Account Abstraction Paymaster Development Services

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Account Abstraction Paymaster Development Services
Medium
~3-5 days
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1348
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

Development of Account Abstraction Paymaster

The main barrier to user adoption in dApps is the requirement to hold native tokens for gas fees. ERC-4337 Account Abstraction solves this with Paymaster contracts that provide gas sponsorship – they cover gas fees, allowing users to interact with dApps without holding ETH. Transitioning to a gasless UX increases conversion by 40% and reduces user churn by 30% – 2-3x better than requiring native gas. Our team, with 5+ years of blockchain development experience and 50+ deployed smart contracts, creates turnkey Paymaster solutions that ensure optimal gas efficiency and attack protection. We use proven patterns and deliver seamless UX for games, DeFi, and social applications, improving dApp onboarding. Our Paymaster solutions help dApps save an average of $5,000–$20,000 per month in gas fees.

Why Paymaster Is Critical for Gasless UX

Without a Paymaster, users must buy and hold ETH for every transaction. This reduces conversion by 2-3x compared to a gasless experience. Paymaster solves the problem by sponsoring gas or accepting payment in any ERC-20 token. Users save 100% on gas fees, and businesses see a 40% reduction in churn. With gas sponsorship, dApps can achieve 3x higher retention.

How Paymaster Integrates with ERC-4337

In a standard transaction: user signs transaction → pays gas in ETH. In the ERC-4337 flow: user signs a UserOperation (not a transaction) → Bundler batches UserOps → EntryPoint contract calls validatePaymasterUserOp → if Paymaster approves, it pays gas → postOp is called after execution.

UserOperation {
    sender,           // user's smart account
    callData,         // what to execute
    paymasterAndData, // Paymaster address + its data
    signature,        // user's signature
    ...gasFields
}

paymasterAndData is address(paymaster) + bytes(paymasterSpecificData). The Paymaster decodes its data from this field.

Types of Paymasters and Their Architecture

Verifying Paymaster (sponsored gas)

The most common pattern: an off-chain service decides whether to sponsor a specific UserOperation and signs the approval. The Paymaster contract verifies this signature. EIP-4337 describes the _validatePaymasterUserOp signature.

function _validatePaymasterUserOp(
    UserOperation calldata userOp,
    bytes32 userOpHash,
    uint256 maxCost
) internal override returns (bytes memory context, uint256 validationData) {
    // Decode data: backend signature + expiry
    (uint48 validUntil, uint48 validAfter, bytes calldata signature) =
        abi.decode(userOp.paymasterAndData[20:], (uint48, uint48, bytes));

    // Hash for verification = hash(UserOp + validUntil + validAfter)
    bytes32 hash = ECDSA.toEthSignedMessageHash(
        keccak256(abi.encode(userOpHash, validUntil, validAfter))
    );

    // If signature from verifyingSigner, sponsor
    if (ECDSA.recover(hash, signature) != verifyingSigner) {
        return ("", _packValidationData(true, validUntil, validAfter));
    }

    return ("", _packValidationData(false, validUntil, validAfter));
}

The backend receives the UserOp from the frontend, checks conditions (user whitelisted? free transaction limit reached? operation type allowed?), signs, and returns paymasterAndData. The frontend inserts it into the UserOp and sends it to a Bundler.

ERC-20 Paymaster (gas in tokens)

The user pays gas in USDC/USDT instead of ETH. The Paymaster accepts ERC-20 tokens and replenishes its ETH deposit in the EntryPoint from its own funds.

function _validatePaymasterUserOp(...)
    internal override returns (bytes memory context, uint256 validationData) {

    (address token, uint256 exchangeRate) =
        abi.decode(userOp.paymasterAndData[20:], (address, uint256));

    uint256 tokenCost = (maxCost * exchangeRate) / 1e18;

    // Check user's allowance
    require(
        IERC20(token).allowance(userOp.sender, address(this)) >= tokenCost,
        "Insufficient allowance"
    );

