Guides

Account Abstraction: A Reference

ERC-4337 account abstraction explained — smart accounts, paymasters, gasless UX, social recovery, and which wallets actually use it in 2026.

By Web3Wagmi Team15 min readReviewed by Web3Wagmi Research Desk
Account Abstraction: A Reference for 2026
Table of contents

Why account abstraction matters in 2026

Account abstraction (account abstraction makes Ethereum wallets programmable smart contracts capable of custom signing logic, gas sponsorship, and recovery) turns wallets into programmable smart contracts — biometric login, no seed phrase, gas paid in any token, social recovery — without giving up self-custody. ERC-4337 plus EIP-7702 (live on Ethereum mainnet since May 7, 2025) is what replaces the seed-phrase model. Last verified: 2026-05-27.

AA re-architects what an Ethereum account is. For ten years, an Ethereum account was a 1:1 mapping from a private key to an address. You couldn't change the signing rules, recover from a lost key, or pay gas in anything but ETH. AA throws that model out: your account becomes a contract, and the contract decides what counts as a valid signature, what gas tokens it accepts, who can recover it, and what limits apply.

ERC-4337 (ERC-4337 is the Ethereum standard for account abstraction implemented at the application layer without consensus-layer changes) went live on Ethereum mainnet on March 1, 2023. By April 2025, weekly UserOperations hit 4 million — up 5x from 2023 levels — with Base accounting for roughly 87% of that volume. Coinbase Smart Wallet (Coinbase Smart Wallet is a passkey-secured ERC-4337 smart account live on Base and other EVM L2s) surpassed 1 million accounts in August 2025, with 270,000 new accounts on a single day (August 16). The promise is wallets that work like Apple Pay (biometric login, no seed phrase, gasless transactions) while preserving self-custody. The catch — and there is always a catch — is that smart accounts add a new attack surface (the account contract itself) and cost slightly more gas per transaction.

EOA vs smart account

An EOA (Externally Owned Account, a standard Ethereum account controlled by a single private key with no programmable logic) is a single-key account that loses everything if the seed is lost. A smart account is a contract with programmable signing, recovery, and gas — costs $1–3 to deploy on L1 (~$0.10 on L2) and ~10–20% gas premium per tx. Last verified: 2026-05-27.

EOA (MetaMask, Phantom)Smart account (Coinbase Smart Wallet, Safe)
What it isPrivate key + addressSmart contract with programmable logic
Recovery12/24-word seed phraseSocial recovery, biometrics, multisig
Gas paymentMust hold ETHCan pay in any token (via Paymaster)
Signing logicSingle key, ECDSA onlyCustom — multisig, time-locks, session keys, passkeys
OnboardingInstall wallet, write seed phraseEmail/passkey, no seed phrase
Cost to deploy$0 (no contract)$1–3 on L1, ~$0.10 on L2
Cost to transactStandard gas~10–20% premium
Lose access if you lose seedYes, permanentlyNo — recover via social/multisig
Contract risk surfaceNoneAccount contract itself
Quantum riskHigh (exposed pubkey on first send)Mitigated (can upgrade signing scheme)

ERC-4337 vs EIP-7702: the comparison most explainers skip

ERC-4337 deploys a brand-new smart-account contract at a new address. EIP-7702 (activated May 7, 2025 via the Pectra hard fork) lets your existing EOA temporarily run smart-contract code at the same address — same private key, smart-account features, no address migration. Last verified: 2026-05-27.

This is the distinction that matters for anyone migrating off MetaMask in 2026:

ERC-4337EIP-7702
Live sinceMarch 2023May 7, 2025 (Pectra, epoch 364032)
AddressNew (counterfactual or deployed)Same as your existing EOA
Requires consensus changesNoYes (Pectra hard fork)
Mental model'Smart account from scratch''EOA borrows contract code per-tx'
Best forNew users (Coinbase Smart Wallet, Safe)Existing MetaMask/Ledger users upgrading
RecoveryBuilt into the contractInherits EOA recovery (the seed phrase)
Per-tx gas premium10–20%~5% (lighter)
Composability with 4337 infraNativeYes — EntryPoint v0.8 supports both
Phishing riskSession-key scope abuseMalicious delegatee contract drains wallet

EIP-7702 is the upgrade path for the 100M+ existing EOAs; ERC-4337 is the architecture for net-new smart accounts and everything more complex than a per-tx delegation. Most production wallets in 2026 — Safe, MetaMask Smart Accounts, Argent — support both. EntryPoint v0.8 adds native EIP-7702 support, unifying the two flows at the infrastructure layer.

