Introducing the Most Affordable Smart Wallet for Onchain Apps

Here are some things that might be keeping you up at night.

• Security vulnerabilities that put your users and reputation at risk

• Painful migrations when you discover vendor lock-in or can’t rely on a provider

• Expensive tooling that makes scaling financially unsustainable

As developers ourselves, we relate, and are committed to building tools to help you avoid these nightmares. That's why we’re offering you the most cost-efficient, secure, and flexible smart wallet so you can focus on shipping and scaling.

What is a smart wallet?

Anyone building in web3 understands the limitations of traditional EOA (Externally Owned Account) wallets like MetaMask. Seed phrases, gas fees, browser extensions —the entire experience creates friction that hinders users from onboarding and transactions from completing.

Smart wallets represent a significant advancement in this space. They are programmable accounts powered by smart contracts that exist on the blockchain, and leverage a standard called ERC-4337.

This fundamental difference enables capabilities that traditional EOA wallets simply can't provide:

• Account recovery - Eliminate permanent loss from forgotten seed phrases

• Batch transactions - Execute multiple operations in one go

• Gas sponsorship - Allow applications to cover gas fees for users

• Custom authorization - Implement granular permission systems beyond the all-or-nothing approach

For developers, this means creating web2-caliber onchain experiences. For users, it means interacting with blockchain applications without needing to understand the underlying technical complexity.

Smart wallets bridge the gap between blockchain's potential and mainstream adoption—serving as the gateway enabling seamless web3 experiences. Alchemy is the #1 smart wallet provider, powering over 16 million smart wallets today and has co-authored standards like ERC-6900 with the Ethereum Foundation. Now we're putting that expertise to work for you. Here’s how we built it and how you can leverage it to build winning apps.

The tl;dr

We know time is precious, so we’ve summarized. Here's what matters:

• Lowest account creation cost: Our smart wallet is ~53% cheaper to deploy than industry averages (0.56¢ vs. 0.26¢ across major L2s) so you can onboard millions without breaking the bank

• Lowest transaction costs: Our smart wallet saves you ~5-10% compared to alternatives for all transactions.

• Maximum security: Fully audited by Quantstamp, Chainlight, and 500+ security researchers

• True modularity: Execution functions, validations, and hooks that let you extend functionality endlessly.

• Developer-friendly: A simple SDK that doesn't require you to be a smart contract expert

Smart wallets are designed to onboard millions of users to your app. Do it securely and cost-efficiently and never worry about scale.

Keep reading for a deep dive on how we've achieved these industry-leading results.

Core design principles

Many providers force you to compromise. Want security? Say goodbye to flexibility. Need it cheap? Prepare for complexity.

We believe you shouldn’t have to compromise. The smart contracts powering smart wallet functionality were built with three core principles in mind:

• Security: Your assets stay safe, period.

• Cost: Ultra gas-efficient — cheap to deploy and cheap to use.

• Flexibility: These are smart wallets. Easily add the features you need with granular control.

And, all of this is made easy to use with a best-in-class SDK that just works. No “smart contract wizard” prerequisite.

Security

Security isn't just a feature for us – it's our foremost priority. Our contracts have been audited by two leading firms, Quantstamp and Chainlight, and via Cantina’s community of over 5,000 security researchers.

There are three possible execution paths —

1. The UserOp path.

2. The runtime validation path (via executeWithRuntimeValidation()).

3. The direct call path.

While each path works differently, they all maintain the same security standards. This implementation maximizes flexibility and security through validations. Let’s explore.

Validations

Normally, when sending a standard transaction, the user's EOA signs the transaction details to prove they're really the one sending it.

With account abstraction (ERC-4337), however, users might not directly send transactions, or even use a standard EOA to sign transaction details. So, how do we authenticate a user operation?

Enter validations.

Conceptually, a validation is an authentication method associated with one or more potential actions that a smart account can do.

Validations add granular security to smart accounts. You could have a validation that acts as an all-powerful super-validation, capable of doing anything— just as you could have a dozen or more validations, each with a different, narrow scope.

By default, accounts have a fallback validation that comes pre-installed, allowing the original signer (the “owner” of the account) to execute anything. This is entirely configurable, and this validation can be entirely disabled.

Validations must abide by the following rules:

• Validations must be “installed” into the account to be used.

• Validations can be selector-specific, or global.

• Validations can have any number of “hooks” associated with them, allowing for granular access control.

• Validations can be used to validate any combination of: userOps, runtime calls (via executeWithRuntimeValidation()), and EIP-1271 signatures.

• Installing a validation with a special identifier allows the address associated with that validation to directly call into the account for the specified functionality.

  • This can be used to allow other EOAs to execute limited actions on your smart account.

Validations provide a powerful system to granularly manage access control and permission delegation.

Furthermore, beyond being an authorization method, validations enable apps to securely request permissions from users, where additional guarantees would be provided by the user’s wallet (in the form of hooks) outside of the app’s control. The design space is quite literally endless.

