While developing Sentinelle, a service enabling NFT owners to designate beneficiaries for inheritance based on Proof of Life (PoL) using ERC-7656, we recognized a broader application: recovering ERC-4337 wallets. The key advantage of ERC-6551 and ERC-7656 is their ability to extend functionality for existing NFTs without requiring changes to the NFT itself. Inspired by this, we propose a new standard to deploy wallet-linked services for ERC-4337 wallets, inspired by ERC6551/7656 to enable modular extensibility for recovery mechanisms and other services.
We propose the introduction of a registry for wallet-linked services, allowing ERC-4337 wallets to attach external services (e.g., recovery, automation, compliance) in a permissionless and non-invasive manner. By leveraging ERC-1167 minimal proxies and CREATE2, it ensures deterministic deployments and backward compatibility with existing ERC-4337 wallets.
Motivation
ERC-4337 (Account Abstraction) revolutionized smart accounts, but existing proposals like ERC-6900 focus on internal modules. This proposal generalizes service binding, enabling wallets to attach external services dynamically. Key benefits include:
- Modular Extensibility: Wallets can attach services without upgrades.
- Permissionless Innovation: Developers can create services for any ERC-4337 wallet.
- Backward Compatibility: Works with existing wallets like Safe, Argent, and Biconomy.
Specification Overview
The proposal introduces a Registry interface for deploying and managing wallet-linked services. Key features include:
- Deterministic Deployment: Services are deployed using CREATE2, ensuring predictable addresses.
- Minimal Proxies: ERC-1167 proxies minimize deployment costs.
- Immutable Wallet Linkage: Each service is permanently tied to a specific wallet.
Registry Interface
interface IERC7897Registry {
event ServiceDeployed(
address deployedService,
address indexed serviceImplementation,
bytes32 salt,
uint256 chainId,
address indexed wallet
);
error DeployFailed();
function deployService(
address serviceImplementation,
bytes32 salt,
address wallet
) external returns (address service);
function serviceAddress(
address serviceImplementation,
bytes32 salt,
uint256 chainId,
address wallet
) external view returns (address service);
}
Bytecode Structure
Each wallet-linked service is deployed as an ERC-1167 minimal proxy with the following bytecode structure:
ERC-1167 Header (10 bytes)
<serviceImplementation (address)> (20 bytes)
ERC-1167 Footer (15 bytes)
<salt (bytes32)> (32 bytes)
<chainId (uint256)> (32 bytes)
<wallet (address)> (20 bytes)
Service Interface
Services SHOULD implement the IERC7897Service
interface to expose the linked wallet’s details:
interface IERC7897Service {
function wallet() external view returns (uint256 chainId, address wallet);
}
Access Control
Services MAY implement access control to restrict critical operations to the wallet owner. For example:
function owner() public view returns (address) {
(, address wallet) = IERC7897Service(address(this)).wallet();
return wallet;
}
modifier onlyOwner() {
require(msg.sender == owner(), "Unauthorized");
_;
}
Use Cases
- Account Recovery: Attach recovery mechanisms to wallets, enabling beneficiary nomination or multi-sig fallbacks.
- Transaction Automation: Enable recurring payments, automated approvals, or scheduled transactions.
- Regulatory Compliance: Integrate KYT (Know Your Transaction) or compliance monitoring services.
Security Considerations
- Access Control: Services MUST implement robust access control to prevent unauthorized interactions.
- Upgradeability Risks: Use secure upgrade mechanisms (e.g., timelocks) to mitigate risks.
- Reentrancy: Follow best practices to prevent reentrancy attacks.
Conclusion
This proposal extends the modularity of ERC-4337 wallets, enabling permissionless innovation and robust recovery mechanisms. By leveraging ERC-1167 and CREATE2, it ensures gas efficiency, backward compatibility, and deterministic deployments.
References
- ERC-4337: Account Abstraction
- ERC-1167: Minimal Proxy Standard
- ERC-6900: Modular Smart Contract Accounts
- ERC-7656: Generalized Token-Linked Services
I am working on an official ERC proposal, while testing a reference implementation. Both will come soon.
Any suggestion, critic, opinion is very welcomed.
What do you think?