EIP-7702: A Win for Smart Accounts in Ethereum’s Pectra Upgrade?

avatar-safe
Valentin Seehausen

Valentin Seehausen & Safe

InsightsOct 22, 202414 min read
EIP-7702 Explained: Everything you need to know
EIP-7702 is an important Ethereum upgrade scheduled for 2025, enabling Externally Owned Accounts (EOAs) to execute smart contract code directly. This change allows EOAs to gain smart account functionalities, enhancing Ethereum’s move toward full account abstraction. Discover how EIP-7702 impacts Ethereum’s future, its benefits, limitations, and the path forward for broader account abstraction.

tl;dr

  • The next Ethereum hard fork, Pectra, is expected in 2025, introducing a significant upgrade for account abstraction.

  • EIP-7702 will allow Externally Owned Accounts (EOAs) to execute smart contract code directly from their addresses.

  • This means EOAs can now gain smart account functionalities.

  • However, the private key remains critical, as it still holds full authority to sign transactions.

  • A full transition of EOAs to smart accounts will require further changes to Ethereum, such as disabling the private key and introducing a new transaction type.

  • Safe has already developed a proof of concept for developers to experiment with EIP-7702.

How the Pectra Update with EIP-7702 Will Impact the Account Abstraction Roadmap

Ethereum's long-term goal is to transform every Externally Owned Account (EOA) into a smart account. While full account abstraction is still a future vision, the upcoming Pectra hard fork in 2025 will mark a key step forward by introducing EIP-7702. This upgrade will allow any EOA to run smart contract code directly on its address, effectively extending its functionality with features traditionally only available to smart contracts. In this article, we’ll explore how EIP-7702 unlocks this important capability for EOAs.

EIP-7702: Extending an EOA with Smart Account Features

EOAs and smart contracts have historically been distinct: EOAs can initiate transactions but cannot execute code, while smart contracts can execute code when triggered but cannot start transactions. EIP-7702 bridges this gap by allowing EOAs to execute code, blurring the lines between them and smart contracts. This extension opens up new possibilities for users to benefit from smart contract-like functionality without the need to migrate to full smart contracts.

With EIP-7702, EOAs can now store an address called a "delegation designator," which points to a smart contract. When a transaction is sent to the EOA, it can execute the code at this designated address as if it were its own, similar to how a "delegate call" works in smart contracts.

If the delegated address includes smart account features, the EOA can function like a smart account. This means it could support multiple owners signing transactions, setting thresholds, using passkeys as signers, and adding various modules to extend its capabilities.

The key distinction from a regular smart account is that the EOA’s private key still retains full control. It can sign both on-chain transactions and off-chain messages, meaning the security of this private key remains crucial. Even with smart account functionalities, safeguarding the private key is essential to prevent unauthorized access.

This will ultimately allow users to integrate their EOAs into Smart Account wallets like Safe Wallet, granting them access to the full suite of Smart Account features they're already familiar with. This means EOAs can now benefit from enhanced security, usability, and flexibility without needing to switch to a new wallet entirely.

Adding a Delegation Designator

The transaction to add a "delegation designator" introduces a new transaction type, not automatically supported by wallets. This new type is necessary to prevent users from unintentionally signing it and delegating control of their EOA. Wallets will need to implement support for this transaction, displaying a dedicated interface that clearly explains the implications—similar to the interface used when exporting a private key. Due to its significant security risks, this transaction will likely be handled by trusted wallets, rather than through any decentralized app (dapp).

The transaction includes data such as the EOA’s nonce, the address of the delegation designator, and the chain ID. This impacts its cross-chain functionality. Users can choose to include a specific chain ID, restricting the transaction's validity to a single chain. Alternatively, they can set the chain ID to zero, making the transaction valid across multiple chains. However, the EOA's nonce must align across chains for this to work. If the nonce differs—due to the EOA conducting varying numbers of transactions on different chains—the transaction will only succeed on one chain. This means that an EOA with a zero nonce on all chains can create a transaction valid across every chain. Conversely, EOAs with transaction histories across multiple chains will need to generate separate transactions, each with the appropriate nonce for its respective chain.