Flexibility

True smart wallets should adapt to your needs, not the other way around. Our smart contracts are modular by design through three key components:

Execution functions

Execution functions allow calls into the account to be relayed to specified addresses.

For example, if you're building an NFT marketplace, you might want to support transfers of tokens that require a callback to the receiving address (like onERC721Received()). With our execution functions, that's a single installation call—no complex custom code needed.

Validations

Validations, as previously mentioned, are authorization methods that can be global or function-specific. The power here is that the account isn't tied to any single signature scheme—it works with any authorization method you choose.

Want to support passkeys? Social logins? Multisig with different thresholds for different actions? All possible through the validations.

Hooks

Hooks are where modularity truly shine. They let you attach custom logic to any function or validation in your smart wallet.

You could create a validation that only permits transfers of a specific token, with a maximum amount per day—perfect for dollar-cost averaging or subscription payments. Or picture hooks that implement advanced security checks before high-value transactions.

Together, these components make our smart wallet future-proof. As new authorization methods emerge or your application's needs evolve, your wallet infrastructure can adapt without forcing users through painful migrations.

Cost

Gas efficiency isn't just a nice-to-have—it's the difference between a product that scales and one that doesn't.

Our smart wallet costs less gas to deploy than a single Uniswap V2 swap. We achieved this breakthrough by leveraging Solady's Clone ERC1967 proxy with immutable arguments.

Instead of storing the owner's address in expensive contract storage, we append it directly to the proxy's bytecode. This acts as your fallback validation that you can modify or remove at any time. The result? Deterministic deployment for under 100k gas on any supported chain, with immediate usability and zero compromise on features.

The total cost advantage

When benchmarked against industry competitors in usage scenarios, our wallet delivers significant savings:

• ~53% cheaper account creation than competitors

• 66% cheaper than Safe and 46% cheaper than ZeroDev Kernel for account creation

• ~10% savings for transactions across all operation types (native transfers, ERC-20 transfers, and swaps)

• Substantial savings at scale: Deploying 1M accounts with 100 transactions each saves you ~$30k (on L2s) compared to alternatives.

The math is simple. Our dramatically lower account creation and transaction costs means real savings that compound as your user base grows.

Beyond deployment, we've engineered efficiency into every operation. The smart contracts are built using highly optimized memory management techniques, including reusable in-memory buffers that significantly reduce gas consumption during execution.

We know cost matters at every stage—from deployment to daily operations—so we've pushed gas efficiency to the limit. This means you don't have to choose between powerful features and affordability as your application scales.

Check out our full benchmark analysis here.

Ease of use

There’s no point in having the best possible account if it’s impossible to use. We’ve abstracted all the complexity away, and provide a clean, documented interface that gets out of your way.

Set up your client, and sending a userOp is as simple as:

Our SDK abstracts intricacies such as encoding validations into the UserOp nonce, signing messages with ERC6492, and more general considerations when working with smart accounts.

This ease of use allows you to focus on what matters most: shipping the absolute best experience for your users as efficiently as possible.

Implementation

Let’s take an even deeper dive into how these core design principles are implemented.

A closer look: cost efficiency

Cost efficiency is built in everywhere. Let’s explore a few key areas - account creation, session key creation, and user operations.

Lowest account creation cost

What we achieved:

• Industry-leading efficiency: Only 98k gas per account from the factory

• 250k gas in a user operation with a simple execution

• Up to 46% cheaper than ZeroDev and 84% cheaper than Safe for account creation

Instead of regular account initialization, SemiModularAccountBytecode uses the contract-as-storage pattern to achieve the lowest smart account creation costs in the industry.

This was done by adding native support for ECDSA into the account and appending the owner address to the proxy bytecode using Solady’s LibClone.createDeterministicERC1967 instead of using storage. Skipping the initialization call removes performing 2 zero-to-nonzero EVM storage operations for a total reduction of 51k gas. Removing the initialization step also additionally enables EIP-7702 compatibility.

These optimizations translate to real cost savings that compound with each user you onboard.

Cost optimizations for session keys

Session keys are a popular feature for smart wallets. We lowered costs significantly for creation and usage of them through deferred actions, which reduces costs by 40k gas by allowing creation and first usage to be combined in a single operation.

Imagine your app allows users to subscribe to a premium service with monthly payments. With traditional EOA wallets, the user experience is painful:

1. User signs up and approves the first payment

2. Next month, they must manually approve another transaction

3. If they forget or aren't available, their subscription lapses

4. You lose revenue and they lose access to your service

To solve this, you want to implement session keys that allow your app to process monthly payments without requiring the user to approve each one. But with other smart wallet providers, setting this up is frustrating:

1. User must sign a transaction to create the subscription session key

2. Wait for blockchain confirmation (could be minutes)

3. Sign another transaction to set up the first payment

4. Wait again for confirmation

This clunky experience happens because other providers only support naive batch execution, which requires a single validation to be used across all operations. This means they can't combine operations that require different types of authentication in a single transaction.

