Smart Contract Wallet: A Comprehensive Guide

A smart contract wallet is a digital wallet that stores, sends, and receives cryptocurrency and tokens while also executing smart contracts.

It's essentially a bridge between the physical and digital worlds, allowing users to seamlessly interact with their assets and contracts.

Smart contract wallets are designed to be secure, private, and user-friendly. They often come with built-in features such as multi-signature wallets, token management, and gas optimization.

By using a smart contract wallet, users can automate transactions, reduce errors, and increase efficiency in their daily lives.

Non-custodial wallets give users full control over their private keys and digital assets, eliminating the risk of centralized hacks or failures. This means users have complete control over their assets and private keys, ensuring they're the only ones who can authorize transactions.

Non-custodial wallets can be more complex to use, especially for beginners, as users must understand how to secure their private keys and backups. This complexity can be a barrier for those who are new to cryptocurrency.

Here's a quick rundown of the benefits and drawbacks of non-custodial wallets:

Non-custodial wallets use cryptography to secure user data. They're designed to give users control over their assets.

In Ethereum, key pairs are generated using a specific algorithm. This is important for secure transactions.

A key pair consists of a private key and a public address. The private key is used for signing transactions, while the public address is used to receive funds.

The secp256k1 algorithm is used exclusively for key pair generation in Ethereum. This ensures compatibility and security.

Here's a comparison of different wallet types:

As the Ethereum network evolves, new features are being added to enhance user experience. One such feature is account abstraction, enabled by ERC-4337.

Non-custodial wallets are built on a foundation of public-private keypairs that can sign transactions and provide cryptographic proof of ownership. These keypairs are generated through a process that starts with the creation of a private key.

The private key is a randomly selected 256-bit number that's kept secret and serves as the basis of a user's security in the Ethereum network. This number is generated using a cryptographic process that's designed to be secure and efficient.

Using the Elliptic Curve Digital Signature Algorithm (ECDSA) on the secp256k1 curve, the private key is used to derive a public key. The secp256k1 curve is specifically chosen for its security properties and efficiency in cryptographic operations.

The Ethereum address is obtained by taking the last 20 bytes of the Keccak-256 hash of the public key. This address is a 40-character hexadecimal string that serves as the identifier for the user's account on the Ethereum network.

Here's a breakdown of how key pairs and addresses work in the Ethereum network:

Since private keys are not stored by a third party, the risk of centralized hacks or failures is eliminated. This means that users have complete control over their assets and private keys, ensuring that they are the only ones who can authorize transactions.

Smart contract wallets offer a range of customizable features that enhance security, flexibility, and control over digital assets.

One key benefit is enhanced security through multisig transactions, spending limits, and programmable rules, which can be tailored to users' needs. For instance, a user can set a daily spending limit to mitigate the risk of excessive or unauthorized transactions.

Users can also configure various types of transaction confirmation methods, including multi-sig, time-lock, and threshold signatures. A multi-sig confirmation method requires multiple parties to approve a transaction before it can be executed, adding an extra layer of security.

Here are some benefits and features of smart contract wallets:

These features can be used to customize account recovery, such as adding trusted accounts that can help recover the account in case the user loses access. The recovery process involves a time delay and a confirmation from a majority of trusted accounts to prevent unauthorized access.

There are two main types of wallets: custodial and non-custodial. Each of these categories has different implementations and features.

Custodial wallets, on the other hand, store your private keys and manage your assets for you. This means you don't have direct control over your funds.

Non-custodial wallets, however, give you full control over your private keys and assets. You can manage them securely and make transactions without relying on a third party.

Sometimes, the functionality of basic wallets isn't enough, so specialized wallets are created to meet specific needs.

Smart contract wallets are not a specific entity in the TON ecosystem, but rather a type of smart contract that provides a standard external interface, allowing different external clients to interact with them in the same way.

This interface is implemented in FunC and Fift languages in the main TON monorepo, specifically in the ton/crypto/smartcont/ directory.

A smart contract wallet can receive external and internal messages, send internal messages and logs, and provide "get" methods, such as the seqno() and get_public_key methods.

These methods allow users to access and manage their digital assets in a more secure and customizable way.

