Obi

Inspiration

Our founding team has been in crypto for 5+ years and worked together on multiple projects (validators, development tutorials, tooling, etc.). Through the years we've noticed that legacy accounts (EOAs) sacrifice convenience for security or vice versa.

Ultimately, we are avid believers in self-custody – it's quite literally the whole point of crypto. We want to bring the ease of centralized platforms to non-custodial apps and L1s so that everyone from experienced degens to normie boomers can control their own assets without the pitfalls of EOAs.

What it does

Obi offers easy account abstraction – from seedless, seamless, recoverable onboarding to powerful rules like session keys and spend limits. The Obi SDK can integrate these features right into any frontend application.

This hackathon project aims to implement Obi SDK right into Osmosis, as a white-labeled "Smart Account" option that brings users recoverable, flexible, non-custodial accounts with quick onboarding without requiring them to deal with seed phrases or with installing an additional extension or application. It will also allow them to use spend limited addresses, inheritance, and session keys to bring familiar Web2 conveniences (large transaction verification, account recovery, and login-once experience) to Web3.

How we built it

The account creator factory contract can create Obi Accounts, a collection of smart contracts, for users. The core user account contract can have numerous kinds of gatekeeper contracts attached which can apply restrictive or permissive account abstraction rules to transactions. We also started on our "v2" contracts, which have strong security, flexibility, and multichain improvements.

Meanwhile, the Obi SDK (originally a wallet application and now in the process of being converted into an easy SDK) provides a React component for websites to integrate. Soon, SES (Agoric's hardened JavaScript) and iFrames will be used to prevent a number of potential attacks on the front end of the stack. While the current version uses native cosmos multisig keys, MPC shares will be enabled soon.

Challenges we ran into && Accomplishments that we're proud of

Our proudest design accomplishments are the direct results of challenges.

Some challenges and our solutions to them were:

• Bad "insufficient fees" UX: Quiet, instant fee lending so that users never need network assets for fees
• Unknown contract bugs/exploits: Security notifications and firewall contracts (in progress)
• MitM-type JS attacks against users: iFrame usage for critical code (in progress)
• Unified multi-chain user experience: Smart accounts that can sign across chains (in progress)
• Point-of-failure multikey services such as Twilio: A network of service providers offering web2 services to contracts (not yet implemented)

What we learned

Modular account abstraction gives more control to users and enables a superior user experience (including safety, attack resistance, and recoverability). The SDK will ultimately reduce the burden on contract and application developers, who previously needed to implement their own improvements to user onboarding, attack resistance, and account recovery if they wanted to improve on the standard Web3 UX.

What's next for Obi

Obi will continue pushing towards a full white label integration of Smart Accounts on Osmosis testnet and testnet frontend, full-stack security audits, and governance approval of smart account WASM and activation on Osmosis mainnet.

We also have an account migration path planned, whereby users of legacy (EOA, normal keypair) accounts can one-click upgrade their account to a multikey-backed Obi account.

Then, Obi service providers, multi-chain Obi Passport, and continued SDK improvements will make smart accounts easy to integrate with Web3 platforms everywhere.

Built With

• cloud
• cosmwasm
• nfc
• react-native
• rust
• telegram
• twilio