ModuleSDK now supports 12 Core Modules and Smart Sessions

TL;DR

One of the key upsides of modular smart accounts is that they are highly customizable, allowing developers to reuse pre-built components that extend the feature set of the account. For example, install a module that turns the account into a Multisig, or a single signer with Passkeys, or install a set of modules that create DeFi automations with the Scheduled Order module.

ModuleSDK is a game changer for any application developer who wishes to build products with modular smart accounts:

• Build with smart account features that are account-agnostic.
• Build with an ever-growing library of modules.
• Pair with offchain services, like Rhinestone Automations, to take your product to the next level!

The ModuleSDK is an important distribution mechanism for developers building products powered by modules that can be plugged directly into any wallet. ZK Email and Klaster are early examples of teams building modules we plan to incorporate into the ModuleSDK. Another example is the Smart Session Manager, a highly composable and interoperable session keys framework we co-developed with Biconomy. Smart Sessions is now integrated with the ModuleSDK and can be easily used at the application layer with a few simple lines of code.

Introduction

ModuleSDK is a TypeScript library that simplifies the integration of smart account modules into the application layer. It specifically targets developers building a dapp or wallet on Rhinestone-supported smart accounts. Today, we support any ERC-7579 account (including the Kernel by ZeroDev, Nexus by Biconomy, OKX AA wallet, Prime by Etherspot, and many other unannounced accounts) and Safe via the Safe7579 Adapter.

If you are looking for a library of features to integrate with your smart account, ModuleSDK is your answer. Currently, the ModuleSDK supports all Rhinestone’s Core Modules, including the common account abstraction features like passkeys, social recovery, multi-sig, and more advanced features like flash loans and scheduled orders (the full set of Core Modules are below).

The ModuleSDK is also the first developer tool to support the Smart Session Manager, a powerful session key module that allows developers to request user-scoped permissions. This novel session key product is highly composable, interoperable across any ERC-7579 account (including Safe), and can support any signing mechanisms (e.g., passkeys or an embedded signer) across multiple chains in one atomic action for the user. This permission framework is portable across smart accounts and dapps, allowing developers to build once and service any ERC-7579 smart wallet.

ModuleSDK vs. regular AA SDKs

There are many SDKs for account abstraction. However, ModuleSDK is unique in its function and built to be coupled with existing AA SDKs.

Most account abstraction SDKs that exist today primarily focus on basic account actions (deploy, send userOp, sign a message, etc), bundler actions (send userOp, gas estimation, retrieving transaction receipts, etc), and paymaster actions (setting up sponsorship policies, sponsoring userOps, etc). For example, Permissionless.js is a TypeScript library built on Viem for building with ERC-4337 smart accounts, bundlers, paymasters, and user operations. It is smart account- and bundler-agnostic. The Biconomy Account Abstraction SDK and ZeroDev SDK provide similar functions with limited modules, such as an ECDSA validator (for embedded signer integration) and Passkeys.

ModuleSDK is complementary to these regular AA SDKs

Modules are self-contained smart contracts that extend the feature set of an existing smart account. By increasing component reuse, modules (and, by extension, modular smart accounts) streamline the development and implementation of new product features.

ModuleSDK allows you to easily install and uninstall modules for any ERC-7579 account, and interact with and use modules with dedicated helper utilities. Each smart account module has a defined interface and bespoke functions. ModuleSDK provides the corresponding TypeScript functions and interfaces to streamline the integration into the application layer.

The ModuleSDK is built to be a companion SDK to regular AA and wallet developer kits. For example, users of permissionless.js can install the ModuleSDK to use our Core Modules and Smart Sessions alongside the Safe smart account and Pimlico’s ERC-4337 infra.

Our intention is to have popular smart account and wallet developer kits wrap the ModuleSDK for core functionalities. For example, both Biconomy’s AA SDK and WalletConnect’s AppKit are using the ModuleSDK under the hood to integrate Smart Sessions. This promotes component reuse, reduces repeated efforts across teams maintaining developer frameworks, and provides a canonical integration point for developers looking to build and distribute services linked to smart account modules (as discussed below).

