Skip to content

Account Abstraction Development (ERC-4337)

In short

ERC-4337 smart accounts are the upgrade that turns a wallet into a programmable contract. We implement the full stack from smart accounts to paymasters to session keys, with production experience from Safe and Telos.

$2B+
assets secured
120+
EVM networks deployed
1M+
developers (Solhint)
80%
latency improvement (Telos)
Trusted by teams building on-chain

Account abstraction is the upgrade that turns a crypto wallet from a bare key pair into a programmable smart account, one that can sponsor its own gas, recover without a seed phrase, and approve actions under rules you define. On Ethereum and EVM chains, ERC-4337 is the standard that makes this possible without changing the protocol. Most teams already know they want gasless onboarding and social recovery; the hard part is shipping it to production.

Protofire has shipped 250+ blockchain projects since 2016, and we helped build Safe, the smart-account wallet that pioneered account abstraction on EVM and today secures $2B+ across 120+ EVM networks. Smart accounts are core infrastructure for us, and we have run them in production for years.

ERC-4337 standardizes that same idea behind a shared mempool, so consumer and institutional apps can adopt it without reinventing the wallet.

We implement account abstraction as a shipped product, not a reference architecture: ERC-4337 smart accounts, paymasters for gas sponsorship, session keys, social recovery, and the mobile-first UX that makes them usable. Take one capability (gasless onboarding, say) or the full smart-account stack.

The ERC-4337 stack we build and integrate end to end

Every layer from the smart account contract to the user-facing SDK is something we design, implement, and harden.

01

Smart Account

The programmable contract account with modular validation logic, session keys, spending policies, and recovery modules.
02

Bundler

The off-chain service that collects UserOperations, validates them, and submits them to the EntryPoint contract.
03

Paymaster

The contract that decides who pays gas: sponsor entirely, accept ERC-20 payment, or apply policy with rate limits and abuse controls.
04

EntryPoint

The singleton EVM contract that validates and executes UserOperations, the shared coordination layer of ERC-4337.
05

SDK / Frontend

The client-side integration layer: UserOperation construction, passkey or device-key signing, and mobile wallet UX.
01

What account abstraction development covers

A normal Ethereum wallet is an externally owned account (EOA): a single private key that signs every transaction and must hold ETH to pay gas. Account abstraction replaces that key pair with a smart-contract account whose validation logic is programmable. ERC-4337 delivers this without a hard fork by introducing a separate flow: users sign a `UserOperation` instead of a raw transaction, a bundler packages those operations and submits them to a singleton `EntryPoint` contract, and an optional paymaster can cover the gas.

Because validation lives in a contract, the account can enforce multisig, spending limits, session permissions, or recovery rules, none of which an EOA can express. This is the foundation under everything below: once the account is a contract, "the wallet" becomes software you can design, not a fixed primitive you inherit. Benefits: programmable validation instead of a fixed key · no protocol change required · the base for gasless, recovery, and session-key UX.

02

How an engagement works

1

Scope & Design

An AA readiness review that maps the UX flow, selects which account-abstraction capabilities you actually need (gasless, session keys, recovery), and agrees the security model. Deliverable: a scoped capability and architecture plan.
2

Build & Integrate

Smart-account contracts, paymaster, and the off-chain services, integrated and tested, with the mobile flows wired in.
3

Launch & Harden

Rollout and handover, with the contracts hardened ahead of any external audit.
03

What teams use account abstraction for

Gasless onboarding: users start with no ETH
Social recovery: no seed-phrase single point of failure
Session keys for gaming and high-frequency trading UX
Mobile-first DeFi UX (iOS / Android)
Institutional smart accounts with spend policies and multisig
Pay-gas-in-stablecoin via custom paymasters
04

Smart accounts are infrastructure we already run

Protofire is a blockchain development company with 250+ projects shipped across 60+ networks and 95+ protocols since 2016. Our wallet and smart-account credentials are first-hand: we helped build Safe, the smart-account wallet that pioneered account abstraction on EVM and now secures $2B+ across 120+ EVM networks, and we shipped Telos zkWallet, a full production wallet with relayer and indexing infrastructure and native proof generation that cut transaction latency by up to 80%.

We maintain Solhint, the open-source Solidity linter used by 1M+ developers, so the contracts behind your accounts are held to the standard we set for the ecosystem. ERC-4337 sits on exactly the wallet, contract, and infrastructure layers we already operate.

Smart accounts turn the wallet from a fixed primitive into software you design.