What ERC-4337 actually does

ERC-4337 has four pieces: UserOperation (signed request), Bundler (relayer), EntryPoint (singleton contract), and optional Paymaster (sponsors gas). No consensus-layer changes required — works on Ethereum, every L2, and any EVM chain that has the EntryPoint deployed. Last verified: 2026-05-27.

The architecture has four moving pieces:

  1. UserOperation (a UserOperation is the ERC-4337 transaction-request object signed by the smart account user before bundling on-chain) — a "transaction request" object that smart account users sign. Looks like a transaction but isn't broadcast directly to the chain; it lives in an alternate mempool.
  2. Bundler (a Bundler is an ERC-4337 relayer that batches UserOperations into Ethereum transactions and submits them to the EntryPoint) — a relayer that batches UserOperations into actual Ethereum transactions and submits them to the chain. Anyone can run one; in practice the major bundlers are Pimlico (200M+ txs relayed, 100+ chains), Alchemy, and Biconomy.
  3. EntryPoint (the EntryPoint is a singleton contract deployed on every supported chain that validates and executes ERC-4337 UserOperations) — a singleton contract deployed once per chain (the same address everywhere) that validates and executes batched UserOperations. The trust root for the whole system. Three audited versions are live: v0.6 (widely deployed), v0.7 (2024, improved paymaster/aggregator interfaces), and v0.8 (2025, adds native EIP-7702 support).
  4. Paymaster (a Paymaster is an ERC-4337 contract that sponsors gas for users or accepts gas payment in tokens other than ETH) (optional) — a contract that pays gas on behalf of the user, optionally collecting fees in another token.

The user signs a UserOperation. The Bundler picks it up, calls the EntryPoint, which calls the smart account's validateUserOp() method. If valid, the EntryPoint executes the requested action and either deducts gas from the smart account or charges a Paymaster. Critically, no consensus-layer changes were required — the whole system is just contracts and an off-chain mempool. ERC-4337 works on Ethereum, all major L2s, and any EVM-compatible chain that has the EntryPoint deployed.

Killer features unlocked by AA

Seven AA wins: gasless onboarding, gas in any token, social recovery, session keys, default multisig, batched txs, and programmable spending limits. Every one of these was either impossible or terrible UX on an EOA. Last verified: 2026-05-27.

1. Gasless onboarding

Coinbase Smart Wallet on Base sponsors the first transaction's gas via a Paymaster. New users can transact without holding ETH, without bridging, without understanding what gas is. This is what closed the cold-start UX gap that EOAs never solved.

2. Pay gas in any token

A Paymaster can accept USDC, USDT, or any whitelisted token as gas payment. The Paymaster fronts the actual ETH gas; the user pays the Paymaster the equivalent value in USDC plus a small fee (typically 0.5–2%). User experience: a transaction costs $0.50 in USDC, no ETH needed, no swap step.

3. Social recovery

Lose your phone? Recover access via N-of-M trusted parties (friends, family, recovery service) without ever revealing the underlying key. Argent and Safe popularized this; Coinbase Smart Wallet uses a related mechanism with passkeys backed by iCloud/Google Password Manager.

4. Session keys

Session keys (a session key is a temporary, scope-limited signing key authorized by a smart account for a fixed time and spending cap) power game wallets, trading bots, and automated DeFi strategies. Authorize a temporary key with scoped permissions ("this key can spend up to 0.1 ETH on Uniswap for 24 hours") — micro-transactions execute without UI prompts. This is the single biggest UX win for on-chain games and recurring strategies.

