🔑 Key Management Tools

ERC-4337 accounts can use any arbitrary authentication logic. Here are some options and resources.

Traditional private keys can be used to authenticate Smart Accounts, and they are the ones with the most tools available. Here are a few at various stages of development:

ToolKey Management MethodAuthentication MethodsPlug-n-play front end?
Ethers.jsPrivate keyNone, often used with MetaMaskNo
Web3AuthMPC, key shardingSocial, device, passwordYes
Magic.linkAWS KMSEmail, Social, SMSYes
Lit ProtocolMPC, threshold secret sharingCustom, provides private-key-pair and Lit Actions frameworkNo
FireblocksCustodialCustomNo
TurnkeyCustodialCustomNo

ERC-4337 allows more than a single private key to validate user operations for an account. This allows you to mix methods for secrets and set security levels for each type of key. We have written about using oAuth and device keys in our blog.