yoav.eth
@yoav.eth
65 Following
25 Followers
Casts
Casts + replies
yoav.eth
@yoav.eth
A. We could but if ecrecover becomes stateful (checks for code in the recovered address) then we need to reprice it significantly. This might break existing contracts. B. It doesn't solve the problem of other chains: - Alice rotates key on chain A - Old key leaks - Bob claims Alice's acct on a chain B and rotates the key - Alice onboards to chain B and discovers the account is owned by Bob Bob could claim it despite stateful ecrecover because the account had no code on chain B.
0 reply
0 recast
2 reactions
yoav.eth
@yoav.eth
4337 only standardizes the separation of validation and execution, and sets some rules for validation to enable censorship resistance. It deliberately avoids standardizing execution. For that we need other standards on top of it. These standards should be set by wallet devs, dapps, interop protocols, etc. One criteria to consider for non-burner wallets that serve the user for years, is future quantum safety. EOA+7702 is inherently quantum-unsafe. Only native AA wallets can meet this criteria.
0 reply
0 recast
1 reaction
yoav.eth
@yoav.eth
1. 7702 and 4337 are not mutually exclusive. The best way to use 7702 is adding 4337 validation to the EOA. It gives you gas abstraction without extra code - just use existing paymasters. And censorship resistance is baked in. 2. EOA+7702 will remain less secure even if we add an opcode to revoke the ECDSA key. Any ERC20 that supports `permit` trusts the old key. The EOA also remains valid on other networks so the original key still has power. 3. Post-quantum we'll switch to quantum-safe validation such as Falcon, using AA. An EOA always has the additional ECDSA key and has already published one signature (the 7702 tuple), hence it'll be vulnerable to quantum attacks even if it upgrades its code to use a quantum-safe sig. If you care about quantum safety (which you should if your account is meant to be long-term), avoid EOA. 4. The one reason to use 7702 is when your EOA already has assets that are a hassle to transfer, or non-transferable such as reputation. For new accounts I'd consider an AA-only account.
1 reply
2 recasts
7 reactions
yoav.eth
@yoav.eth
Nothing in 4337 says this. What you can't do is access storage slots not associated with the sender during validation. An EOA that happens to have 7702 code is still an EOA and doesn't actually access storage slots within the EOA while signing.
0 reply
0 recast
0 reaction