5. Multisig as default

Every smart account can be a multisig from day one (1-of-1 = single-sig; 2-of-3 = institutional). Safe (Safe, formerly Gnosis Safe, is the dominant institutional multisig smart account on EVM chains, securing the majority of DAO treasuries) is the dominant institutional smart account — securing $100B+ in assets, including the Ethereum Foundation's $650M treasury (migrated to Safe in October 2025) and the majority of the largest DAOs on Ethereum.

6. Batch transactions

Approve token + swap in one user signature. Unwind a leveraged position across four protocols in one user signature. Eliminates the "sign six transactions" UX friction that plagues EOA users every time they touch a new protocol. EIP-7702 brings batching to existing EOAs without deploying a new contract.

7. Programmable spending limits

"Don't let this wallet spend more than $1,000 in 24 hours unless I sign with a hardware key." "Don't let this wallet send to any address that isn't on my whitelist." Trivially expressible in smart-account logic; literally impossible on an EOA.

The major smart account wallets in 2026

Coinbase Smart Wallet for new users (1M+ accounts, Base-native, gasless first tx). Safe for institutional treasury ($100B+ secured). Argent for Starknet and EVM. Sequence/Biconomy/Alchemy/ZeroDev for app developers. MetaMask/Ledger for existing EOA users via EIP-7702. Last verified: 2026-05-27.

WalletBest forNetwork coverageKiller feature
Coinbase Smart WalletFirst-time crypto usersBase + EVM L2sGasless onboarding, passkey login; 1M+ accounts (Aug 2025)
SafeDAOs, institutional treasuryAll EVMBattle-tested multisig, $100B+ secured; ETH Foundation uses it
Argent (now Ready)Starknet users + EVMStarknet, EthereumSocial recovery, native AA
SequenceGame studios, white-labelEVMEmbeddable smart accounts for apps
BiconomyApp developersEVMSmart account SDK + Paymaster infra
Alchemy Smart WalletsDeveloper integrationEVMLightAccount + Modular Account (ERC-6900)
ZeroDevApp-specific walletsEVMKernel modular smart account (ERC-7579)
MetaMask Smart AccountsExisting MetaMask usersEVMEIP-7702 delegation in place

When you should use a smart account

Use a smart account if you are new to crypto, manage a DAO/fund treasury, run automated DeFi, build a consumer app, or want recovery without a seed phrase. Skip it if you transact rarely, refuse any additional contract risk, or are on an EOA-only chain. Last verified: 2026-05-27.

You're new to cryptoCoinbase Smart Wallet eliminates the seed phrase obstacle, which is the single biggest reason new users churn. You're managing a DAO or fund treasury — Safe is the default for $100k+ shared custody; nothing else has the audit history or TVS. You run automated DeFi strategies — Session keys + paymasters massively reduce friction. Auto-compounding, rebalancing, and trading bots all benefit. You build an app or game — Sequence/Biconomy let users sign up with email/social, no wallet popup. The next 100M users will sign up this way. You want recovery without a seed phrase — Argent's social recovery and Safe with multiple owners both solve the "lost the phrase" disaster.

When to skip it: You transact once a year — The $1–3 deployment cost plus per-tx premium outweighs UX wins if your usage is that thin. You distrust contract risk — Smart accounts add a contract risk surface that EOAs don't have. A bug in your account contract is your problem. You're on a non-EVM chain — Smart accounts are EVM constructs; Bitcoin vault descriptors and taproot multisig are a different stack.

Smart account vs hardware wallet — not mutually exclusive

Pair Safe or Argent (asset-holding smart account) with Ledger or Trezor (hardware signer as one of the multisig keys). This is the default institutional setup in 2026 — smart-account UX plus hardware-grade key security on top. Ledger now also supports EIP-7702 signing natively on current-generation devices. Last verified: 2026-05-27.

The best stack combines them rather than picking one:

  • Smart account (Safe / Argent) as the asset-holding wallet.
  • Hardware wallet (Ledger / Trezor / GridPlus) as one of the signing keys, with two other independent signers (mobile device, second hardware wallet, or a trusted co-signer).

