Why Modular Smart Account Design Will Win

Users are trapped in a single vendor's stack, unable to swap out components like session keys or bundlers without migrating their entire identity and assets.

• Zero Portability: Changing a signer requires a full wallet migration, losing transaction history and social graph.
• Vendor Risk: A single point of failure in the stack (e.g., a bundler exploit) compromises the entire user base.
• Innovation Lag: New primitives like ERC-7579 for modular accounts can't be integrated without a hard fork of the core wallet.

Users express what they want (e.g., 'swap ETH for USDC at best rate'), not how to execute it, shifting complexity to specialized solvers.

• UniswapX & CowSwap pioneered this for swaps; now it's coming to account operations.
• Solver Competition: Networks of solvers (like Across for bridging) compete on price and speed, driving down costs.
• User Experience Leap: Removes gas estimation, failed transactions, and the need to understand MEV. Finality is guaranteed or the transaction doesn't happen.

Monoliths enforce a universal security model, forcing a DAO treasury and a casual gamer to use the same 2FA and recovery flows.

• Security/UX Trade-off: High-security models (e.g., 3/5 multisig) are cumbersome for daily use; lightweight models are insecure for large holdings.
• Static Recovery: Social recovery or guardians are baked in, unable to adapt to new standards like ZK proofs of ownership.
• Audit Blast Radius: A bug in one feature (e.g., a payment streaming module) requires a full wallet upgrade, halting all functionality.

Decouple the signature verification logic from the account core, allowing users to install modules for different use cases.

• Context-Aware Security: Use a hardware signer for transfers >1 ETH, but a session key for a gaming session.
• ERC-6900 Compliance: Standardizes module interfaces, enabling a marketplace of audited, interoperable security plugins.
• Incremental Upgrades: Swap out a vulnerable signature validator without touching the account's asset storage or social recovery module.

Monolithic wallets bake in a single economic model (e.g., paymaster sponsorship, gas abstraction), forcing all dApps and users to subsidize it.

• Inefficient Pricing: Users pay for bundled services (like a default relayer) they may not need.
• No Customization: A dApp cannot offer its own bespoke sponsorship program or integrate with a chain-specific LayerZero relayer for cross-chain ops.
• Stifled Markets: Prevents competition between bundlers, paymasters, and block builders, keeping fees artificially high.

Separate the bundler, paymaster, and entry point into competitive, swappable marketplaces that the smart account orchestrates.

• Dynamic Bundler Selection: The account can route transactions to the cheapest or fastest bundler based on real-time market data.
• Paymaster-as-a-Service: dApps can plug in their own subsidization logic without needing the wallet's permission.
• Cost Transparency: Users see the breakdown for execution, validation, and gas, enabling true price discovery. This is the modular stack in action.

Monolithic wallets like Metamask trap users in a single vendor's security model, upgrade path, and feature set. This stifles innovation and creates systemic risk.\n- Vendor Risk: A single bug can drain billions.\n- Innovation Lag: Users wait months for new primitives (e.g., session keys, social recovery).\n- Fragmented UX: Every dApp must rebuild authentication and payment logic.

Separates the account's validation logic from the core protocol, enabling programmable transaction flows. This is the foundational standard for modular design.\n- Bundlers: Compete on execution speed and cost, driving ~500ms latency.\n- Paymasters: Enable gas sponsorship and payment in any token, abstracting complexity.\n- Account Factories: Allow for permissionless deployment of custom account logic.

These entities are building the middleware that makes modular accounts usable. They compete on developer experience and bundled service quality.\n- Safe{Core}: The $40B+ TVL standard, now with modular Smart Accounts and a plug-in architecture.\n- ZeroDev: Focuses on ERC-4337 SDKs and kernel-based accounts for maximal extensibility.\n- Biconomy: Bundles paymaster services and bundler infrastructure for a turnkey solution.

The endgame is an open ecosystem where developers publish and monetize account modules, similar to Uniswap pools or Curve gauges.\n- Security Modules: Audited recovery schemes, multi-sig policies, transaction limits.\n- UX Modules: One-click DeFi strategies, automated gas optimization, subscription payments.\n- Monetization: Module creators earn fees on usage, creating a new developer economy.

Modular accounts are the perfect execution environment for intent-based systems like UniswapX and CowSwap. Users declare what they want, not how to do it.\n- Solver Competition: Specialized modules can fulfill intents at best price.\n- Atomic Composability: A single user signature can trigger a cross-chain swap, loan, and NFT mint via Across or LayerZero.\n- User Sovereignty: The account, not the dApp, controls the flow of assets and data.

