(13/25) As long as the CA supports specific functions (eg validate signature), it can BE an account.
We define these specific functions through an API. A core part of the process of implementing the account abstraction will be designing this API.
Conversation
(14/25) Once implemented, becomes instantly more customizable, flexible and future proof.
The best way to see this is to return back to the signature scheme we use today, ECDSA (secp256k1). This scheme is incredibly powerful... for now.
2
1
14
(15/25) The problem with ECDSA (secp256k1) is that it is not quantum secure. A quantum computer could break it instantly, destroying in the process.
Quantum computers are not yet powerful enough to be an issue, but they will be.
1
1
16
(16/25) Account abstraction gives us the flexibility we need to move to different signature schemes as required.
Even more powerfully, there's no reason everyone needs to use the same scheme. Every user would be free to secure their assets with whatever cryptography they like.
1
2
17
(17/25) But replacing the signature scheme is just the start. It get's the most talk because of the looming quantum threat, but account abstraction opens up an entire new design space:
user experience!
Here are just a few of the more exciting ideas I've seen so far!
1
18
(18/25) Fraud Monitoring
An account can require a second signature from a 3rd-party fraud monitor, who inspects every transaction for known scams, predefined security rules, etc.
This 3rd-party would not have control over your assets, just transaction approval privileges.
2
1
24
(19/25) Multicalls
An account can batch together multiple transactions and execute them all with a single signature/user input.
said it best, so I'll leave his tweet below.
1
3
18
(20/25) Session Keys
An account can generate a key and grant it specific privileges/duration. The account can then grant this key to semi-trusted spaces (eg a browser), improving UX without exposing the whole account.
Imagine a blockchain game without having constant approvals.
2
2
27
(21/25) Two-Factor Authentication
An account can grant a set of authorization keys (similar to fraud monitoring) to a third party service that will only approve a transaction if you confirm with a second method (eg SMS or email).
2
1
20
(22/25) Hardware Integration
Perhaps the coolest thing? Integration into the hardware that companies like are already shipping.
Imagine if your private keys were held in the secure enclave on your iPhone... approve transactions with FaceID!
3
2
26
(23/25) Bottom line, account abstraction not only enables a much better, more user-friendly , it is also the cleanest way to deal with the existential threat of quantum computers.
But, unfortunately, implementing it has not been easy.
Replying to
(24/25) The good news is that rollups are offering a new, interesting opportunity to build in account abstraction from the very beginning.
While the gigabrains are hard at work, projects like , and are out there inventing the tech.
1
1
31
(25/25) So, fear not, dear reader, the greater community knows what it is doing!
I can't tell you when account abstraction is coming, I can't even tell you what it will look like or where it will be...
But when it comes, account abstraction will leap us forward.
2
1
33
Like what you read? Help me spread the word by retweeting the thread (linked below).
Follow me for more explainers and as much alpha as I can possibly serve.
Quote Tweet
(1/25) @ethereum Roadmap: Account Abstraction
Let's face it, the Ethereum user experience sucks. You can use Apple Pay to buy using your face-print, how can Ethereum compete?
Account abstraction is the 0 to 1 upgrade that will blow open this design space and transform Ethereum!
Show this thread
5
1
25
Show more replies