A paymaster is a smart contract in the ERC-4337 account abstraction system that takes responsibility for paying Ethereum gas fees on behalf of a user. Without a paymaster, every Ethereum transaction must be funded by ETH held in the sending account. With a paymaster, a third party — an app developer, protocol, or fee-abstraction service — can cover gas costs, accept payment in ERC-20 tokens instead of ETH, or subsidize transactions for new users entirely.
Paymasters are a key component of the ERC-4337 architecture alongside bundlers and smart accounts. Together they enable account abstraction: making crypto wallets programmable, composable, and user-friendly without changes to the Ethereum protocol layer.
How Paymasters Work
The following sections cover this in detail.
ERC-4337 Architecture Recap
Under ERC-4337, users sign UserOperations (UserOps) — intent objects that describe what they want to do — rather than standard Ethereum transactions. UserOps are collected by a bundler, which submits them on-chain through a singleton EntryPoint contract. The EntryPoint coordinates with the user’s smart account and (optionally) a paymaster to execute the operation.
Paymaster Execution Flow
- User signs a UserOperation specifying optional paymaster address + paymaster data
- Bundler submits the UserOp bundle to the EntryPoint
- EntryPoint calls
validatePaymasterUserOpon the paymaster contract — the paymaster checks its own rules (is this user whitelisted? is the ERC-20 payment valid? is the sponsored operation valid?) and returnscontextfor post-op - EntryPoint executes the user’s operation via their smart account
- EntryPoint calls
postOpon the paymaster after execution — the paymaster handles any cleanup, ERC-20 token charging, or logging
Paymaster Types
| Type | How Gas Is Paid |
|---|---|
| Sponsoring paymaster | Protocol/app pays all gas on behalf of user — fully gasless |
| ERC-20 paymaster | User pays gas in USDC, DAI, or any ERC-20 token; paymaster converts to ETH |
| Allowance paymaster | Paymaster covers gas up to a preset limit per user/session |
| Verifying paymaster | Paymaster verifies a signature from an off-chain service before sponsoring |
Paymaster Deposit (Staking)
Paymasters must pre-deposit ETH into the EntryPoint contract’s DepositManager. The EntryPoint deducts gas costs from this deposit during execution. This prevents paymasters from sponsoring transactions they can’t actually pay for — the funds must be available before execution begins. Paymasters can also stake ETH to get higher throttling limits from bundlers.
Why Paymasters Matter
The following sections cover this in detail.
Removing Onboarding Friction
The biggest barrier for new crypto users is needing ETH before doing anything. With a paymaster:
- A new user can receive an NFT without holding ETH
- A DeFi app can subsidize first transactions for acquisition
- A game can issue in-game assets without users ever buying gas tokens
Token-Denominated Gas
ERC-20 paymasters let protocols offer their own token as a gas currency — or let users pay in stablecoins. Wallets like Safe, Biconomy, and ZeroDev support USDC gas payment via ERC-20 paymasters.
Subscription Models
Verifying paymasters can enforce off-chain business logic: check that a subscription is active, that a user has completed KYC, or that they’re within a rate limit — before sponsoring. This keeps subscription logic off-chain while settlement remains trustless.
Major Paymaster Providers
Several infrastructure providers offer paymaster-as-a-service:
- Biconomy: Gasless transactions via their managed paymaster network; supports ERC-20 payment and session keys
- Pimlico:
verifyingPaymasterand ERC-20 paymaster infrastructure; integrates with permissionless.js - ZeroDev: Kernel smart accounts with managed paymaster sponsorship
- Alchemy Gas Manager: Paymaster API with usage policies (per-user quotas, contract allowlisting)
- Coinbase Developer Platform: Paymaster for Base ecosystem onboarding
Security Considerations
Paymasters introduce a new trust relationship. Key risks:
- DoS via paymaster bypass: If
validatePaymasterUserOpdoesn’t properly validate, an attacker could drain the paymaster deposit by submitting many operations that pass validation but fail on-chain - Signature replay: Verifying paymasters must include nonce or expiry in signed data, or the same paymaster signature could be reused
- ERC-20 price manipulation: ERC-20 paymasters that accept spot prices for token→ETH conversion can be manipulated by price oracle attacks — proper paymasters use TWAP oracles or Chainlink
- Deposit draining: Malicious bundlers could craft operations that bloat gas costs, draining the paymaster deposit faster than expected — ERC-4337 includes gas limits to mitigate this
History
- 2021 — ERC-4337 first proposed by Vitalik Buterin et al. as a way to achieve account abstraction without EVM changes; paymasters included from the initial design.
- 2023, March — EntryPoint v0.6 audited and deployed to mainnet. Paymasters operational.
- 2024 — EntryPoint v0.7 introduces efficiency improvements including changes to paymaster deposit handling.
- 2024–2025 — Ecosystem growth: Biconomy, Pimlico, ZeroDev, Alchemy all launch managed paymaster APIs; ERC-20 paymaster adoption grows, especially on Base and Optimism.
Common Misconceptions
“Gasless transactions mean free transactions.”
Gas is still paid — just not by the user. A paymaster (funded by an app developer or protocol) covers it. Someone always pays.
“Paymasters require changes to Ethereum.”
No — ERC-4337 is entirely built as a smart contract system on top of existing Ethereum. No protocol changes are needed.
Social Media Sentiment
Paymasters are frequently discussed in Web3 developer communities (r/ethdev, Twitter/X developer circles) as one of the most impactful pieces of the account abstraction stack for mainstream adoption. The ability to onboard users without ETH is widely cited as a prerequisite for consumer-facing crypto apps. Criticism focuses on centralization risk — most paymaster providers are centralized off-chain services — and the complexity of auditing paymaster validation logic.
Last updated: 2026-04