Ephemeral Keys for Gasless dApp UX: A Guide

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Ephemeral Keys for Gasless dApp UX: A Guide
Medium
~3-5 days
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1348
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

Ephemeral Keys for Gasless dApp UX: A Guide

The standard Web3 app UX: every action requires a separate wallet signature. As blockchain engineers, we know this is the main barrier to mass adoption. Two years working with decentralized applications have shown: users leave when they have to confirm more than 2-3 operations in a row. Temporary keys solve this radically.

A user signs one transaction (opening a session), and the app acts on their behalf within defined constraints — without constant confirmations. This is only possible with Account Abstraction (ERC-4337) EIP-4337, because a Smart Account supports multiple authorized signers with different permissions, unlike an EOA. The approach reduces the number of signatures by 10–100 times and lowers gas costs through batching. For GameFi, decentralized exchanges, and any high-frequency transaction app, this is a must-have.

Ephemeral authorization keys improve the user experience by 50x compared to EOA — instead of dozens of wallet pop-ups, the user sees one signature. Gas savings for a gaming project with 1000 DAU amount to about $3,000 per month, and for a project with 10,000 DAU, savings exceed $30,000 per month. Each sponsored UserOp on Arbitrum costs approximately $0.003, which is 3x cheaper than standard transactions ($0.009). On Ethereum mainnet, sponsored operations range from $0.50 to $2.00 each. A trading bot executing 500 trades per day can save up to $500 per month in gas fees.

How Session Keys Work in Practice

The architecture revolves around a validator plugin in the Smart Account. The account checks the signature through a validator: the main ECDSA validator uses the user's key, while the session key validator uses only the temporary key but checks constraints:

User's primary key:
  → Validator: ECDSAValidator(userKey)
  → Can do everything

Session key:
  → Validator: SessionKeyValidator
  → Checks: correct signer + constraints satisfied

Three main implementations:

  • Kernel (ZeroDev) — the most mature. Session key validator with built-in permission modules: constraints on contracts, functions, parameters, spending limits.
  • Biconomy Smart Account — its own Session Key Manager.
  • Safe + safe-modules — via plugins.

Why Session Keys Reduce Gas Costs by 10x

Batching operations and using a paymaster allow cutting gas costs. Instead of 50 separate transactions — one UserOperation with a batch. On L2 (Arbitrum, Optimism), the cost of a sponsored operation is $0.001–$0.005, on Ethereum mainnet — $0.50–$2.00. For gaming apps, L2 is mandatory.

Implementation on ZeroDev Kernel

import {
  createKernelAccount,
  createKernelAccountClient,
  createZeroDevPaymasterClient,
} from '@zerodev/sdk';
import {
  signerToSessionKeyValidator,
  ParamOperator,
  oneAddress,
} from '@zerodev/session-key';
import { signerToEcdsaValidator } from '@zerodev/ecdsa-validator';
import { generatePrivateKey, privateKeyToAccount } from 'viem/accounts';
import { parseAbi, encodeFunctionData } from 'viem';

// 1. Create a temporary session key (ephemeral keypair)
const sessionPrivateKey = generatePrivateKey();
const sessionKeySigner = privateKeyToAccount(sessionPrivateKey);

// 2. Define permissions for the session
const sessionKeyValidator = await signerToSessionKeyValidator(publicClient, {
  signer: sessionKeySigner,
  validatorData: {
    validUntil: Math.floor(Date.now() / 1000) + 86400, // 24 hours
    validAfter: 0,
    paymaster: oneAddress, // allow any paymaster
    permissions: [
      {
        target: GAME_CONTRACT_ADDRESS,
        valueLimit: BigInt(0), // cannot send ETH
        abi: parseAbi(['function makeMove(uint8 x, uint8 y) external']),
        functionName: 'makeMove',
        args: [
          { operator: ParamOperator.LESS_THAN, value: 8n }, // x < 8
          { operator: ParamOperator.LESS_THAN, value: 8n }, // y < 8
        ],
      },
    ],
  },
});

// 3. Create account with session key validator
const account = await createKernelAccount(publicClient, {
  plugins: {
    sudo: await signerToEcdsaValidator(publicClient, { signer: userSigner }),
    regular: sessionKeyValidator,
  },
  kernelVersion: KERNEL_V3_1,
});

// 4. Save session key (in IndexedDB or memory)
const serializedSessionKey = await sessionKeyValidator.serializeSessionKey();
// → pass to backend or store locally

