From ethskills
Guides Ethereum wallet creation/management: EOAs, smart wallets, Safe multisig, EIP-7702 delegation, ERC-4337. For safe transactions, signing, fund handling.
npx claudepluginhub austintgriffith/ethskills --plugin ethskillsThis skill uses the workspace's default tool permissions.
**EIP-7702 is live.** Since Pectra (May 7, 2025), regular EOAs can delegate execution to smart-contract code without migrating wallets. This enables batching, gas sponsorship, and session-key-style UX. This is NOT "coming soon." It shipped.
Provides expertise in ERC-4337 account abstraction: smart contract wallets, paymasters, bundlers, user operations, social recovery, session keys, gas sponsorship, wallet SDKs.
Selects optimal Circle wallet type (developer-controlled, user-controlled, modular) for onchain apps by comparing custody, auth methods, account types (EOA/SCA/MSCA), and blockchain support. Guides implementation for wallet integrations.
Connects to EmblemVault for wallet-aware workflows on Solana, Ethereum, Base, BSC, Polygon, Hedera, Bitcoin with review-first, operator-controlled actions. Explains Emblem's unified browser and agent auth model.
Share bugs, ideas, or general feedback.
EIP-7702 is live. Since Pectra (May 7, 2025), regular EOAs can delegate execution to smart-contract code without migrating wallets. This enables batching, gas sponsorship, and session-key-style UX. This is NOT "coming soon." It shipped.
Account abstraction status: ERC-4337 is growing but still early (Feb 2026). Major implementations: Kernel (ZeroDev), Biconomy, Alchemy Account Kit, Pimlico. EntryPoint v0.7: 0x0000000071727De22E5E9d8BAf0edAc6f37da032.
Most secure storage: Hardware wallets alone are single points of failure. An audited multisig smart contract (e.g. Safe) is more secure. Multisig does not require multiple people; one user can control multiple keys on separate devices. In a 2-of-4 setup, three signers are the user’s wallets on separate devices (e.g., hardware wallet, phone hot wallet, laptop wallet). The fourth signer is a trusted contact for recovery. An attacker must compromise multiple devices, not one.
EOAs can authorize delegated code execution from smart-contract code. This is not automatically "one and done" - the delegation can stay active until it is replaced or explicitly cleared.
How it works:
What this enables:
Status (Feb 2026): Deployed on mainnet. MetaMask, Rainbow adding support. Still early for production agents — use standard EOAs or Safe until tooling matures.
| Contract | Address |
|---|---|
| Safe Singleton | 0x41675C099F32341bf84BFc5382aF534df5C7461a |
| Safe Proxy Factory | 0x4e1DCf7AD4e460CfD30791CCC4F9c8a4f820ec67 |
| MultiSend | 0x38869bf66a61cF6bDB996A6aE40D5853Fd43B526 |
Same addresses on Mainnet, Arbitrum, Base, and all major chains.
Pattern: 2-of-3 Safe
Benefits: If agent key is compromised, human removes it. Human can always recover funds. Agent can batch transactions.
This is the #1 way AI agents lose funds and leak credentials. Bots scrape GitHub in real-time and exploit leaked secrets within seconds — even from private repos, even if deleted immediately. A secret committed to Git is compromised forever.
This happens constantly with AI coding agents. The agent generates a deploy script, hardcodes a key, runs git add ., and the wallet is drained before the next prompt. Or the agent pastes an Alchemy API key into scaffold.config.ts and it ends up in a public repo.
This applies to ALL secrets:
https://base-mainnet.g.alchemy.com/v2/YOUR_KEY# .gitignore (MUST exist in every project)
.env
.env.*
*.key
*.pem
broadcast/
cache/
# Verify before every commit
git diff --cached --name-only | grep -iE '\.env|key|secret|private'
# If this matches ANYTHING, stop and fix it
# Nuclear option: scan entire repo history
git log --all -p | grep -iE 'private.?key|0x[a-fA-F0-9]{64}'
git filter-repo or BFG Repo Cleaner — but this is damage control, not prevention. The key is already compromised.# Load key from environment (NEVER hardcode)
cast send ... --private-key $DEPLOYER_PRIVATE_KEY
# Or use encrypted keystore
cast send ... --keystore ~/.foundry/keystores/deployer --password-file .password
# Or use hardware wallet
cast send ... --ledger
Rule of thumb: If grep -r "0x[a-fA-F0-9]{64}" . matches anything in your source code, you have a problem. Same for grep -r "g.alchemy.com/v2/[A-Za-z0-9]" or any RPC URL with an embedded API key.
viem.getAddress() or equivalent for checksum validation. A single wrong character = permanent loss.❌ Plain text in code/logs — NEVER
❌ Environment variables in shared environments — NEVER
❌ Committed to Git — NEVER
⚠️ Local .env file — testing only
✅ Encrypted keystore (password-protected)
✅ Hardware wallet / Cloud KMS / TEE
async function sendSafely(publicClient, walletClient, to, value) {
const checksummedTo = viem.getAddress(to);
const { account } = walletClient;
const gas = await publicClient.estimateGas({ account, to: checksummedTo, value });
const fees = await publicClient.estimateFeesPerGas();
const totalCostUSD = Number(viem.formatEther(value + gas * fees.maxFeePerGas)) * 2000;
if (totalCostUSD > 10) {
// human approval
}
const hash = await walletClient.sendTransaction({
account,
to: checksummedTo,
value,
gas: (gas * 120n) / 100n,
maxFeePerGas: fees.maxFeePerGas,
maxPriorityFeePerGas: fees.maxPriorityFeePerGas,
});
const receipt = await publicClient.waitForTransactionReceipt({ hash });
logTransaction({ hash, to: checksummedTo, value, block: receipt.blockNumber });
return receipt;
}