Ethereum Account Abstract Research Report: Disassemble 10 related EIP proposals and the bottleneck problem impacting tens of millions of daily active users

Published on 1 Weeks ago   100 views   0 Comments  

In the sixth phase of the latest Ethereum roadmap released by Vitalik, the founder of Ethereum, recently, ERC-4337 has become the main implementation scheme of account abstraction.

Image source: Boundless Layout AI Tool generation

Why is the account important? Because the first layer of resistance any web2 user encounters when entering web3 is to save the private key or mnemonic, and the private key may be lost and unknown, and the identity theft of phishing websites cannot be judged. Even the theft of a chain bridge worth hundreds of millions of dollars also occurs due to the private key problem. Therefore, the implementation of a better Ethereum account system has always been a bottleneck for the Ethereum network to impact tens of millions of users

If you want to have a deep understanding of the iterative process of Ethereum and the underlying infrastructure of the blockchain, you must also have an absolute and profound understanding of the complete concept and principle of account abstraction. The evolution history of the account abstraction scheme is a seven-year iterative process. This research report will give you a panoramic view of nearly 10000 words. It is strongly recommended to prepare coffee and read carefully.

This article will tryStarting from the first AA proposal since 2015Systematically collate the main contents of all EIP proposals up to now and comprehensively evaluate the advantages and disadvantages of each proposal. In retrospect, many proposals have been at a standstill or even just a draft stage, exploring the logic context for peeling off the cocoon,

In this paper, 10 EIP proposals are divided into three paths according to their optimized template links: transforming the type of transactions on the chain, transforming the subject objects on the chain, and transforming the packaging process of transactions on the chain

As the content involves a wide range and involves more knowledge of Ethereum principle layer, the author will analyze the logic of the scheme more than the technical details, and will try to express and translate the original meaning. If there is any omission, please leave a message in the comment area for discussion.

1. Background

Recently, the founder of Ethereum, V Shen, updated the ETH development roadmap, and the goal of the sixth phase of Splulge is to fix everything else.

Many things in the Ethereum Virtual Machine (EVM) need to be optimized. For example, VDF will generate real random numbers on the chain. The most important thing in this roadmap is that EIP-4337, the core proposal of the account abstract AA, becomes the implementation path.

The core of these optimizations is that the wallet can be directly recovered through social networks, the project party can help users pay gas fees, support USDT as a gas payment method and other functions. It is these functions that will help Ethereum break the core barrier of tens of millions of users. Without these changes, Ethereum will never break the threshold of user habits.

1.1 Why is the existing account system the bottleneck for tens of millions of users?

At present, there are two kinds of accounts in Ethereum, namely, external account (EOA) and contract account.The ownership and signature rights of external accounts are theoretically held by the same individual unit.

In short, holdingPrivate keyA person who owns not only the "ownership" of the account, but also the right to "sign and transfer all assets".

At present, the ownership and signature rights of Ethereum are integrated. Such external account design may lead to some problems worth discussing:

  • The private key is difficult to protect: the loss of the private key (loss, hacker attack) means that the user loses all assets.
  • Few signature algorithms: the native protocol can only use ECDSA signature and signature verification algorithms in verifying transactions.
  • High signing authority: no original multi signature (multi signature can only be achieved through smart contract collaboration), and single signature can perform any operation.
  • Transaction fees can only be paid through ETH, and batch transactions are not supported.
  • Transaction privacy disclosure: one-to-one transaction is easy to analyze the privacy information of account holders.

Secondly, the simple contract wallet also has some problems:

  • The operation of the contract wallet must be initiated by the EOA (essentially calling the contract), and each transaction will consume 21000Gas more. (At present, the verification method of Ethereum transaction is fixed. A transaction is valid only if it has a valid ECDSA signature, a Nonce value and sufficient account balance.).
  • EOA is required to have enough ETH to pay gas (manage two accounts), or rely on Relay to pay gas (leading to centralization).