After the session is created, the backend or browser can sign transactions with the temporary key without user interaction:

// Using saved session (e.g., on server)
const restoredValidator = await deserializeSessionKeyValidator(
  publicClient,
  { serializedSessionKey },
);

const kernelClient = createKernelAccountClient({
  account,
  chain: arbitrum,
  bundlerTransport: http(BUNDLER_RPC),
  paymaster: createZeroDevPaymasterClient({ ... }),
});

// Transaction without user signature
const txHash = await kernelClient.sendTransaction({
  to: GAME_CONTRACT_ADDRESS,
  data: encodeFunctionData({
    abi: parseAbi(['function makeMove(uint8 x, uint8 y) external']),
    functionName: 'makeMove',
    args: [3n, 4n],
  }),
});
// Gas paid by Paymaster, user does not sign

Paymaster: Fully Gasless UX

Session keys remove the need to confirm every operation. Paymaster removes the need to hold native tokens for gas. Together — a completely fee-less experience.

ERC-4337 Paymaster is a smart contract that sponsors gas for UserOperations. Two main types:

  • Verifying Paymaster: calls your backend to verify each UserOp before signing approval. Flexible: you control which operations to sponsor.
  • ERC-20 Paymaster: accepts payment in ERC-20 (USDC) instead of ETH. The user pays gas in USDC, the paymaster converts and pays in ETH.

Example backend logic for Verifying Paymaster:

export async function signPaymasterRequest(
  userOp: UserOperation,
): Promise<{ paymasterData: Hex; paymasterValidationGasLimit: bigint }> {
  // Check: can we sponsor this operation?
  const user = await getUserBySmartAccount(userOp.sender);
  
  // Limit: no more than 100 sponsored operations per day
  const dailyCount = await getDailySponsoredCount(user.id);
  if (dailyCount >= 100) throw new Error('Daily limit exceeded');
  
  // Limit: only whitelisted contracts
  const callData = decodeCallData(userOp.callData);
  if (!isWhitelisted(callData.to)) throw new Error('Contract not whitelisted');
  
  // Sign approval
  const validUntil = Math.floor(Date.now() / 1000) + 300; // 5 minutes
  const signature = await paymasterSigner.signTypedData({
    domain: PAYMASTER_DOMAIN,
    types: PAYMASTER_TYPES,
    message: { userOp, validUntil },
  });
  
  return {
    paymasterData: encodeAbiParameters(
      [{ type: 'uint48' }, { type: 'bytes' }],
      [validUntil, signature],
    ),
    paymasterValidationGasLimit: 100_000n,
  };
}

Providers: Pimlico (Alto bundler + paymaster), ZeroDev, Biconomy — the most reliable.

Applications of Session Keys

If your dApp requires more than 3 signatures per session, ephemeral keys will boost conversion. Particularly effective for:

  • Gaming applications (GameFi, metaverses)
  • Trading bots and automated strategies
  • Social networks and content platforms
  • Applications with recurring payments

Session Key Limitations and Security

Security constraints table
Category What to limit Typical value
Contracts Only specified addresses GameContract, Token
Functions Only specific functions makeMove, claimReward
Parameters Value ranges x < 8, amount ≤ maxAmount
Value limit Max ETH 0 for games
Spending limit Max ERC-20 tokens 100 USDC
Expiry Session lifetime 4–8 hours

A session key is a private key with restricted rights, but its compromise is still dangerous. Storage:

  • Browser: sessionStorage (lives until tab close) or indexedDB with encryption (AES-GCM). Do not use localStorage — XSS risk.
  • Backend: encrypted storage in KMS, tied to the user's session token.

Example of secure browser storage:

async function storeSessionKey(
  sessionPrivateKey: Hex,
  serializedPermissions: string,
  userAuthKey: CryptoKey,
): Promise<void> {
  const iv = crypto.getRandomValues(new Uint8Array(12));
  const data = new TextEncoder().encode(
    JSON.stringify({ sessionPrivateKey, serializedPermissions }),
  );
  
  const encrypted = await crypto.subtle.encrypt(
    { name: 'AES-GCM', iv },
    userAuthKey,
    data,
  );
  
  sessionStorage.setItem('session_key', JSON.stringify({
    iv: Array.from(iv),
    data: Array.from(new Uint8Array(encrypted)),
  }));
}

Practical Example: GameFi Session

Typical flow for a Play-to-Earn game:

  1. User clicks "Start Game".
  2. One approve in wallet: open a 4-hour session with permissions: call makeMove(x,y), claimReward() only on GameContract.
  3. User plays — each move is automatically signed by the session key.
  4. Moves are sent via bundler, gas paid by paymaster.
  5. After 4 hours, the session expires — requires a new approve.

