State of Wallets 2024 2024 年钱包现状

Wallets are the gateway to Web3, serving as essential portals for users to send and receive messages, manage funds, and interact with blockchain applications. As a critical piece of blockchain infrastructure, wallets significantly shape users' Web3 experiences.
钱包是通往 Web3 的门户，是用户发送和接收消息、管理资金以及与区块链应用程序交互的重要门户。作为区块链基础设施的关键部分，钱包极大地塑造了用户的 Web3 体验。

The wallet ecosystem is diverse, with providers offering varied products and services through different mechanisms. As wallet providers strive for sustainability and diversification, their operational models are evolving, creating new dynamics between users, applications, and the underlying blockchain infrastructure.
钱包生态系统是多种多样的，提供商通过不同的机制提供各种产品和服务。随着钱包提供商努力实现可持续性和多元化，他们的运营模式也在不断发展，在用户、应用程序和底层区块链基础设施之间创造了新的动力。

Our report aims to illuminate the current state of wallets on Ethereum, building upon the research conducted by orderflow.art.
我们的报告旨在以 orderflow.art 进行的研究为基础，阐明以太坊上钱包的现状。

However, identifying wallets through on-chain transaction tracking presents several challenges:
然而，通过链上交易跟踪来识别钱包存在几个挑战：

1. Incomplete identification due to unknown routers or signature addresses.
   由于未知的路由器或签名地址导致标识不完整。
2. Difficulty in identifying multiple wallet addresses associated with centralized exchanges.
   难以识别与中心化交易所关联的多个钱包地址。
3. Absence of router addresses for some wallets, making user identification challenging.
   某些钱包没有路由器地址，这使得用户识别具有挑战性。

Despite these limitations, this report provides a comprehensive overview of the Ethereum wallet landscape, its current trends, and future prospects.
尽管存在这些限制，但本报告全面概述了以太坊钱包的前景、当前趋势和未来前景。

The report begins with a Background section covering two key areas: Wallet Taxonomy and the Order Flow Lifecycle. In Wallet Taxonomy, we categorize Web3 wallets into custodial and non-custodial types, detailing the various forms of non-custodial wallets. The Order Flow Lifecycle section outlines the journey of a transaction, identifying key players from Order Flow Originators to block builders.
该报告的背景部分首先涵盖两个关键领域：钱包分类法和订单流生命周期。在钱包分类法中，我们将 Web3 钱包分为托管和非托管类型，详细介绍了各种形式的非托管钱包。订单流生命周期部分概述了交易的旅程，确定了从订单流发起者到区块构建者的关键参与者。

Next, we explore Current Trends, focusing on recent developments affecting Order Flow Originators (OFOs). We examine the implications of increasing centralization in the block building market, which has intensified competition for order flow. This section covers three key concepts: Payment for Order Flow (PFOF), Order Flow Auctions (OFAs), and Private Order Flow (POF). Additionally, we introduce Account Abstraction (AA), with a particular focus on ERC-4337, a significant development reshaping the wallet landscape.
接下来，我们将探讨当前趋势，重点介绍影响订单流发起者 （OFO） 的最新发展。我们研究了区块构建市场日益集中化的影响，这加剧了对订单流的竞争。本节涵盖三个关键概念：订单流付款 （PFOF）、订单流拍卖 （OFA） 和私人订单流 （POF）。此外，我们还引入了账户抽象 （AA），特别关注 ERC-4337，这是一项重塑钱包格局的重大发展。

Finally, in Future Trends, we explore developments aimed at enhancing user experience and addressing regulatory challenges in the wallet landscape. We examine pre-confirmations (pre-confs), a mechanism designed to improve transaction confirmation speed. We also analyze two Ethereum Improvement Proposals (EIPs) that seek to enhance Account Abstraction capabilities. Additionally, we discuss Trusted Execution Environments (TEEs) and their role in improving security and privacy for Web3 wallets. We consider how TEEs might serve as a potential compliance solution for the crypto industry, particularly as regulatory focus shifts from decentralization to questions of control.
最后，在 Future Trends 中，我们探讨了旨在增强用户体验和应对钱包领域监管挑战的发展。我们研究了预先确认 （pre-confs），这是一种旨在提高交易确认速度的机制。我们还分析了两个旨在增强账户抽象能力的以太坊改进提案 （EIP）。此外，我们还讨论了可信执行环境 （TEE） 及其在提高 Web3 钱包的安全性和隐私性方面的作用。我们考虑了 TEE 如何成为加密行业的潜在合规解决方案，尤其是在监管重点从去中心化转向控制问题的情况下。

Background 背景

Introduction 简介

Wallets serve as the primary interface for users to interact with blockchain applications. While users often maintain multiple wallets (for example, several MetaMask accounts), the process of migrating private keys to a new wallet provider is typically cumbersome. This lack of user-friendly portability creates a 'stickiness' effect, often keeping users tied to their existing wallet providers.
钱包是用户与区块链应用程序交互的主要接口。虽然用户通常维护多个钱包（例如，多个 MetaMask 账户），但将私钥迁移到新钱包提供商的过程通常很繁琐。这种缺乏用户友好的可移植性会产生“粘性”效应，通常会使用户与现有的钱包提供商捆绑在一起。

The intensifying competition for order flow has heightened the importance of user acquisition and retention for wallet providers. This competitive landscape has led to an interesting development: decentralized finance (DeFi) applications, such as Uniswap, 1inch, and Curve Finance, are now creating their own wallets. This strategic move allows these DeFi platforms to exert greater control over their users' order flow, potentially capturing more value and providing a more integrated user experience.
订单流竞争的加剧加剧，提高了用户获取和留存对钱包提供商的重要性。这种竞争格局导致了一个有趣的发展：去中心化金融 （DeFi） 应用程序，例如 Uniswap、1inch 和 Curve Finance，现在正在创建自己的钱包。这一战略举措使这些 DeFi 平台能够更好地控制其用户的订单流，从而有可能获得更多价值并提供更集成的用户体验。

This trend underscores the evolving relationships between users, wallets, and DeFi applications in the blockchain ecosystem. It highlights how the battle for order flow is reshaping the wallet landscape and influencing the strategies of major players in the DeFi space.
这一趋势突显了区块链生态系统中用户、钱包和 DeFi 应用程序之间不断发展的关系。它强调了订单流之战如何重塑钱包格局并影响 DeFi 领域主要参与者的战略。

