Thanks to Aniket, Ahmed, Sachin, and Fil from Biconomy, Lukas & Clem from Safe, Derek from ZeroDev, Corbin from Patch Wallet, and Konrad from Rhinestone for their feedback.

About 10 years ago, frontend frameworks like React, Angular, and Vue accelerated Web2 adoption by shifting server-side logic to client-side. Frontend and backend decoupled, and users began interacting with applications more seamlessly.

Similarly, as smart accounts bring more logic to the user’s direct control (e.g. batched transactions, customised gas payments), they are well-positioned to improve crypto UX and accelerate Web3 adoption.

To achieve this, we believe two shifts will occur:

1. The shift from externally-owned accounts to modular smart accounts
2. The shift from generalised wallets to specialised smart wallets

Why Modular

Developing and maintaining AA infrastructure for batched transactions, paymasters, and session keys are non-trivial. Session keys, for instance, require secure session key storage infrastructure. In order for future wallets to maintain account feature parity with their competitors without the burden of maintaining infrastructure, they are more likely to integrate bundlers, paymasters, and session keys built by specialised infra players rather than build the same capabilities in-house.

Additionally, wallets may integrate modules to extend their functionality (e.g. privacy) or provide safeguards for transactions (e.g. spending limits). These modules require thorough audits, so wallets may opt to integrate verified modules rather than build their own.

Wallets may also integrate external modules to:

• Integrate ready-made capabilities for convenience (e.g. Safe {Wallet} integrating Redefine’s transaction risk scanner), or;
• Leverage modules that have built network effects (e.g. a future scam prevention module that maintains the greatest coverage of scams)

The stack for developers to create their own smart wallets or embed them into their dApps is as follows:

Building on top of the individual components, three players are emerging as aggregators of signing methods, logic modules, and execution infrastructure, akin to “module app stores”: Safe {Core}, Biconomy, and ZeroDev. They simplify the developer experience of building smart accounts with all-in-one, extensible wallet-as-a-service solutions. ZeroDev, for example, aggregates and routes userOps through various bundler & paymaster infrastructure to abstract 4337 complexity from the developer, while providing various web3 onboarding/signing solutions to choose from.

While full-stack solutions aggregate existing established infrastructure, the market for modules remains relatively immature. At the time of writing, and as we can see from the figure below, most modules have been built in-house by the “module app stores”.

One of the factors modules would consider to choose which ecosystems to enter is by assessing the customers they’d have access to. We see early signs of this with modules like Redefine & Tenderly choosing to build on top of Safe to leverage their existing customer base around DeFi-focused institutions.

Beyond customer access, we expect the leading ecosystems to be built by a factor of perceived security, developer experience, and importantly, their network effects from their ecosystem of extensible modules/plugins.

These “module marketplaces” appear to be the most monetisable area in smart account infrastructure today, as they can build moats around the network effects accrued by its ecosystem of modules and customers, and subsequently earn from revenue sharing, platform fees, MEV, and audits for the modules.

Why Specialised

We believe that as web3 use cases and users become increasingly diverse, generalist wallets will leave unmet needs that customised wallets can satisfy. The Safe {Wallet} has been a prime example — filling the security needs for organisations that the retail-focused Metamask left unmet. Metamask themselves is now spinning up Snaps to customise for certain use cases, albeit remaining as EOAs.

Modular smart accounts allow for permissionless combinations of smart account modules to create specialised wallets. By permissionlessly augmenting their smart accounts with modules, users would have access to wallets that more closely align to their web3 needs.

Castle, for instance, specialises their smart wallet to high-net-worth NFT owners by leveraging Safe’s battle-tested multisig contracts to secure their NFTs, and will incorporate scam prevention and transaction simulation modules to provide additional security in the future.

Rhinestone is a new project that envisions a future wherein users can drag-and-drop smart account modules to create their own custom wallets. This would enable casual mobile gamers, for example, to create wallets where they can sign in using face ID on their secure enclave, use session keys, and lend NFTs within a certain time limit.

As new sectors of Web3 find product-market-fit, we expect specialist wallets to capture market share as they tailor more closely to specific user needs. Gamers, DeFi users, and NFT collectors already have existing smart wallets to use, but the sectors remain relatively competitive (with no clearly dominant player).

The emerging sector of web3 social is also yet to have its go-to smart wallet. Patch Wallet is a new project that allows anyone with a Twitter account to have a smart account by default (even before they sign up), which bridges web2 social graphs with crypto wallets, but few others stand out so far.

While gaming and DeFi attract the most number of crypto users, web3 social is an emerging sector that has yet to have a prominent smart wallet.

We believe that smart accounts will be customised by vertical in the following ways:

• Organisations & High-Net-Worth Individuals (HNWIs): Prioritising battle-tested security, it is difficult to imagine institutions & high net-worth individuals opting out from wallets built on top of the Safe protocol, which has acquired Lindy effects as their moat. Wallets built on top of the protocol, such as their own Safe Multisig {Wallet}, may incorporate privacy, delegation, and scam prevention modules. An institution-focused mobile wallet secured by Safe, that eases accessibility & UX, remains a white space.
• Gamers: There is often limited interoperability of gaming assets, and gaming studios prioritise smooth onboarding of new users. Hence, we believe embedded wallets-as-a-service that prioritise smooth, low-cost onboarding and key management, with transaction delegation (e.g. allowing the dapp to return NFT assets to the lender after the rental period automatically) and session keys will capture majority market share here.
• DeFi Traders & Farmers: Financial actors rarely differentiate between apps, prioritising aggregated liquidity, automation, and multichain coverage. We predict that an app-based DeFi wallet akin to a platform that aggregates liquidity, curates DeFi strategies, and abstracts multichain complexity will emerge as a market leader for DeFi-focused smart accounts. It may also include MEV-proficient bundlers who auction off MEV from users’ transactions and return it back as rebate.
• NFTs: As a space riddled by scams, the next modular smart account focused on NFTs will incorporate transaction simulation and scam prevention for security, while facilitating NFT discovery through curation and personalisation on its frontend.
• Social: Key to decentralised social is interoperable identity. As a result, social-focused smart accounts will need to be interoperable across social networks (rather than embedded). Mobile wallets enable better accessibility but needs to provide access to a range of social networks through aggregation, API, or as a mobile browser extension (a-la Dawn Wallet).

