Account Abstraction (ERC-4337).

An Ethereum standard that replaces externally-owned accounts with smart-contract wallets able to express arbitrary signing logic — social recovery, session keys, sponsored gas, multi-factor approval — without Layer 1 protocol changes. 它属于网络安全的 Web3 与区块链 分类。

An Ethereum standard that replaces externally-owned accounts with smart-contract wallets able to express arbitrary signing logic — social recovery, session keys, sponsored gas, multi-factor approval — without Layer 1 protocol changes.

ERC-4337 (Account Abstraction Using Alt Mempool), authored by Vitalik Buterin and others and deployed to Ethereum mainnet in March 2023, lets users hold funds and submit transactions through smart-contract wallets rather than externally-owned accounts (EOAs) — without requiring any consensus-layer change. Instead of an EOA signing a transaction with a single private key, an ERC-4337 'UserOperation' is constructed by the user's smart-contract wallet, bundled by a 'bundler' off-chain, and submitted to a global EntryPoint contract that executes the wallet's `validateUserOp` and then the user's intent. Because validation is fully programmable, wallets can implement social recovery (M-of-N guardians), session keys (a time- and contract-scoped key for game sessions), passkey-backed signatures via WebAuthn, sponsored gas payments by paymasters, and intent-based DSLs. Major wallet vendors (Safe, Argent, Biconomy, ZeroDev, Coinbase Smart Wallet) ship 4337 stacks; ERC-7702 (2024) adds a complementary EOA→smart-contract delegation mechanism. From a security perspective, AA dramatically changes the threat model: phishing now also targets `executeBatch` calldata, session-key abuse, and paymaster-griefing rather than just `permit` signatures.

针对 Account Abstraction (ERC-4337) 的防御通常结合技术控制与运营实践,详见上方完整定义。

常见的别称包括: ERC-4337, Account abstraction, Smart-contract wallet。