The restriction of appeal makes it difficult for ordinary users to use Ethereum:

  • First of all, using any application on Ethereum, users must hold Ethereum (and bear the risk of Ethereum price fluctuation).
  • Secondly, users need to handle complex cost logic. The concepts of gas price, gas limit and transaction blocking are too complex for users.
  • Finally, although many blockchain wallets or applications try to improve the user experience through product optimization, their actual effect is very small.

The way to break the situation is to achieve account abstraction and decouple ownership and signer, so as to solve the above problems one by one. Why can we solve the problem and how can we decouple it? Let's review the seven years of AA history to explore.

1.2 Basic purpose of abstract account

It is difficult for people from Web2 to Web3 to accept high-risk private key management methods, so they take it for granted that the experiment of abstracting Ethereum accounts for many years is to cancel private keys, but now in the decentralized field, there is no free trust, and authentication must be based on cryptography,Therefore, no matter what kind of proposal, it is necessary to manage some private keyใ€‚ Although everyone eventually has the constraints and responsibilities of managing private keys, there are also ways to achieve compromise in experience through smart contracts.

The first thing to break the compromise in the implementation experience is that the current account authority is too centralized, that is, to decouple the ownership and the signer.

1.3 Historical path of abstract account

The overall transformation method can be divided into three general directions according to the target or link

  • Transform the transaction types on the chain (EIP-101, EIP-86, EIP-859, EIP-2718)
  • Rebuild the main objects on the chain (EIP-2938, EIP-3074, EIP-3607, EIP-5003)
  • Transform the packaging process of online transactions (EIP-4337, EIP-5189)

Go back to the process of achieving such goals

At the beginning, Ethereum differentiated external accounts and contract accounts by adding new transaction types such as EIP-86, EIP-101 and EIP-859. However, they found that such changes were too huge, and their complexity was no less than the transfer of consensus algorithms such as merging. Once Ethereum changes the transaction type, it needs to modify the underlying signature verification algorithm. This is not only to consider whether the miners will accept the new type to help them get on the chain, but also to consider the issues of account address management, conflict and backward compatibility.

During the seven years of research, a lot of information and ideasNot abandoned, but inherited and carried forwardใ€‚

  • Through EIP-86/208: The contract address needs to be distinguished from the external account, so the contract address must be customized and anti-collision, so EIP-1014 and EIP-2470 are available.
  • Through EIP-859: For the first time, there is a contract initialization code attached to the transaction. If there is no contract address, one will be deployed on site, which becomes the basic function of EIP-4337.
  • Through EIP-2718: Let the future Ethereum be compatible with any newly proposed transaction type without taking too much account of the historical burden of previous compatibility.
  • Through EIP-2938: it clearly summarized various advantages of the contract account, including social recovery, key rotation, custom authentication algorithm, meta transaction, etc., so that the contract account gradually became popular.

The final consensus focuses on two paths:

  • Enable existing external accounts to have the function of smart contracts (EIP-3074 series).
  • Let the current smart contract have the function of external account (EIP-4337 series).

Now EIP-4337 is included in the roadmapDeclare that Ethereum has finally made a decision in these two paths.

2. What is the best form of the next generation account?

How big is the space? You can use numbers to say:

  • Number of external account accounts: the number of from addresses in the total transactions of Ethereum is about 150 million after the duplication is removed.
  • Number of SCW/A accounts: the data of Gnosis Safe and Argent, the two products in the head, is 150000 in total.ย 

The author believes that the account form that subsequent users will contact is two-stage, distinguishing off chain key management from on chain account subject.

On the key management side of the chain, the best experienced MPC (multi-party security computing)+TSS (threshold signature scheme) is adopted. In particular, 2/2, 2/3 will be a parameter scheme compatible with regulatory requirements and convenient use requirements.

