---

title: "Dapp Developer Guide: Building a Gas-Abstracted UX With Session Keys and Wallet-as-a-Service (WaaS)" description: "A practical, 2026-ready playbook to ship gas‑abstracted dapps using ERC‑4337/EIP‑7702, session keys, and Wallet‑as‑a‑Service. Includes concrete architectures, code snippets, paymaster policies, and vendor selection criteria."

Who this guide is for

• Product and platform leaders who need a concrete path from “wallet pop‑ups and failed gas” to consumer‑grade UX.
• Engineering managers evaluating whether to lean on ERC‑4337, EIP‑7702, session keys, and WaaS to hit reliability, security, and cost targets in production.

---

Executive brief: what “gas‑abstracted UX” means in 2026

“Gas‑abstracted” no longer means just “someone else pays gas.” It means:

• Users sign with passkeys or embedded wallets; the app enforces scoped session permissions; gas is paid in-app (often with stablecoins) or sponsored; and transactions land without confusing wallet modals.
• On Ethereum, this is implemented with:
  • ERC‑4337 smart accounts for sponsorship, batching, and programmable validation.
  • EIP‑7702 (mainnet since May 7, 2025) so EOAs can temporarily act like smart accounts in a single transaction—crucial for keeping the same address while gaining smart‑wallet UX. (blog.ethereum.org)
  • A WaaS layer (Coinbase CDP Embedded Wallets, Fireblocks, Privy, Sequence, etc.) to ship secure, scalable key management and signers without reinventing custody, policy, or attestation. (coinbase.com)

---

Architecture patterns that work

Pattern A: “4337 spine” smart accounts + WaaS signers

• Use a WaaS SDK to provision an embedded, passkey‑capable signer per user.
• Back the account with an ERC‑4337 smart account implementation (e.g., modular accounts supporting validator/plugins for session keys).
• Route UserOperations to shared‑mempool bundlers; attach a paymaster for gas abstraction. (docs.erc4337.io)

Why this wins:

• Mature ecosystem for paymasters and bundlers; batching and sponsorship “just work.” (docs.erc4337.io)
• Session‑key plugins exist today in popular modular stacks (ERC‑6900/7579). (eips.ethereum.org)

Pattern B: “7702‑front, 4337‑backbone”

• Keep the existing EOA address. Use EIP‑7702’s type‑4 transaction to delegate execution to a contract for that tx, while still submitting via 4337 rails for sponsorship and inclusion guarantees. (theblock.co)
• This eliminates “new smart‑account address” friction while retaining paymasters and bundler tooling you already rely on. (turnkey.com)

When to choose Pattern B:

• You need to preserve user addresses (compliance, KYC mapping, or loyalty IDs).
• You’re migrating a large EOA userbase incrementally to smart‑wallet UX post‑Pectra. (blog.ethereum.org)

---

Core components and what to adopt

• Smart account standardization
  • ERC‑6900 modular accounts (interfaces for validators/executors/hooks). (eips.ethereum.org)
  • ERC‑7579 ecosystem for interoperable modules across wallets; adapters exist for Safe and others. (docs.rhinestone.dev)
• Session keys and permissions
  • Wallet‑managed sessions via the emerging ERC‑7715 (

    wallet_grantPermissions

    ), and dapp‑side UserOp construction via ERC‑7679 (UserOp Builder). (eips.ethereum.org)
• Inclusion and reliability
  • Target bundlers that participate in the ERC‑4337 Shared Mempool (live since late‑2024) to avoid single‑bundler censorship and improve inclusion. (docs.erc4337.io)
• Gas abstraction
  • Use a verifying paymaster you control for sponsorship policies, or stablecoin paymasters like Circle Paymaster to let users pay gas in USDC (10% end‑user fee from July 1, 2025; waived before). (circle.com)
  • If your stack supports EntryPoint v0.9, adopt the new

    paymasterSignature

    for parallel signing and faster UX. (github.com)

---

Session keys: the lever for fewer prompts and safer delegation

Session keys are secondary signers with scoped powers (time‑boxed, contract/func allowlists, spend limits). They live great inside modular smart accounts—and they’re the bridge to “one‑click” experiences without giving the app your main key. (docs.erc4337.io)

