ERC-4337
ERC-4337 is the account abstraction standard for Ethereum, enabling smart contract wallets that validate their own transactions through an EntryPoint contract and optional paymasters.
In Depth
ERC-4337 brings account abstraction to Ethereum without protocol-level changes. Smart contract wallets (smart accounts) validate their own user operations through an EntryPoint contract, with bundlers submitting operations from an off-chain mempool. Paymasters can sponsor gas on behalf of users. This architecture introduces bug classes around authorization bypass, gas accounting manipulation, nonce replay, and paymaster insolvency that are fundamentally different from DeFi token bugs. Fuzzing targets the validation and execution paths that traditional testing misses. For the complete invariant suite and property design, see How to Fuzz ERC-4337 Account Abstraction Wallets.
Frequently Asked Questions
What is ERC-4337?
ERC-4337 is Ethereum's account abstraction standard. It lets smart contract wallets validate and execute their own transactions through an EntryPoint contract, replacing the traditional externally-owned account (EOA) model. This enables features like social recovery, gas sponsorship through paymasters, and batched operations.
How do you fuzz account abstraction wallets?
Fuzzing ERC-4337 wallets means writing properties for validation correctness (only authorized signers pass validateUserOp), gas accounting (actual cost never exceeds maxGasCost), nonce monotonicity (no gaps or replays), and paymaster solvency. See the ERC-4337 fuzzing guide for the full approach.