  • In the 2/2 mode, the project party holds 1 and the user holds 1. If either party disagrees, at least the funds will not be lost, which is applicable to the scenarios that need to be supervised in the future (team vault private key management, etc.).
  • In the 2/3 mode, the project party holds 1 and the user holds 2. The user can manage the partition key on two terminals respectively. The daily local+the signature of the partition held by the project party can be combined. Even if the project party runs away, the user can recover by himself.ย 

On the account entity side of the chain, an upgradable smart contract mode will be adopted, and there will be multiple function nodes to expand:

  • Custom signature algorithms: such as Multisig Verification, Schnorr sigs, BLS sigs, Quantum persistent sigs (eg Lamport, Winternitz). The effect is that cryptography naturally supports multiple signatures, thresholds, etc.
  • Packaging of multiple transactions: miners can sign and aggregate the data of multiple transactions, just to ensure that all transactions can be successfully executed. The effect is that the average gas consumption can be reduced when the trading volume is enough.
  • Social recovery and replacement of private key: If a person's WeChat account is stolen one day, even if all the money is transferred, the friends list and chat records in it can be recovered, and the original account can still be used because the SBT soul token will not be lost.
  • Upgradable and decentralized: The contract itself can be upgraded and ownership can be changed. The account subject on the chain is naturally unattended and completely decentralized.
  • Yuan transaction and multi currency payment: The user can use other Token transfers in the contract wallet to pay for the miner Gas, so that the user does not need to recharge the original token as a service charge.
  • Anti DoS and quantum attacks: anti malicious miners blocking system and key explosion.
  • For the advantages of arbitrageurs: after account abstraction is implemented, the arbitrageurs do not need to pay for failed arbitrage activities because they can make price judgments in the account authority verification phase, and the chain does not contain failed arbitrage transactions, which can effectively improve the scalability of the chain

However, AA is implemented through EIP-4337, and there are also many risks:

  • The node verification process will be more complex, which will add a lot of useless computing burden to the node, thus increasing the risk of anti DoS attacks.
  • Because of the scheduling of the contract, gas consumption will be higher than the EOA account's direct signature transaction, requiring the same reduction principle as the NFT aggregator.

Overview of EIP Characteristics Related to the Seven Year Road of Ethereum Account Abstraction (AA)

Uncovered content:

Interpretation of EIP proposals related to account abstraction (AA)

  • EIP-101: Currency and Cryptographic Abstraction - 2015/11/15
  • EIP-86/208: Abstract of Transaction Source and Signature - 2017/02/10
  • EIP-859: Main Chain Account Abstraction (AA) - 2018/01/30
  • EIP-2718: Packaging Envelope for New Transaction Types - 2020/06/13
  • EIP-2938: Account Abstraction (AA) Standard - October 15, 2020
  • EIP-3074: Add AUTH and AUTHCALL operation codes - 2020/10/15
  • EIP-3607: Make the external account address non deployable - 2021/06/10
  • EIP-4337: Implementing Account Abstraction with Transaction Memory Pools - 2021/09/29
  • EIP-5003: Inserting codes into external accounts using AUTHUSURP - 2022/02/26
  • EIP-5189: Operating Account Abstraction by Endorsement - 2022/06/29

Q& A๏ผš

1. Which wallets are implemented according to EIP-4337?

2. Why did Ethereum choose EIP-4337 instead of EIP-3074?

3. What exactly is abstract in account abstraction?

4. If there is a good enough MPC+TSS scheme, no mnemonics are required, and the security is also guaranteed, does it still need a contract wallet?

5. What are the benefits of custom signature algorithms?

6. EIP-4337 still relies on EOA account signature. Can it really bring a qualitative leap to the user experience?

7. What are the next improvement directions of EIP-4337?

Generic placeholder image
215 views   0 Comments   1 Weeks ago
94 views   0 Comments   1 Weeks ago
87 views   0 Comments   1 Weeks ago
128 views   0 Comments   1 Weeks ago
114 views   0 Comments   2 Weeks ago