Here are some examples of "get" methods:

By using smart contract wallets, users can enjoy enhanced security, customizable features, and decentralization, making it a more reliable and trustworthy way to manage digital assets.

Wallet V2 introduces the valid_until parameter, which allows you to set a time limit for a transaction to prevent it from being confirmed too late.

A new exit code, 0x23, was added to mark the failure of the valid_until check.

The valid_until functionality also led to the addition of a new UNIX-time field in the external message body layout, which sets the time limit for the transaction.

In the V3 version, the subwallet_id parameter was introduced, allowing for multiple wallets to be created using the same public key, all with the same seed phrase.

This feature is particularly useful for users who want to manage multiple wallets without having to generate separate seed phrases for each one.

The subwallet_id is essentially just a number added to the contract state when it's deployed, making it a simple yet effective way to create multiple wallets.

As a result, the wallet address will change with a different subwallet_id, which is a direct consequence of the contract address being a hash of its state and code in the TON network.

This version of the wallet remains clean, simple, and mostly the same as previous versions, with all get methods remaining the same.

The V4 version of a wallet retains all the functionality of previous versions, but introduces something very powerful: plugins. This feature allows developers to implement complex logic that works in tandem with a user's wallet.

Developers can create plugins that require users to pay a small amount of coins every day to use certain features. The user would need to install the plugin on their wallet by signing a transaction.

Plugins can be used to send coins to a destination address daily when requested by an external message. This is a powerful feature that opens up new possibilities for wallet developers.

With plugins, wallet users can access more features and services without having to worry about the underlying complexity. It's a game-changer for wallet users and developers alike.

The V5 wallet standard is a significant improvement over its predecessors. It offers many benefits that enhance the experience for both users and merchants.

One of the key features of V5 is gas-free transactions. This means that users can send Toncoin without incurring network fees. I've seen firsthand how this can simplify the process of sending cryptocurrency.

V5 also supports account delegation and recovery, subscription payments using tokens and Toncoin, and low-cost multi-transfers. These features make it easier for users to manage their accounts and make payments.

The V5 wallet standard allows you to send up to 255 messages at a time. This is a significant improvement over previous versions, which had limitations on the number of messages that could be sent.

Here are some of the key features of V5:

The V5 wallet standard relies on the TL-B scheme due to the complexity of its interface implementation. This requires a basic understanding of the wallet's source code to implement.

A private key is a randomly selected 256-bit number that serves as the basis of a user's security in the Ethereum network. This number is kept secret and is crucial for maintaining the integrity of a user's account.

The cryptographic process allows for the generation of an unlimited number of unique key pairs, each independent and secure as long as the private key remains a secret.

An Ethereum address only becomes verifiable and active once a transaction is made involving that address. Before any transaction occurs, the address exists only as a potential within the vast space of possible addresses.

The public key is derived from the private key using the Elliptic Curve Digital Signature Algorithm (ECDSA) on the secp256k1 curve. This curve is specifically chosen for its security properties and efficiency in cryptographic operations.

Here are the key characteristics of Ethereum key pairs:

The Ethereum address is obtained by taking the last 20 bytes of the Keccak-256 hash of the public key. This address is a 40-character hexadecimal string that serves as the identifier for the user's account on the Ethereum network.

Plugins are essentially other smart contracts on TON that developers are free to implement as they wish. They are simply addresses of smart contracts stored in a dictionary in the wallet's persistent memory.

These plugins are allowed to request funds and remove themselves from the "allowed list" by sending internal messages to the wallet. This is a powerful feature that enables developers to implement complex logic that works in tandem with a user's wallet.

A plugin can send coins to a destination address daily when requested by an external message. This is a great example of how plugins can be used to create new and interesting use cases for smart contract wallets.

Plugins can be used to implement features like paying a small amount of coins every day to use certain features of a DApp. This is made possible by the user installing the plugin on their wallet by signing a transaction.

Here are the key fields that make up a plugin:

Deployments are a crucial part of smart contract wallet features.

The Safe Singleton Factory is used to deploy factory and implementation, and it currently provides the same address across 248 chains.

To deploy on a new chain, you'll need to follow the instructions outlined below.

You can find the factory address for version 1 at 0x0BA5ED0c6AA8c49038F819E587E2633c4A9F428a.

