sharding the private key and using an offchain consensus mechanism in an attempt to bypass restrictions around custom validation. However MPC solutions introduce a complex coordination overhead due to the N-of-M threshold requirement on any action that requires access to the underlying private key such as signing or shard replacement.
It is also worth noting that an MPC wallet is still backed by an EOA which means other restrictions such as protocol level key rotations, batching, and gas abstraction is still unsolved.
What are smart accounts?
In order to solve these restrictions, we need to be able to abstract (or generalize) an account’s validation and execution. Or put more plainly, we need to be able to programatically define how an account handles two things:
Validation, which can be further broken down to:
Authentication: who can sign
Authorization: what do they have permission to do
Execution: what action is the account doing onchain
You might sometimes see this referred to as “account abstraction”. Because Ethereum is also backed by a Turing complete virtual machine (the EVM) we can achieve this level of abstraction via smart contracts. A “smart account” is a smart contract that is purpose built to be used as a wallet just like an EOA but without its inherent restrictions.
With smart accounts, users can:
Enforce custom validation logic such as multi-sigs, passkeys, timed sessions and granular spending limits.
Atomically batch multiple actions such as approving and signing into a single transaction.
Unlock the ability to pay for gas in may different ways.
For a business, smart accounts dramatically reduce the operational overhead of scaling and managing onchain assets.
What is ERC-4337?
ERC-4337 is an Ethereum standard for account abstraction. It was created by the Ethereum Foundation with collaboration and support from industry leaders. The protocol itself has also been backed by multiple audits from tier one firms.
Stackup was one of the pioneers of ERC-4337. Our team has build scalable ERC-4337 infrastructure and was the primary providers to Coinbase Wallet and Trust Wallet before creating our business wallet platform. On top of that, we have contributed to supporting standards such as the paymaster web service capability which has now become the dominant interface for verifying paymasters.
Learn more about ERC-4337 here.
Why Stackup smart accounts?
There are many battle tested smart account implementations currently deployed in production such as Safe and Kernel. Safe is currently one of the best mulit-sig solutions while Kernel provides a solid foundation for generalized modularity. Stackup’s Keystore smart accounts are purpose built and optimized for shared multi-chain treasuries that require maximum adaptability on access controls.
Can efficiently adapt to changing access requirements from WebAuthn, ECDSA, or multi-sig schemes.
Highly gas efficient and scalable for accounts with large access control configurations.
Private by default to align with OpSec best practice of keeping certain access rules hidden until its required.
Easily syncable across all EVM compatible blockchains to prevent fragmentation of access control.
At its core, Stackup smart accounts are based on a novel keystore architecture. The combination of Stackup’s self-custodial smart accounts with its enterprise grade web platform offer the best in class solution for serious businesses to operate onchain.