What Is a Smart Contract Wallet? (2024)

Many cryptocurrency users often face a dilemma when choosing options to store funds: use a custodial or non-custodial wallet? Custodial wallets (issued and controlled by centralized exchanges) promise ease of use but require trusting a third party. Non-custodial wallets offer security and reduce trust assumptions, but are difficult to use for average users.

But what if there was another means of storing cryptocurrencies that provides ease of use and security? Smart contract wallets are designed for this purpose. This article will explore smart contract wallets in detail: how they work and what benefits and drawbacks users should expect.

How do smart contract wallets work?

A smart contract wallet is a wallet managed by a contract account instead of an EOA (Externally Owned Account). A brief refresher on the types of Ethereum accounts:

Contract Account: A contract account is controlled by logic programmed into the code. It has no associated private key and cannot initiate transactions, but it can execute operations (eg. calling another contract or transferring funds) after receiving transactions from an EOA.

Externally Owned Account (EOA): An Externally Owned Account (EOA) is controlled by an associated private key. The key holder can initiate transactions with an EOA or contract account as the recipient. EOAs are limited to basic functionalities (e.g., transfers) since no code is stored in the account’s state.

Many wallets today are managed by EOAs, which is how users can transfer Ether (ETH) and other tokens from a wallet by signing transactions with a private key. In contrast, smart contract wallets (also called smart wallets) are controlled by contract code instead of a private key.

Benefits of smart contract wallets

Ease of use

Smart contract wallets require less effort to use than traditional wallets. For example, smart wallets like Argent can be recovered without a seed phrase. This process, described as social recovery, works by letting users set some trusted parties (e.g., friends and family) as “Guardians”.

If a user’s phone is lost or stolen, a new operation changing the ownership of a smart contract wallet can be initiated and signed by a quorum of guardians. This way, users don’t need to memorize long mnemonic phrases or take great pains to store seed phrases in a safe place.

Advanced security features

The programmable nature of smart contract wallets lets developers design complex safety features to protect user funds. In comparison, the safety of an EOA-controlled wallet relies solely on the security of the private key—if the key is lost or stolen, users have no way of accessing funds.

For instance, some smart contract wallets allow users to set daily limits on transfers, limiting the possibility of attackers stealing all funds in one transaction (i.e., after stealing a user’s private key). Other security features available on smart wallets include:

Requiring trusted parties to approve transactions
Allowing a trusted party to lock the smart wallet if the owner’s device is misplaced or compromised
Creating a whitelist of addresses that can receive funds from a wallet
Using two-factor authentication (2FA) to protect against unauthorized wallet access

Access to complex functionalities

Having a wallet built as a smart contract provides access to more complex functionalities like interacting with DeFi applications. DeFi Saver and Instadapp are two examples of smart wallets designed for advanced use cases.

Both wallets come with integration to on-chain lending and trading markets (e.g., Compound, Uniswap, and Maker) and let users perform complex interactions, and batch multiple calls, in one operation. As an example, DeFi Saver offers “recipes”—bundled actions that allow for, say, borrowing Dai from Maker or contributing liquidity to Compound Protocol.

With a regular wallet, users are limited to basic payments and must undergo a cumbersome process when interacting with DeFi applications. Smart contract wallets integrate with dApps seamlessly, making them a better option for expert users.

Disadvantages of smart contract wallets

While smart contract wallets certainly have many benefits, they also have a few drawbacks. The disadvantages of smart contract wallets can be grouped broadly under security risks and administrative overhead.

Smart contract wallet security risks

Errors in smart contract code

Smart wallets rely heavily on smart contracts, which increases the attack surface for users. For example, a bug in the wallet contract might leave users unable to access funds, while a vulnerability in contract code can lead to attackers stealing funds from the wallet.

Private-key wallets are much simpler and less susceptible to various security issues that can affect a smart contract’s operation. As long as the private key remains safe, no one can transfer funds out of the wallet without the user’s approval. This is true, even if the underlying blockchain suffers a 51% attack.

Malicious counterparties

Unlike an EOA wallet exclusively controlled by a single user, smart contract wallets rely in part on other (trusted) third parties to work properly. This may include accounts participating in multisignature validation and account recovery/locking as well as transaction relayers. While this setup is crucial for smart wallet operations, it can introduce counterparty risk—especially if those parties act maliciously.

Malicious relayer: A malicious relayer can censor a user’s transaction by (a) refusing to execute transactions and (b) griefing users by using a small amount of gas such that some part of the call, but not all, executes. In the latter case, the transaction would revert on-chain, but users would still be required to pay for gas used.

Malicious guardians: Argent pioneered the use of guardians—trusted parties that can validate transactions and control access to a user’s account. This can, however, cause problems if one or more guardians are malicious. A set of malicious guardians can take some or all of the following actions:

Refuse to approve transactions that require a threshold of signatures to execute
Refuse to participate in account recovery and deny users access to funds
Collude to transfer ownership of the wallet to another account (which is not controlled by the user) and authorize illegal withdrawals/transfers

Administrative overhead

Using smart contract wallets involves a steeper learning curve than regular wallets. Users must get used to performing actions like requiring approval for transactions, granting and revoking access to trusted accounts, using relayers, and so on.

Furthermore, using a smart contract wallet often requires users to pay more gas when executing transactions. Transactions from contract wallets have more data and trigger more complex computation in the EVM. Storage and compute resources are expensive, which explains the high costs associated with using smart contract wallets.

Conclusion

Smart contract wallets represent a breakthrough in wallet technology—one that combines ease of use and efficiency with security. Importantly, smart wallets decrease the difficulty of self-custody for new cryptocurrency users and reduce the complexity of interacting with DeFi protocols.

