Account Abstraction Telemetry: What to Log (and What Not To) in 2025

Description: In 2025, EIP-7702 is live and ERC‑4337 keeps evolving (EntryPoint v0.8+), changing what “good” telemetry looks like for smart accounts. This playbook shows exactly which signals to log across wallets, bundlers, paymasters, and on-chain—plus what to exclude for security and privacy.

Who this is for

Decision-makers at startups and enterprises planning or scaling blockchain products that rely on account abstraction (AA), including product leads, platform owners, and engineering managers.

Why telemetry for AA changed in 2025

Three ecosystem shifts reshaped AA observability this year:

EIP‑7702 went live with Pectra (mainnet activation on May 7, 2025), introducing Type‑4 “set‑code” transactions that let EOAs temporarily delegate execution to contract code. Wallets and dapps are already issuing 7702 authorizations at meaningful volume. You must instrument these authorizations and their risks. (theblock.co)
ERC‑4337 continued to ship: most providers support EntryPoint v0.7, with v0.8 widely available and v0.9 in flight. Versioning affects validation semantics, packing, and error reporting—so you need version‑aware logging. (alchemy.com)
The ERC‑4337 Shared Mempool moved from concept to practice across major networks, changing inclusion guarantees and what bundlers should expose for health and censorship‑resistance. (etherspot.io)

At the same time, adoption has scaled: 2024 saw >100M UserOps with ~87% paymaster‑sponsored; in late 2024 and 2025, activity concentrated on Base, Polygon, and Optimism—data you can use to benchmark your own funnels. (panewslab.com)

The AA telemetry surface (map-first, then instrument)

Track signals at six layers. Each layer lists “log this” (field‑level), “derived metrics,” and “don’t log.”

Wallet & client (SDK, browser/mobile)

Log this
- userOp_id (client‑side temporary UUID)
- chain_id and entrypoint_version detected (v0.6/v0.7/v0.8)
- account_type: 4337_account | 7702_eoa
- signature_scheme: ecdsa | 1271 | p256_webauthn | multisig | session_key
- 7702 fields if used: authorization_list_count, delegate_address, auth_nonce (64‑bit), tx_type=0x04
- 6492 usage flag when signing counterfactual contracts (predeploy signatures) (eips.ethereum.org)
- gas_estimate_userop and estimation_method (simulateValidation vs heuristic)
- submission_target: shared_mempool | private_bundler | direct_rpc
Derived metrics
- client_sign_error_rate by signature_scheme
- 7702 authorization acceptance vs rejection (wallet policy)
- estimation_error_drift = abs(simulated_gas − actual_gas)/actual_gas
Don’t log
- raw signatures (store only hashes), passkey attestation blobs, biometrics, seed phrases, device fingerprints, IP addresses tied to wallet addresses (PII). CPRA/CCPA treats IPs and account log‑ins as personal or sensitive; minimize scope and retention. (oag.ca.gov)

Bundler

Log this
- userOpHash, sender, nonce (counter), paymaster (if any)
- validation_outcome: passed | reverted | throttled (ERC‑7562)
- revert_class: signature | paymaster | initCode | aggregator | gas | 7702_auth
- inclusion_latency_ms = time(handleOps_submitted) − time(userOp_received)
- bundle_size, bundle_simulation_pass_rate
- mempool_mode: shared | private; peer_count; gossip_success_rate
- entrypoint_version used for simulation & submission
Derived metrics
- p50/p95 inclusion_latency_ms (by chain)
- simulation_to_onchain_mismatch_rate (any handleOps revert after a passing sim)
- 7562 rule violations by code class (AUTH‑020/030/040, STO‑031/033, LIM‑010/050, etc.) (eips.ethereum.org)
Don’t log
- full callData/initCode for every op (hash it; persist raw only on error with time‑limited retention)
- peer IPs tied to sender addresses (privacy)

Paymaster (sponsorship & policy)

Log this
- policy_id, decision: approve | deny | challenge
- token_pricing_source and price_timestamp
- quoted_token_fee, actual_gas_cost_wei, refund_deltas
- deposit_balance, min_reserve_threshold, stake_status
- reason_codes for denials (risk_score_high, unknown_contract, quota_exceeded)
Derived metrics
- approval_rate by app_id and chain_id
- slippage_between_quote_and_actual (%)
- “sponsor ROI” = retained users after n days / total gas spend
Don’t log
- full ERC‑20 allowance snapshots for users; store deltas or anonymized aggregates