Benefits of EIP-7702

EIP-7702 brings Smart Account features to EOAs, primarily allowing them to access the benefits of Account Abstraction (ERC-4337), which were previously limited to Smart Accounts. Key advantages include:

  • Sponsored Transactions: EOAs can now take advantage of sponsored transactions, where a paymaster covers the gas fees. This allows EOAs to execute transactions on chains where they don’t hold funds for gas, simplifying onboarding to new chains. Protocols can also cover gas fees for their users (they can apply at the Safe Gas Station, enabling Safe to pay the gas).

  • Batched Transactions: EOAs can send multiple transactions with a single signature, which is particularly useful for cross-chain operations or transactions that require bundling, such as deposits.

  • Passkeys: Users can easily sign transactions with passkeys, providing faster and more secure authentication, improving both convenience and security.

  • Session Keys: EOAs can "log in" to a dapp and authorize transactions for a specific time frame (e.g., 24 hours), reducing the need for users to manually sign every transaction. This feature is ideal for scenarios like dollar-cost averaging or limiting permissions to specific assets or functions, enhancing both usability and security.

  • Revocability: Users maintain full control of their EOAs, with the ability to revoke or modify the delegation designator at any time.

  • Asset Recovery: If the private key is lost but recovery features have been set up using EIP-7702, users can recover assets stored in the account, adding a crucial layer of security.

  • Enhanced Cross-Chain UX: EOAs, now equipped with Smart Account functionalities, can leverage chain abstraction. This allows for seamless transactions across multiple chains without having to manually switch chains in the wallet or worry about where the protocol is deployed.

  • Seamless Integration with Smart Wallets: Users will be able to incorporate their EOAs into Smart Account wallets like Safe Wallet, allowing them to enjoy the full range of Smart Account features they are already accustomed to. This integration enhances usability and security while maintaining access to existing assets without the need for migration to a completely new wallet.

EIP-7702 delivers significant enhancements to EOAs, making them more versatile and user-friendly with features traditionally reserved for Smart Accounts.

Drawbacks

While EIP-7702 is a significant step towards migrating EOAs to Smart Accounts, it is not a complete implementation of full account abstraction, nor does it fully convert EOAs into Smart Accounts. From an account abstraction perspective, it has several limitations:

  • Private Key Remains a Security Risk: The EOA's private key retains full control over the account, acting as a backdoor that can override Smart Account functionalities. This makes it critical to safeguard the private key, as any malicious actor gaining access could take full control and steal all funds.

  • Multisig Trust Issues: In cases where a multi-signature Smart Account is created from an EOA, the other owners must fully trust the original EOA owner. Since the EOA's private key can still wipe out the Smart Account in a single transaction, this undermines the security and trust required for multisig setups, making it less practical for multiple owners to rely on a migrated EOA.

  • Limited Account Recovery: If the private key is lost or compromised, recovering full control of the EOA is not entirely possible. The only solution would be to replace the private key, which can be challenging and does not offer a straightforward recovery mechanism.

  • Lack of Quantum Resistance: For future protection against quantum computing threats, users will eventually need to transition to fully quantum-resistant Smart Accounts. EOAs with extended functionalities are still vulnerable to potential quantum-powered algorithms that could compromise their private keys. This highlights the need for a gradual migration or emergency updates to secure accounts in a post-quantum world.

  • Inability to Lock Resources or Act as Escrow: Because the private key always has the authority to transfer funds, Smart Contracts built on EOAs cannot effectively serve as escrows or lock funds securely. This limitation restricts the use of Smart Account features where resource locking is required.

These drawbacks highlight the transitional nature of EIP-7702, offering incremental benefits but falling short of delivering full account abstraction.