Figure 1. Overview of Ethereum wallet ecosytem
图 1.以太坊钱包生态系统概述

Wallet Taxonomy
钱包分类

Web3 wallets are usually categorized as either custodial, controlled by third parties, or non-custodial, controlled by the user. Control is defined as who holds the private keys to the wallet.
Web3 钱包通常分为由第三方控制的托管钱包或由用户控制的非托管钱包。控制定义为谁持有钱包的私钥。

• Custodial wallets: Primarily offered by crypto exchanges and Telegram bots, custodial wallets hold users’ private keys and offer users an improved user experience. However, users do not have full control over their funds and these third parties could access users’ funds without their permission.
  托管钱包：托管钱包主要由加密货币交易所和 Telegram 机器人提供，保存用户的私钥并为用户提供改进的用户体验。但是，用户无法完全控制他们的资金，这些第三方可以在未经他们许可的情况下访问用户的资金。

• Non-custodial wallets: Users hold their private keys and fully control their non-custodial wallets. If the private keys are lost, the user will lose access to their wallet and funds. Private keys for hot wallets are stored on an internet-connected device that interacts with an application. Cold wallets store private keys on dedicated air-gapped hardware devices that do not interact with applications. Non-custodial “hot” wallets are connected to the internet and are usually accessed via a browser extension, mobile app, or desktop application. “Cold” wallets have no online access and assets are stored in physical devices.
  非托管钱包：用户持有他们的私钥并完全控制他们的非托管钱包。如果私钥丢失，用户将无法访问他们的钱包和资金。热钱包的私钥存储在与应用程序交互的互联网连接设备上。冷钱包将私钥存储在不与应用程序交互的专用气隙硬件设备上。非托管“热”钱包连接到互联网，通常通过浏览器扩展、移动应用程序或桌面应用程序访问。“冷”钱包无法在线访问，资产存储在物理设备中。

There are different types of non-custodial wallets with varying technology to improve user experience and security.
有不同类型的非托管钱包，采用不同的技术来改善用户体验和安全性。

MPC Wallets MPC 钱包

Multi-Party Computation (MPC) wallets use cryptography techniques to encrypt, fragment, and distribute private keys to multiple devices. These devices or parties must evaluate a computation without revealing their private keys or data. A multi-party computation protocol used in the context of MPC wallets usually has these properties:
多方计算 （MPC） 钱包使用加密技术对私钥进行加密、分片和分发到多个设备。这些设备或参与方必须在不泄露其私钥或数据的情况下评估计算。MPC 钱包上下文中使用的多方计算协议通常具有以下属性：

1. Threshold Security: Ensuring that a predefined number of parties must cooperate to sign a transaction.
   阈值安全性：确保必须有预定义数量的各方合作才能签署交易。
2. Key Fragmentation: The ability to split a private key into multiple shares.
   密钥碎片化：将私钥拆分为多个共享的能力。
3. Distributed Key Generation: Generating the key in a distributed manner so that no single party ever knows the full private key.
   分布式密钥生成：以分布式方式生成密钥，以便任何一方都不知道完整的私钥。

The benefits of MPC wallets are:
MPC 钱包的好处是：

1. Security: Since no single person controls the private key, an attacker would be required to attack multiple parties increasing a walletʻs security.
   安全性：由于私钥没有一个人控制，因此攻击者需要攻击多方，从而提高钱包的安全性。
2. Recoverability: With encrypted key fragments stored in multiple places, authorized parties can recover accounts if a key is lost.
   可恢复性：由于加密的密钥片段存储在多个位置，授权方可以在密钥丢失时恢复帐户。
3. Accessibility: Assets can be held online since the private key fragments are securely distributed among multiple parties. Transactions can be executed more efficiently than a hot wallet without compromising key security.
   可访问性：由于私钥片段安全地分布在多方之间，因此资产可以在线保存。与热钱包相比，交易可以更高效地执行，而不会影响密钥安全性。

Externally Owned Accounts (EOAs)
外部拥有的账户 （EOA）

Externally Owned Accounts (EOAs) are managed by unique private keys that users control to interact with smart contracts on-chain.
外部拥有的账户 （EOA） 由用户控制的唯一私钥管理，以便与链上的智能合约进行交互。

EOAs use a private Elliptic Curve Digital Signature Algorithm (ECDSA) key to sign and verify digital transactions. Users can send and receive transactions, interact with smart contracts, and approve messages through EOAs.
EOA 使用私有椭圆曲线数字签名算法 （ECDSA） 密钥来签署和验证数字交易。用户可以发送和接收交易，与智能合约交互，并通过 EOA 批准消息。

To create an EOA, a wallet UI generates a private key and a seed phrase. Because of the singular private key and seed phrase, a user will lose access to their wallet if they lose both their private key and seed phrase.
要创建 EOA，钱包 UI 会生成私钥和助记词。由于单个私钥和助记词，如果用户同时丢失了私钥和助记词，他们将无法访问其钱包。

Smart Contract Wallets
智能合约钱包

Smart contract wallets, or smart wallets, utilize Account Abstraction and the programmability of smart contracts to improve user experience. Smart contract wallets are not controlled by a private key but by the contract code. Account Abstraction protocol like ERC-4337 helps smart contract wallets bypass the requirement that an EOA wallet initiates a transaction. Smart contract wallets can be programmed for features such as:
智能合约钱包或智能钱包利用账户抽象和智能合约的可编程性来改善用户体验。智能合约钱包不是由私钥控制，而是由合约代码控制。像 ERC-4337 这样的账户抽象协议帮助智能合约钱包绕过 EOA 钱包发起交易的要求。智能合约钱包可以针对以下功能进行编程：

1. Two-factor authentication
   双重认证
2. Account freezing 账户冻结
3. Flexible recovery 灵活的恢复
4. Transaction batching 事务批处理
5. Transfer and spending limits
   转移和消费限额
6. Session keys 会话密钥
7. Gas sponsorship and non-native token gas payments
   Gas 赞助和非原生代币 Gas 付款
8. Multi-sig wallet 多重签名钱包

Compared to EOAs, smart contract wallets have a small gas overhead mainly due to the execution of contract code and the publishing of events. Smart contracts are inherently more complex and powerful relative to EOAs, so only audited and battle-tested smart contract wallets should be trusted.
与 EOA 相比，智能合约钱包的 gas 开销较小，主要是由于合约代码的执行和事件的发布。相对于 EOA，智能合约本质上更加复杂和强大，因此只有经过审计和实战检验的智能合约钱包才应该被信任。