Nevertheless, smart wallets still have their drawbacks as in the article. From counterparty risk to flaws in contract code to administrative overhead, smart contract wallets are riskier than simple EOA-controlled wallets. Smart wallet owners are also not immune to classic attacks like phishing or private key theft that can result in lost funds.Some of these risks can be mitigated—for example, by using trusted relayers and ensuring that wallet contracts have been extensively audited. Moreso, you can avoid counterparty risk by using another account (e.g., a Ledger/Trezor wallet or MetaMask account) as a trusted party instead of another human. Finally, the same best practices for protecting traditional wallets (e.g., keeping private keys safe) apply to smart contract wallets.

FAQs

What Is a Smart Contract Wallet? ›

Using smart contract technology, a smart contract wallet is a decentralized application (DApp) created on a blockchain that allows users to manage their digital assets. These contracts are executable, programmable programs that automatically enforce an agreement's terms and conditions.

Read On ›

Are smart contract wallets safe? ›

Better security

To prevent asset theft or unauthorized access, smart contract wallets use encryption methods and blockchain technology. The wallet securely stores and encrypts the user's private key, making it much more difficult for hackers to access the user's funds.

Discover More Details ›

Is MetaMask a smart contract wallet? ›

While MetaMask allows users to interact with smart contracts when using DApps, it is not a smart contract wallet per se. Instead, it is an interface that helps you manage assets and engage with DApps and smart contracts, available on its supported protocols.

How do smart wallets work? ›

A smart account is a wallet type requiring no private keys or seed phrases. Smart accounts rely on code instead of private keys to secure and recover wallet information. A smart account is a type of Web3 wallet powered by smart contracts. This smart account is unlocked by a 'key' - a personal account.

See Details ›

Can a smart contract drain your wallet? ›

One of the primary ways that bad actors exploit token approvals is through the use of malicious smart contract functions. If an unsuspecting user selects the 'SetApprovalForAll' function on a malicious contract or dApp, scammers can drain tokens from the user's wallet.

Find Out More ›

Can smart contracts be hacked? ›

Because smart contracts are stored on-chain, hackers can examine the public codebase for vulnerabilities, such as reentrancy or missing checks, and then conduct their attacks.

Tell Me More ›

How risky are smart contracts? ›

Security Flaws and Loopholes

Security flaws, such as reentrancy attacks or overflow/underflow bugs, pose serious threats to smart contracts. These vulnerabilities can be exploited by attackers, leading to unauthorized access or manipulation of contract functions.

Show Me More ›

What is the difference between smart contract and wallet? ›

Understanding Smart Contract Wallet

These wallets leverage the capabilities of blockchain technology to create self-executing contracts with predefined conditions. Unlike traditional wallets, which rely on private keys to access funds, smart contract wallets use programmable scripts to manage and control transactions.

Explore More ›

How to know a smart contract is legit? ›

Look up the address on the relevant block explorer. All smart contracts have an address. Any reputable dapp, NFT collection, or other party should make this address readily available; either directly on their main site or in docs. MetaMask will also show you the smart contract's address before you sign any transaction.

What is the difference between a smart wallet and a normal wallet? ›

Smart wallets offer a range of benefits that redefine how people can interact with digital assets. These wallets revolutionize how we interact with digital assets. By using innovative technology like account abstraction, smart wallets are offering a smoother, safer, and more accessible experience for everyone.

Show Me More ›

Are smart wallets worth it? ›

Not only are you protected from wireless theft but you can also find your lost wallet as easily as saying, “Hey Siri, where's my wallet?”. A smart trackable wallet also helps minimalize your EDC with a smaller, sleeker design that fits perfectly in any pocket or bag.

Read The Full Story ›

Which wallet supports smart contracts? ›

Martian Wallet is a self-custodial wallet for Aptos & Sui. Komet is a smart contract-based wallet that allows collectors to mint and flip NFTs. Gem Wallet is an open-source crypto wallet for cryptocurrencies like BTC, ETH, SOL, BNB, and more. zkBob - Your Web3 Wallet With Privacy Option!

See Details ›

What is a drawback of smart contracts? ›

1. Difficult to change. Changing smart contract processes is almost impossible, any error in the code can be time-consuming and expensive to correct.

Get More Info Here ›

Can someone steal your digital wallet? ›

Fraudsters have many devious tactics at their disposal for digital wallet account takeover. For example, they could conduct a targeted attack, where they steal the login details of a specific person through phishing or malware.

Who controls a smart contract? ›

Furthermore, the smart contract is maintained and executed by all nodes on the network, removing any control from any particular party. Customizable: smart contracts have the potential to be modified or customized before being deployed.

Can smart contracts be trusted? ›

Smart contracts allow creating communication protocols that do not require a priori trust between parties. Participants can be assured that the contract will be executed only if all the conditions stipulated in it are met.

View Details ›

Can a smart contract empty your wallet? ›

This means that a smart contract can't be granted unlimited access to a user's wallet. As a result, a malicious smart contract can't drain a user's wallet without the user explicitly signing a transaction for each transfer.

How do I know if my smart contract is safe? ›

Input the address into a block explorer's search bar. Many of these, including Etherscan, will tell you if the code is verified or not, as highlighted below. You can also check to see if the contract has a name — if it doesn't it could be either very new or untrustworthy.

Learn More ›

What is the safest phone wallet? ›

The best digital wallet apps right now

If you're considering making the leap to digital payments, you'll likely want to consider one of the top three phone-sponsored digital wallet apps: Apple Pay (iPhone devices), Google Pay (Android devices) and Samsung Pay.

Discover More Details ›