Devcon 6

author: Nathan Acks
date: 2022-11-15

I didn’t get around to watching the Account Abstraction Panel from Devcon Bogota yesterday; remedying that today.

Yoav Weiss, Julien Niset, Matt Garnett, Vitalik Buterin, and David Hoffman: Account Abstraction Panel

Interesting reason that account abstraction is important: It allows for signatures to be migrated to quantum-resistant cryptography once those algorithms are ready without disrupting existing identities.

Vitalik apparently wanted smart contract based wallets - and in particular multi-sig wallets - to be a feature in Ethereum from the beginning. It was a feature that got cut so that Ethereum’s launch wouldn’t be delayed too much, but moving to this system has always been part of Ethereum’s “final vision”.

Yoav Weiss apparently envisions account abstraction more like a (Gnosis) Safe than the implementation on StarkNet that Julien Niset talked about, where different devices can add and remove each other’s keys. But there’s also an idea here that different devices could be restricted to only allow for different actions, or different thresholds of action (“high security” and “low security” devices). Also, some devices or actions may need to be used in combination.

There will be an Ethereum hard fork to support account abstraction… Eventually. The question is when, and what steps are made along the way. The eventual goal is to not have “external accounts” (traditional wallets).

An interesting point: Smart contracts don’t have keys, so moving to account abstraction breaks the “sign something with your wallet” login process used in many web3 apps. However, a contract can validate a signature, so wallet sign-ins are still possible with account abstraction - they just require an extra step (the user signs something with their device and the service has the smart contract validate that signature). This can be done now (no EIP necessary - it’s part of how smart contracts work), but it will require developers to stop assuming that all accounts are external ones. Developers need to build dApps that use off-chain signatures for logins!

The thing that limits smart contracts as accounts now is that an external account still has to pay the gas fees. So one core part of making smart contracts people’s primary accounts is that the Ethereum protocol needs to be modified to allow contracts to pay for their own gas fees.

Ooh… Vitalik points out that social recovery with account abstraction shouldn’t even require trusted users to hold “recovery” keys - instead, you just assign this (limited!) power to their smart contracts in a multi-sig fashion!