Author: 0xNatalie Source: ChainFeeds
After more than 3 years of precipitation and improvement, at the 183rd ACDE meeting of Ethereum, EIP-3074 received widespread support from the Ethereum community and was officially included in the next Ethereum hard fork. EIP-3074 was proposed by Ethereum researcher Sam Wilson, Go Ethereum developer Matt Garnett and others. Its core is to allow any externally owned account (EOA) to operate like a smart contract wallet, without the need to deploy additional contracts or manual migration. As Paradigm CTO Georgios Konstantopoulos said, "The wallet user experience will be improved 10 times." So how does EIP-3074 do this? What is the difference with ERC-4337?
EIP-3074 is an upgrade to EVM
Externally owned accounts (EOA) are a type of account on Ethereum that is directly controlled and managed by users, such as accounts created by mnemonic wallets that we often use, such as MetaMask. EIP-3074 introduces two new Ethereum virtual machine instructions: AUTH and AUTHCALL, which enable EOA to connect to a smart contract and give control of the transaction to the smart contract.
AUTH instruction: used to verify an ECDSA signature and set a context variable "authorized" based on the signature result. If the signature is valid and the signer address matches the given authorized address, "authorized" is set to the authorized address. In this way, the AUTH instruction allows a smart contract to perform operations on behalf of an EOA, thereby implementing the delegation of authorization control.
AUTHCALL instruction: Similar to the existing CALL instruction, it is used to perform an external call. The difference is that AUTHCALL will use the authorized address previously set by the AUTH instruction as the caller address. This means that AUTHCALL will use the authorized EOA as the sender, rather than the contract itself.
The overall process is: the user signs the authorization message, the Invoker contract receives and verifies it, and the Invoker contract uses the AUTH and AUTHCALL instructions to send transactions as the EOA, execute transactions on behalf of the user without directly using the user's private key, and then return the result to the user.
Difference from ERC-4337
ERC-4337 is at the protocol level and does not require changes to the consensus layer. Its main goal is to achieve account abstraction, allowing smart contracts to directly own funds and have functions similar to Ethereum accounts. That is, to allow smart contract accounts to have the characteristics of EOA actively initiating transactions.
EIP-3074 needs to be implemented through an Ethereum hard fork. Its main goal is to give EOA functions similar to smart contracts, entrusting the control of EOA to smart contracts, so that smart contracts can trade on behalf of users, and support batch transactions, sponsored transactions (i.e., third parties pay gas fees to execute transactions) and other functions. Although it enables EOA to have the functions of a smart contract wallet, the account is still EOA. If the key is stolen, it means complete loss. (Unless a special contract is set up specifically for account recovery)
Why is it important?
In the era of multiple chains, supporting ERC-4337 for each chain requires a lot of development work. And the migration transaction proposed by EIP-7377, which allows EOA users to migrate their accounts to smart contracts, requires users to manually send a migration transaction. In contrast, EIP-3074 gives EOA the functionality of smart contracts, which can be used directly on all chains without the need for users to migrate manually.
Compared to other proposals, the advantage of EIP-3074 is that it is simple and efficient, and users can enjoy the functionality of smart contracts without the need for additional processes. Previously, the Ethereum community was concerned about the technical security issues of EIP-3074. After improvements and testing, the community widely supports the inclusion of EIP-3074 in the next Ethereum upgrade, which will have an impact on multiple areas in the Ethereum ecosystem.
For example, in the field of DeFi, the batch transaction function of EIP-3074 will greatly improve the efficiency of liquidity providers and traders and reduce the cost of participation. In addition, by authorizing user accounts to execute transactions, DeFi applications can act as sponsors and pay Gas fees for users, thereby lowering the threshold for users to use DeFi products and promoting the large-scale application of DeFi.
In the field of full-chain games, through EIP-3074, users can grant account operation permissions to third parties (Invoker) through authorization, thereby avoiding the problem that users need to confirm and pay Gas fees on the chain for each transaction. Game developers or other third parties can execute transactions on behalf of users, and users only need to authorize once, which simplifies the transaction process and improves the fluency of the game.
Potential risks
In Ethereum transactions, node validators need to know the details of the transaction exactly in order to handle them correctly. This is the only way to ensure the security and stability of the network. In EIP-3074, smart contracts are allowed to execute transactions on behalf of EOA. When it comes to sponsored transactions, interacting with other contracts or accounts may change the account status before and after the transaction is executed, making it difficult for node validators to accurately predict the impact of the transaction, thereby creating security risks of network inconsistency.
In addition, although users can authorize third parties to operate accounts by signing, this also means that third parties (Invoker) can operate users' accounts to a certain extent, which may lead to potential security issues. If the third party's authority is abused or hacked, users' funds and personal information may be threatened.
JinseFinance
Edmund