On‑chain results (EntryPoint & account events)

Log this (from receipts/events)
- UserOperationEvent fields (sender, paymaster, actualGasCost, success)
- handleOps gas_used per op and per bundle
- EntryPoint address and code hash (to detect version drift)
Derived metrics
- actualGasCost distribution (by account type, by chain)
- failure_reasons heatmap vs revert_class from bundler
Version anchors
- v0.6: 0x5FF1…2789; v0.7: 0x0000…7032; v0.8+ per provider (keep a registry). (alchemy.com)

EIP‑7702 telemetry (Type‑4 set‑code)

Log this
- tx_type=0x04; authorization_list_length; per‑auth: delegate_address (20 bytes), auth_nonce (u64)
- delegate_contract_hash (EXTCODEHASH at submit time)
- was_reverted? and reason
Derived metrics
- 7702 adoption over time; auth_length distribution; “unknown delegate” rate
- “first‑party delegate” vs “third‑party” (allowlist) breakdown
Context
- Track 7702 adoption waves after Pectra (thousands of authorizations in first week) and wallet UX changes that expose authorization prompts. Instrument “unsafe prompt accepted” events in wallets to reduce scams. (theblock.co)

Network & mempool propagation

Log this
- shared_mempool_enabled: true/false; peers_count; gossip_msg_in/out rates
- re‑broadcast_count before inclusion; alternate_bundler_observed: true/false
Derived metrics
- censorship_resistance proxy: fraction of UserOps included by a different operator than the submitter
- time_to_first_seen_by_peers (p95)
Context
- The Shared Mempool went live on mainnet (Ethereum, Arbitrum, Optimism) in late 2024; plan for gossip health metrics and multi‑bundler routing. (etherspot.io)

What not to log (privacy, security, and legal)

Never collect: seeds, private keys, raw passkey materials, biometric templates, session keys, email contents, plaintext auth tokens, or full IP‑address mappings to wallet addresses.
Minimize: raw user‑signed payloads (store keccak256), full callData/initCode (hash by default, persist raw only on error).
Treat device IDs and IPs as personal data; in California, account log‑ins, precise geolocation, and credentials constitute “sensitive personal information.” Build opt‑outs and retention caps. (oag.ca.gov)
Apply data minimization and storage limitation principles (GDPR Art. 5) across telemetry pipelines. (gdpr.org)

Field‑level logging: concrete examples

Below are compact JSON patterns you can copy into your logging schemas.

Bundler validation attempt (ERC‑7562‑aware)

{
  "ts": "2025-12-01T16:20:07Z",
  "component": "bundler",
  "entrypoint_version": "v0.8",
  "chain_id": 8453,
  "userOpHash": "0x…",
  "sender": "0xabc…",
  "nonce": "3",
  "paymaster": "0xdef…",
  "mempool": "shared",
  "validation": {
    "outcome": "reverted",
    "revert_class": "paymaster",
    "erc7562_rules": ["STO-033"],
    "simulation_ms": 57
  },
  "bundle": {
    "id": "bdl_20251201_00042",
    "size": 36
  }
}

Tie “revert_class” to ERC‑4337’s simulation outcomes and attach any ERC‑7562 code/storage/local rule identifiers for diagnosis. (eips.ethereum.org)

Paymaster policy decision

{
  "ts": "2025-12-01T16:20:08Z",
  "component": "paymaster",
  "policy_id": "pm_gasless_v5",
  "chain_id": 8453,
  "app_id": "game_xyz",
  "decision": "deny",
  "reason_codes": ["quota_exceeded", "unknown_contract"],
  "quoted_token_fee": "1.23 USDC",
  "pricing_source": "oracle_7",
  "deposit_balance_eth": "32.1",
  "min_reserve_eth": "25.0"
}

7702 authorization observability

{
  "ts": "2025-12-01T16:20:10Z",
  "component": "wallet",
  "tx_type": "0x04",
  "authorization_list_length": 1,
  "delegate_address": "0x7f…",
  "auth_nonce": 9,
  "delegate_codehash": "0x4b…",
  "policy": {
    "allowlisted_delegate": false,
    "user_prompted_read_contract": true,
    "blocked_patterns": []
  },
  "submitted_via": "canonical_txpool"
}

