Account abstraction can greatly reduce user barriers and improve user experience and security.
Application Directions:
- Multiple invocations
Users only need to click once to invoke multiple functions.
- Session keys
It allows pre-approval of rules for interacting with Dapps, so that they can be used as much as possible within these rules without signing each transaction. In other words, you can enjoy using Dapps while knowing that your assets are protected because you have limited what Dapps can and cannot do with them. For example, you can set parameters such as "given duration, maximum gas limit, maximum transaction amount of a certain token, or specific functions on a specific contract."
- Social recovery - the end of security and mnemonic phrases
The goal of social recovery is to protect people if they lose their accounts or if they are somehow compromised. Social recovery achieves this while avoiding mnemonic phrases, which need to be eliminated because they are difficult to use, insecure, and a major barrier to widespread adoption. Through social recovery, if you lose your private key, you only need to authorize a new key as the legitimate wallet owner. The mechanism may vary. You can choose to rely on trusted contacts, hardware wallets, or even third-party services for recovery methods. Or a combination of them. The important thing is that social recovery does not sacrifice self-regulation. You still have control over your assets.
- Multi-factor authentication - enhanced security
Multi-factor authentication is becoming the standard for modern banks when transferring large amounts to new addresses. What if you want similar or even smarter encryption protection? Account abstraction allows you to have accounts that require signatures from multiple keys, and transactions only occur when certain conditions are met, allowing for customized security levels for accounts to meet your needs and using various devices to approve transactions.
Imagine,
One of the account's keys is managed by a service that only co-signs when you confirm the second factor, such as using email or SMS. If you confirm the second factor, the transaction is successful.
Maintain a list of fraudulent addresses and automatically block transactions with them. You can also block transactions with incorrect contracts.
Set daily transfer limits and automatically block anything that exceeds the limit (unless explicitly approved by you).
Integrate off-chain services to provide additional protection. For example, before approving a transaction, use a security service to check if an NFT collection on OpenSea has been verified and require two-factor authentication if it hasn't.
It is crucial that the checks for each transaction are automated. This is a fundamental change from the current state of traditional wallet EOA, where a small mistake means you lose everything.
- Plugins - greater flexibility
Plugins make accounts more flexible and modular. Third-party developers can build plugins with new features they want to enable when creating accounts. You can also make accounts extensible by allowing users to add or remove features after creating the account. You can think of it as an app store for accounts - choose plugins for games, social recovery, session keys, etc. Plugins will help you use the latest emerging features, such as privacy.
- Paying fees with any token
The current state of Ethereum is that you need to have a certain token to pay for gas fees. This can be burdensome for users as you need to make transfers or trades to acquire the right tokens for transactions. However, with account abstraction, you can pay gas fees with any token.