The Long-Term Goal: Full Account Abstraction

Full account abstraction envisions that every Ethereum account will be a Smart Account, bringing substantial improvements in both security and usability:

  • More Signature Schemes: Currently, EOAs only support a single type of signature. With full account abstraction, multiple signature schemes will be possible, including options that work with smartphones and other devices (e.g., passkeys). This will greatly enhance both security and user experience.

  • Default Recovery Options: Smart Accounts could offer built-in recovery features by default, or users could easily opt into them. This would significantly reduce the risk of losing funds due to errors or lost private keys.

  • Sponsored Transactions: Every Smart Account will have the ability to sign sponsored transactions. This would eliminate the need for users to worry about gas fees and chain management, allowing them to focus purely on the usability and profitability of the dapp they’re interacting with.

  • Batched Transactions and Session Keys: Smart Accounts could “log in” to dapps, enabling user experiences similar to centralized apps. This would allow for fast, seamless activities like trading and gaming without the need for constant transaction approvals.

Steps to Achieve Full Account Abstraction

To fully implement account abstraction, several key developments must occur:

  1. Core Integration: Account abstraction must be fully embedded into Ethereum’s core protocol. While ERC-4337 currently operates on the application layer, protocol-level improvements like RIP-7560 will make transactions more gas-efficient and unify all transactions under one mempool, removing the need for a separate mempool for ERC-4337 operations.

  2. Smart Accounts as Default: All new Ethereum accounts must be Smart Accounts by default, with no new EOAs being created. New users will benefit from the advanced features of Smart Accounts from the start.

  3. Migrating EOAs to Smart Accounts: Existing EOAs will need to be converted to Smart Accounts. This is especially important for users who want to retain their original addresses due to valuable non-transferable assets, like soul-bound tokens. EIP-7702 plays a crucial role in this transition, but additional measures are needed to remove the EOA’s private key access. EIP-3607 is key here, as it revokes private key access once an account contains code.

Multichain Considerations

The migration of EOAs to Smart Accounts must be easily replicable across multiple chains. To achieve this, the transaction that converts an EOA to a Smart Account must be replayable on other chains, ensuring that the account operates as a Smart Account on every chain it interacts with.

Signature Verification

Smart Accounts can already validate signatures via EIP-1271. To complete the migration, signature verification processes must be updated to check whether the signer is an EOA or a Smart Account. If it’s a Smart Account, private key-based signatures should no longer be validated.

Off-Chain Considerations

Off-chain signature verification also needs to account for the possibility that an account might be an EOA on one chain but a Smart Account on another. Signature verifiers should be chain-specific, ensuring that they correctly validate signatures based on the chain from which they originated.

This streamlined path to full account abstraction will ultimately enable a seamless, secure, and highly scalable Ethereum ecosystem where every account benefits from the advanced features of Smart Accounts.

EIP-7702: Evolution and Refinements

EIP-7702 has undergone significant changes since its inception, incorporating two key adjustments over time.

2021: EIP-4337 — Sponsored and Batched Transactions for Smart Accounts

EIP-4337 introduced the first major enhancements for Smart Accounts in 2021, allowing them to execute batched and sponsored transactions. These features, unavailable to EOAs, further distinguished Smart Accounts as superior, providing not only enhanced security through multisignature wallets, modules, and guards, but also operational advantages. This gave Smart Accounts distinct benefits over EOAs in terms of both functionality and user experience.

2022–2024: EIP-3074 — AUTHCALL

Following the momentum of EIP-4337, the community began exploring ways to extend Smart Account features to EOAs. The first attempt was EIP-3074, which proposed giving EOAs the ability to delegate authorization to a smart contract (an "invoker") for a single transaction. This invoker would execute code on behalf of the EOA, unlocking similar capabilities as Smart Accounts.

