After waiting for about 4 years since the initial proposal, Ethereum ETH
-9.97%
Developers are aiming to include EIP-3074 in Ethereum’s next upgrade, nicknamed Pectra, expected later this year.
EIP-3074 brings various user experience improvements to typical wallets by delegating certain functions to smart contracts. This enables features such as bulk approval of large transactions, gas payments with various ERC20 tokens, enhanced security or account recovery, and more. However, the upgrade is still one step away from full account abstraction because delegated wallets cannot initiate transactions.
“All things considered, the team has agreed to proceed with the EIP. 3074 will be included in Pectra,” Tim Beiko, head of protocol support at the Ethereum Foundation, wrote in a post on X.
However, the developers also noted that EIP-3074 enables new vulnerabilities. In other words, a single malicious transaction has the ability to drain a user’s entire wallet through a batch of transactions. Although the outlook looks dire, some experts have reassured users that good wallet design can help eliminate potential risks.
“We have not seen any consumer wallets currently vulnerable to this risk. This was our initial research audit work,” Dan Finlay, co-founder of MetaMask, wrote in a post to X. “What you need to do to eliminate this risk is not allow private signature opaque hashes and also not allow signatures using this reserved prefix.”
Uniswap founder Hayden Adams agreed: “(The) advantage is that it forces wallets to improve their UX so that more operations are explicitly perceived as safe and random unknowns feel very scary.”
Two major caveats
Other developers have expressed frustration with the latest implementation of the proposal, which was modified from the original to get support.
Making one modification may revoke the account delegation, but it also means that the authorization will be automatically revoked the next time another transaction is sent. For example, EIP-3074 allows users to log into a Web3 game and sign just one transaction to buy or sell in-game items, but if they pause the game and send cryptocurrency to a friend, they must authorize the game again. do.
Adams wrote that the change “prevents numerous use cases, such as limit orders and social recovery.”
Another change to the proposal limits the ability to affect multiple chains simultaneously. “Verifying ‘chainId’ means that even if you want the same authentication for the same contract across 34 chains, you have to create a separate signature for every chain,” developer Philippe Dumonet wrote in a post on X.
Ethereum’s Pectra upgrade is expected to be ready in late 2024 or early 2025, Beiko told CoinDesk.
Disclaimer: The Block is an independent media outlet delivering news, research and data. As of November 2023, Foresight Ventures is a majority investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information about the cryptocurrency industry. Below are our current financial disclosures.
© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be used as legal, tax, investment, financial or other advice.