Concept
Abstract account provides user with better experience and security than traditional Extenally Owned Accounts (EOA). D-Chain natively supports this to offer dApps building on it to interact with users through compliant and non-custodial smart accounts.
D-Chain Abstract Accounts use a modified version from the Vectis smart account framework. The core difference is that the D-Chain
abstractaccount
module is used instead of the Vectis Factory Contract to create smart accounts and store relevant actors addresses for the framework.
The core features provided by the D-Chain smart contracts for Abstract Accounts are as follows:
- Proxy - an smart contract that interacts with other modules / applications on-chain instead of a externally owned account, controlled by a Controller entity. This is where guardianships, plugins and other data is specified and stored.
- The Controller entity - holds the desired authentication method (currently support Passkey) but other methods such as 2FA, ZKP of knowledge, other signature schemes can also be used.
- Plugins - these are smart contracts that the controller can “install” on the Proxy. There are 3 main categories
of Plugins
- Pre-Transaction checks: Conditions that must be satisfied given the controller input, such as spending limits
- Post-Transaction hooks: Conditions to be checked or executions to occur given the controller input, i.e. updating another dApp of the current balance
- Fine grain authorisations: and allow for extensible features such as session keys, autopay or auto-stake to interact and execute transactions from the Proxy address
Here are the key features:
1. Guardianship for key recovery
The user (owns the Controller entity) can appoint one or multiple of their trusted friends, family or other devices to be Guardians of their Proxy. Guardians can rotate the Controller entity in the Proxy and freeze the operations on the account.
From the applications point of view, the user is associated by their Proxy address, and in case of loss of their devices without Passkey backup, users can ask Guardians to replace the the Controller entity with a new one. If user has to leave their device in an unsafe place, they can freeze their account until further notice from the user.
2. Seedless Accounts and Seamless UX with browser extensions
Leveraging on Hardware Secure Modules in devices, companies such as Apple, Google and many password management applications such as 1Password are supporting Passkeys, which allows application to use Webauthn Credentials to create and Sign transactions. This removes the exposure of cryptographic material in plain text to be lost / duplicated.
An example of utilising this was built the Vectis PWA which is extension-less, which means users can access dApps via their mobile / desktop browsers all the same. To learn more visit our docs.
3. Ease of use - Automation by Authorisation
Plugins are smart contracts that the user can install by giving them access to execute certain functions, for example, direct debit. An example plugin is a wrapper around CronCat, which allows pre-set jobs to be executed on-chain at certain time(s).