The more I dig into EIP-7702, the more issues I find ๐
As usual, too much hype. I highly doubt 7702 will bring the UX improvements we all hope for.
Here's my 7702 review:
1. In terms of signer abstraction, we regressed
@4337 smart contract wallets (SWC) have a really nice property: they are signer agnostic. This property is what allows most of the interesting innovation - wallets with only passkeys as signer (like @CoinbaseWallet), or with gov ID cards as signer (like @MynaWallet) or a zk proof (like @zkemail ) - ANYTHING that has a private/public key pair can be used as a signer, we don't need an EOA at all!
But with 7702, EOAs are back in full force, they're not abstracted away anymore. You NEED an EOA to begin with, no way around it. You can't have a pure a smart contract wallet, the EOA is always there, lurking. This brings me to the 2nd point.
2. EOAs are un-removable root users
SCW are great because you can program its rules: multisig, resource locking, asset access control, etc. But with a 7702 smart wallet (effectively an 'upgraded' EOA), you can't guarantee ANY of these rules anymore.
Take a multisig that requires min 2 signers to execute something. Whoever has the private key of the EOA can bypass that rule at any time, it has god mode access. Makes multisigs not suitable at all for 7702 accounts.
You could argue that the EOA private key could be thrown away, but how can you guarantee that?
"trust me bro, i didn't save the private key that gives me god mode into our multisig" - not good enough.
3. No predictable addresses
One of my favorites features of SCW is that you can predict its address before its deployed based on arbitrary 'salt' (create2 is a beautiful thing). You can reserve an address for user before they even sign up and safely send them assets that ONLY THEY can claim. You can also always 'compute' a user's SCW address based on this salt, elegant solution and super convenient.
This is btw how @erc6551 SCW work. You can 'compute' the smart wallet address of any NFT with this technique, even if they haven't been deployed.
With 7702 since you need to generate an EOA (with god mode acces) to do anything, so you can't do any of that. Makes me sad.
4. You better trust the app/wallet that makes you sign that 7702 authorization
The idea of converting your EOA to a SCW is attractive, but in reality its pretty fucking scary. After playing around with it, if you want something useful, like a smart wallet with gas sponsorship, session keys etc (what you would expect from a standard 4337 smart wallet), its way too easy to blindly give others access to your funds, feels like an explosion of attack vectors that now opens up on your EOA. If that's your main account with valuable assets, you better TRIPLE, QUADRUPLE check the contract that's being authorized to be added to your account, and the initialize transaction that goes with it.
I personally would not 'upgrade' my main EOA and take that risk. Definitely not from an app. MAYBE from a very trusted wallet, but even then i would create a fresh one and fund it, rather than upgrade the one with all my funds.
Be careful out there, especially when 7702 goes live, I guarantee there's gonna be a bunch of scams in the wild.
4. So what is 7702 good for?
To me the best thing about 7702 is that its good for DX. At @thirdweb we already offer in-app smart wallets today, but in most EVM chains that means under the hood you have to deal with 2 addresses per user (one for the EOA, one for the SCW). Most of the time the admin EOA is hidden away from the end user, but for devs and us platform builders, its a source of confusion and a pain to maintain. Looking forward to change our in-app wallets to get auto 'upgraded' to smart wallets with 7702 when they get generated, so we only deal with 1 address, and simplify the DX quite a bit.
I could see some wallets adopt it for the same reason, simpler to maintain internally. But in terms of end user experience, we can already do everything today with SCW.
Because of this I'm much less excited about the Pectra upgrade as I was initially. Always good to look beyond the hype, I know now exactly how we'll leverage this upgrade, and what I will avoid as a end user.
As usual, too much hype. I highly doubt 7702 will bring the UX improvements we all hope for.
Here's my 7702 review:
1. In terms of signer abstraction, we regressed
@4337 smart contract wallets (SWC) have a really nice property: they are signer agnostic. This property is what allows most of the interesting innovation - wallets with only passkeys as signer (like @CoinbaseWallet), or with gov ID cards as signer (like @MynaWallet) or a zk proof (like @zkemail ) - ANYTHING that has a private/public key pair can be used as a signer, we don't need an EOA at all!
But with 7702, EOAs are back in full force, they're not abstracted away anymore. You NEED an EOA to begin with, no way around it. You can't have a pure a smart contract wallet, the EOA is always there, lurking. This brings me to the 2nd point.
2. EOAs are un-removable root users
SCW are great because you can program its rules: multisig, resource locking, asset access control, etc. But with a 7702 smart wallet (effectively an 'upgraded' EOA), you can't guarantee ANY of these rules anymore.
Take a multisig that requires min 2 signers to execute something. Whoever has the private key of the EOA can bypass that rule at any time, it has god mode access. Makes multisigs not suitable at all for 7702 accounts.
You could argue that the EOA private key could be thrown away, but how can you guarantee that?
"trust me bro, i didn't save the private key that gives me god mode into our multisig" - not good enough.
3. No predictable addresses
One of my favorites features of SCW is that you can predict its address before its deployed based on arbitrary 'salt' (create2 is a beautiful thing). You can reserve an address for user before they even sign up and safely send them assets that ONLY THEY can claim. You can also always 'compute' a user's SCW address based on this salt, elegant solution and super convenient.
This is btw how @erc6551 SCW work. You can 'compute' the smart wallet address of any NFT with this technique, even if they haven't been deployed.
With 7702 since you need to generate an EOA (with god mode acces) to do anything, so you can't do any of that. Makes me sad.
4. You better trust the app/wallet that makes you sign that 7702 authorization
The idea of converting your EOA to a SCW is attractive, but in reality its pretty fucking scary. After playing around with it, if you want something useful, like a smart wallet with gas sponsorship, session keys etc (what you would expect from a standard 4337 smart wallet), its way too easy to blindly give others access to your funds, feels like an explosion of attack vectors that now opens up on your EOA. If that's your main account with valuable assets, you better TRIPLE, QUADRUPLE check the contract that's being authorized to be added to your account, and the initialize transaction that goes with it.
I personally would not 'upgrade' my main EOA and take that risk. Definitely not from an app. MAYBE from a very trusted wallet, but even then i would create a fresh one and fund it, rather than upgrade the one with all my funds.
Be careful out there, especially when 7702 goes live, I guarantee there's gonna be a bunch of scams in the wild.
4. So what is 7702 good for?
To me the best thing about 7702 is that its good for DX. At @thirdweb we already offer in-app smart wallets today, but in most EVM chains that means under the hood you have to deal with 2 addresses per user (one for the EOA, one for the SCW). Most of the time the admin EOA is hidden away from the end user, but for devs and us platform builders, its a source of confusion and a pain to maintain. Looking forward to change our in-app wallets to get auto 'upgraded' to smart wallets with 7702 when they get generated, so we only deal with 1 address, and simplify the DX quite a bit.
I could see some wallets adopt it for the same reason, simpler to maintain internally. But in terms of end user experience, we can already do everything today with SCW.
Because of this I'm much less excited about the Pectra upgrade as I was initially. Always good to look beyond the hype, I know now exactly how we'll leverage this upgrade, and what I will avoid as a end user.
โข โข โข
Missing some Tweet in this thread? You can try to
force a refresh
ใ