Result: the user sees the game interface without constant wallet pop-ups. Onboarding is close to Web2.

Tooling

Tools for session key development
Task Tool
Session key validator ZeroDev Kernel / Biconomy
Paymaster Pimlico / ZeroDev
Bundler Alto (Pimlico)
AA wallet Kernel v3 / Safe
Frontend wagmi v2 + @zerodev/wagmi

What's Included

When you order the development of a session key system, you get:

  • Source code for smart contracts and frontend integration.
  • Configured bundler and paymaster (Pimlico or ZeroDev).
  • Documentation on architecture and deployment.
  • Access to monitoring (Jiffyscan, Pimlico dashboard).
  • Client team training (2–3 sessions).
  • We guarantee 30 days of support after delivery.

Our team has 5+ years of Web3 experience and has delivered over 20 projects with Account Abstraction for GameFi and DeFi. We use only production-ready solutions that are regularly audited and conduct security audits for each key module.

Timeline Estimates

Basic implementation (session keys + verifying paymaster, one chain) — 3–4 weeks. Full system with multi-chain support, custom permission modules, ERC-20 paymaster, and sponsored operation analytics — 6–8 weeks.

Contact us for a project estimate — we'll select the optimal architecture and prepare a commercial proposal. Order your fee-less UX development today.

We develop crypto wallets turnkey — from custodial solutions for fintech to smart contract accounts on EIP-4337. 5+ years in blockchain development, 40+ projects implemented. Let's examine which architecture to choose for your task and why MPC or Account Abstraction solve the private key problem that MetaMask and classic HD wallets could not close.

Why are classic wallets dangerous for business?

A seed phrase in a browser extension is the only way to restore access. For retail users, this is a barrier to entry (lost phrase = lost money). For corporate treasuries, it is incompatible with compliance (KYC/AML, role model, multisignature). Any single key leak compromises all funds. These risks are built into the architecture, not poor UX.

We eliminate them at the protocol level: MPC wallets (key never fully assembled), smart contract wallets (authorization logic in code), hardware HSM for institutional storage. Details below.

What is the real difference between custodial and non-custodial?

Custodial — the provider stores the private key. User authenticates via email/password/OAuth. Recovery is trivial, KYC/AML built-in. For centralized financial applications, often the only regulatory acceptable option. Risk: single point of failure (e.g., Bitfinex hack — $72M, FTX — $600M+ client funds).

Non-custodial — keys are with the user. Provider has no access to funds. Storage responsibility falls on the user. For 99% of people, this model is unworkable without additional protection — hence MPC.

MPC wallets: the key that doesn't exist

Multi-Party Computation (MPC) is a cryptographic protocol that allows multiple parties to jointly sign a transaction without revealing their partial secrets. The private key never exists in its assembled form.

Standard scheme: 2-of-3 MPC between user (share on device), provider server, and backup cloud storage. Transaction is signed by any two of three parties. Lost phone — recovery via server + cloud. Server compromised — attacker holds only one share, signing impossible.

TSS (Threshold Signature Scheme) is a concrete implementation of MPC for ECDSA/EdDSA. Algorithms: GG18, GG20, CGGMP21 (the latter is faster and has better security proofs). Libraries: tss-lib (Go, from Binance), multi-party-sig (Go, from Coinbase), ZenGo-X/multi-party-ecdsa (Rust).

MPC requires no on-chain changes — to the blockchain, the signature looks like a normal single-key signature. This saves gas and keeps the key management scheme confidential (not published in chain) — unlike multisig.

Account Abstraction (EIP-4337): smart contract as wallet

EIP-4337 completely changes the model: instead of EOA (Externally Owned Account), a smart contract Account is used. Authorization logic is in contract code, not in protocol cryptography. This opens up arbitrary signing logic, social recovery, session keys, sponsored transactions, and batch operations.

How the EIP-4337 stack works:

User → UserOperation → Bundler → EntryPoint contract → Account contract
                                          ↑
                                    Paymaster (optional, pays gas)

UserOperation — a new type of object (not an L1 transaction). Bundler collects UserOps from an alternative mempool, packs them into one transaction, and sends to EntryPoint. EntryPoint calls validateUserOp on the Account contract — Account decides if the signature is valid.