What’s new and production‑ready

• Cross‑account modules: ERC‑7579 makes session modules portable across smart‑account vendors; Safe can interoperate via Safe7579 Adapter. (docs.rhinestone.dev)
• Developer DX: Module SDKs expose reusable policies (e.g., spend caps, whitelists) and validators (ECDSA, passkey, MPC) to mix‑and‑match permissions. (rhinestone.dev)
• Standards in motion:
  • ERC‑7715 lets dapps request wallet‑managed sessions through a standard RPC, not vendor APIs. (eips.ethereum.org)
  • ERC‑7679 puts per‑wallet encoding logic on‑chain so dapps can build valid UserOps without vendor lock‑in. (eips.ethereum.org)

Security realities you must plan for

• Scoped logic must be enforced on‑chain in

  validateUserOp()

  . A 2025 CVE showed how a mistakenly bypassed allowlist in a session‑key module could enable token drains—treat permission modules as critical surface and audit accordingly. (nvd.nist.gov)
• Model session storage:
  • Client device (best for “skip prompts” on the same device).
  • Server agent/TEE (best for automation, with strict policies and audit trails). (alchemy.com)

Example: Adding a time‑boxed + allowlisted session key (Alchemy Modular Account V2)

import {
  createModularAccountV2Client,
  installValidationActions,
  getDefaultSingleSignerValidationModuleAddress,
  SingleSignerValidationModule,
  // permission modules
  getDefaultTimeRangeModuleAddress,
  getDefaultNativeTokenLimitModuleAddress,
} from "@account-kit/smart-contracts";
import { SessionKeySigner } from "@account-kit/smart-contracts";
import { keccak256, parseEther } from "viem";

const client = createModularAccountV2Client({ /* chain, rpc, account */ });

// 1) Generate a session key signer (client-side)
const sessionKey = new SessionKeySigner();

// 2) Compose permissions: valid for 3 days, only 0.2 ETH total value, and call allowlist
const perms = {
  timeRange: { start: Math.floor(Date.now()/1000), end: Math.floor(Date.now()/1000) + 3*24*3600 },
  nativeTokenLimit: parseEther("0.2"),
  allowlist: [
    { to: "0xUniswapV3Router", selectors: ["0x3593564c" /* exactInputSingle */] }
  ]
};

// 3) Install validation with modules + add the session key
await client.installValidation({
  validator: {
    module: getDefaultSingleSignerValidationModuleAddress(),
    data: SingleSignerValidationModule.encodeAddOwner({ owner: sessionKey.address }),
  },
  permissions: perms,
  tag: keccak256(new TextEncoder().encode("trading-session-001"))
});

This builds on production docs for session‑key installation, time ranges, spend limits, and paymaster guards you can compose. Audit the exact modules you enable. (alchemy.com)

Example: Ask the user’s wallet for a session via ERC‑7715

// Request a wallet-managed session for 72 hours on chain 8453 (Base)
const resp = await window.ethereum.request({
  method: "wallet_grantPermissions",
  params: [{
    chainId: "0x2105", // 8453
    expiry: Math.floor(Date.now()/1000) + 72*3600,
    signer: { type: "wallet", data: {} }, // wallet-managed
    permissions: [
      { type: "contract-allowlist", data: { to: ["0xUniswapV3Router"] } },
      { type: "erc20-spend-limit", data: { token: "0xA0b869...USDC", allowance: "1000000000" } } // e.g., 1000 USDC (6 decimals)
    ]
  }]
});

// Use resp.permissionsContext for subsequent wallet_sendCalls or 4337 builders

The wallet chooses the concrete session mechanism; your app just gets a

permissionsContext

to attach to subsequent calls per the ERC. (eips.ethereum.org)

---

Gas abstraction with paymasters: decisions that matter

Choose the right paymaster model

• Verifying/sponsored model (you pay): business rules off‑chain, enforced in validation; stake/deposits at EntryPoint; ideal for freemium or subsidized growth. (docs.erc4337.io)
• User‑pays‑in‑USDC (you don’t pay): integrate Circle Paymaster so users cover gas in stablecoin across supported chains (Arbitrum, Base, Ethereum, OP Mainnet, Polygon PoS, Avalanche, Unichain as of Jan 2026). End‑user fee is 10% of gas cost since July 1, 2025. (circle.com)

Cut spinners with EntryPoint v0.9 (parallel signing)

