以太坊即将到来的Pectra升级旨在显着改变用户与帐户互动的方式

此关键更新允许传统的外部帐户（EOA）或用户钱包，具有类似智能合约的功能

Ethereum's upcoming Pectra upgrade, part of the blockchain's seventh code iteration, aims to significantly change how users interact with their accounts, primarily through EIP-7702, a proposal for native account abstraction.

以太坊即将到来的Pectra升级是区块链第七代码迭代的一部分，旨在显着改变用户与帐户互动的方式，主要通过EIP-7702，这是本人帐户抽象的建议。

This key update allows traditional Externally Owned Accounts (EOAs), or user wallets, to operate with smart contract-like capabilities while retaining their ability to initiate transactions.

此关键更新允许传统的外部帐户（EOAS）或用户钱包以智能合约功能运行，同时保留其启动交易的能力。

EIP-7702 grants EOAs new powers such as programmable behavior, delegated access, and compatibility with contract-based features like multi-signature verification and social recovery methods. However, this evolution also introduces significant complexity and new risks that users, developers, wallet providers, and centralized exchanges must carefully address.

EIP-7702授予EOAS的新力量，例如可编程行为，委派访问以及与基于合同的功能（例如多签名验证和社会恢复方法）的兼容性。但是，这种演变还引入了重大的复杂性和新的风险，用户，开发人员，钱包提供商和集中式交易所必须仔细解决。

EIP-7702: Wallet Providers and Users Face New Security Considerations

EIP-7702：钱包提供商和用户面临新的安全考虑因素

EIP-7702：钱包提供商和用户面临新的安全考虑因素

After years of discussion and testing, EIP-7702, part of the broader Pectra upgrade, finally introduces account abstraction to Ethereum's mainnet. This capability has been a long-awaited development, bringing the potential for a paradigm shift in how users manage their crypto funds.

经过多年的讨论和测试，EIP-7702（更广泛的pectra升级）最终将帐户抽象引入了以太坊的主网。这种能力已经是期待已久的发展，从而带来了用户管理加密货币资金方式的范式转变的潜力。

With the introduction of EIP-7702, Externally Owned Accounts (EOAs) gain the ability to execute programmable behavior, a feature previously exclusive to smart contracts. This grants EOAs the power to perform actions based on specific conditions or inputs, opening up possibilities for advanced use cases.

随着EIP-7702的引入，外部拥有帐户（EOAS）获得了执行可编程行为的能力，该行为是智能合约以前独有的功能。这赋予EOAS根据特定条件或输入执行操作的能力，为高级用例打开了可能性。

Moreover, EIP-7702 enables users to delegate their private keys to smart contracts. This delegation can be tailored for specific functions, such as an exchange performing trades or a recovery scheme granting multiple parties the ability to reset a compromised account.

此外，EIP-7702使用户能够将其私人钥匙委托给智能合约。该委托可以针对特定职能量身定制，例如交换行业交易或恢复计划授予多方重置受损帐户的能力。

However, this evolution also brings forth new avenues for potential exploitation, which bad actors might attempt.

但是，这种进化也带来了潜在剥削的新途径，这是不良行为者可能会尝试的。

In the context of delegation, wallet providers must now implement deeper validation processes. For instance, they need to confirm that delegation requests correctly tie to the specific chain ID. Delegations signed with a zero chain ID pose a unique threat: malicious actors could replay them across any EVM-compatible chain, leading to unauthorized actions.

在代表团的背景下，钱包提供商现在必须实施更深入的验证过程。例如，他们需要确认委托请求正确连接到特定的链ID。与零连锁ID签名的代表团构成了独特的威胁：恶意演员可以在任何兼容EVM兼容的链中重播他们，从而导致未经授权的行动。

Therefore, wallet interfaces should clearly display the destination contract address during any delegation signing process.

因此，钱包界面应在任何委托签署过程中清楚地显示目标合同地址。

Users, in turn, must understand that the same contract address could behave differently across chains. Consequently, delegating to a contract on one network does not guarantee similar functionality elsewhere.

反过来，用户必须了解，相同的合同地址在链条之间的行为可能不同。因此，在一个网络上委派合同并不能保证其他地方的类似功能。

Related: Can Ethereum Overcome Rising Supply and Weakened Demand? The Pectra Upgrade’s Role

相关：以太坊能否克服供应不断上升和需求减弱？ Pectra升级的角色

Moreover, users must treat their private keys with heightened caution. Even after delegating authority, the private key retains ultimate control over the account and its assets.

此外，用户必须谨慎对待其私钥。即使在委派当局之后，私钥仍保留对帐户及其资产的最终控制。

Developers and Exchanges Face New Technical Pitfalls

开发人员和交流面临新的技术陷阱

开发人员和交流面临新的技术陷阱

On the technical side, developers must be aware that relying on tx.origin == msg.sender for reentrancy checks will no longer hold. Since delegated EOAs now function like contracts, they can be both callers and callees in transactions.

在技​​术方面，开发人员必须意识到，依靠tx.origin == msg.sender进行重新进入检查将不再容纳。由于现在的EOAS现在像合同一样运作，因此它们可以是交易中的呼叫者和卡勒。

Storage conflicts may arise during re-delegation to new contracts. Implementing the ERC-7201 namespace strategy helps isolate storage variables and reduce such risks.

在重新申请新合同期间，可能会出现存储冲突。实施ERC-7201名称空间策略有助于隔离存储变量并降低此类风险。

Developers must also ensure that delegated contracts correctly handle key callback functions, a vital step when interacting with token standards like ERC-721 or ERC-777. Without proper callback support, tokens could become stuck or permanently lost during transfers.

开发人员还必须确保委派合同正确处理关键回调功能，这是与ERC-721或ERC-777等令牌标准进行交互时的重要步骤。如果没有适当的回调支持，代币可能会在转移期间被卡住或永久丢失。

Finally, centralized exchanges have new responsibilities where they must strengthen their deposit verification methods. A delegated account, for instance, can simulate contract behavior, allowing fake deposits.

最后，集中式交流负有新的责任，必须加强其存款验证方法。例如，委派帐户可以模拟合同行为，允许假存款。

Consequently, exchanges should implement transaction tracing to identify spoofed deposits before crediting users. Overall, EIP-7702 ushers in a new era for Ethereum, granting EOAs smart contract capabilities and presenting new security challenges that developers, wallet providers, and exchanges must diligently address to maintain the blockchain's integrity and user safety.

因此，交易所应实施交易跟踪，以在归功于用户之前识别欺骗的存款。总体而言，EIP-7702在以太坊的新时代中，授予EOAS智能合同功能，并提出了新的安全挑战，开发人员，钱包提供商和交流必须认真解决以维持区块链的完整性和用户安全。