SecurityModuleForAA
The user enabled Safe Guard with 2FA (via email) to protect the Smart Account from the risk of a compromised EOA key.
Project Description
A traditional EOA wallet is vulnerable, as a single exposure of the private key can immediately put all assets at risk. Additionally, when managing a smart account through multi-signature, there is the inconvenience of requiring signatures above the threshold every time a transaction occurs.
To address these issues, two accounts can be created to manage a single smart account. One account is attached to the smart account to manage transactions via a module, while the other serves as the owner of the smart account and handles signing responsibilities. This approach distributes responsibilities and enhances the user experience.
The process is as follows: First, the user creates a smart wallet using their EOA. Simultaneously, they log into our app (SPOT) using another method or another EOA. In SPOT, they create a module that manages transactions and attach this module to the smart wallet created with the previous EOA.
By doing so, the management of the smart account is divided into two (the module and the user's EOA), each managed through different methods. This ensures much stronger security than managing everything with a single private key. Since transactions are automatically handled according to the rules set in the module, the hassle of multiple signatures for every transaction is reduced.
Furthermore, by incorporating advanced security measures like encryption oracles such as Lit Protocol, users can manage account security at a more sophisticated level (e.g., based on IP address). As more data accumulates, AI-powered fraud detection systems (FDS) can also be provided through the module, further enhancing security.
How it's Made
This project implemented smart accounts and attached the appropriate module using Safe Wallet. To create a management point separate from the EOA, we onboarded users through SPOT by utilizing Dynamic.xyz.
Additionally, to reduce gas fee conflicts during user onboarding, we used Alchemy's Account Kit and Paymaster to eliminate gas fees associated with creating modules and changing settings.
Moving forward, we plan to provide modules that allow users to encrypt their IP addresses and specific actions using Lit Protocol, enabling privacy-preserving configuration.
