Compromised private keys are one of the most common threats to on-chain security. Stolen private keys have led to massive hacks of cryptocurrency exchanges and significant personal losses due to phishing and similar attacks.
Private keys’ role as the foundation of on-chain account security makes them a difficult security risk to manage. However, Account Abstraction and the move from externally owned accounts (EOAs) to smart contract wallets on Ethereum offer the potential to fix this problem.
The Critical Role of Private Keys
One of the main benefits of blockchain technology is the potential for self-custody. Instead of entrusting control over assets to a bank, users can manage their own blockchain wallets, holding, staking, and investing crypto.
However, with this comes the responsibility for properly securing private keys. Blockchain uses digital signatures to validate transactions, and these signatures can only be created using the private key for a particular account. Since anyone with knowledge of the private key can generate a legitimate digital signature, on-chain account security largely boils down to the protection of the private key. Social engineering, malware, and other techniques are frequently used to gain unauthorized access to these private keys.
The foundational role that private keys play in the blockchain ecosystem makes it difficult to address this security risk. Since EOAs use digital signatures and digital signatures require private keys, there’s no easy way to eliminate them entirely to implement an alternative — and potentially more secure — method of authentication.
How Account Abstraction Works
Account Abstraction — introduced into Ethereum in ERC-4337 — creates the potential for users to transition away from EOAs to smart contract wallets. In the past, performing transactions on-chain required an EOA to digitally sign transactions, pay for gas, and have them eventually executed and recorded on-chain.
With Account Abstraction, user accounts can be managed via a smart contract wallet instead of a traditional EOA as the primary account interface. Instead of submitting traditional transactions, which need to be digitally signed, users can send a UserOperation to a specific mempool. This mempool bundles many UserOperations together and executes them via the shared EntryPoint smart contract.
While Account Abstraction has numerous potential applications and use cases, one of the most significant is the potential for replacing EOAs with smart contract wallets. These smart contract wallets have the ability to replace traditional digital signatures with customizable authentication protocols.
Some potential examples include:
Customizable Multi-Sig: Multi-signature wallets are a common method of managing the potential impacts of a compromised private key. Smart contract wallets can integrate additional logic into the multi-sig process to help reduce the potential for compromise, such as mandating stronger approvals for high-risk transactions.
Step-Up Authentication: In Web2, step-up authentication requires additional authentication to be performed for transactions that are deemed “risky” in some way. Account Abstraction allows this for Web3 as well, requiring stronger approvals for high-risk transactions, ones to unusual addresses, and similar “risky” transactions.
Multi-Factor Authentication: Multi-factor authentication (MFA) is a common security best practice in Web2. Requiring an attacker to have access to multiple forms of authentication media reduces the risk of a compromised account.
Passkeys and Biometrics: Phishing-resistant forms of authentication include biometrics and passkeys. Integrating these into smart contract wallets via Account Abstraction reduces friction in the user experience while enhancing security.
Social Logins: Many Web2 accounts permit social logins, such as Log in with Google. Account Abstraction can allow smart contract wallets to support this as well, making it easier for users to authenticate to their Web3 accounts and allowing more integration between Web2 and Web3.
Social Recovery: In Web3, a lost private key can mean that access to an account — which may hold significant value or privileged access to a smart contract — is lost forever. Account Abstraction creates the potential for social recovery, where a predefined set of “guardians” can sign transactions restoring a user’s access to their account, similar to password recovery in Web2.
Spending Controls: With EOAs, any valid and digitally signed transaction will be accepted and processed by the blockchain. With a smart contract wallet, it’s possible to define spending limits and other rules to limit transactions made by the account, which could help to limit the damage performed by a compromised system.
Enhancing On-Chain Account Security
The potential to switch away from EOAs to smart contract wallets has the potential to dramatically change the Web3 risk landscape. Traditionally, the need to properly protect private keys has limited Web3 adoption and led to many major hacks.
However, this doesn’t mean that risk is entirely eliminated. Some top security threats to consider include:
Smart Contract Vulnerabilities: Account Abstraction allows EOAs to be replaced by smart contract wallets. However, if these smart contracts contain vulnerabilities — whether coding or design errors — then they might be vulnerable to attack.
Compromised Authentication Media: The shift to smart contract wallets allows users to move away from private keys to other forms of authentication media. However, if an attacker is able to steal these, then they can still generate valid on-chain transactions.
Social Engineering: Many Web3 attacks involve tricking users into signing transactions that do something malicious, such as creating DeFi approvals or transferring tokens to the attacker. This is still a threat with smart contract wallets if the legitimate account owner signs the transaction.
While smart contract wallets will address many security challenges, they may not be a fit for all use cases. For example, EOAs remain cheaper to use, reducing costs for high volumes of transactions. In these cases, an EOA may be the right choice, which means that private key security is still important. To learn more about protecting your private keys against top security threats, check out these private key security best practices.
When implementing smart contract wallets and other infrastructure based on Account Abstraction, smart contract security audits are essential to ensure that smart contracts are free from vulnerabilities and match design intent. Halborn offers comprehensive smart contract auditing services, leveraging expertise in Web2 and Web3 to ensure the security of Web3 projects. Get in touch to find out more.