    // Pass context to postOp for actual deduction
    return (abi.encode(userOp.sender, token, tokenCost), 0);
}

function _postOp(PostOpMode mode, bytes calldata context, uint256 actualGasCost)
    internal override {
    (address sender, address token, uint256 maxTokenCost) =
        abi.decode(context, (address, address, uint256));

    // Actual cost may be less than maxCost
    uint256 actualTokenCost = (actualGasCost * exchangeRate) / 1e18;
    IERC20(token).transferFrom(sender, address(this), actualTokenCost);
}

The key challenge with ERC-20 Paymaster is exchange rate. An up-to-date ETH/token rate is needed at transaction time. Options: Chainlink oracle, TWAP from Uniswap V3, or a centralized price feed from the backend.

Comparison of Verifying and ERC-20 Paymasters
Criteria Verifying Paymaster ERC-20 Paymaster
Gas fees Free for user Paid in tokens (low fee)
Implementation complexity Medium (backend signer) High (oracle, liquidity)
Abuse risk High, requires rate limiting Low (user pays)
UX Smoothest Token approval needed
Asset support Only ETH deposit Any ERC-20
Development cost $8,000+ $15,000+

How to Set Up Rate Limiting for Paymaster?

Without limits, a single user can drain the entire budget through spam. Strategies:

  1. Per-user spending limit. Off-chain in Verifying Paymaster backend: each address has a monthly USD limit. Backend refuses to sign when exceeded.
  2. Cooldown period. No more than N transactions per hour per address. Stored in Redis with TTL.
  3. Transaction type whitelist. Backend checks userOp.callData: only calls to specific contracts are sponsored.
  4. Reputation system. New accounts get minimal limits that grow after verification (Worldcoin, Sign In With Ethereum + email).

For per-user limit, use Redis with key user:{address}:spent and monthly TTL. Cooldown via Redis counter per hour. Whitelist stored in PostgreSQL. Backend signs only if all checks pass.

Deposit and Balance Management

The Paymaster must hold an ETH deposit in the EntryPoint contract. The EntryPoint deducts gas from this deposit after each sponsored UserOperation.

// Deposit top-up
entryPoint.depositTo{value: 1 ether}(address(paymaster));

// Check balance
uint256 balance = entryPoint.balanceOf(address(paymaster));

// Withdraw (unstake period for staked Paymaster)
entryPoint.withdrawTo(payable(owner), amount);

For production, balance monitoring and automatic top-up are needed. If the deposit runs out, all UserOps through that Paymaster will revert. We recommend: alert when balance is below threshold + auto-topup from treasury via Chainlink Automation or a custom keeper.

Tech Stack and Infrastructure

Component Technology
Paymaster contract Solidity (development) + eth-infinitism/account-abstraction
Backend signer Node.js + viem + custom signer wallet
Bundler Stackup / Alchemy Bundler / custom (go-bundler)
Rate limiting Redis + BullMQ
Deposit monitoring Chainlink Automation / custom keeper
Frontend SDK permissionless.js / ZeroDev SDK / Biconomy SDK
Testing Foundry + hardhat-deploy for fork tests

Choosing a Bundler Provider

The Bundler is a service that accepts UserOperations and includes them in blocks. Options:

  • Alchemy — easiest start, good documentation, paid at scale
  • Stackup — open-source Bundler, can self-host
  • Pimlico — specializes in AA, convenient Paymaster API
  • Self-hosted (go-bundler) — full control, infrastructure needed

What's Included?

  • Architecture audit and Paymaster type selection
  • Smart contract development with tests (Foundry)
  • Backend signer service with API and rate limiting
  • Frontend integration (SDK)
  • Balance monitoring and automatic top-up
  • Documentation and team training
  • 6-month warranty on contracts

Development Process

Analytics (2-3 days). Determine Paymaster type (sponsored vs ERC-20), target networks, limits and sponsorship policies, choose Bundler provider.

Contract development (1-2 weeks). Verifying or ERC-20 Paymaster, tests against EntryPoint v0.6/v0.7, deposit management.