With deferred actions, this becomes a 1-click experience. Users create a payment session key and process their first payment in a single seamless transaction. This is achieved through an additional validation + execution step is implemented within user operation validation to be performed only when the deferred action flag in the user operation nonce is set.

• We combine session key creation and first payment in one operation, saving steps and costs.

• We handle the owner validation (for creating the key) and the session key validation (for the payment) together

• We implemented specialized processing triggered by flags in the transaction data

Additionally, we designed deferred actions with security top of mind. When designing deferred actions, we implemented multiple layers of protection:

Replay attack prevention

We use the transaction nonce (a unique identifier) to also serve as the deferred actions nonce. This prevents anyone from copying and replaying a deferred action multiple times

Tamper-resistance

Deferred actions are stored in the signature field of transactions which creates potential vulnerability to modification by transaction processors (bundlers/relayers).

We solve this through two critical safeguards:

1. Validation Binding

• The transaction nonce contains information about which validation method to use

• This ensures deferred actions can only be executed by their intended validation function

• Result: Even if extracted, a deferred action cannot be used with a different validation method

1. Removal Protection

• The presence of specific data in the nonce signals that deferred actions should be present

• This prevents middlemen from removing deferred actions from transactions

• Result: The complete transaction is always processed exactly as the user intended

These safeguards work together to ensure deferred actions remain secure throughout the transaction lifecycle, from creation to execution on the blockchain.

Cost optimizations for user operations

We use a call buffer feature to further reduce gas costs of user operations by 3-6k gas for simple user operations, and higher savings are expected for more complex user operations.

One design quirk about the Solidity compiler today is that it produces bytecode that only allocates memory, never deallocating it even when variables in memory are not used anymore, causing unnecessary expansions of memory. Although memory operations tend to be insignificant compared to storage or call costs, the EVM has a quadratic cost of memory expansion so this becomes very significant for complex applications or calls.

For the hooks that can be implemented on user operations and on executions, Solidity would create a memory expansion per hook or validation call. We instead implement call buffers in Yul, the low-level language used as inline assembly within Solidity, to allocate a segment of memory for all hook calls to be reused across all hook calls that are performed.

A closer look at security: session keys

Session keys are a common feature of smart wallets, allowing users to delegate specific permissions to external applications or services. While this functionality enables greater flexibility and usability, it requires careful implementation to maintain security. Here's how our ERC-6900 compliant accounts deliver comprehensive protection for users through session key configuration.

1. Contract and Selector Allowlisting

The ability to make unrestricted contract calls through session keys can expose accounts to significant risk, particularly with ERC20 tokens. Since token ownership and balances are managed at the contract level, an unlimited session key could effectively give unrestricted access to all ERC20 tokens. We addresse this by implementing strict contract and selector allowlisting, enabling users to precisely define which contracts and functions a session key can interact with.

2. Multi-layered Spending Controls

Beyond contract-level restrictions, granular spending controls are essential for comprehensive security. We allow you to set:

• Native token spending caps

• ERC-20 token spending limits

• Gas usage restrictions

The gas limit implementation is particularly noteworthy, as it’s the only secure way to enforce during the user operation validation phase. This is crucial because the ERC4337 Entrypoint contract uses validation success to determine payment responsibility between the bundler and the account. By implementing these checks through additional pre-validation hooks, Alchemy Prism offers protection that many other smart accounts lack.

3. Advanced Execution Hooks

For sophisticated use cases like token swaps, monitoring the execution context is vital. Alchemy Prism accounts support both pre- and post-execution hooks, enabling:

• Balance delta calculations

• Custom oracle price comparisons

• Slippage tolerance enforcement

This feature allows users to implement precise controls over swap operations performed on their behalf, providing a level of transaction configuration that sets Alchemy Prism apart from many other smart account implementations.

Through these security measures, our accounts provide amazing session key functionality that maximizes both flexibility and protection, setting a high standard for smart account security.

Upgradeability

Our accounts are upgradeable and use the ERC-1967 proxy pattern design which supports account upgrades that can only be initiated by users by default. It is important that this is something only a user can perform since an account upgrade operation could be used to override existing security settings and configurations on the user’s account.

Save costs and scale with Alchemy Smart Wallets

Smart wallets are the key to bringing millions of users onchain without the usual friction. We've built ours so you can:

• Deploy accounts at less than half the cost of alternatives ($0.38 vs industry average $0.79)

• Forget about painful migrations with truly modular architecture that adapts as you grow

• Sleep better knowing your users' assets are protected by multiple audits and 500+ security researchers

We've done the hard work optimizing gas, implementing security validations, and making everything developer-friendly so you can ship fast and scale.

Want to see how much you'll save? Our pricing calculator helps you estimate costs as you scale.

Ready to start building? Dive into the docs and deploy your first smart wallet in under 5 minutes.

More questions? We're here for you. Learn more about smart wallets or get in touch with our team.