Order Flow Lifecycle
订单流生命周期

Orderflow.art illuminated the order flow landscape and identified the known on-chain actors in a transactionʻs lifecycle.
Orderflow.art 阐明了订单流态图，并确定了交易生命周期中已知的链上参与者。

A transactionʻs life cycle begins on the left-hand side of the order flow Sankey with on-chain frontends and ends on the right-hand side with block builders.
交易的生命周期从订单流的左侧开始，从链上前端的 Sankey 开始，到区块构建者的右侧结束。

Figure 2. Edited Orderflow.art Sankey from September 30, 2024
图 2.Orderflow.art Sankey 于 2024 年 9 月 30 日编辑

The key on-chain actors in a transactionʻs lifecycle are:
交易生命周期中的关键链上参与者是：

Order Flow Originators
订单流发起方

Order Flow Originators (OFOs) are the first on-chain applications that interact with a wallet. OFOs include:
订单流发起者 （OFO） 是第一个与钱包交互的链上应用程序。OFO 包括：

1. Wallets: Wallets are increasingly adding more functionality to improve user experience such as direct swaps.
   钱包：钱包越来越多地添加更多功能以改善用户体验，例如直接交换。

   Note: Figures 3, 4, and 5 only include known routers and underrepresents the native swap transactions from wallets.
   注意：图 3、4 和 5 仅包含已知的路由器，低估了来自钱包的原生交换交易。

2. Frontends: Applications like Uniswap have their own wallet and interface for users to create transactions. DEX frontends are losing dominance in both trading volume and transaction count market share (Figures 3 and 4).
   前端：Uniswap 等应用程序拥有自己的钱包和界面，供用户创建交易。DEX 前端在交易量和交易量市场份额方面都失去了主导地位（图 3 和图 4）。

3. Telegram Bots: Banana Gun, Maestro, and Unibot have captured a significant portion of retail transactions within the last year (Figure 4). Trade sizes are generally less than $10,000 (Figure 5).
   Telegram 机器人：Banana Gun、Maestro 和 Unibot 在过去一年中捕获了很大一部分零售交易（图 4）。交易规模通常小于 10,000 美元（图 5）。

4. Aggregators: Aggregators are applications like DefiLlama, Matcha, 0x API, and 1inch API that connect to several DEXs to unify fragmented liquidity. The transaction counts market share has remained relatively consistent while trading volume has decreased slightly since 2023 (Figures 3 and 4).
   聚合器：聚合器是 DefiLlama、Matcha、0x API 和 1inch API 等应用程序，它们连接到多个 DEX 以统一碎片化的流动性。自 2023 年以来，交易量市场份额保持相对稳定，而交易量略有下降（图 3 和图 4）。

5. Order Flow Auctions: OFAs include solver batch auctions (e.g., CoWSwap), RFQ systems (e.g., Uniswap X), and execution auctions (e.g., MEV-Blocker). OFAs have been gaining trading volume market share at the expense of DEX Frontends (Figure 3) and are typically used for larger trades (Figure 5).
   订单流拍卖：OFA 包括求解器批量拍卖（例如 CoWSwap）、RFQ 系统（例如 Uniswap X）和执行拍卖（例如 MEV-Blocker）。OFA 以牺牲 DEX 前端为代价获得了交易量市场份额（图 3），通常用于更大规模的交易（图 5）。

Figure 3. Frontend Trading Volume (3 years), Dune Analytics. September 30, 2024.
图 3.前端交易量（3 年），Dune Analytics。2024 年 9 月 30 日。

Figure 4. Frontend Transaction Count (3 years), Dune Analytics. September 30, 2024.
图 4.前端交易计数（3 年），Dune Analytics。2024 年 9 月 30 日。

Figure 5. Frontend Trade Sizes (7 days), Dune Analytics. September 30, 2024.
图 5.前端交易规模（7 天），Dune Analytics。2024 年 9 月 30 日。

Liquidity Providers
流动性提供者

Large transactions or those involving illiquid trading pairs are often routed to Order Flow Auctions (OFAs) and aggregators to minimize slippage. These providers source liquidity from multiple decentralized exchanges (DEXs), off-chain sources, and proprietary inventories.
大额交易或涉及非流动易对的交易通常会路由到订单流拍卖 （OFA） 和聚合器，以最大限度地减少滑点。这些提供商从多个去中心化交易所 （DEX）、链下来源和专有库存获取流动性。

1. Market Makers: Trading entities that use off-chain liquidity and their own inventory to execute transactions. They provide liquidity for Request for Quote (RFQ) platforms like Hashflow and Uniswap X.
   做市商：使用链动性和自己的库存来执行交易的交易实体。它们为 Hashflow 和 Uniswap X 等报价请求 （RFQ） 平台提供流动性。
2. Solvers: Third-party entities that determine optimal routing and pricing for transaction execution. Solvers are utilized in OFAs such as CoWSwap, and some offer direct user transaction submission through their own front-end interfaces.
   求解器：确定交易执行的最佳路由和定价的第三方实体。求解器用于 CoWSwap 等 OFA，有些求解器通过自己的前端界面提供直接的用户事务提交。
3. CEX-DEX Searchers: These searchers leverage off-chain liquidity from centralized exchanges (CEXs) to capture on-chain arbitrage opportunities. They can utilize OFAs with private mempools like MEV Share and MEV-Blocker.
   CEX-DEX 搜索者：这些搜索者利用来自中心化交易所 （CEX） 的链动性来捕捉链上套利机会。他们可以将 OFA 与私有内存池（如 MEV Share 和 MEV-Blocker）一起使用。

Mempools 内存池

Ethereum orders are submitted to either public or private mempools:
以太坊订单提交到公共或私有内存池：

1. Public mempools: Transactions are visible to all and can be picked up for bundling by searchers and OFAs. All block builders can access these transactions for block inclusion.
   公共内存池：交易对所有人可见，并且可以被搜索者和 OFA 选择进行捆绑。所有区块构建者都可以访问这些交易以包含区块。
2. Private mempools: Transactions are visible only to select parties, including specific searchers, OFAs, and builders.
   私有内存池：交易仅对特定方可见，包括特定搜索者、OFA 和构建者。