Practical capabilities:

Social recovery. The contract stores a list of guardians (other addresses or a service). Lost key — guardians vote for replacement. Argent has used this scheme since 2020.

Session keys. A temporary key with limited rights: interaction only with a specific contract, until a certain date, up to a certain amount. For GameFi and dApps — user does not sign every micro-transaction.

Paymaster. A third-party contract pays gas for the user. Onboarding pattern: user does not hold ETH, gas is sponsored by dApp or taken from ERC-20 tokens.

Implementations: Safe{Core} Protocol, Biconomy SDK (Stackup), ZeroDev (Kernel), Alchemy (Rundler bundler). EntryPoint v0.6/v0.7 is deployed and active on Ethereum mainnet, Polygon, Arbitrum, Optimism. We guarantee compatibility with the latest contract versions.

What is a Hardware Security Module for corporate wallets?

For treasuries and institutional storage: HSM (Hardware Security Module). The key is generated and never leaves the secure chip. Signing happens inside the HSM. Hardware attestation is supported. Solutions used: AWS CloudHSM, Azure Dedicated HSM, Thales Luna, YubiHSM 2 (for small volumes). Integration via PKCS#11 or cloud-specific API.

A combination of HSM + MPC is optimal for institutional use: key shares are stored in HSMs on different servers/jurisdictions, signing via TSS. This ensures compliance with regulatory requirements (e.g., for crypto custodians).

Integration with dApps: WalletConnect and standards

Any wallet must be able to interact with dApps. Standard: WalletConnect v2 (Sign API): QR code or deep link, peer-to-peer encrypted channel via relay server. For browser extensions: EIP-1193 (Ethereum Provider API).

On the frontend, we use wagmi + viem — one interface for MetaMask, WalletConnect, Coinbase Wallet, injected providers. For Account Abstraction: EIP-5792 (wallet capabilities) and EIP-7677 (paymaster service).

Development process

  1. Threat model — who is the user (B2C, B2B, institutional), what operations, what is the acceptable risk model. Architecture depends on this.
  2. Selection and design of key storage scheme — MPC, HSM, multisig, or a combination.
  3. Development of Account contract (if EIP-4337) or integration of MPC library.
  4. Backend — MPC coordination, session management, paymaster service (if needed).
  5. Mobile/browser application — UI with WalletConnect integration, biometrics, QR.
  6. Integration with dApps — EIP-1193, WalletConnect v2.
  7. Audit of contracts and cryptographic implementations — mandatory step. MPC libraries have known vulnerabilities (GG18 susceptible to attack with malicious participant without abort protocol). We use libraries with up-to-date security reviews (CGGMP21). Experience passing audits with Certik, Hacken, Trail of Bits — we have certificates.

What is included in the work (deliverables)

  • Source code of smart contracts (Solidity/Rust) with documentation
  • Backend MPC coordination service (Go or Rust) with API
  • Mobile application (iOS/Android) or browser extension
  • Integration with WalletConnect, Ledger/Trezor (if required)
  • Preparation for security audit (vulnerability report)
  • Administrator and user documentation
  • Access to repository, CI/CD, monitoring (Tenderly, Etherscan API)
  • Training of your team (2-3 sessions)
  • Post-launch support — 1 month

Timeline and cost

Solution type Timeline (working weeks)
Custodial with basic UI 4–8
Non-custodial with MPC integration 8–16
EIP-4337 Account with paymaster 6–12
Institutional (HSM + MPC + compliance) from 16

Cost is calculated individually for your project. We will estimate within one day — contact us by email or Telegram. We provide a guarantee on code and timeline.

Typical mistakes in crypto wallet development (and how to avoid them)

  • Using outdated MPC libraries — GG18 without abort protocol. Choose CGGMP21 or tss-lib with up-to-date audit reports.
  • Tight coupling to a single blockchain — not abstracting for L2/sidechains. Use viem/wagmi for cross-chain.
  • Ignoring MEV attacks — when using multisig without timelocks. Add tx simulation (Tenderly) and sandwiching protection.
  • Lack of fallback recovery mechanism — for Account Abstraction, not setting up social recovery. Include from the first release.

We eliminate these pitfalls at the design stage — for each project, we create a threat model and security checklist.

Need a reliable wallet with no compromises? Get a consultation from our architect — we will analyze your task and propose an architecture with a precise estimate. Leave a request — we will respond within a day.