FAQ

What is account abstraction (ERC-4337)?
Account abstraction makes a wallet a programmable smart-contract account instead of a single private key that signs every transaction. ERC-4337 is the EVM standard that delivers it without changing the protocol or requiring a hard fork. Rather than a raw transaction, a user signs a `UserOperation`; a bundler packages those operations and submits them to a singleton `EntryPoint` contract; and an optional paymaster can cover the gas. Because the account's validation logic now lives in a contract rather than a fixed key pair, it can enforce rules an externally owned account never could: multisig approval, spending limits, scoped session permissions, social recovery, and gas sponsorship. In practice that turns the wallet from a fixed primitive you inherit into software you can design: gasless onboarding, recovery without a seed phrase, and per-app permissions all become configurable account behavior rather than features the protocol has to grant you.
What's the difference between a smart account and an EOA?
An EOA (an externally owned account) is a single private key that signs every transaction and must hold ETH to pay its own gas. It cannot express any rule beyond "this key approved this transaction." A smart account is a contract, so its validation logic is programmable: it can be controlled by several signers, recover access through guardians or trusted signers instead of a seed phrase, let a paymaster cover gas, and grant scoped, time-limited session permissions to an app. That is what makes gasless onboarding, social recovery, and one-click trading UX possible. The trade-off is that a smart account is code, and code that holds funds carries the same risk as any on-chain system. That is why the account contracts, signature schemes, and recovery logic need the rigor of an audited system, not a default template, before they reach production and start securing real value.
What are gasless transactions, and who pays the gas?
"Gasless" means a user can transact without holding ETH for gas. A paymaster, the contract that decides who pays, covers it instead. Your app can sponsor gas entirely, so a user touches the product with zero ETH; the user can pay gas in an ERC-20 such as a stablecoin; or you apply a policy: sponsor the first N actions, sponsor only whitelisted calls, or sponsor up to a fixed budget. The engineering risk lives in those rules. An open sponsorship policy is a drain that can be griefed, so we design verification, rate limits, and abuse controls alongside the happy path. Fee-abstraction UX is not new territory for us: we have shipped gasless transaction experiences in production for CoW Swap, so we scope the operational cost and failure modes from experience rather than theory, and ship sponsorship policies that cannot simply be emptied by an attacker.
Can you build account abstraction into a mobile app?
Yes, mobile is where account abstraction matters most, because seed phrases and gas top-ups cause the worst drop-off on a phone. We build the wallet experience for iOS and Android-integrated products: passkey or device-key signing instead of a seed phrase, gasless first actions so the app works before a user funds anything, and recovery flows that fit a phone rather than a desk. The smart account, the sponsorship backend, and the mobile UX are designed as one system, not a screen bolted onto a contract. We have shipped full production wallets: Telos zkWallet bundled smart contracts, relayer services, and indexing infrastructure into a cross-platform app with native proof generation that cut transaction latency by up to 80%. So we treat a wallet as a product with real infrastructure behind it, and apply that same discipline to account-abstraction mobile work: contract, backend, and UX delivered together.
Have you built ERC-4337 systems in production?
At the smart-account layer, yes, extensively. We helped build Safe, the smart-account wallet that pioneered account abstraction on EVM and today secures $2B+ across 120+ EVM networks, and we shipped Telos zkWallet, a full production wallet with relayer and indexing infrastructure and native proof generation. We also maintain Solhint, the open-source Solidity linter used by 1M+ developers, so the contracts behind your accounts are held to the standard we set for the ecosystem. ERC-4337 sits on exactly the wallet, contract, and infrastructure layers we already run in production. We scope new account-abstraction work as an implementation engagement grounded in that smart-account and wallet experience (paymasters, session keys, social recovery, and mobile UX delivered as a shipped product) rather than as a research exercise starting from a blank page. The hard parts are ones we have already run at scale.
How long does account abstraction integration take?
It depends on scope. A single capability (gasless onboarding or session keys) is typically a matter of weeks, while a full smart-account stack with mobile UX takes longer. We run every engagement in three phases. Design is an AA readiness review: we map the UX flow, select which account-abstraction capabilities you actually need (gasless, session keys, recovery), and agree the security model, producing a scoped capability and architecture plan. Build delivers the smart-account contracts, the paymaster, and the off-chain services, integrated and tested with the mobile flows wired in. Launch covers rollout and handover, with the contracts hardened ahead of any external audit. Because we ship from smart-account patterns we already run rather than inventing them, the timeline is driven by your capability set, not foundational research, and we confirm it after the readiness review.

Reviewed by Luis Medeiros, Field CTO at Protofire. Last reviewed: June 2026.

Book a call with Alejandro Losa

Schedule a call with our Web3 Solution Architect to receive practical recommendations and a prompt proposal for upgrading your solution.

Protofire 2026. All rights reserved

Message us on Telegram