Builders 生成器

Builders arrange and include transactions in a block. The order's lifecycle is complete if the transaction is included in the winning builder's block. If not included in the winning block, the transaction remains in the mempool until it is either included in a future block or discarded.
构建器在一个区块中安排和包含交易。如果交易包含在获胜的 builder 区块中，则订单的生命周期是完整的。如果未包含在获胜区块中，则交易将保留在内存池中，直到它被包含在未来的区块中或被丢弃。

References 参考资料

1. https://orderflow.art/frontends
2. Quicknode, A Complete Overview of Web3 Wallets
   Quicknode，Web3 钱包的完整概述
3. Ethereum Foundation, Ethereum Accounts
   Ethereum Foundation， 以太坊账户
4. Fireblocks, What is MPC (Multi-Party Computation)?
   Fireblocks，什么是 MPC（多方计算）？
5. Alchemy, 8 Amazing Benefits of Smart Contract Wallets vs EOA Wallets
   Alchemy，智能合约钱包与 EOA 钱包的 8 大惊人优势
6. Unchained, What are Externally Owned Accounts (EOAs) in Ethereum?
   Unchained，什么是以太坊中的外部拥有的账户 （EOA）？
7. Ambire Wallet, Account Abstraction and the Benefits of Smart Contract Wallets
   Ambire 钱包、账户抽象和智能合约钱包的好处

Current Trends 当前趋势

The Ethereum landscape is currently characterized by several significant trends that are reshaping the industry. Two major trends in Ethereum that affect Order Flow Originators are 1) the centralization of the block-building market, and 2) the implementation of Account Abstraction with ERC-4337.
以太坊领域目前的特点是几个正在重塑该行业的重要趋势。以太坊影响订单流发起者的两个主要趋势是 1） 区块构建市场的集中化，以及 2） 使用 ERC-4337 实施账户抽象。

Block Builder Centralization
区块构建器集中化

Ethereumʻs builder market has become increasingly centralized with two builders capturing more than 90% of the block market.
以太坊的构建者市场变得越来越集中，两个构建者占据了超过 90% 的区块市场。

Figure 6. 30-day builder market share from September 30, 2024, libmev.com.

This concentration has given rise to new dynamics in order flow:

• Payment for Order flow (PFOF)
• Order Flow Auctions (OFA)
• Private Order Flow

These mechanisms are transforming how transactions are processed and prioritized, offering benefits like MEV protection and improved price discovery, but also raising concerns about market fairness and decentralization

Payment for Order Flow

Payment for Order Flow (”PFOF”) is a traditional finance concept that started with market makers paying brokerages for their OTC order flow. Market makers consider retail order flow uninformed and non-toxic and are highly profitable to trade against. As automated trading systems (”ATS”) expanded, market makers used PFOF to attract retail order flow to their ATS.

Retail traders benefit from PFOF in three ways:

1. Part of the PFOF is used to cover the retail traderʻs execution cost.
2. Market makers will quote tighter enabling retail traders to execute at improved prices
3. Market makers will be able to provide greater liquidity for odd-lot orders.

In Ethereum, PFOF has emerged as Exclusive Order Flow (”EOF”) relationships between Order Flow Originators (”OFOs”) and Builders. EOF bypasses the public mempool and accounts for as much as 35% of the market. Exclusive Order Flow enables a builder to construct a higher value block than competitors constrained to sourcing transactions from the public mempool or Order Flow Auctions (”OFA”). Because EOFs require execution guarantees, builders will multiplex the OFOʻs bundle to guarantee timely inclusion.

There are several reasons why Order Flow Originators utilize EOF relationships:

• Block inclusion guarantees. By partnering with a top builder, OFOs increase the probability that their transactions are included in the next block built.
• User MEV protection. OFOs can virtually eliminate their transactionsʻ MEV.
• Priority gas fee rebates. OFOs can receive a refund of the priority gas fees paid by their users. Builders value high-quality transactions like sniping orders from Telegram bots and will pay more for this order flow.

Currently known EOF relationships:

• Banana Gun and Titan Builder
• Maestro and Beaver

Figure 7. Banana Gun EOF blocks*.

Figure 8. Banana Gun multiplexed blocks.

Figure 9. Maestro EOF blocks.

Figure 10. Maestro multiplexed blocks.

*EOF is approximated by order flow not seen by Flashbots or in the mempool.

Order Flow Auctions

Order Flow Auctions (OFAs) were created to protect user transactions from negative MEV strategies such as front-running and sandwich attacks. OFAs offer many benefits to users including:

1. Lower transaction costs. OFAs bundle transactions which reduce gas fees and reduce execution slippage.
2. MEV refunds. OFAs can auction MEV back-run opportunities and return a portion of the captured MEV to users.
3. Improved price discovery. Third-party solvers compete for the best execution price.
4. Enhanced liquidity. Third-party solvers can aggregate liquidity from numerous sources including DEXs, CEXs, and private inventory.

Figure 11. MEV supply chain with Order Flow Auctions.

OFAs aggregate swap transactions from multiple users and auction them to third-party bidders for execution. OFAs function as the auctioneers and select winning bids on predefined criteria. The winning bids are submitted on-chain in a bundle to block builders for consensus.

There are different types of OFAs:

• Request for Quote (RFQs): RFQs utilize a system of pre-selected bidders, funds, and market-makers, that use on-chain and private inventory to submit bids. RFQs offer better liquidity than public automated market makers (AMMs) as RFQ market makers have access to additional sources of liquidity such as CEXs and cross-chain AMMs. Example: UniswapX, Bebop, 1inch Fusion, Hashflow, 0xAPI
• Frequent Batch Auctions: Frequent Batch Auctions enable third-party solvers to optimize for price and liquidity while protecting transactions from MEV. Transactions are bundled saving on gas and improving execution. Example: CoWSwap, DFlow
• Transaction Execution Auctions: Third-party bidders, specifically searchers, extract MEV and compete for the highest user refund. This OFA is typically integrated directly with wallets via an RPC. Example: MEV-Blocker, Merkle
• Block Space Aggregator Auctions: Block Space Aggregator Auctions return value to the original user through builder priority gas rebates. Builders compete to include the transaction bundle to increase the value of their block and will refund a portion of the priority gas paid by the bundle. Example: Flashbots MEV Share

Private Order Flow

Private Order Flow (POF) is the order flow from vertically integrated order flow originators (wallets, applications, solvers, searchers) and builders. This flow is typically not multiplexed and sent to a singular builder.

