Account Abstraction on ioPay - the DePIN Wallet

ioPay (built by the IoTeX team) is thrilled to announce the launch of Account Abstraction! Making ioPay the largest, battle-tested multi-chain AA wallet on the market. This blog will take you through why AA is important, IoTeX's work in the AA field, the ioPay implementation and how to get your AA Wallet setup on ioPay.

Why AA matters

Account abstraction is a term used to describe a fundamental shift in the architecture of blockchain networks. Traditionally, blockchain accounts were simple addresses associated with private keys that controlled funds. However, account abstraction introduces a more sophisticated model where accounts are not only containers of funds but also capable of executing complex code.In essence, account abstraction separates the roles of managing funds and executing code, enabling more dynamic and powerful smart contracts. This shift allows developers to create innovative applications by providing a greater level of flexibility in terms of contract execution and interaction. In the case of ioPay, AA massively increases the simplicity of account creation and account recovery. Not to mention the fact that AA opens the door to several other ioPay features that weren't even possible before. Benefits of Account Abstraction:

1. Enhanced Flexibility: Account abstraction empowers developers with enhanced flexibility when designing smart contracts. With this approach, developers can separate the control of funds from the logic of contract execution, allowing for more dynamic and modular applications.
2. Reduced Gas Costs: Gas fees have been a significant concern in blockchain ecosystems, hindering the scalability and adoption of decentralized applications. Account abstraction has the potential to reduce gas costs by optimizing the execution of smart contracts. This optimization is achieved by allowing contracts to execute without requiring multiple transactions, thereby saving on computational resources.
3. Improved Upgradability: Traditional smart contracts are often immutable once deployed, making it challenging to fix bugs or add new features. Account abstraction introduces the concept of "contract upgradability," enabling developers to update and improve contracts without disrupting their functionality. This feature is crucial for maintaining and evolving decentralized applications over time.
4. Innovative Use Cases: Account abstraction unlocks a new realm of possibilities for developers, paving the way for innovative use cases. This includes applications in decentralized finance (DeFi), non-fungible tokens (NFTs), and beyond. The separation of funds and code execution enables the creation of more complex and feature-rich applications that were previously challenging to implement.
5. Improved Security: The separation of concerns introduced by account abstraction can enhance the security of smart contracts. By isolating the management of funds from the execution of code, potential vulnerabilities and attack surfaces are reduced, making it more challenging for malicious actors to exploit vulnerabilities.

loTeX Modular Infra as DePIN Innovation Enabler

IoTeX is a modular Web3 infrastructure platform connecting smart devices and real-world data to blockchains. IoTeX’s middleware solution W3bstream provides the computation and verification of real-world data, bringing it on-chain while offering the modularity and customizability builders need to facilitate mass adoption. As the leading provider of DePIN (Decentralized Physical Infra Networks) infrastructure, IoTeX facilitates new rewards from devices and on/off-chain activity for users, turns personal devices into communal economies, and tokenizes the "data of everything." Backed by a global team of 60+ research scientists and engineers, IoTeX combines its EVM-compatible L1 blockchain, off-chain compute middleware, and open hardware to connect billions of smart devices, machines and sensors, and dApps across the physical and digital world. Of course, a key part to any DePIN project is a mobile wallet. As a result, the IoTeX team has spent an immense amount of time working on ioPay, the DePIN wallet of choice (including integration of DePINscan into the wallet).

IoTeX has been on the cutting edge of many high tech endeavours, trying to push the boundaries of what is possible with blockchain and off-chain compute. AA technology is another area where IoTeX has been at the forefront. Earning itself a grant from the Ethereum Foundation back in September, 2023. Specifically, the grant awarded was for ERC-4337 and IoTeX's work in employing Zero-knowledge Account Abstraction Wallets.

Levaraging zk-SNARK proof technonigy, IoTeX built an account abstraction wallet that can be authorized by password. zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) is a cryptographic proof system that enables one party to prove to another party that a statement is true without revealing any additional information beyond the validity of the statement itself. zk-SNARKs have been used in various blockchain applications, such as in the privacy-focused cryptocurrency Zcash, to enable transactions to be validated and recorded on the blockchain without revealing the identity or transaction details of the sender, receiver, or the amount involved. The term zk-SNARK is sometimes colloquially used to refer to any zero-knowledge proof system, but strictly speaking, zk-SNARK refers to a particular type of zero-knowledge proof system that has a succinct proof size and does not require interaction between the prover and verifier.

If you would like to test out the IoTeX's MVP which earned zero-knowledge account abstraction grant you can do so at the following link: https://zk-wallet-demo.iotex.io. This Linktree showcases all IoTeX's AA work up to date. By leveraging IoTeX's gained expertise in the space of account abstraction the ioPay implementation made perfect sense as the next step.

ioPay Implementation of Account Abstraction

ioPay has always had a deep focus on security and user experience. Both of which have been enhanced by the implementation of account abstraction. IoPay currently offers Gmail AA login support. In the near future ioPay plans to implement other methods of AA authentication. In building this feature into ioPay, the team leveraged P256 to authenticate wallet transactions and email based DKIM protocol to recover user accounts. DKIM( DomainKeys Identified Mail ) is an email authentication method that uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain. Once the receiver determines that an email is signed with a valid DKIM signature, it can be confirmed that the email's content has not been modified. So we can verify DKIM signature users on-chain contracts and recover users ioPay accounts. P256 uses the secp256r1 elliptical curve, a widely accepted cryptographic standard that can be applied on EVM to create secure authentication and signing for transactions/smart contracts. Most of the modern devices and applications rely on the “secp256r1” elliptic curve. For example:

1. Apple’s Secure Enclave: There is a separate “Trusted Execution Environment” in Apple hardware which can sign arbitrary messages and can only be accessed by biometric identification.
2. Webauthn: Web Authentication (WebAuthn) is a web standard published by the World Wide Web Consortium (W3C). WebAuthn aims to standardize an interface for authenticating users to web-based applications and services using public-key cryptography. It is being used by almost all of the modern web browsers.
3. Android Keystore: Android Keystore is an API that manages the private keys and signing methods. The private keys are not processed while using Keystore as the applications’ signing method. Also, it can be done in the “Trusted Execution Environment” in the microchip.
4. Passkeys: Passkeys is utilizing FIDO Alliance and W3C standards. It replaces passwords with cryptographic key-pairs which is also can be used for the elliptic curve cryptography.Because IoTeX network already supports pre-compiled contracts that perform signature verifications in the “secp256r1” elliptic curve. It made sense to base ioPay AA wallet's verification logic based on Apple's Secure Enclave and Android Keystore with a constant gas cost. Leveraging the device's secure enclave/keystore and biometric identification, we can achieve highly secure AA wallets.To encourage usage of these new AA wallets, for a limited time, IoTeX supplies 2 IOTX per day to pay for gas fees for user's who leverage the ioPay AA wallet. If ioPay users own the MachineFi NFT they can receive 10 IOTX per day for gas fees as an extra level of utility for our MachineFi NFT holders.
   

How to Setup AA Wallet in ioPay

Step 1) Download ioPay and Press create AA wallet.

Step 2) Enter a gmail address

Step 3) You receive an email with a unique verification code

Step 4) Congratulations message + user awarded with 2 IOTX to help incentivize users to use this new feature. (great for new users who have never used Iotex before so they get native token)

Step 5) User goes back to home page where they can perform any transaction or use any dApp leveraging the AA wallet.

6) User receives 2 $IOTX/day/user (for normal AA user) and 10 $IOTX/day/user if they also own a MachineFi NFT.