This gives you smart-account UX (social recovery, programmable spending, batched txs) plus hardware-grade signing security on the keys themselves. Most institutional crypto setups in 2026 use exactly this pattern. Ledger added native EIP-7702 signing support for Flex, Stax, Nano X, Nano Gen5, and Nano S Plus — initially limited to the Ethereum Foundation's whitelisted simple contract, with broader contract support to follow. The 2022 Ronin Bridge hack, where five of nine multisig keys were compromised because they were all held by the same entity on the same infrastructure, remains the canonical lesson: a multisig is only as secure as the independence of its keyholders.

Costs of using AA in 2026

Smart account costs $1–5 to deploy on L1 and ~10–20% gas premium per tx; on Base, deployment is ~$0.10 and per-tx premium is fractions of a cent — effectively free at L2 scale. Last verified: 2026-05-27.

CostRangeWhen
Smart account deployment$1–5 on L1, ~$0.10 on L2First time you transact
Per-transaction premium10–20% over EOA gasEvery tx
Paymaster fee0.5–2% on top of gasIf using Paymaster
Module install (ERC-7579)$0.50–5Adding a plug-in module

On Base, deployment is ~$0.10 and per-tx premium is ~$0.005. AA is essentially free at L2 scale. On Ethereum mainnet, the per-tx premium is real ($1–3 extra per swap on a $20 gas-base) — which is why almost no one runs a 4337 smart account on L1 unless it's a Safe holding institutional capital.

Common misconceptions

"Smart accounts hold your funds." No — the contract holds them but only you control signing. "AA is gasless." No — someone always pays; gasless just means it isn't you. "EIP-7702 made ERC-4337 obsolete." No — they solve different problems and EntryPoint v0.8 unifies both. Last verified: 2026-05-27.

  • "A smart account is custodial because the contract holds the funds." The contract is owned by your signing keys. The funds are held at a contract address you control. This is not custody; it's a non-custodial vault where you set the rules.
  • "AA = gasless transactions." AA enables gasless UX, but someone always pays for gas — the app sponsors it via a Paymaster, or you pay in USDC. There's no free lunch; the question is who you're paying and in what token.
  • "Passkey wallets are insecure because Apple/Google could be subpoenaed." The passkey signs locally on your device. The cloud backup encrypts the passkey material with your device password. A subpoena alone does not yield a usable key.
  • "EIP-7702 made ERC-4337 obsolete." 7702 lets EOAs borrow contract code per transaction; 4337 is for full smart accounts with persistent state, recovery, and complex logic. EntryPoint v0.8 adds native 7702 support — the two systems are converging, not competing.
  • "Smart accounts are unhackable." Wintermute lost $160M from a Profanity-generated vanity address in September 2022. A user lost $1.54M in a single EIP-7702 phishing attack on August 24, 2025 by signing a malicious delegation that drained their wstETH, cbBTC, and other tokens via a fake Uniswap interface. Smart-account contracts can be bugged and delegations can be malicious; audits and careful signing hygiene both matter.

Risks specific to smart accounts

The contract-risk surface is real — and EIP-7702 adds a new phishing vector: a maliciously delegated authorization can turn your EOA into an attacker-controlled sweeper. The $1.54M phishing loss in August 2025 is the documented proof. Use audited account implementations, verify delegatee contracts before signing, and never batch-approve unfamiliar operations. Last verified: 2026-05-27.

  • Account-contract bugs. The account is a contract; a bug in the contract is exploitable. Use audited implementations (Safe, Coinbase Smart Wallet, Kernel/ZeroDev) rather than rolling your own. Safe has the longest unbroken security track record in the space — securing over $100B without a contract-level compromise.
  • EIP-7702 sweeper attacks. An attacker tricks a user into signing an EIP-7702 authorization pointing to a malicious implementation contract. Once signed, the malicious contract has full control of the EOA for that transaction — executing hidden transfers and token approvals in a single atomic batch. On August 24, 2025, a victim lost $1.54M this way after visiting a phishing site mimicking Uniswap. The defense: always check the delegatee contract address in your wallet's signing prompt, and refuse any EIP-7702 delegation to unverified contracts.
  • Module risk in ERC-7579/ERC-6900 accounts. Modular accounts let you install plug-in modules (recovery, session keys, spending limits). Each module is a contract; a malicious or buggy module can drain the account. Only install modules from known-good registries.
  • Bundler censorship. A bundler can refuse to include your UserOperation. In practice the bundler market is competitive; in theory, a single dominant bundler could censor. Use multiple bundler endpoints if censorship-resistance matters.
  • EntryPoint upgrade coordination. The EntryPoint is a singleton; new versions (v0.7, v0.8) require account migrations. Migrations have gone smoothly historically, but they are coordination events requiring wallet and app updates.
  • Phishing surface for session keys. A user tricked into authorizing a malicious session key can be drained within the session's scope. Always read the scope and expiry in the prompt.