Backend signer service (1 week). API for signing UserOps, rate limiting, price oracle (for ERC-20).

Frontend integration (3-5 days). Connect SDK, build UserOperation, monitor status.

Monitoring and operations (3-5 days). Balance alerts, auto-topup, expense dashboard.

Basic Verifying Paymaster with rate limiting: 3-4 weeks, starting from $8,000. ERC-20 Paymaster with oracle and full monitoring: 5-7 weeks, starting from $15,000.

Order turnkey Paymaster development: leave a request and we will calculate the cost and timeline within one business day. Contact us for a free consultation on your project.

We develop crypto wallets turnkey — from custodial solutions for fintech to smart contract accounts on EIP-4337. 5+ years in blockchain development, 40+ projects implemented. Let's examine which architecture to choose for your task and why MPC or Account Abstraction solve the private key problem that MetaMask and classic HD wallets could not close.

Why are classic wallets dangerous for business?

A seed phrase in a browser extension is the only way to restore access. For retail users, this is a barrier to entry (lost phrase = lost money). For corporate treasuries, it is incompatible with compliance (KYC/AML, role model, multisignature). Any single key leak compromises all funds. These risks are built into the architecture, not poor UX.

We eliminate them at the protocol level: MPC wallets (key never fully assembled), smart contract wallets (authorization logic in code), hardware HSM for institutional storage. Details below.

What is the real difference between custodial and non-custodial?

Custodial — the provider stores the private key. User authenticates via email/password/OAuth. Recovery is trivial, KYC/AML built-in. For centralized financial applications, often the only regulatory acceptable option. Risk: single point of failure (e.g., Bitfinex hack — $72M, FTX — $600M+ client funds).

Non-custodial — keys are with the user. Provider has no access to funds. Storage responsibility falls on the user. For 99% of people, this model is unworkable without additional protection — hence MPC.

MPC wallets: the key that doesn't exist

Multi-Party Computation (MPC) is a cryptographic protocol that allows multiple parties to jointly sign a transaction without revealing their partial secrets. The private key never exists in its assembled form.

Standard scheme: 2-of-3 MPC between user (share on device), provider server, and backup cloud storage. Transaction is signed by any two of three parties. Lost phone — recovery via server + cloud. Server compromised — attacker holds only one share, signing impossible.

TSS (Threshold Signature Scheme) is a concrete implementation of MPC for ECDSA/EdDSA. Algorithms: GG18, GG20, CGGMP21 (the latter is faster and has better security proofs). Libraries: tss-lib (Go, from Binance), multi-party-sig (Go, from Coinbase), ZenGo-X/multi-party-ecdsa (Rust).

MPC requires no on-chain changes — to the blockchain, the signature looks like a normal single-key signature. This saves gas and keeps the key management scheme confidential (not published in chain) — unlike multisig.

Account Abstraction (EIP-4337): smart contract as wallet

EIP-4337 completely changes the model: instead of EOA (Externally Owned Account), a smart contract Account is used. Authorization logic is in contract code, not in protocol cryptography. This opens up arbitrary signing logic, social recovery, session keys, sponsored transactions, and batch operations.

How the EIP-4337 stack works:

User → UserOperation → Bundler → EntryPoint contract → Account contract
                                          ↑
                                    Paymaster (optional, pays gas)

UserOperation — a new type of object (not an L1 transaction). Bundler collects UserOps from an alternative mempool, packs them into one transaction, and sends to EntryPoint. EntryPoint calls validateUserOp on the Account contract — Account decides if the signature is valid.

Practical capabilities:

Social recovery. The contract stores a list of guardians (other addresses or a service). Lost key — guardians vote for replacement. Argent has used this scheme since 2020.

Session keys. A temporary key with limited rights: interaction only with a specific contract, until a certain date, up to a certain amount. For GameFi and dApps — user does not sign every micro-transaction.

