As an app developer, choosing the right custody solution for your users has never been more complex—or more important. The landscape of Ethereum Virtual Machine (EVM)-compatible chains and Layer 2s (L2s) has expanded dramatically, and with it, the range of wallet solutions. Today, the three primary wallet architectures developers encounter are:
Externally Owned Accounts (EOAs)
Smart Contract Wallets (sometimes called “smart accounts”)
MPC (Multi-Party Computation) Wallets (often provided through Wallet as a Service)
Each approach has unique security, trust, and performance characteristics. Below, we’ll break down how these wallets work, their trade-offs, and why you might choose one over the other in 2025.
EOAs are the original account type on Ethereum and remain the only accounts that can natively initiate transactions in the EVM. Historically, most users’ first foray into Ethereum was through an EOA—if you remember the old days of MetaMask, that was an EOA experience.
Simplicity & Self-Custody: EOAs are straightforward to set up and can be entirely self-custodied—your users control the private key or seed phrase, no third parties required.
Native Transaction Initiation: EOAs directly submit transactions to the network without needing an additional relayer.
Single Point of Failure: Losing the seed phrase or private key means permanently losing access to the account and any associated funds.
User Liability: Full self-custody can be intimidating. Many users inadvertently expose their keys, or fail to back them up properly.
Recognizing these challenges, developers have spent significant effort creating solutions that preserve the performance and usability of EOAs while mitigating the catastrophic risk of losing a single key.
Developers building mobile-first dApps that prioritize speed, multi-chain compatibility, and full user ownership should consider EOAs. This model is best suited for projects that require direct blockchain interactions without added complexity. However, implementing a secure key backup and recovery system is essential to mitigate risks associated with private key loss.
A smart contract wallet is simply a smart contract that holds funds and enforces custom rules around how transactions are authorized. Although they’ve existed conceptually for years, widespread adoption only picked up recently, partly due to changes in gas economics and the emergence of EIP-4337.
Account Abstraction: Under EIP-4337, transactions from smart contract wallets can be bundled and relayed to the network, circumventing the requirement that only EOAs can initiate transactions.
Programmable Security: You can implement more flexible authentication schemes (e.g., social recovery, multiple signers, rate limits) that go beyond traditional ECDSA signatures.
Lower Costs on L2s: With most transaction volume moving to cheaper, faster L2s, the additional gas overhead of a smart contract wallet has decreased, making them more viable.
Deployment on Multiple Chains: In a multi-chain environment, you must deploy your wallet contract on each chain you wish to support. This is both costly and introduces complications around deterministic deployment.
Higher Overhead: Despite recent improvements, smart contract wallets generally incur higher gas costs than simple EOAs.
Ownership: Often, the smart contract wallets are wholly owned by the provider and are only ‘rented’ out to developers. The EOAs that control smart contract wallets are predominantly custodied by third party providers.
Developers seeking programmable security features, such as social recovery and multi-signature authorization, should consider smart contract wallets. However, they must carefully assess provider dependency, ownership limitations, and wallet and transaction fees as they scale. While smart contract wallets effectively address many UX and security challenges of EOAs, they introduce additional complexity, particularly for developers looking to enable seamless cross-chain interactions from day one.
MPC wallets operate similarly to EOAs but split the underlying private key among multiple parties. In this scheme, no single party possesses the entire private key.
Cross-Chain Compatibility: Because they still appear on-chain as a standard EOA, you can reuse the same address on multiple chains without additional contracts or deployments.
Key Recovery: Splitting the key among multiple parties (e.g., the user, a trusted provider, and perhaps another backup) allows for more robust recovery options in case of a lost share.
Trust in the MPC Provider: You rely on the provider to be honest and to have implemented the cryptographic protocols correctly.
Continued dependence on MPC Providers: All onchain activities route through the MPC provider, which means that users and wallets can be throttled or even censored.
Proprietary Implementations: Many MPC solutions are not open source, so you’re trusting a “black box” for critical cryptographic functions.
MPC wallets are ideal for developers who need cross-chain compatibility without deploying smart contract wallets on every chain. However, like smart contract wallets, they come with trade-offs—developers must trust the provider’s security model, uptime, and overall control over the wallet. When evaluating an MPC solution, it’s crucial to assess the provider’s reputation, technical expertise, and commitment to transparency—especially if their code is not open for independent audits.
With so many custody models—each having its own benefits and drawbacks—it might seem that a “perfect” solution is still out of reach. Ideally, we’d all use hyper-secure EOAs that:
Don’t require a separate wallet per chain
Offer robust back up and recovery options
Can leverage modern hardware security
At RallyProtocol, we’ve taken major steps toward that vision by developing an EOA-centric solution that incorporates hardware-backed security and cloud-based backups.
By 2025, virtually all mobile devices (iOS and Android) come equipped with a secure compute element—a tamper-resistant chip that can securely generate, store, and handle cryptographic keys. We use this hardware to:
Encrypt EOAs on-device
Backup Encrypted Keys to the Cloud
If a user loses their phone, the encrypted key can be restored from the cloud but remains unusable without the secure enclave found on modern devices. This significantly reduces the risk of losing access.
For larger balances, you could still employ a hybrid model:
Use an EOA (secured by hardware + cloud backups) for day-to-day transactions.
Pair it as one signer in a smart contract wallet for additional security measures (e.g., multi-signature, third-party backups).
Because these are still EOAs, there’s no need to deploy new contracts each time you expand to a different L2 or sidechain. That means your app can go cross-chain on day one without incurring additional contract deployment costs or complications.
By removing third-party reliance, developers gain full control over their app, users, and data—ensuring they, not third parties, retain the value they create.
By 2025, the choice of custody solution for EVM-based dApps is broader than ever:
EOAs remain the simplest, fastest way to interact with EVM chains—especially with hardware-backed, native cloud-restored solutions.
Smart Contract Wallets offer programmable security and account abstraction, at the cost of higher deployment complexity.
MPC Wallets promise EOA-like performance with shared key management but depend heavily on trusting the MPC provider.
At RallyProtocol, we believe a robust, hardware-enabled EOA strategy strikes the best balance between security, usability, and flexibility—especially in a multi-chain world. By leaning on secure enclaves and encrypted cloud backups, we’ve dramatically reduced the most significant risks to EOA-based self-custody.
If you’re building a next-generation dApp, consider how you can leverage these evolving custody approaches to deliver a more secure, seamless experience for your users.
RallyProtocol is an open and permissionless onchain mobile toolkit that features embedded wallets and gasless transactions. Our mission is to enable developers to create seamless, end-to-end onchain experiences for native mobile apps while ensuring self-custody, security, and full developer sovereignty. Whether you're building an iOS or Android app in Flutter, Unity, React Native, Expo, Swift, or Kotlin, our tools empower developers to create better onchain mobile experiences quickly and easily.
Want to learn more? Dive into our developer documentation here.
Collect this post as an NFT.