Use codehash to detect spoofed delegates; count authorization_list length to flag suspicious multi‑delegate prompts. EIP‑7702 defines the tuple format and Type‑4 encoding. (eips.ethereum.org)

Version‑aware logging and alerts (4337 v0.6 → v0.8+)

Record EntryPoint version for every simulation and bundle. Providers commonly expose v0.6 and v0.7 addresses; v0.8 introduced additional optimizations and updated validation semantics. Keep alerting rules per version to avoid false positives (e.g., postOp behavior and structured errors differ). (alchemy.com)
Track deprecation timelines (e.g., some providers plan to drop v0.6 support around 2026). Use dual‑stack during migrations and alert if userOps are routed to an unsupported version. (alchemy.com)
Keep a registry of EntryPoint addresses per chain (v0.6/v0.7 fixed; v0.8+ published by maintainers). Verify code hashes on startup. (alchemy.com)

Shared Mempool metrics to adopt

If you use (or depend on) the ERC‑4337 Shared Mempool:

Record peer_count, gossip_in_rate, gossip_out_rate, and peer_reputation.
Log origin_bundler and included_by_bundler to measure censorship resistance (how often others include your users’ ops).
Alerting thresholds
- gossip_in_rate drops >50% for 5 minutes
- p95 inclusion_latency > 60s on L2s with healthy conditions
Document which networks you enable (Ethereum, Arbitrum, Optimism; Polygon status may evolve) and expose health per network. (etherspot.io)

Don’t skip ERC‑7562 conformance telemetry

ERC‑7562 codifies validation‑phase limits to prevent DoS (e.g., storage/code access, reputation throttling, max sizes). Add counters for: AUTH‑020/030/040, STO‑031/033, LIM‑010/020/030/040/050; ban/throttle state transitions; and “opsSeen vs opsIncluded” to evidence fair behavior. These are the numbers ecosystem peers will expect if you run infrastructure. (eips.ethereum.org)

Practical dashboards and queries you can ship this quarter

BigQuery on Optimism Superchain’s public 4337 dataset
- Track paymaster gas spend by label in one query; you can extend this to cohort analyses and budget alerts.

SELECT
  labels.name AS paymaster_label,
  SUM(CAST(opdata.actualGasCost AS NUMERIC)) AS gas_wei
FROM `your_dataset.optimism_superchain_4337_account_abstraction_data.useroperationevent_logs_v2` AS opdata
LEFT JOIN `4337metrics.labels` AS labels
  ON opdata.paymaster = labels.paymaster
WHERE opdata.dt = "2025-04-09"
  AND opdata.paymaster != "0x0000000000000000000000000000000000000000"
GROUP BY paymaster_label;

See the step‑by‑step guide for creating custom 4337 metrics with public datasets and labeled addresses. (docs.erc4337.io)

Bundler test conformance
- Publish your latest run against the ecosystem’s bundler test matrix and export results into Grafana; track regressions as you bump 4337 versions. (bundlers.erc4337.io)

SLOs that correlate with AA business outcomes

Adopt SLOs that connect directly to UX and cost:

Inclusion latency (p95): ≤60s L2, ≤120s L1, measured from userOp submission to UserOperationEvent success.
Simulation accuracy: |simulated − actual|/actual ≤15% (p90).
Paymaster approval rate: ≥90% for allowlisted flows; slippage between quote and actual gas ≤10%.
7702 “unsafe prompt” abandonment: target >70% of users reject non‑allowlisted delegates (instrument the wallet prompt).
Shared Mempool reachability: ≥95% peers reachable during peak hours.