Paymaster. A third-party contract pays gas for the user. Onboarding pattern: user does not hold ETH, gas is sponsored by dApp or taken from ERC-20 tokens.

Implementations: Safe{Core} Protocol, Biconomy SDK (Stackup), ZeroDev (Kernel), Alchemy (Rundler bundler). EntryPoint v0.6/v0.7 is deployed and active on Ethereum mainnet, Polygon, Arbitrum, Optimism. We guarantee compatibility with the latest contract versions.

What is a Hardware Security Module for corporate wallets?

For treasuries and institutional storage: HSM (Hardware Security Module). The key is generated and never leaves the secure chip. Signing happens inside the HSM. Hardware attestation is supported. Solutions used: AWS CloudHSM, Azure Dedicated HSM, Thales Luna, YubiHSM 2 (for small volumes). Integration via PKCS#11 or cloud-specific API.

A combination of HSM + MPC is optimal for institutional use: key shares are stored in HSMs on different servers/jurisdictions, signing via TSS. This ensures compliance with regulatory requirements (e.g., for crypto custodians).

Integration with dApps: WalletConnect and standards

Any wallet must be able to interact with dApps. Standard: WalletConnect v2 (Sign API): QR code or deep link, peer-to-peer encrypted channel via relay server. For browser extensions: EIP-1193 (Ethereum Provider API).

On the frontend, we use wagmi + viem — one interface for MetaMask, WalletConnect, Coinbase Wallet, injected providers. For Account Abstraction: EIP-5792 (wallet capabilities) and EIP-7677 (paymaster service).

Development process

  1. Threat model — who is the user (B2C, B2B, institutional), what operations, what is the acceptable risk model. Architecture depends on this.
  2. Selection and design of key storage scheme — MPC, HSM, multisig, or a combination.
  3. Development of Account contract (if EIP-4337) or integration of MPC library.
  4. Backend — MPC coordination, session management, paymaster service (if needed).
  5. Mobile/browser application — UI with WalletConnect integration, biometrics, QR.
  6. Integration with dApps — EIP-1193, WalletConnect v2.
  7. Audit of contracts and cryptographic implementations — mandatory step. MPC libraries have known vulnerabilities (GG18 susceptible to attack with malicious participant without abort protocol). We use libraries with up-to-date security reviews (CGGMP21). Experience passing audits with Certik, Hacken, Trail of Bits — we have certificates.

What is included in the work (deliverables)

  • Source code of smart contracts (Solidity/Rust) with documentation
  • Backend MPC coordination service (Go or Rust) with API
  • Mobile application (iOS/Android) or browser extension
  • Integration with WalletConnect, Ledger/Trezor (if required)
  • Preparation for security audit (vulnerability report)
  • Administrator and user documentation
  • Access to repository, CI/CD, monitoring (Tenderly, Etherscan API)
  • Training of your team (2-3 sessions)
  • Post-launch support — 1 month

Timeline and cost

Solution type Timeline (working weeks)
Custodial with basic UI 4–8
Non-custodial with MPC integration 8–16
EIP-4337 Account with paymaster 6–12
Institutional (HSM + MPC + compliance) from 16

Cost is calculated individually for your project. We will estimate within one day — contact us by email or Telegram. We provide a guarantee on code and timeline.

Typical mistakes in crypto wallet development (and how to avoid them)

  • Using outdated MPC libraries — GG18 without abort protocol. Choose CGGMP21 or tss-lib with up-to-date audit reports.
  • Tight coupling to a single blockchain — not abstracting for L2/sidechains. Use viem/wagmi for cross-chain.
  • Ignoring MEV attacks — when using multisig without timelocks. Add tx simulation (Tenderly) and sandwiching protection.
  • Lack of fallback recovery mechanism — for Account Abstraction, not setting up social recovery. Include from the first release.

We eliminate these pitfalls at the design stage — for each project, we create a threat model and security checklist.

Need a reliable wallet with no compromises? Get a consultation from our architect — we will analyze your task and propose an architecture with a precise estimate. Leave a request — we will respond within a day.