以太坊即將到來的Pectra升級旨在顯著改變用戶與帳戶互動的方式

此關鍵更新允許傳統的外部帳戶（EOA）或用戶錢包，具有類似智能合約的功能

Ethereum's upcoming Pectra upgrade, part of the blockchain's seventh code iteration, aims to significantly change how users interact with their accounts, primarily through EIP-7702, a proposal for native account abstraction.

以太坊即將到來的Pectra升級是區塊鏈第七代碼迭代的一部分，旨在顯著改變用戶與帳戶互動的方式，主要通過EIP-7702，這是本人帳戶抽象的建議。

This key update allows traditional Externally Owned Accounts (EOAs), or user wallets, to operate with smart contract-like capabilities while retaining their ability to initiate transactions.

此關鍵更新允許傳統的外部帳戶（EOAS）或用戶錢包以智能合約功能運行，同時保留其啟動交易的能力。

EIP-7702 grants EOAs new powers such as programmable behavior, delegated access, and compatibility with contract-based features like multi-signature verification and social recovery methods. However, this evolution also introduces significant complexity and new risks that users, developers, wallet providers, and centralized exchanges must carefully address.

EIP-7702授予EOAS的新力量，例如可編程行為，委派訪問以及與基於合同的功能（例如多簽名驗證和社會恢復方法）的兼容性。但是，這種演變還引入了重大的複雜性和新的風險，用戶，開發人員，錢包提供商和集中式交易所必須仔細解決。

EIP-7702: Wallet Providers and Users Face New Security Considerations

EIP-7702：錢包提供商和用戶面臨新的安全考慮因素

EIP-7702：錢包提供商和用戶面臨新的安全考慮因素

After years of discussion and testing, EIP-7702, part of the broader Pectra upgrade, finally introduces account abstraction to Ethereum's mainnet. This capability has been a long-awaited development, bringing the potential for a paradigm shift in how users manage their crypto funds.

經過多年的討論和測試，EIP-7702（更廣泛的pectra升級）最終將帳戶抽象引入了以太坊的主網。這種能力已經是期待已久的發展，從而帶來了用戶管理加密貨幣資金方式的範式轉變的潛力。

With the introduction of EIP-7702, Externally Owned Accounts (EOAs) gain the ability to execute programmable behavior, a feature previously exclusive to smart contracts. This grants EOAs the power to perform actions based on specific conditions or inputs, opening up possibilities for advanced use cases.

隨著EIP-7702的引入，外部擁有帳戶（EOAS）獲得了執行可編程行為的能力，該行為是智能合約以前獨有的功能。這賦予EOAS根據特定條件或輸入執行操作的能力，為高級用例打開了可能性。

Moreover, EIP-7702 enables users to delegate their private keys to smart contracts. This delegation can be tailored for specific functions, such as an exchange performing trades or a recovery scheme granting multiple parties the ability to reset a compromised account.

此外，EIP-7702使用戶能夠將其私人鑰匙委託給智能合約。該委託可以針對特定職能量身定制，例如交換行業交易或恢復計劃授予多方重置受損帳戶的能力。

However, this evolution also brings forth new avenues for potential exploitation, which bad actors might attempt.

但是，這種進化也帶來了潛在剝削的新途徑，這是不良行為者可能會嘗試的。

In the context of delegation, wallet providers must now implement deeper validation processes. For instance, they need to confirm that delegation requests correctly tie to the specific chain ID. Delegations signed with a zero chain ID pose a unique threat: malicious actors could replay them across any EVM-compatible chain, leading to unauthorized actions.

在代表團的背景下，錢包提供商現在必須實施更深入的驗證過程。例如，他們需要確認委託請求正確連接到特定的鏈ID。與零連鎖ID簽名的代表團構成了獨特的威脅：惡意演員可以在任何兼容EVM兼容的鏈中重播他們，從而導致未經授權的行動。

Therefore, wallet interfaces should clearly display the destination contract address during any delegation signing process.

因此，錢包界面應在任何委託簽署過程中清楚地顯示目標合同地址。

Users, in turn, must understand that the same contract address could behave differently across chains. Consequently, delegating to a contract on one network does not guarantee similar functionality elsewhere.

反過來，用戶必須了解，相同的合同地址在鏈條之間的行為可能不同。因此，在一個網絡上委派合同並不能保證其他地方的類似功能。

Related: Can Ethereum Overcome Rising Supply and Weakened Demand? The Pectra Upgrade’s Role

相關：以太坊能否克服供應不斷上升和需求減弱？ Pectra升級的角色

Moreover, users must treat their private keys with heightened caution. Even after delegating authority, the private key retains ultimate control over the account and its assets.

此外，用戶必須謹慎對待其私鑰。即使在委派當局之後，私鑰仍保留對帳戶及其資產的最終控制。

Developers and Exchanges Face New Technical Pitfalls

開發人員和交流面臨新的技術陷阱

開發人員和交流面臨新的技術陷阱

On the technical side, developers must be aware that relying on tx.origin == msg.sender for reentrancy checks will no longer hold. Since delegated EOAs now function like contracts, they can be both callers and callees in transactions.

在技​​術方面，開發人員必須意識到，依靠tx.origin == msg.sender進行重新進入檢查將不再容納。由於現在的EOAS現在像合同一樣運作，因此它們可以是交易中的呼叫者和卡勒。

Storage conflicts may arise during re-delegation to new contracts. Implementing the ERC-7201 namespace strategy helps isolate storage variables and reduce such risks.

在重新申請新合同期間，可能會出現存儲衝突。實施ERC-7201名稱空間策略有助於隔離存儲變量並降低此類風險。

Developers must also ensure that delegated contracts correctly handle key callback functions, a vital step when interacting with token standards like ERC-721 or ERC-777. Without proper callback support, tokens could become stuck or permanently lost during transfers.

開發人員還必須確保委派合同正確處理關鍵回調功能，這是與ERC-721或ERC-777等令牌標准進行交互時的重要步驟。如果沒有適當的回調支持，代幣可能會在轉移期間被卡住或永久丟失。

Finally, centralized exchanges have new responsibilities where they must strengthen their deposit verification methods. A delegated account, for instance, can simulate contract behavior, allowing fake deposits.

最後，集中式交流負有新的責任，必須加強其存款驗證方法。例如，委派帳戶可以模擬合同行為，允許假存款。

Consequently, exchanges should implement transaction tracing to identify spoofed deposits before crediting users. Overall, EIP-7702 ushers in a new era for Ethereum, granting EOAs smart contract capabilities and presenting new security challenges that developers, wallet providers, and exchanges must diligently address to maintain the blockchain's integrity and user safety.

因此，交易所應實施交易跟踪，以在歸功於用戶之前識別欺騙的存款。總體而言，EIP-7702在以太坊的新時代中，授予EOAS智能合同功能，並提出了新的安全挑戰，開發人員，錢包提供商和交流必須認真解決以維持區塊鏈的完整性和用戶安全。