Our blog is live! Read this article on our Safe Blog.

https://safe.global/blog/keystore-rollup-smart-account-interoperability

Introduction

Web3 enables new forms of digital ownership and we see an increasing number of user-groups start onboarding to Ethereum. So the need for secure, flexible, and user-friendly wallet solutions has never been more critical.

Traditional wallet accounts (”EOAs”), while functional, fall short in security and flexibility. The fear of losing digital assets to security breaches, key loss, or even human mistakes due to bad UX has long been a barrier to broader adoption.

The transition to so-called “smart accounts” marks a significant upgrade, offering enhanced features like (social) recovery, automations and security mechanisms. This shift is vital for user confidence and, consequentially, user adoption.

But smart accounts have their own set of challenges for this multi-chain rollup centric future.

Cross-chain account abstraction

ERC-4337 Account Abstraction has significantly empowered smart accounts, nurturing a dynamic ecosystem around them. However, as smart accounts find more adoption, challenges become apparent, particularly around handling smart accounts across multiple L2s.

Smart accounts are, by nature, smart contracts deployed on a single network. And while it is possible to deploy smart accounts on multiple L2s and use them in parallel, these are still fundamentally separate accounts. This creates issues when the user wants to change how the account is controlled (such as a key rotation) as this operation would need to be performed on each account individually to prevent state drift between them (authentication becoming out-of-sync).

This becomes even more cumbersome with an ever-increasing number of new L2s being launched. As a new smart account would have to be deployed on each of them to make the network accessible to the user.

What is a Keystore Contract?

Let's dive into what makes the Keystore not just a step, but a leap forward for smart accounts.

A keystore is a system that allows you to have shared key management for multiple accounts. It essentially separates the authentication logic from the account itself and therefore allows to use the same logic for multiple accounts.

In the context of Ethereum, the keystore could contain the keys (session keys, passkeys, social recovery keys) which could range from simple ECDSA to quantum-resistant signing methods like Winternitz signatures. The defined authentication logic can then ultimately be used to trigger transactions on the accounts associated with the keystore entry. These accounts could be on a single network, but also across different networks.

The benefits of using a keystore for account authentication include:

• Security:

  Ensure account authentication is rooted in L1 while still being able to interact on L2s without losing security guarantees

• User Experience:

  With cross-chain smart accounts, interactions across networks could benefit from much smoother user experience, potentially even abstracting away networks from the user entirely

• Privacy:

  Detaching accounts from authentication logic could enable better privacy defaults such as stealth addresses

Keystore Rollup: A solution for cross-chain smart accounts

While a keystore contract could be deployed on Ethereum L1, this would make it inaccessible for a majority of users due to L1's high transaction costs. As a result, Vitalik Buterin proposed the Minimal Keystore Rollup (MKSR), making the keystore its designated rollup.

However, the keystore rollup is not meant as a full EVM Rollup, hosting apps and protocols. Instead, it only allows a very limited amount of operations, particularly storing and updating keys for user accounts. This allows the rollup to be simple, easily auditable and gas-efficient.

The power from a keystore rollup comes when it is paired with cross-chain authentication. For example, accounts on L2s could authenticate against the keystore rollup using zero-knowledge (ZK) storage proofs. This allows the authentication rules on the keystore rollup to be applied to any account on any network, as a long as there is a trustless / trust-minimized way to verify against the keystore rollup.

Looking Ahead

There are currently multiple teams working on initial proof-of-concepts of a keystore rollup, which is expected to be established as a public good implementation without any token.

Notable ones are Scroll and Base, both recently sharing high-level specs on how a minimal keystore rollup could be implemented.

While there are still many technical challenges on the way to a secure and stable keystore rollup, it holds significant potential for enhancing user experience, security, and privacy.

Follow Us!

We invite the community, developers, and users to join us on this exciting journey to make Ethereum more secure, interoperable, and user-friendly. Stay tuned for more updates as we continue to push the boundaries of what's possible with smart accounts.

• Follow us on X

• Learn more about Safe

• Work with Safe

Resources

The above article intentionally omitted a lot of technical details to make it more accessible. For some further deep-dives, please see the following resources:

• https://hackmd.io/@haichen/keystore

• https://hackmd.io/@mdehoog/mksr

• https://vitalik.eth.limo/general/2023/06/09/three_transitions.html

• https://notes.ethereum.org/@vbuterin/minimal_keystore_rollup

• https://vitalik.eth.limo/general/2023/06/20/deeperdive.html