Ethereum Improvement Proposal (EIP) 3074 has been approved for inclusion in the upcoming Prague/Electra hard fork. This proposal introduces a mechanism to simplify transaction processes and reduce user costs by enabling third-party transaction sponsorship.
At its core, EIP-3074 allows externally owned accounts (EOAs) to delegate control to smart contracts for specific operations. This shift is poised to fundamentally change how users interact with Ethereum Virtual Machine (EVM) chains, enhance wallet usability, and make the Ethereum ecosystem more accessible to a broader audience.
Understanding the Need for EIP-3074
To fully appreciate EIP-3074, it’s essential to understand the user experience (UX) challenges it aims to resolve. Ethereum transactions have long been hampered by several friction points:
- The requirement for separate transactions to approve token spending.
- A lack of built-in mechanisms for key recovery if private keys are lost.
- The inability to perform any on-chain actions without holding Ether (ETH) for gas fees.
These issues stem from Ethereum’s foundational design, where most smart contracts use the message sender (the transaction initiator) as the primary authentication method. This creates complications when trying to bundle multiple actions into a single seamless experience, as the sender context changes with each transaction step.
EIP-3074 proposes a standardized way to overcome these limitations, paving the way for more advanced and user-friendly wallet operations.
How EIP-3074 Works
Formalized by developers including Sam Wilson and Matt Garnett, EIP-3074 is often seen as an evolution of earlier proposals like EIP-2938. While it is not account abstraction (AA) in the purest sense, it delivers many smart account features that users associate with AA, such as transaction batching and recovery options.
The proposal introduces two new opcodes to the EVM: AUTH and AUTHCALL. These enable a form of third-party transaction sponsorship through a smart contract, often referred to as an "invoker."
- The
AUTHoperation takes a user’s signed message, recovers their address from the signature, and stores it in an EVM context variable. This authenticates the user without requiring an intermediary contract, similar to how meta-transactions work. - The
AUTHCALLoperation functions like the existingCALLopcode but updates the transaction sender to the address authenticated byAUTH. This allows the invoker contract to perform actions on the user’s behalf.
In practice, a user signs a message off-chain to express their intent. This message is then included in an on-chain transaction that calls the invoker contract. The invoker uses AUTH to verify the user’s identity and AUTHCALL to execute the desired operations. Critically, the rules of the transaction are enforced by the invoker’s code, allowing for flexible and secure implementations.
This flow enables several powerful features, such as using a single off-chain signature for future account recovery, batching token approval and execution into one interaction, and allowing EOAs with zero ETH to conduct transactions via sponsored gas.
The appeal of EIP-3074 lies in its simplicity and versatility. By leveraging cryptographic signatures, it allows EOAs to authorize smart contracts to act on their behalf, streamlining processes and significantly improving UX.
Comparing EIP-3074 and EIP-4337
The journey to improving Ethereum’s account model has seen various proposals. EIP-4337, based on a concept by Vitalik Buterin, is another major proposal often discussed alongside EIP-3074 due to their overlapping goals.
At a high level, the two approaches can be summarized as:
- EIP-3074: Enhances existing EOAs by granting them smart contract capabilities.
- EIP-4337: Creates a new class of smart contract accounts, changing how users interact with Ethereum.
It’s a misconception to view them as direct competitors. A better analogy is to see EIP-3074 as a precise tool and EIP-4337 as a comprehensive toolkit. Both aim to advance account abstraction but through different mechanisms.
EIP-4337 achieves account abstraction by replicating transaction mempool functionality in a higher-level system, though a decentralized mempool remains a future goal. It introduces smart contract wallets, along with new actors like paymasters (who sponsor gas fees) and entry point contracts (which act as gateways for transaction submission).
While EIP-4337 offers a more opinionated and application-level standard, EIP-3074 provides a foundational, cryptographic layer for authentication. The two can coexist and even complement each other in the broader ecosystem.
Security Considerations for EIP-3074
EIP-3074 brings substantial benefits but also introduces new security considerations that must be carefully managed. The proposal has undergone years of discussion, resulting in incorporated safeguards to protect users.
The primary security focus is on the invoker contracts. Since these contracts gain temporary control to execute user transactions, they must be designed and implemented securely to prevent unauthorized access or malicious use. Best practices suggest that invoker contracts should be thoroughly audited, non-upgradeable, and trustless.
Several strategies can enhance security, such as using multi-signature schemes for critical actions or implementing time-locked authorizations to limit the window of control. The community continues to explore robust designs to mitigate risks.
It is crucial for users to understand that signing a malicious message could potentially lead to fund loss, just as signing any unauthorized transaction would today. However, with properly designed invokers and user education, these risks can be minimized.
The Future with EIP-3074
The Ethereum community’s support for EIP-3074 stems from the recognition that full account abstraction via proposals like EIP-4337 may take longer to implement. In the interim, EIP-3074 offers a practical way to address pressing UX issues with EOAs.
However, it is not a complete solution. Challenges remain, such as complexities in key rotation and the potential for new attack vectors. Some argue that without a clear path to full account abstraction—such as via EIP-5003—EIP-3074 might inadvertently delay broader AA adoption.
Despite these concerns, the inclusion of EIP-3074 is a significant step forward. It promises to transform the user experience on Ethereum, enable innovative applications, and open new design possibilities for developers.
👉 Explore advanced transaction strategies
Frequently Asked Questions
What is EIP-3074?
EIP-3074 is an Ethereum Improvement Proposal that allows externally owned accounts (EOAs) to delegate control to smart contracts. It introduces two new opcodes, AUTH and AUTHCALL, to enable sponsored transactions and improve user experience by reducing costs and complexity.
How does EIP-3074 improve Ethereum transactions?
It simplifies processes by allowing batch transactions (like approve and execute in one step), enables gas sponsorship so users without ETH can transact, and provides mechanisms for account recovery through off-chain signatures. This reduces friction and makes Ethereum more accessible.
Is EIP-3074 the same as account abstraction?
No, EIP-3074 is not full account abstraction but provides many similar features, such as smart account capabilities. It is a stepping stone that enhances EOAs, while proposals like EIP-4337 aim to implement full account abstraction through a different architecture.
What are the security risks with EIP-3074?
The main risks involve the invoker contracts. If a user signs a malicious message or the invoker contract is poorly designed, funds could be at risk. Users must only interact with audited, secure invokers, and the ecosystem must prioritize robust security practices.
Can EIP-3074 and EIP-4337 work together?
Yes, they are complementary. EIP-3074 offers a low-level tool for authentication and sponsorship, while EIP-4337 provides a higher-level framework for smart contract accounts. Developers can leverage both to create versatile and user-friendly applications.
When will EIP-3074 be live on Ethereum?
EIP-3074 is scheduled for inclusion in the Prague/Electra hard fork. The exact timing depends on network upgrade schedules, but it represents a significant milestone in Ethereum’s ongoing evolution.