The top builders, Beaver Build and Rsync, are integrated with proprietary trading firms SCP and Wintermute and benefit from internal CEX-DEX order flow. Integrated searcher-builders have an advantage over normal builders since profits from their searcher can be reallocated to their builder increasing their likelihood of submitting the winning block bid. Integrated searcher-builders also benefit from latency savings when sending their transaction from the searcher to the builder. This latency savings can then be extended to the block builder auction.

Figure 12. Exclusive Order Flow (EOF) from the seven most prominent EOF providers based on total value.

(a) https://arxiv.org/pdf/2407.13931. EOF for Titan (b), Beaverbuild (c), and Rsync builders (d). Note that only Rsync sees Wintermute private order flow and only Beaverbuild sees SCP private order flow.

Future Implications

OFAs like Flashbots Protect and MEV-Blocker have provided RPCs for users to integrate into their wallets. These products were primarily opt-in for individual wallet users and directly integrated into applications.

Moreover, wallets have started to capture the value of their order flow.

• Metamask Smart Transactions - Metamask Smart Transactions perform the same function as an OFA providing MEV protection, gas refunds, and revert protection. This service is automatically integrated into Metamaskʻs wallet and is opt-in for users. Searchers and solvers pay for access to Smart Transactions order flow.
• Trust Wallet MEV Protection - Trust Wallet MEV Protection is included by default for users but does not include gas refunds and revert protection.

References

1. CNBC 2021, Virtu Financial CEO weighs in on payment for order flow crackdown.
2. Bradford Levy, Wharton Initiative on Policy and Regulation - Research Spotlight: Payment of Order Flow and Price Improvement.
3. Thomas Thiery, Empirical analysis of Buildersʻ Behavioral Profiles (BBPs).
4. CoWProtocol, Understanding Order Flow Auctions.
5. Blocknative, Exploring Order Flow Auctions (OFAs) - MEV and the Fair Distribution of Economic Opportunities.
6. Darren Kleine, Itʻs all about the swaps. Why order flow auctions make DEXs better.
7. S. Yang, K. Nayak, F. Zhang, 2024. Decentralization of Ethereumʻs Builder Market.
8. Tivas Gupta & Mallesh M Pai & Max Resnick, 2023. The Centralizing Effects of Private Order Flow on Proposer-Builder Separation.
9. Quintus Kilbourn, Order flow, auctions, and centralisation I - a warning.
10. Quintus Kilbourn, Order flow, auctions, and centralisation II - order flow auctions.
11. B. Bachu, X. Wan, C. Moallemi, 2024. Quantifying Price Improvement in Order Flow Auctions.
12. Frontier Research and Titan, 2023. Builder Dominance and Searcher Dependence.
13. Frontier Research, The Orderflow Auction Design Space.
14. Pai, M. and Resnick, M., Structural Advantages for Integrated Builders in MEV-Boost.
15. Oz, B., Sui, D., Thiery, T., and Matthes, F., 2024. Who Wins Ethereum Block Building Auctions and Why?

Account Abstraction

The implementation of Account Abstraction, particularly through ERC-4337, is revolutionizing user interactions with blockchain networks by introducing smart contract wallets and new entities like Bundlers and Paymasters. These developments are not only enhancing user experience but also creating new opportunities and challenges in transaction processing and fee structures.

ERC-4337

The key goals of account abstraction are to remove the need for all users to have an EOA and to allow users to use smart contract wallets as their primary account. Account abstraction accomplishes this by separating account management and transaction execution from EOAs. Account abstraction uses new entities: 1) the Bundler, to initiate transactions and 2) the Paymaster, to determine the gas payment policies.

Figure 13. ERC-4337 workflow stream

ERC-4337 introduces two new parties - the Bundler and the Paymaster:

• Bundler - The Bundler assembles multiple user operations into a transaction, similar to a block builder, and submits the transaction to the entry point contract for execution. More importantly, Bundlers have EOAs that allow them to initiate transactions abstracting away the need for users to have an EOA wallet. Current bundlers include Skandha, Alchemy, Rundler, Voltaire, Alto, Stackup, and Infinitism.

• Paymaster - The Paymaster is a smart contract that handles the walletʻs gas payment policies. The Paymaster determines which currency, stablecoins or other ERC-20 tokens, are acceptable for gas payments and allows applications to pay gas fees for their users.

Figure 14. Weekly Active Smart Accounts

Figure 15. Weekly Bundler Revenue

Figure 16. Weekly Paymaster Gas Spend

Future Implications

Under ERC-4337, the Bundler is in a similar position to todayʻs block builder and can execute exclusive order flow deals with smart contract wallets. Exclusive order flow is more important to Bundlers because they compete for the highest priority fee and losing Bundlers pay for the gas cost of reverting UserOperation.

Because the UserOperation mempool is public, UserOperations are susceptible to MEV from front-running and sandwich attacks. Bundlers can capture a portion of this MEV since they order and batch the UserOperations into a bundle transaction. Searchers could run Bundlers to extract MEV from the public UserOperation mempool. Bundlers and Builders could integrate to obtain additional order flow.

References

1. ERC-4337: Account Abstraction via Entry Point Contract Specification
2. ERC-4337: Account Abstraction Using Alt Mempool
3. https://github.com/ethereum/EIPs/pull/4337/files
4. Alchemy, What is Account Abstraction (ERC-4337)?
5. Alchemy, How do ERC-4337 smart contract wallets work?
6. Blocknative, Introductory Guide to Account Abstraction (ERC-4337)
7. Blocknative, Understanding ERC-4337 - How it works and exploring unknowns
8. Dmarz, 4337 MEV supply chain
9. Blockbase, Does ERC-4337 reduce the impact of MEV-Boost on Ethereum?
10. BlockPI Network, Why Must ERC-4337 Bundlers Work with Block Builders?
11. Kernel Ventures: Understanding Ethereumʻs ERC4337 Standard - What Opportunities Lie Ahead
12. https://www.bundlebear.com/overview

Future Trends

The cryptocurrency and blockchain landscape is on the cusp of significant transformation, driven by technological innovations and regulatory developments. Key trends shaping the future include:

• Preconfirmations for faster transaction speeds.
• EIP-7702 and EIP-7212 for account abstraction and smart wallet improvements that enhance user experiences and transaction signing standards.
• Integration of Trusted Execution Environments (TEEs) for heightened security.
• Regulatory discourse, particularly around stablecoins and securities, is pushing the industry to adapt within new legal frameworks.