Modular design aligns economic incentives, fragments systemic risk, and accelerates the rate of wallet innovation by orders of magnitude.\n- Security: Bugs are isolated to modules, not the entire account standard.\n- Speed: New features deploy via module install, not hard forks.\n- Market Fit: The stack that offers the best UX and developer tools will capture the next billion users.

Splitting logic across modules creates a broader attack surface. A single weak module can compromise the entire account, unlike monolithic wallets where the core contract is the sole target.

• Permission sprawl: Users must trust multiple module developers, not just one.
• Audit gaps: The security of novel module interactions is often untested.
• Upgrade risks: A malicious or buggy module upgrade can drain funds instantly.

Paymasters and bundlers promise gasless UX, but introduce centralization and liveness risks. If your chosen paymaster's relayer goes down, your transaction is stuck.

• Relayer dependency: Users are at the mercy of a service's uptime and censorship policies.
• Cost volatility: Sponsorship models can change, suddenly passing fees to users.
• Vendor lock-in: Deep integration with a single stack (e.g., Biconomy, Stackup) reduces portability.

Modules must communicate across chains and standards. Mismatched implementations between ERC-7579 and ERC-4337 or across L2s like Arbitrum and Optimism break composability.

• Standard wars: Competing specs (RIP-7560, ERC-6900) fragment the ecosystem.
• Cross-chain state: Managing module state across rollups is an unsolved coordination problem.
• DApp integration lag: Widespread adoption requires every major protocol (e.g., Uniswap, Aave) to support the new account abstraction patterns.

Infinite customization creates user paralysis. The average user cannot evaluate the security trade-offs between a Safe{Wallet} module and a new social recovery plugin.

• Choice overload: Too many modules drown users in decisions, defeating the UX purpose.
• Irreversible actions: A poorly configured session key or spending limit cannot be undone.
• Recovery fragmentation: Social recovery, hardware signers, and MPC modules create conflicting recovery paths.

ERC-4337's Account Abstraction standard is the base layer, but the real value is in the modular execution layer built on top. This is where protocols like Safe{Core}, ZeroDev, and Biconomy compete.

• Winner-Takes-Most: The stack with the best developer SDK and plugin marketplace will capture the majority of ~100M+ projected AA wallets.
• Interoperability Premium: Modular design enables pluggable security modules (e.g., multi-sig, social recovery) without fragmenting liquidity or user identity.

The killer app for modular accounts isn't social recovery—it's abstracted transaction economics. Paymasters enable sponsored gas, gasless onboarding, and session keys for seamless UX.

• Acquisition Cost: Projects can subsidize user onboarding for ~$0.10-$1.00 per user, a fraction of traditional Web2 CAC.
• Sticky Users: Once a user's assets and identity are in a modular account, switching costs are high, creating >60% higher retention versus EOAs.

Wallets like MetaMask are feature-bloated monoliths. Modular accounts turn the wallet into a permission manager for a decentralized plugin system.

• Developer Velocity: Teams can ship features (e.g., a new DEX aggregator, tax module) as independent, auditable modules without forking the core account.
• Security by Isolation: A bug in a DeFi plugin doesn't compromise the entire account's seed phrase or core asset vault, limiting exploit scope.

Modular architecture makes native cross-chain operations trivial. Instead of bridging assets, users execute intents fulfilled by networks like LayerZero, Axelar, or Wormhole via dedicated account modules.

• Unified Liquidity: Users interact with a single account balance abstraction across EVM, SVM, Move, etc.
• Intent-Based Future: This design is the prerequisite for the UniswapX and CowSwap model to dominate all chain interactions, not just swaps.

A modular smart account can dynamically adjust its compliance posture based on transaction context and user KYC status, enabled by attestation protocols like EAS.

• Programmable Compliance: A DeFi module can be restricted, while a compliant NFT module operates freely, all within one account.
• Institutional On-Ramp: This is the missing piece for TradFi to adopt DeFi at scale, allowing for granular policy enforcement without sacrificing custody models.

Modular accounts generate structured on-chain data for every action—from plugin usage to failed transactions. This creates a proprietary data graph far richer than EOA activity.

• Monetization: Account providers can offer anonymized intent data to searchers, builders, and DeFi protocols for >$1B+ in annual value.
• Product Intelligence: Real-time data on module adoption drives a feedback loop for superior product development and ecosystem grants.