Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@biconomy/account-abstraction

Package Overview
Dependencies
Maintainers
6
Versions
7
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@biconomy/account-abstraction

Account abstraction APIs to prepare user operations

2.0.1
latest
Source
npmnpm
Version published
Weekly downloads
35
84.21%
Maintainers
6
Weekly downloads
 
Created
Source

SDK to create and send UserOperation

This package provides 2 APIs for using UserOperations:

  • Low-level "walletAPI"
  • High-level Provider

LowLevel API:

BaseWalletAPI

An abstract base-class to create UserOperation for a contract wallet.

SmartAccountAPI

An implementation of the BaseWalletAPi, for the Biconomy SmartAccount

owner = provider.getSigner()
const smartWalletAPI = new SmartAccountAPI(
    provider,
    entryPoint, // instance of the entry point contract
    config, // instance of ClientConfig
    walletAddress, // counter factual wallet address (smartAccount.address)
    originalSigner, // owner
    fallbackHandlerAddress, 
    factoryAddress, // wallet factory address 
    0 // index
  )
const op = await smartWalletAPI.createSignedUserOp({
  target: recipient.address,
  data: recipient.interface.encodeFunctionData('something', ['hello'])
})

High-Level Provider API

A simplified mode that doesn't require a different wallet extension. Instead, the current provider's account is used as wallet owner by calling its "Sign Message" operation.

This can only work for wallets that use an EIP-191 ("Ethereum Signed Message") signatures (like our sample SimpleWallet) Also, the UX is not great (the user is asked to sign a hash, and even the wallet address is not mentioned, only the signer)

Keywords

account-abstraction
sdk
erc4337

FAQs

Package last updated on 18 May 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials

Research

Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials

Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.

By Kush Pandya  -  Sep 05, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.