As the focus shifts from broad decentralization to nuanced discussions of control and execution, these trends collectively promise to redefine how users interact with blockchain networks, how developers build applications, and how the ecosystem navigates regulatory challenges.

Preconfirmations

Preconfimations (”preconfs”) is a research proposal that allows users to receive a transaction confirmation before their transaction is confirmed in consensus. Preconfs aim to improve the user experience by eliminating high network congestion on Ethereum, layer 2 rollups, and validiums through faster confirmations. First introduced by Justin Drake, based preconfs allow L1 proposers to provide economic guarantees that an L2 user transaction will be included.

Figure 17. Based Preconfirmations for Rollups

How do preconfs work?

• Ethereum block proposers (”preconfers”) or a delegate party issue signed promises to users guaranteeing that their transactions will be included and executed faster than expected L1 consensus.

The preconfirmation landscape is still in its early stages and several different methodologies have been proposed. These are the few that could affect order flow originators the most:

• XGA-Style Preconfs: XGA-style preconfirmations guarantee (non-positional) bundle inclusion in the bottom portion of a block. Filler transactions, transactions that do not require immediate execution or have low MEV, can be included in the bottom-of-the-block bundle. This allows builders to focus on valuable top-of-the-block MEV transactions and simplifies gas pricing for filler transactions.
• MEV-Commit by Primev: MEV-commit is a P2P network where execution commitments for Ethereum transactions are committed and providers are rewarded or slashed. Order flow originators (”bidders”) specify their intents for transaction executions to providers.
• BFT Preconfirmations by Espresso: BFT preconfirmations are backed by security and liveliness guarantees of a BFT consensus algorithm. BFT preconfs are backed by a subset of L1 validators and not a single validator like in based preconfs.

Future Implications

Preconfs will lead to a better execution experience since order flow originators can guarantee transaction execution for higher fees.

In the case of XGA-style preconfs, bottom-of-the-block inclusion for non-latency-sensitive transactions (i.e. “governance”, ”staking”, “authorizations”, “claiming”) can lower the gas spent on these transactions and reduce the number of transaction reverts from insufficient gas.

References

1. Justin Drake, Based Confirmations.
2. Raghav Agarwal, Preconfirmations: Credible Promise of Future Execution
3. Murat Akdeniz - Primev, Preconfirmations: The Fulfillment-Delivery Paradigm.
4. CTra1n, Value-Capturing Based Rollups with Based Preconfirmations.
5. dpl0a, Preconfirmations: On splitting the block, mev-boost compatibility and relays.
6. Ellie Davidson - Expresso Systems, Analyzing BFT and Proposer-Promised Preconfirmations.
7. Nethermind, RFP-001: Introduce preconfirmation infrastructure.
8. Cairo, Towards an Implementation of based preconfirms.

EIP-7702 and EIP-7212

There are two Account Abstraction EIPs that could fully unlock the potential of smart contract wallets and become game-changers for the wallet ecosystem.

EIP-7702

EIP-7702 introduces the following features to EOAs:

• Batching: A user can perform multiple operations in one atomic transaction.
• Sponsorship: A separate account X or application operator can pay for account Yʻs transaction. Account X can receive ERC-20 tokens for this service.
• Privilege de-escalation: Users sign sub-keys that provide weaker, specific permissions. For example, interacting only with specific applications, using only certain ERC-20 tokens for a transaction, and transfer limits.

EIP-7702 is designed to be backward and forward compatible with ERC-4337 allowing EOAs to take advantage of the existing ERC-4337 infrastructure. EOAs can also temporarily convert themselves into smart contract wallets for inclusion in ERC-4337 bundles.

Benefits of EIP-7702 include:

• Less security risk: EIP-7702 also eliminates the central point of trust when assigning smart contract codes to EOAs for a transaction. There is no possibility of unauthorized transactions with EIP-7702 since the contract code is removed after the transaction is executed.
• Easy adoption for dApps: Applications using ERC-4337 can easily integrate with EIP-7702 without any changes to their code. EOAs can call the smart contract without any need for authorization.

EIP-7702 is still a new proposal and has a few issues that developers need to consider:

• Revocations: EIP-7702 does not have clear details on revoking contract code in case any malicious code is detected.
• Chain Agnostic Signatures: EIP-7702 uses a fixed signature that can be reusable in other chains but lacks flexibility if users want different implementations.

EIP-7212

EIP-7212, or RIP-7212, creates a contract for signature verification using the “secp256r1” elliptic curve standard. This standard has been adopted for user authentication by the largest Web2 corporations and can be integrated into ERC-4337ʻs smart contract wallets.

“secp256r1” is currently used in the following authentication applications:

1. Appleʻs Secure Enclave: Appleʻs Secure Enclave is Trusted Execution Environment (TEE) hardware that creates and stores keys. The Secure Enclave can encrypt or decrypt data, sign arbitrary messages, and is only accessible through biometric identification.
2. WebAuthn: Web Authentication is a web standard for authentication used by most Web2 browsers - Chrome, Firefox, Edge, and Safari. WebAuthn uses domain-specific public-key cryptography for user authentication eliminating passwords, providing faster recovery, and reducing security risks.
3. Android Keystore: Android Keystore is a secure system credential storage. Applications can create private and public keys and store them in the Keystore. The Keystore is encrypted based on the userʻs own mobile password and can be accessed via password or biometrics.
4. Passkeys: Passkeys are FIDO credentials that allow users to access their accounts without passwords using biometrics or a PIN. Users can access websites or apps by unlocking their mobile devices eliminating the need for passwords.

RIP-7212 is the roll-up version of EIP-7212 and teams from Kakarot, Polygon, Optimism, zkSync, Scroll, and Arbitrum have already committed to implementation. Polygon has RIP-7212 available on their testnet and Coinbaseʻs recently launched Smart Wallets include passkey authentication.

Figure 18. Mobile authentication via passkeys

How do passkeys work?

1. A smart contract wallet creates a passkey or public and private key pair.
2. The private key is stored in a TEE on your mobile device.
3. When the smart contract wallet creates a transaction for approval, the user authenticates themselves with biometrics or a mobile PIN to unlock the private key.
4. The mobile device then uses the private key to “sign” the transaction and sends the completed transaction back to the smart contract wallet.
5. The signature is verified on-chain through the RIP-7212 smart contract.