Emerging best practices for instrumentation

Use OpenTelemetry with zero‑code eBPF on your Go/Node services to get baseline HTTP/RPC traces without patching app code; add custom spans for AA lifecycle steps (simulateValidation, handleOps, sponsorship decision). Expect <~2–5% CPU overhead when tuned. (opentelemetry.io)
Align attribute names to OTel semantic conventions where possible (rpc.system="jsonrpc", net.peer.name, http.*). For AA‑specific fields, keep a stable prefix: aa.userop.hash, aa.validation.revert_class, aa.erc7562.rule. (github.com)
For wallets using passkeys or ERC‑1271/6492 signatures, log only algorithm family (e.g., p256_webauthn) and signature_hash; never raw attestations. (eips.ethereum.org)
Maintain a live map of networks and EntryPoint versions you target; many providers support v0.7 and v0.8 side‑by‑side; alert if your client sends v0.6 userOps to a v0.8‑only setup. (alchemy.com)

How to detect real risk sooner (telemetry patterns that work)

7702 delegate drift
- Alert when delegate_codehash changes for a previously allowlisted delegate_address—malware often ships “look‑alike” delegates. Use EXTCODEHASH at submission time. (eips.ethereum.org)
Validation instability
- Track “passes sim, reverts on‑chain” by revert class; spikes indicate staleness in node state or 7562 rule mismatches (e.g., storage access rules). (eips.ethereum.org)
Sponsorship exploits
- Compare quoted_token_fee to actualGasCost over time; rapidly widening gaps may indicate malicious callData patterns or price oracle drift.
Censorship symptoms
- If shared_mempool peers drop to near zero but RPC is healthy, fail over to multi‑provider relays and log resubmissions; distinguish bundler censoring from network partitions. (docs.erc4337.io)

A 60‑day rollout plan you can copy

Week 1–2: Inventory your AA footprint
- List chains, EntryPoint versions, bundler providers, paymasters, and wallet SDKs you use. Record 7702 usage (on/off).
Week 3–4: Ship minimal schemas
- Implement the three JSON logs above; add OpenTelemetry auto‑instrumentation to API edges; wire into Prometheus/Grafana or your APM of choice. (opentelemetry.io)
Week 5–6: Add Shared Mempool and 7562 metrics
- Peer health, gossip rates, inclusion latency; export 7562 rule counters. (docs.erc4337.io)
Week 7–8: Tune SLOs and alerts
- Set thresholds per chain; add budget alerts for paymasters; add 7702 delegate drift alert.
Week 9–10: Prove value to product
- Tie sponsorship spend to day‑7 retention; instrument “unsafe prompt” declines; quantify UX wins (p95 latency vs conversion).

Common pitfalls to avoid (and how to fix them)

Logging raw calldata for every UserOp
- Fix: hash by default; persist raw only on error with a TTL (e.g., 7 days). This protects users and controls costs.
Mixing EntryPoint versions in a single service with no labels
- Fix: add entrypoint_version field everywhere; isolate dashboards and alerts by version. (alchemy.com)
Ignoring 7702 completely
- Fix: even if you don’t issue 7702 transactions, users can authorize third‑party delegates; detect and warn inside your UX. Track Type‑4 volume against your app. (theblock.co)
Treating bundlers as a black box
- Fix: prefer providers that expose mempool and simulation metrics; or run your own bundler and publish conformance results. (bundlers.erc4337.io)

Appendix: concrete reference points

EIP‑7702 transaction anatomy (Type 0x04 with authorization_list tuples) and security considerations (delegate code, nonce, propagation). Use these fields for your 7702 logs. (eips.ethereum.org)
ERC‑7562 validation scope rules you should count and alert on (AUTH/STO/LIM classes). (eips.ethereum.org)
EntryPoint versions/address anchors (v0.6/v0.7 fixed addresses; v0.8 improvements like updated validation rules and gas penalty tweaks; keep your own registry). (alchemy.com)
Shared Mempool status and design implications—propagation metrics are now table‑stakes. (etherspot.io)
OpenTelemetry eBPF auto‑instrumentation and RPC semantic conventions stabilization—use to standardize traces across polyglot stacks. (opentelemetry.io)
Market context: >100M UserOps in 2024 with ~87% paymaster‑sponsored; use as a north star when modeling paymaster budgets and ROI. (panewslab.com)

The bottom line

In 2025, “good AA telemetry” means version‑aware logging across the 4337/7702 stack, Shared Mempool propagation metrics, ERC‑7562 conformance counters, and paymaster economics—while scrupulously excluding sensitive user data. If you implement the schemas, SLOs, and alerts in this guide, you’ll not only harden your platform—you’ll also give product and finance clear knobs to optimize UX and gas spend as account abstraction keeps scaling.