To deploy on a new chain, in your .env, you'll need to set the following.

Our smart contract wallet features were built on the foundation of existing innovations. Much of the code started from Solady's ERC4337 implementation.

We drew inspiration from DaimoAccount, which pioneered using passkey signers on ERC-4337 accounts. This approach has been a game-changer in the world of smart contract wallets.

LightAccount also played a significant role in shaping our features, and we're grateful for their contributions to the space.

Gnosis Safe is a popular multisig smart contract wallet built on the Ethereum blockchain. It offers a modular architecture, enabling seamless integration with other DApps.

Gnosis Safe requires multiple signatures for transactions, providing a higher level of security for your assets compared to single-signature wallets. This is especially useful for collaborative organizations or teams.

You can connect Gnosis Safe to hardware wallets like Ledger or Trezor, offering an additional layer of security by keeping private keys offline. This is a great option for users who want to reduce the risk of asset loss due to theft or mismanagement.

Gnosis Safe supports integration with popular DeFi platforms, enabling you to access financial services directly from your wallet, such as lending, borrowing, and trading. This is a game-changer for businesses or individuals who want to manage their assets and interact with DApps with ease.

The wallet lets you set custom transaction conditions, such as spending limits, time locks, and whitelisting addresses. This is particularly useful for organizations that need to manage their funds securely.

Gnosis Safe has a clean and intuitive interface, making it easy to manage your assets, view transaction history, and interact with DApps. This user-friendly interface is a major advantage over other wallets on the market.

To connect an existing wallet, you'll need to follow some simple steps. You can delete your browser information from the past hour to start from scratch.

You'll need to select your wallet type and choose the way to access the smart wallet. This could be through a password, biometric data, or other forms of authentication.

Once you've chosen your authentication method, you'll need to provide your local authentication, such as a Windows Hello PIN. You'll also need to approve a connection request to your wallet provider, such as Coinbase.

When connecting an existing wallet, you'll need to choose the passkeys belonging to the wallet. It's a good idea to let the user choose a more relatable name for the wallet to distinguish it from others.

Here's a step-by-step guide to connecting an existing wallet:

Smart wallets have made it possible to securely store and manage cryptocurrencies, thanks in part to Ethereum.

Passkeys can be used in smart wallets to provide an additional layer of security.

For example, Ethereum has made smart wallets possible, and passkeys can be used as a secure authentication method.

Ethereum's implementation of smart wallets has streamlined the process of using passkeys, making it easier for users to manage their digital assets.

Ethereum's cryptographic foundation relies heavily on the principles of elliptic curve cryptography (ECC), specifically using the secp256k1 curve.

ECC generates key pairs consisting of a private key and a corresponding public key. This is the foundation of Ethereum addresses.

The secp256k1 curve is a specific type of elliptic curve used in Ethereum. It's what makes Ethereum addresses unique and secure.

Ethereum addresses are created from these key pairs, which are used to interact with the network. They're like digital signatures that verify ownership and control.

The private key is kept secret and should never be shared, while the public key is publicly visible and used to receive funds.

Account verification is a crucial aspect of wallet security. Every transaction in the Ethereum network must be signed with the sender's private key, ensuring the integrity and authenticity of the transaction.

The signature is broadcast to the Ethereum network, where nodes use the public key to verify the signature, confirming that the transaction is valid and can be recorded on the blockchain. This process is essential for preventing unauthorized transactions and maintaining the trust in the network.

In the context of smart wallets, passkeys can be used to simplify the authentication process. However, the details of how this works are not provided in the article section.

The authentication process in version 5 of a wallet system involves two methods: authentication as a previously registered extension, and authentication through the stored public key and signature. This allows for requests to be processed through external services, such as smart contracts, without being part of the wallet's extension infrastructure.

Internal messages that don't pass the authentication process will be considered as transfers, and receiving funds is still an option.

Exit codes are a crucial aspect of wallet security and management. They provide a way to understand what went wrong when a transaction is executed.

A standard successful execution exit code is 0x0. This is what you'll see when everything goes smoothly.

If you run out of gas, you might get a 0xD code, but more commonly, you'll see 0x0. This is because TVM has standard exit codes, and 0x0 is one of them.