Future Implications

While EIP-7702 is still a proposal, RIP-7212 is being actively integrated into L2 roll-ups and implemented into smart contract wallets. Passkey wallets supercharge ERC-4337 smart wallets by eliminating the need for passwords and seed phrases and elevating security to a hardware level. Current projects featuring passkeys include:

• Coinbase Smart Wallet: Coinbaseʻs Smart Wallet utilizes a passkey for user authentication and sponsored gas transactions. Smart wallets support 8 networks (Base, Ethereum, Optimism, Arbitrum, Polygon, Avalanche, BNB, Zora) and offer a wallet SDK for dApps integration.
• Clave: Clave utilizes mobile TEEs and passkeys to offer social recovery, account naming services, biometric login, and sponsored gas fees on zkSync.
• Banana SDK: Bananaʻs SDK utilizes WebAuthn to offer zero-knowledge 2FA, biometrics, and recovery accounts with a nominee.
• Turnkey: Turnkey is a Wallet-as-a-Service (WaaS) provider that stores private keys in a TEE.

References

1. Coinbase, How Base is making smart wallets the default
2. Github, EIP-7702
3. Zyfi, Into the future with EIP-7702 - Part-1
4. Quicknode, EIP-7702 Explained: The Future of Ethereum
5. Web3Auth, EIP-7702 Explained: How it Works and Everything You Need to Know
6. Erdogan, U., Alpaslan, D., Posch, DC., Bhardwaj, N., EIP-7212: Precompile for secp256r1 Curve Support.
7. Alchemy, What is RIP-7212? Precompile for secp256r1 Curve Support.
8. Apple, Secure Enclave.
9. WebAuthn, WebAuthn Guide.
10. Android Authority, How to use the Android Keystore to store passwords and other sensitive information.
11. Google, Ask a Techspert: What are Passkeys?
12. Coinbase, Smart Wallet Documentation
13. Clave FAQ
14. Banana Wallet SDK Docs

EIP-712

EIP-712 is a standard for typed message signing which aims to allow off-chain message signing for on-chain signing allowing for a better user experience. Rather than reading byte strings, EIP-712 enables signatures to be displayed in a readable format without losing system security properties. Off-chain signing saves gas and reduces the number of transactions on-chain.

Figure 19. Current message signature

Figure 20. Message signature with EIP-712

How does EIP-712 work?

1. dApps developers utilize a JSON data structure that users sign.
2. A domain separator prevents the signature from being used on multiple dApps and allows for multiple distinct signature use cases within a given dApp.
3. Wallets and front-end operators can parse the dApp data structure and translate the data into a readable message for users.

One of the key features that EIP-712 unlocks is that it allows dApps to control the transaction flow for users rather than wallets. Applications like Uniswap, can minimize their usersʻ MEV since swaps would bypass OFAs and other MEV value extractors.

Figure 21. Uniswapʻs interest in transaction flow control

In addition to wallet transaction readability, EIP-712 improves governance usability by allowing a third party to pay the gas fees for user votes. Voters can use EIP-712ʻs by-signature functionality to create a signed delegate or vote transaction for free.

Future Implications

In addition to wallet readability, EIP-712 can be used to improve the user experience in other areas.

• Governance. Users can delegate their vote and have a third party pay the gas fees for them through EIP-712ʻs by-signature function.
• Clear Signing. Hardware wallets, or separate devices, can display the dAppʻs message ensuring that users can be certain that no malware or malicious application has sent the message to them.
• Replay attack prevention. The data to prevent replay attacks can be included inside the EIP-712ʻs structured data.
• MEV minimization. EIP-712 allows a user to sign a transaction while giving front-ends the ability to send the order flow without broadcasting it to the network minimizing a userʻs exposure to malicious MEV.

References

1. EIP 712. Typed structured data hashing and signing
2. Koh Wei Jie, EIP712 is here: What to expect and how to use it
3. Adam Bavosa, Delegation and Voting with EIP-712 Signatures
4. SpruceID, Sign-In with Ethereum Wallet Research
5. Ledger Tech, Messages, Transactions, and Clear-Signing
6. Cyfrin, EIP712 and EIP191
7. Metamask Github, Sign transaction without broadcast #3475

Trusted Execution Environments (TEEs)

Trusted Execution Environments (TEEs) is a secure enclave based within a hardware microprocessor where sensitive computations and operations can run with integrity and privacy. TEEs support isolation and remote attestation and can run virtual machines like EVM and CosmWasm without the cryptographic overhead like Multi-Party Computation (MPC) or zkSNARKs.

For web3 wallets, mobile TEEs like Appleʻs Secure Enclave and Googleʻs Titan M2 can secure smart contract walletʻs private keys better than standard hardware wallets. Users can create and store a private key inside a TEE and sign transactions from these keys. The keys remain on the device and can only be accessed by the device owner via biometric authentication or device PIN.

TEEs are currently used in several wallet solutions:

• MPCs: Fireblocks utilizes Intel SGX TEEs to isolate cryptographic data, the MPC and ZKP cryptographic algorithms, and the execution portions of their software from their internal systems and external third parties. Fireblocks stores MPC keys, API credentials, and their Policy Engine in the secure enclave to prevent unauthorized access by hackers, rogue employees, and inside colluders.
• Smart Contract Wallets: As listed in the previous RIP-7212 section, smart wallets leverage mobile TEEs to store passkeys. Current smart contract wallets using TEEs include Coinbase Smart Wallet, Banana SDK, Turnkey, Clave, and Weeve.

Future Implications

TEEs are poised to be a major game changer for blockchains.

• Flashbots SUAVE will utilize TEEs to create a secure and private MEV ecosystem.
• Smart contract wallets will use mobile TEEs and Account Abstraction to improve the user onboarding experience and reach a new user audience.
• Large corporations have adapted TEEs to solve their own privacy and security needs. Visa created the LucidiTEE blockchain that improves multiparty computation and storage for private data.
• TEEs are a potential regulatory compliance solution to enhancing control, data privacy, and operational security for blockchains.