If your infra and wallets support EntryPoint v0.9, use the new

paymasterSignature

to let the wallet and paymaster sign in parallel. This removes serial round‑trips that previously blocked the confirmation UI. (github.com)

Policy checklist we deploy for clients

• Rate/velocity: cap sponsored gas per user/day and per UserOp; maintain deny/allow lists off‑chain; encode decisions into

  pm_getPaymasterData

  . (docs.erc4337.io)
• Validity windows: bound sessions and UserOps by timestamps or block numbers for replay resistance. (github.com)
• Refund accuracy and SLOs: alert on simulation/execution deltas, inclusion latency spikes, and low paymaster deposits. (docs.erc4337.io)

Example: submitting a USDC‑gas UserOp with Circle Paymaster

High‑level flow:

1. Wallet signs the intended call.
2. App attaches Circle Paymaster data (including EIP‑2612 permit) to

   paymasterAndData

   .
3. Submit to a shared‑mempool bundler; Circle Paymaster pulls USDC and settles native gas under the hood.

You’ll find the exact builder/permit fields and supported chains in Circle’s docs; note the fee behavior change after June 30, 2025. (circle.com)

---

WaaS (Wallet‑as‑a‑Service): how to pick a provider

Below are practical evaluation angles with current, verifiable data points.

Coinbase CDP Embedded Wallets (self‑custodial)

• Pricing: $0.005 per “wallet operation”; 5,000 free ops/month; operations include create, sign, broadcast. GA Oct 15, 2025. (docs.cdp.coinbase.com)
• Capabilities: pre‑generate wallets before login; up to 30 accounts per user (EOA, smart, Solana); OAuth/email/SMS logins; US jurisdictions can earn USDC rewards on balances. (docs.cdp.coinbase.com)
• Fit: fintechs and consumer apps that want Coinbase‑grade compliance and infra, with passkey‑style UX. (coindesk.com)

Fireblocks WaaS (MPC; embedded and direct custody)

• MPC wallets across hot/warm/cold tiers; TEEs + policy engine; 50+ blockchains; integrates AML/KYT and staking APIs. Strong enterprise controls and governance. (fireblocks.com)
• Fit: enterprises needing MPC, separation of duties, and insurance pathways out of the box.

Privy (embedded wallets + unified login)

• Transparent pricing with 100k free monthly tx, then usage‑based as low as $0.001/txn at enterprise scale; MAU‑tiered plans for early stages. (privy.io)
• Fit: apps that want low‑level signing APIs, passkeys, and flexible identity without owning custody infra.

Sequence (ecosystem wallets, TEEs, Smart Sessions)

• TEE‑backed signers with public attestation; per‑app “Smart Sessions” sandboxes; SDKs for Web/Mobile/Unity/Unreal; single address across an ecosystem. Architecture uses enclave‑backed co‑signers (2/2) rather than traditional MPC. (docs.sequence.xyz)
• Fit: gaming and multi‑app ecosystems that need one identity with strict per‑app permission boundaries.

What to ask every vendor:

• Evidence of Shared Mempool participation or partnering bundlers; passkey/WebAuthn support across platforms; audit history and public attestations; session‑key policy granularity; and exportability if you later switch providers. (docs.erc4337.io)

---

Implementation blueprint (30–60 days)

Week 1–2: Foundations

• Pick Pattern A (4337 smart accounts) or Pattern B (7702 front + 4337 spine).
• Select WaaS and paymaster strategy (sponsored vs USDC pay). Confirm EntryPoint version support and Shared Mempool connectivity. (docs.erc4337.io)

Week 2–3: Keys and permissions

• Implement passkey login (WebAuthn). Store device‑scoped session keys for “one‑click” flows; store automation keys in your backend’s TEE or KMS with narrow permissions. (biometricupdate.com)
• Add ERC‑7715 request flow for wallet‑managed sessions; fall back to your own session‑key module if not supported by a user’s wallet. (eips.ethereum.org)

Week 3–4: Gas and transactions

• Wire a paymaster:
  • Sponsored: your verifying paymaster with budget/velocity policies.
  • USDC gas: Circle Paymaster on supported chains; handle EIP‑2612 permits in your client. (circle.com)
• If possible, upgrade to EntryPoint v0.9 to parallelize signatures. (github.com)

