Gas Sponsorship (Account Abstraction)
CloudBank sponsors gas fees for users through ERC-4337 Account Abstraction, removing the requirement for users to hold BNB for transaction fees. This is critical for onboarding Web2 users who may not have native tokens.
Architecture Overview
The gas sponsorship system is built on the ERC-4337 standard, which separates transaction validation from execution through a set of specialized contracts.
Core Contracts
EntryPoint v0.6
The canonical ERC-4337 EntryPoint contract deployed at:
0x5FF137D4b0FDCD49DcA30c7CF57E578a026d2789This is the singleton entry point for all UserOperations on the chain. It handles validation, execution, and gas accounting for all bundled operations.
CloudBankVerifyingPaymaster
The paymaster contract is CloudBank's custom implementation that decides which UserOperations to sponsor. It uses off-chain ECDSA signature verification to authorize sponsorship.
Verification Flow
- The user constructs a UserOperation (target, calldata, gas limits).
- The frontend sends the UserOp to CloudBank's paymaster API.
- The API evaluates sponsorship eligibility and, if approved, signs the UserOp hash with the paymaster's private key.
- The signed
paymasterAndDatafield is attached to the UserOp. - The bundler submits the UserOp to the EntryPoint.
- The EntryPoint calls
validatePaymasterUserOp()on the paymaster contract, which recovers the signer and verifies it matches the authorized key.
Features
| Feature | Description |
|---|---|
| Sender Allowlist | Optional whitelist of wallet addresses eligible for sponsorship. When enabled, only listed addresses receive gas sponsorship. |
| Daily Sponsor Limit | Per-sender daily cap on sponsored gas, preventing abuse by any single account. Resets at midnight UTC. |
| Stake Management | The paymaster maintains an ETH/BNB stake with the EntryPoint as required by the ERC-4337 spec. Admin functions handle deposit and withdrawal of the stake. |
Signature Scheme
The paymaster signature covers:
- Sender address
- Nonce
- Valid-until timestamp
- Valid-after timestamp
- Paymaster-specific data (sponsor limit remaining, etc.)
This ensures each sponsorship authorization is time-bounded and non-replayable.
BEP-414 Fallback
For scenarios where ERC-4337 is not optimal, CloudBank also supports BEP-414, BSC's native gas sponsorship proposal. BEP-414 allows a designated sponsor to pay gas fees at the protocol level without requiring the UserOperation abstraction layer.
When BEP-414 is Used
- Simple token transfers that do not require batched operations.
- Interactions with contracts that are not yet compatible with smart contract wallets.
- Fallback when the ERC-4337 bundler is temporarily unavailable.
BEP-414 operates at the transaction level rather than the UserOperation level, making it simpler but less flexible than the full AA pipeline.
UserOperation Lifecycle
Operational Considerations
- Stake Monitoring — The paymaster's EntryPoint deposit must be kept above the minimum stake threshold. Automated alerts trigger when the balance drops below a configured warning level.
- Key Rotation — The paymaster signing key can be rotated without redeploying the contract by updating the authorized signer address.
- Rate Limiting — The backend paymaster API applies its own rate limiting independently of the on-chain daily sponsor limit, providing defense in depth against abuse.