ModuleSDK as a distribution mechanism

Modules allow developers to deliver a service or product directly to the user account. For example, ZK Email has developed a module allowing users to set up a private email recovery flow for a smart account. The module provides a direct interface for smart accounts to ZK Email’s ZK circuit and relay service, hence distributing the product directly to the user.

This will become a common trend for many emerging services that wish to distribute advanced products and services directly to users. However, this presents a couple of challenges; 1) what is the best mechanism for discovery and distribution, and 2) what is the developer experience when integrating services built on modules?

The ModuleSDK is the answer. Developers, such as ZK Email, who are building services on top of modules need only integrate into one toolset to maximize their distribution to applications that can utilize their service. Application developers building with modular accounts need only install one set of tools.

Core Modules

We built a core set of highly configurable modules across many application use cases. These public goods have been built to propel the adoption of modular smart accounts as the next open platform for developers.

Current modules include:

Smart Session Manager: An interoperable and composable module system for creating user-supplied permissions and policies that can be portable across account vendors and applications.

Ownable Validator: This module enables an EOA as a signer for a smart account. It is ideal for product use cases where users are expected to be crypto-native and possess an EOA wallet. Alternatively, it can be combined with MPC providers (embedded signers).

Passkeys: This feature enables a passkey as a signer on a smart account, allowing users to sign cryptographic messages with their biometrics via the secure enclave of their device or use a preferred password manager.

Social Recovery: This allows users to specify one or multiple guardians with an m or n threshold for account recovery. The user sets a guardian by expressing the public address of the guardian.

Multifactor Authentication (MFA): The module is a multiplexer, which allows developers to compose any set of signer modules together. For example, passkeys can be set as the main signer, but passkeys and an ECDSA validation scheme are required when making high-value transfers.

Module Registry Adapter: The Module Registry enforces security guarantees and standards when installing a module on a smart account. The Module Registry stores onchain security attestations made by independent auditors. When installing a new module on the account, the Module Registry Adapter queries the Module Registry and checks that pre-set security thresholds have been met.

Scheduled Transfers: Allows automated transfers to be triggered on a smart account. The user can create a schedule on which a relayer executes the transfers based on parameters like frequency or number of repetitions.

Scheduled Orders: Allows automated token swaps to be triggered on a smart account. The user can create a schedule on which a relayer will execute the swaps based on parameters like frequency or number of repetitions.

Auto Save: This is a more opinionated version of the Schedule Transfer module. It allows a user to automatically transfer a set percentage of any received token to a target ERC-4626 yield-bearing vault.

Deadman Switch: Recover an account after a specified inactive period. The user sets the target recovery address (this could be another smart account or a typical EOA wallet) along with the required period of inactivity.

Ownable Executor: Create a hierarchy ownership structure across smart accounts. This module allows one smart account to have execution rights on another smart account. The execution rights can trigger any transaction with the owner account paying for gas. This can enable automated relationships between DAOs and sub-DAOs or main accounts to sub-accounts.

Cold Storage Hook: Creates timelock and transfer restrictions. It restricts execution on the account in two ways: 1) a timelock period and 2) transfers are limited to just one address.

Flash Loan: A module base found in ModuleKit allows developers to easily create executor modules that tap into flash loan capabilities, as described in ERC-3156. This could be used to create a peer-to-peer rental system without needing an escrow contract or over-collateralization.

Hook Multiplexer: An opinionated router for combining multiple hook modules. Hooks are modules that are triggered before or after execution and can be used to enforce certain smart account behavior. Some examples of hooks include spending limits, white/blacklists, and more. This is an important module for accounts with only one global hook slot.

Conclusion

If you’re building an application (wallet or dapp) on top of a modular smart account, ModuleSDK is your new library of out-of-the-box features, products, and services. Pair with any of the existing account abstraction SDKs and get building today with Rhinestone’s Core Modules and many more third-party modules on the way.

Follow us

• On X @Rhinestonewtf
• Our website
• Our docs
• Get in touch gm@rhinestone.wtf