We have been developing & improving smart accounts for over a year now. With over 1.5 Million Biconomy Smart Accounts deployed, we have been constantly pushing the envelope. As pioneers of account abstraction & flag bearers of superior web3 UX, we present Nexus - our latest & most advanced version of Modular Smart Accounts.

‍

Why Nexus - The most advanced Modular Smart Account

‍

Security - Nexus is highly audited and extensively tested to ensure every dapp that integrates it doesn’t need to worry about attacks via their smart account implementation. Thanks to rigorous audits by Spearbit & Cyfrin, two of the best in the business, devs can rest assured about security.

Cyfrin and Spearbit Audits found here

92% Defi Safety Score

‍

Gas Optimised - We understand how important it is for devs to use smart accounts that utilise the least gas. Even small inefficiencies add up across tons of transactions. That’s why we have optimised our gas efficiency with the help of the industry expert - Gaslite
‍

Minimal & Neutral Implementation- Nexus is a minimal & non-opinionated implementation. Thus, it gives a lot of flexibility to the developers without any lock-ins. Devs can iterate & pivot easily as per their business requirements.

Modular - Nexus implements the ERC-7579 modular interface, which works with a growing list of open sourced modules to tap into permissionless innovation. Devs can choose from a wide range of third party built modules to easily plug-in new capabilities.

‍

Resource Locking to support  Chain Abstraction - With Nexus, modules can have predetermined time locks before they can be uninstalled. This mechanism allows modules to securely hold funds for solvers and executors, enabling instant, chain-abstracted transactions. Solvers can operate confidently, knowing that the module cannot be immediately uninstalled, which prevents double spending and ensures seamless transaction execution.

‍

‍

‍

Architecture

The Nexus architecture provides a robust and modular framework for managing smart accounts, complying with ERC-7579, ERC-4337, ERC-7739, ERC-7562 and ERC-7484 standards. This compliance ensures secure, modular, and gas-optimized operations through advanced signature validation, module attestations, and multi-type module installations.

Core Components

Smart Account Factory: Deploys and initializes new smart accounts, interacting with the EntryPoint to ensure compliance and correct setup.

EntryPoint: Acts as the central gateway for user operations, managing validation, gas estimation, and transaction flows.

Paymaster: Supports various gas payment schemes, including sponsorships and token payments, ensuring smooth transaction execution.

Validation Modules: Handle validation of the User Operations via various algorithms: multi-signature setups, ECDSA ownership, session keys, and nested typed data validation, bolstered by ERC-7739 for phishing resistance.

Execution Modules: Unlock custom execution routines by being allowed to execute actions on behalf of the Smart Account.

Hook Modules: Enable custom logic at pre- and post-execution stages, unlocking resource locking for secure, controlled modifications.

Fallback Handlers: Extend native Smart Account functionality

‍

Module Management

Flexible Module Installation

Nexus utilizes the ERC-7579 installModule interface, which allows for specifying the module to install along with initial configuration data. Modules can be installed under multiple types in a single operation, thanks to the Module Type ID 0, which supports multi-type installations compatible with ERC-7739.

‍

Enable Mode for On-the-Fly Installation

For scenarios where a module isn't pre-installed, Nexus offers Enable Mode. This feature permits the installation of modules during the validation phase of a transaction, eliminating the need for separate installation steps. Enable Mode is particularly beneficial for validators and hooks, which need to be active before certain operations commence.

Enable Mode leverages ERC-7739, hashing Smart Account address into the signed object. This approach binds the signature to specific module details, preventing unauthorized installations and mitigating replay attacks.

‍

Managing Installed Modules

Understanding and managing the modules within a Nexus account is straightforward:

Querying Modules: Use methods like getValidatorsPaginated or getExecutorsPaginated to list installed modules. getActiveHook identifies the currently active hook, and getFallbackHandlerBySelector helps locate specific function implementations.

Uninstalling Modules: Proper deinitialization is crucial when removing modules to prevent residual configurations that could lead to unexpected behaviors upon reinstallation.

‍Emergency Uninstallation: The emergencyUninstallHook function acts as a failsafe to remove problematic hooks. It incorporates a timelock mechanism to prevent unauthorized or abrupt removals, ensuring account integrity while providing a means to address critical issues.

‍

‍Enhanced Security with ERC-7739 & ERC-7484

Nexus supports ERC-7739 for modules, significantly bolsters security. By utilizing nested EIP-712 flows for signature validation, it prevents signature reuse across different accounts and maintains compatibility with popular wallet clients like MetaMask. This layered security approach protects against phishing attempts and replay attacks, ensuring that module installations and operations are both secure and user-specific.

‍

Nexus adheres to the ERC-7484 standard, enabling developers to verify module security through a Registry Adapter before integration. The module registry provides essential security assurances, giving developers confidence in the safety of the modules they choose to install.

‍

Getting Started with Nexus

We invite developers to explore Nexus and experience its robust modular framework:

Check the docs: https://docs.biconomy.io/overview
Repo: github.com/bcnmy/nexus/wiki

‍