Week 4–6: Reliability, monitoring, and rollout

• Metrics: track validation pass/fail reasons, inclusion latency, bundle sizes, gas refunds, and mempool resubmissions. Alert on spikes and low deposits. (docs.erc4337.io)
• Run guarded canaries with daily caps; simulate all flows with ERC‑7679 builders to prevent vendor coupling and improve replay safety. (eips.ethereum.org)

---

Example: Hybrid EOA flow after Pectra (EIP‑7702 + 4337)

Conceptually:

1. The wallet builds a type‑4 transaction with an authorization list delegating code execution for this tx only.
2. The same intent is wrapped as an ERC‑4337 UserOperation for sponsorship and Shared Mempool inclusion.
3. Post‑tx, the EOA “reverts” to normal—no persistent smart‑wallet deployment required. (theblock.co)

Why you care:

• Preserve existing deposit/whitelist/compliance mappings tied to an address, while unlocking batching and stablecoin gas. This is often decisive for enterprise migrations post‑May 7, 2025. (blog.ethereum.org)

---

Telemetry and SLOs you should hold your team to

• Inclusion SLO: 99.9% of UserOps included within N blocks/minutes on target chains; dual‑submit to multiple bundlers if needed. (docs.erc4337.io)
• Validation SLO: ≥99% of UserOps pass validation on first try; alert on increases in signature/nonce/insufficient‑funds failures.
• Security KPIs: session‑key expiry adherence; failed permission checks; TEE attestation verification rate (for WaaS).
• Paymaster KPIs: rejection reasons, budget utilization, refund variance; deposit runway days.

---

Risk and compliance notes (the unglamorous but critical bits)

• Session keys expand attack surface; treat permission modules like auth code. Use allowlist‑first designs, explicit expiries, and monitor for privilege escalations. A 2025 CVE showed how a session‑key allowlist bug could bypass controls in a popular modular account—design for defense‑in‑depth. (nvd.nist.gov)
• Prefer wallets and WaaS with passkey support; passkeys materially reduce account takeover and support burden compared to passwords and SMS OTP. (biometricupdate.com)
• For regulated environments, pick WaaS providers with TEEs/MPC, clear governance, AML/KYT integrations, and public attestations. Fireblocks and Sequence publish architectural details worth reviewing in diligence. (fireblocks.com)

---

When to call 7Block Labs

• You need to migrate an existing EOA userbase to smart‑wallet UX without address changes (7702 migration).
• You require session‑key policy engineering across web, mobile, and backend agents—with guardrails to avoid foot‑guns highlighted by recent CVEs. (nvd.nist.gov)
• You want predictable cost envelopes using sponsored gas on some actions and USDC gas elsewhere, with parallel paymaster signing to minimize front‑end spinners. (github.com)

We’ll help you design, implement, and operate the stack above—plus build the telemetry to keep it reliable at scale.

---

References and further reading

• EIP‑7702 (Pectra; mainnet May 7, 2025). EF mainnet announcement; overview of the type‑4 transaction and delegated execution. (blog.ethereum.org)
• ERC‑4337 docs: paymasters, censorship resistance, Shared Mempool. (docs.erc4337.io)
• EntryPoint v0.9 release notes:

  paymasterSignature

  , block‑number validity windows. (github.com)
• ERC‑6900 modular accounts; ERC‑7579 interoperable module ecosystem. (eips.ethereum.org)
• ERC‑7715

  wallet_grantPermissions

  ; ERC‑7679 UserOp Builder. (eips.ethereum.org)
• Session‑key implementation guides (Alchemy Account Kit). (alchemy.com)
• Circle Paymaster (USDC gas, pricing timeline, supported chains). (circle.com)
• WaaS providers and updates: Coinbase CDP Embedded Wallets (GA/pricing), Fireblocks WaaS (MPC/TEE), Privy pricing, Sequence architecture and sessions. (coinbase.com)

---

Bottom line

The fastest path to a “no‑gas‑anxiety” UX today is a modular smart account with session keys, a Shared‑Mempool bundler, and a paymaster strategy (sponsored and/or USDC gas), wrapped in a WaaS you trust. EIP‑7702 lets you deliver that without breaking addresses; EntryPoint v0.9 reduces latency; ERC‑7715/7679 reduce lock‑in. Ship it—and measure it—like a modern platform. (blog.ethereum.org)