References:

1. Andrew Miller, TEE-based Smart Contracts and Sealing Pitfalls.
2. Braavos, Hardware Signer: Enhancing Security of Crypto Wallets.
3. Base, Solidity WebAuthn Authentication Assertion Verifier.
4. Nick Summers, Passkeys FAQs: What they are, and other frequently asked questions
5. Apple, Secure Enclave Documentation
6. Calvin Wankhede, What is the Titan M2 security chip in Googleʻs Pixel phones?
7. Fireblocks Documentation
8. Sinha, R., Gaddam, S., Kumaresan, R. - Visa Research. LucidiTEE: A TEE-Blockchain System for Policy-Compliant Multiparty Computation with Fairness.

Execution, Control, & Decentralization

One of the major challenges for wallet providers has been educating users and regulators about self-custody and on-chain accounts. However, as the web3 ecosystem has matured, key stakeholders have come to understand several crucial points:

1. Wallets do not hold, manage, or custody user assets; they merely provide an interface to access them.
2. Blockchain addresses exist independently of wallets and are not created or managed by them.
3. Users have the freedom to switch between different wallet providers, as their assets and accounts exist on-chain, separate from any specific wallet service.

This growing understanding has been crucial in clarifying the role of wallets in the cryptocurrency ecosystem and distinguishing them from traditional financial service providers.

Stablecoins and MiCA

Stablecoins continue to be among the most significant crypto assets as they enable seamless and frictionless transfer of value across borders and economic systems. They permit users to move value between assets that may fluctuate in price to stable denominations for future use. However, stablecoins have risen to the top of many regulators’ crypto agendas primarily due to concerns about:

1. Controlling and monitoring the flow of global fiat currency flows.
2. Their influence on currency strength and monetary policy.
3. The need for oversight in their issuance and backing.

As a result, stablecoins have become a top priority on many regulators' cryptocurrency agendas, sparking debates about their role in the broader financial ecosystem.

In the United States, stablecoins gained significant regulatory attention with Facebookʻs (now Meta) Libra project. The tech giant proposed a privately managed stablecoin that could, in theory, become the predominant digital currency, raising concerns about its impact on central banksʻ monetary policy control.

Since the Libra project shuttered in 2022, the primary goal of the US regulatory stablecoin policy has been ensuring the proper collateralization and oversight of stablecoins. This shift has led stablecoin issuers to adopt practices similar to regulated financial institutions with robust custody agreements, established banking relationships, and comprehensive monitoring programs. While various regulatory agencies have contributed piecemeal regulations, the US Congress is working towards a more comprehensive regulatory framework for stablecoins.

In the EU, the Market in Crypto-Assets Regulation (MiCA) is rolling into effect and contains key stablecoins provisions. As of this writing, only Circle’s USDC and Euro stablecoin have successfully registered in the EU.

Swaps and Securities Regulation

In-wallet token swaps have become a popular feature in many cryptocurrency wallets improving the usability of on-chain applications and enabling users to navigate bridging and cross-chain interactions.

However, this functionality has attracted regulatory scrutiny, particularly from securities regulators, attempting to apply traditional financial services regulations to wallets offering swap features. Most notably, the SEC has taken legal action against certain wallet providers alleging that these walletsʻ swap functions effectively operate as unregistered broker-dealers.

SEC v. Coinbase

In April 2024, the SEC’s claim that Coinbase Wallet acted as a broker was dismissed. Self-custody wallets with swap functionalities generally do not meet the criteria for broker classification. The SEC's argument is based on their allegations that some assets available through these wallets are unregistered securities..

SEC v. Consensys

Consensys proactively sued the SEC in April 2024 over whether the SEC has the legal authority to regulate MetaMask as a securities broker and issuer and was granted an expedited review by the judge in the case. The expedited court proceedings could lead to a decision by the end of this year.

Despite this lawsuit and losing the Coinbase v SEC lawsuit, the SEC filed a Wells Notice against Consensys at the end of June 2024. The SEC alleged that Consensys acted as an unregistered broker of crypto asset securities through MetaMask Swaps and through its crypto staking program, MetaMask Staking.

Future Implications

While wallets will continue to be at the forefront of debates over illicit finance and self-custody, much of the future regulatory conversation will pivot to the question of decentralization. For the past few years, the crypto industry has leveraged the concept of decentralization to explain to regulators why traditional financial securities regulations should not apply to crypto services. This argument specifically addresses the questions of control and responsible parties.

Traditional finance rules and guidance regulate intermediaries to provide consumer protection and accountability. However, a key challenge emerges: how do you achieve these objectives when the services involved are inherently not intermediaries and do not custody assets or execute operations for users?

Decentralization, both as a concept and a design goal, has helped explain why traditional financial services regulations are difficult to apply to crypto. However, we are now entering a new phase of regulatory discourse where regulators are seeking to define and apply definitions of decentralization to various services, from wallets to decentralized exchanges (DEXs) and beyond. Regulators now see an opportunity to classify many crypto services as non-decentralized or "decentralized-in-name-only." This classification stems from two main factors:

1. The burden of meeting standards for true decentralization is often technically unfeasible for many services.
2. These standards of decentralization may not align with the actual goals of regulation. This shift in regulatory approach could have significant implications for how crypto services are classified and regulated in the future.

That is why the next phase of regulatory discourse will shift to the concept of control. Key questions will include: Do wallets have control over the execution of a user's operation? Do DEXs have control over how an operation is executed or filled? The crypto industry as a whole is making significant progress in developing new operational models that move beyond the notion of decentralized services and into a conversation about control, data, and privacy.

At the forefront of these advancements is the utility of trusted execution environments (TEEs). We are moving towards a market structure where operational control resides within hardware and software, rather than with service providers. In this model, service providers do not have direct control over the operations taking place nor the ability to view user orders. With this approach, the crypto industry is pioneering novel ways for financial services and communications applications to operate..

Lastly, as we shift from discussions about decentralization to more nuanced conversations about control, the concepts of execution, finality, and settlement will become increasingly important. The industry will need to define collectively:

1. Who is responsible for executing an operation
2. When an operation is considered settled on-chain
3. Who is responsible for its settlement

---

Contributors

Flashbots Mates: Tesa Ho, George Zhang, Reid Yager, Quintus Kilbourn, Fred, Danning Sui, Elaine Hu, Daniel Marzec.

Friends: Ivo Georgiev, Joe Huang, Nic Lin, Tina He, Nico Csgy, Eric Siu, Samuel Akpan, Brian Friel, Andre Geest, Daniel.

Ambire Wallet

OKX Wallet

Rainbow Wallet

IM Wallet

Base

CW

Safe Wallet

Blockdaemon