Looking ahead

A few specific signals worth tracking through 2027:

  • Fusaka (live December 3, 2025) and Glamsterdam (targeted H1 2026) — Fusaka delivered PeerDAS (8x blob capacity, 48-blob target), reducing L2 costs further and making AA-at-L2-scale even cheaper. Glamsterdam is next, headlined by enshrined proposer-builder separation (ePBS) and block-level access lists rather than native AA. The native-AA work — EIP-7701 and EIP-8141 (Frame Transactions), which aim to embed smart account logic directly into the protocol and eventually eliminate bundler overhead — was deferred to the following upgrade (Hegota) after EIP-8141 was moved to Considered-for-Inclusion status.
  • ERC-7579 modular accounts going mainstream — ERC-7579 (minimal modular smart account standard) has become the de facto standard for new projects: ZeroDev Kernel v3, Biconomy Nexus, Safe (via Rhinestone adapter), Trust Wallet Smart Accounts, and OpenZeppelin's AccountERC7579 preset all implement it. Watch for a standard "module audit" badge. ERC-6900 remains Alchemy-specific.
  • Passkey adoption beyond Coinbase — passkeys (WebAuthn) are now native to iOS, Android, and every major browser. Wallets are racing to ditch seed phrases entirely; MetaMask has shipped EIP-7702-based smart accounts. Expect passkey-first flows to become the default across all major wallets by end-2026.
  • Cross-chain smart-account portability — same address, same signing rules, deployed counterfactually across every EVM chain. ZeroDev and Safe have shipped versions of this; standardization through ERC-7579 is the next step.
  • Regulator framing of smart accounts — the open question is whether a smart account with programmable compliance modules counts as a "wallet" or a "service" under FATF travel rule. The answer will shape how custodians integrate AA.

Verdict

Smart accounts are the right starting point for most new crypto users in 2026 — Coinbase Smart Wallet on Base for individuals, Safe for treasuries, Biconomy/Sequence/Alchemy for app developers. EIP-7702 gives 100M+ existing EOA holders smart-account features without migrating; the key risk is a new class of delegation-phishing attacks documented since Pectra. Last verified: 2026-05-27.

For most new crypto users in 2026, the smart account is the right starting point. Coinbase Smart Wallet on Base eliminates the seed-phrase UX cliff while preserving self-custody — it crossed 1 million accounts in August 2025. For institutional treasury, Safe is the default — securing over $100B including the Ethereum Foundation's own holdings. For app developers, Biconomy, Sequence, and Alchemy let you embed smart accounts behind email signup so users never see the word "wallet."

The one new discipline that comes with EIP-7702: treat delegation authorizations with the same caution as token approvals. A maliciously signed EIP-7702 delegation is a wallet drain waiting to happen — as the $1.54M August 2025 attack proved.


Related: Best Crypto Wallets 2026 · Best Ethereum L2s 2026 · What Is DeFi

Frequently asked questions

What is account abstraction?

Account abstraction (AA) is a model where wallets are smart contracts instead of externally owned accounts (EOAs). Smart accounts can have custom signing logic — multisig, social recovery, biometrics, session keys — and can pay gas in any token (or have gas sponsored by a third party). ERC-4337 is the dominant Ethereum standard, live since March 2023.

What is ERC-4337?