Across verticals, we expect bundled transactions and sponsored gas to be commoditised and popularised as default features of specialised smart wallets.

Heavy on-chain users, institutions/organisations, and HNWIs may also be drawn towards wallets integrated with privacy modules to protect their on-chain footprints. In order for privacy to gain mainstream retail adoption, however, the process to privatise transactions must be completely frictionless (see: Elusiv).

The Endgame

Moving forward, we need the following for modular smart accounts to succeed:

1. Interoperability, through a standard which ensures that modules can be composable with one another (EIP-6900 is being drafted for this).
2. Discovery, through the aforementioned “module app stores” and registries such as Rhinestone
3. Security, possibly through a minimum viable standard that modules should abide by to prevent issues such as storage collision

Importantly, in a future where a user will deploy multiple smart contract accounts across chains, we need to abstract the multichain experience.

It would be extremely cumbersome, for instance, if a user would need to sign multiple transactions across chains to change his guardian or add an authorisation module. He should be able to sign once, and allow the dApp/wallet to execute multiple userOps on multiple chains.

Vitalik suggests that smart account keys may be located on one chain (e.g. L1 or L2) where a “keystore contract” would be deployed. Verification logic on other chains’ accounts would point towards the keystore contract, and spending from accounts on other chains would require a proof (e.g. zk-snark) going into the contract.

Biconomy is also building a “Multichain Session Keys” module to allow dApps to embed smart accounts that can execute UserOps on multiple chains with one signature by constructing Merkle trees (see implementation here). And to simplify the experience of transferring funds to different addresses across chains, Peanut Protocol is leveraging Axelar to enable cross-chain transfers with URLs.

In the more distant future, we expect smart accounts to incorporate intents and LLMs.

We envision the future smart wallet to be able to:

1. Use LLMs to decode user intents into atomic transactions
2. Allow a user to delegate transaction execution to the smart wallet within certain user-defined limits, while maintaining self-custody
3. Prompt for user’s approval once the intent is parsed
4. Abstract the cross-chain experience & execute the user’s intent with a decentralised network of AI agents / solvers

To realise this vision, we need:

• A progressively-decentralised, permissionless network of AI agents to find “best paths forward” for the user to obtain his/her intent, akin to CoW Protocol’s solvers
• Embeddings to applications across chains, possibly through an AMP (arbitrary-message-passing) protocol (e.g Axelar, Layer Zero)

The key challenge is to build an intent-centric network of solvers that is sufficiently decentralised. To ensure this, the solvers may be open-source AI agents themselves (once they are sufficiently efficient vs centralised solvers). If so, intents could become the default way for users to interact in a multichain world.

The first AI-powered cross-chain smart account may be generalised, but they may be vertical-specific thereafter. The ambitious team at Banana Wallet is incorporating Axelar to abstract the multichain experience for Safe smart accounts, and hacked an intent-centric wallet application at ETHcc. We’d be excited to meet projects building towards a vision of intent-centric, AI-driven, cross-chain smart accounts while maintaining the values of self-custody.

In sum, we expect accounts to shift from monolithic to modular, and generalised to specialised. They could abstract the multichain experience and incorporate intents to become the default way for web3 users to interact in a multichain world.

Driving this transition will be the module builders. While batched transactions and sponsored gas are necessary features to improve crypto UX, the innovation from module builders — especially those focused on abstracting the multichain experience — will drive the significant step-changes required for crypto to transition from EOAs to modular smart accounts.

Gone are the days where wallets are simply a pop-up to sign; they are now the new battleground of permissionless and composable innovation.

References:

• Safe Modular Architecture: https://safe.mirror.xyz/t76RZPgEKdRmWNIbEzi75onWPeZrBrwbLRejuj-iPpQ
• Cross-chain Safe accounts: https://forum.safe.global/t/how-can-a-safe-hold-asset-on-multiple-chains/2242?u=longhash_ventures
• Three Transitions by Vitalik: https://vitalik.ca/general/2023/06/09/three_transitions.html
• Banana’s intent-centric wallet hack: https://www.youtube.com/live/NVuMhlU3Faw?feature=share&t=4354
• ZeroDev Docs: https://docs.zerodev.app/extend-wallets/overview
• Biconomy Modular Architecture: https://www.biconomy.io/post/making-biconomy-smart-accounts-modular
• EIP-6900, modular smart account standard: https://ethereum-magicians.org/t/erc-6900-modular-smart-contract-accounts-and-plugins/13885
• Safe, Redefine & Tenderly: https://twitter.com/safe/status/1673324154182053889
• Safe In-house Modules: https://github.com/safe-global/safe-modules/tree/master
• Safe {Core} SDK: https://safe.global/core
• Permissive module docs: https://docs.permissive.dev/documentation/what-is-permissive
• Permissive & Safe: https://twitter.com/permissivelabs/status/1657486440115191810
• Castle, Safe-based NFT wallet: https://castle.link/
• Patch Wallet: https://app.patchwallet.com/
• Users by vertical, Q1 and Q2

‍