However, EIP-3074 raised concerns about user experience and security. Each transaction would require re-authorization to prevent malicious invokers from abusing the EOA, and wallet providers would need to maintain whitelists of trusted invokers. Additionally, developers worried about forward compatibility, as EIP-3074 might entrench EOAs and hinder the transition to full Account Abstraction. The inclusion of two new opcodes (AUTH and AUTHCALL) was also seen as potentially problematic, as they could introduce technical debt if later deprecated.

Despite being a step towards extending EOAs with Smart Account features, EIP-3074 faced enough opposition to stall its implementation.

Q2 2024: Proposal of EIP-7702

In May 2024, Vitalik Buterin introduced EIP-7702, drafted in just 22 minutes, before a meeting with Ethereum stakeholders. The proposal garnered immediate positive feedback. EIP-7702 addressed many of the concerns raised with EIP-3074 while preserving its core intent: to bring Smart Account functionality to EOAs. Most importantly, it offered full compatibility with ERC-4337 and a clear upgrade path, which resonated well with the developer community.

Q3 2024: Refinement Phase

In the months following its proposal, EIP-7702 underwent several important refinements:

  • Store an Address, Not Contract Code: Originally, Buterin suggested storing the entire smart contract code within the EOA. This approach was later refined to only store a short address pointing to the smart contract, simplifying the EOA and offering more flexibility.

  • Permanent Storage of Delegation Designator: The initial idea was for the designated address to be temporary, removed after each transaction. However, the design was updated to allow the delegation designator to persist until explicitly replaced or deleted, ensuring lasting functionality without constant reconfiguration.

Future Outlook

Q1 2025: Pectra Update Featuring EIP-7702

EIP-7702 is planned for inclusion in Ethereum’s Pectra update, which is slated for release in February 2025.

Adoption by Users, Wallets, and Dapps

While the integration of EIP-7702 into the Ethereum protocol is a milestone, it won’t guarantee widespread adoption. Wallets, dapps, and users must embrace this new feature. Adoption is expected to take several years, as the ecosystem grapples with a "chicken-and-egg" problem: wallet providers and dapps will only integrate EIP-7702 if there is user demand, but users will only demand the feature once they see it in action in dapps.

It’s likely that major wallet providers will introduce EIP-7702 as an optional feature, allowing tech-savvy users to opt in with a clear understanding of its benefits.

EIP-7702's Role in the Account Abstraction Roadmap

EIP-7702 is a step forward in the broader journey toward full Account Abstraction, but how exactly does it contribute to this goal?

  • Raising Awareness About Smart Account UX Improvements: By enabling Smart Account-like features for EOAs, EIP-7702 helps raise awareness of the improved user experience Smart Accounts provide. This could increase interest in and support for full Account Abstraction, paving the way for wider adoption in the future.

  • Gathering Data on Smart Account Adoption: EIP-7702 provides valuable insight into how users might transition from EOAs to Smart Accounts. Data on adoption rates, usage patterns, blockers, and challenges will be essential in guiding future steps toward full Account Abstraction.

  • A Potential Path to Full Migration: While EIP-7702 does not offer a direct migration path to full Account Abstraction, it is forward-compatible and could serve as a foundation for future EIPs that enable complete migration to Smart Accounts or support cross-chain migration. In this sense, EIP-7702 is a critical building block in the roadmap to full Account Abstraction.

Conclusion

EIP-7702 represents a thoughtful and strategic step toward Account Abstraction, bridging the gap between traditional EOAs and Smart Accounts. By gradually introducing Smart Account features to EOAs, it paves the way for a future where all accounts are smarter, more secure, and user-friendly. As adoption grows and the ecosystem evolves, EIP-7702 will play a vital role in making Ethereum safer and more accessible to users, inching closer to the ultimate goal of full Account Abstraction.

Interested in building with EIP-7702? Reach out


Get the Alpha

Sign up to hear the latest from Safe in your inbox