Here are some common exit codes you might encounter:

These exit codes can give you valuable information about what went wrong. For example, if you see 0x21, it means the seqno check failed, and reply protection was triggered.

Receiving internal messages is a crucial aspect of wallet security and management. The fourth version of wallets introduces two additional available operations, making it more complex than previous versions.

The internal message body layout has changed, with an optional op-code field that can be either 0x706c7567 (request funds) or 0x64737472 (request removal of plugin-sender from the "allowed list"). This field is ignored if it's not present or if it's not one of these two codes.

A signature, subwallet-id, valid-until, msg-seqno, and op-code are also required fields in the internal message body. The op-code can be 0x0 (simple send), 0x1 (deploy and install plugin), 0x2 (install plugin), or 0x3 (remove plugin).

Here's a breakdown of the possible exit codes for receiving internal messages:

The wallet also provides several functions for working with internal messages, including seqno(), get_public_key(), get_subwallet_id(), is_plugin_installed(), and get_plugin_list(). These functions can be used to track chains of messages between contracts and manage plugins.

Restricted wallets can only transfer funds to a single pre-defined destination address.

This means you can set the destination address when creating the wallet, and then you'll only be able to send funds to that address.

Note that you can still transfer funds to validation contracts with a restricted wallet, allowing you to run a validator with this wallet.

As a user, you might be wondering how passkeys and Ethereum address owners interact with your smart wallet. In the ERC-4337 context, UserOperation.signature is expected to be the ABI encoding of a SignatureWrapper struct. This struct is used to identify the owner who signed the user operation.

To optimize for calldata, which is the main cost driver on Ethereum layer 2 rollups, like Base, we pass an ownerIndex rather than the public key itself. This is a key difference from ecrecover, which returns the signer address.

For Ethereum address owners, signatureData should be the packed ABI encoding of the r, s, and v signature values. This allows for secure and efficient transactions.

Here's a breakdown of the key differences between passkey owners and Ethereum address owners:

By understanding these differences, you can better manage your smart wallet and ensure secure transactions.

The standard EOA model has its limitations, making it difficult for users to manage their digital assets. This model limits many wallet providers to only offer users a seed phrase in case they lose access, which is notoriously vulnerable to users forgetting it or losing it to theft.

Using a seed phrase can be a major pain point, as it discourages users from interacting with the blockchain. This is because users are hesitant to share their seed phrase with others, which makes it difficult for them to manage their digital assets.

Interacting with smart contracts can be a costly and vulnerable process. Every interaction with a smart contract requires a signature, which can quickly lead to expensive gas fees.

The standard EOA model also limits the innovation of wallet providers, making it difficult for them to offer more use cases with greater customization.

Multi-signature wallets are a type of smart contract wallet that requires multiple approvals before a transaction can be executed.

This added layer of security makes it more difficult for bad actors to steal your funds, minimizing the risk of unauthorized access.

By involving multiple parties in the governance process, multi-signature wallets help distribute ownership and reduce the risk of single points of failure.

A multisig wallet operates on the principle of "m-of-n" signatures, meaning that "m" out of the "n" designated signatories must approve a transaction before it can be processed.

For example, a 2-of-3 multisig wallet would involve three signatories and require at least two of them to approve a transaction before it can be processed.

This configuration makes it more difficult for a single individual to make unilateral decisions or take actions without the consent of other designated parties.

Multisig wallets are useful for a wide range of personal and business applications that require the utmost security, including collaborative organizations, escrow services, and personal security.

Since the required signatures can be distributed among trusted individuals, the risk of losing access to your wallet due to mishandling a single private key is minimized.

The need for multiple approvals helps promote transparency and accountability among wallet users, ensuring that spending decisions are made collectively.

Using a typical multisig wallet smart contract involves creating a wallet, funding it, proposing a transaction, approving it, and executing it automatically once the required number of approvals is reached.

One of the more popular multisig smart contract wallets is Gnosis Safe, which offers advanced features like module-based customization and integration with other DApps.

The number of required signatures can be set to meet specific needs, such as setting the number of required signatures or establishing a hierarchy of permissions.

All actions are recorded on the blockchain and can be audited by anyone, providing clear insight into decision-making processes.

The value "n" represents the total number of designated signatories, each possessing a unique private key for approving transactions.