ERC-4337 is the EVM standard for account abstraction without consensus-layer changes. Users send UserOperations to a Bundler (off-chain alt-mempool relayer); a Paymaster sponsors gas (or receives gas in a token); the EntryPoint singleton contract validates and executes. Live on Ethereum mainnet since March 1, 2023. EntryPoint v0.8 (2025) adds native EIP-7702 support.

What's the difference between an EOA and a smart account?

EOA (Externally Owned Account): standard Ethereum account, controlled by a single private key, no programmable logic. MetaMask + a seed phrase = EOA. Smart account: a contract that owns assets and executes transactions per its programmable logic. Coinbase Smart Wallet, Safe, Argent — all smart accounts.

Which wallets use account abstraction in 2026?

Native ERC-4337: Coinbase Smart Wallet (surpassed 1M users August 2025), Safe (secures $100B+ in assets), Argent (Starknet + EVM), Sequence, Biconomy, Alchemy Smart Wallets, ZeroDev. Hybrid EOA+7702 delegation: MetaMask, Ledger (Flex/Stax/Nano X/S Plus), Trust Wallet support EIP-7702. Hardware wallet 7702 signing is now live on Ledger but limited to whitelisted contracts for now.

Can I pay gas in USDC instead of ETH?

Yes — that is one of the main AA use cases. Via a Paymaster, a smart account user can pay gas in USDC, USDT, or any whitelisted token. The Paymaster pays the actual ETH gas; the user pays the Paymaster the equivalent in USDC plus a small fee (typically 0.5–2%). Pimlico is the leading paymaster provider (200M+ transactions relayed across 100+ chains); Biconomy and Alchemy also offer paymaster APIs.

What is a session key?

A temporary, scoped key authorised by a smart account. Example: an in-game wallet might have a session key authorised to move under 0.01 ETH for 24 hours, automatically signing micro-transactions without prompting the user. Once the session expires or the limits are exceeded, the user must re-authorise. Massive UX improvement for games, bots, and recurring DeFi strategies.

What's EIP-7702 and how does it relate to ERC-4337?

EIP-7702 (activated on Ethereum mainnet May 7, 2025 via the Pectra upgrade) lets a regular EOA temporarily delegate to a smart contract for a single transaction — getting smart-account features (batching, sponsored gas, session keys) without migrating to a new address. Within the first week, 11,000+ EIP-7702 authorizations were recorded on-chain. ERC-4337 is the off-chain alt-mempool approach: separate UserOperation flow, bundlers, paymasters, persistent account state. EIP-7702 is the path-of-least- resistance for existing EOA holders; ERC-4337 is the full smart-account architecture. EntryPoint v0.8 supports both natively. They coexist.

Which wallets actually support account abstraction in 2026?

Native AA: Coinbase Smart Wallet (ERC-4337), Argent (ERC-4337), Safe (ERC-4337-compatible), Particle Network, Biconomy, ZeroDev. Hybrid EOA+7702 delegation: MetaMask, Ledger (Flex/Stax/Nano X/S Plus — limited to whitelisted contracts), Trust Wallet support EIP-7702 signing. Ledger now has native EIP-7702 signing on most current devices; full 4337-native signing flows remain limited on hardware wallets.

Can I pay gas in USDC instead of ETH on every chain?

On chains with ERC-4337 paymasters yes — Base (87% of weekly UserOps as of April 2025), Polygon, Arbitrum, Optimism, zkSync all have major paymasters. On Ethereum mainnet, paymaster usage is more expensive due to gas-cost overhead. Pimlico is the leading paymaster (200M+ txs relayed). For most app developers, dropping in a Pimlico or Alchemy paymaster is the easiest route.

What's a session key and what attacks does it prevent?

A session key is a limited-permission key that can sign specific transactions for a limited time without re-approving each one. Use case: a game grants your session key permission to spend up to 10 USDC per hour for in-game items without prompting your main wallet. Attacks prevented: blind-signing exhaustion, repeated phishing approvals. The main wallet's seed never touches the dApp directly.

Sources & further reading

About this guide: written by Web3Wagmi Team · reviewed by Web3Wagmi Research DeskMore guides