EIP-7702 Session Keys: Secure AI Agent Wallets on Ethereum
Table of Contents
Table of Contents
Share

Private key compromises drove 88% of Q1 2025 crypto losses. EIP-7702 session keys give AI agent wallets scoped, time-bound permissions that keep master keys in cold storage.
Frequently Asked Questions
- ERC-4337 introduced account abstraction via a separate mempool and bundler infrastructure without changing the Ethereum protocol. EIP-7702 embeds smart wallet capabilities directly at the protocol level by letting existing EOAs delegate execution to a contract address using a new transaction type. EIP-7702 is simpler for upgrading existing EOAs; ERC-4337 remains more mature for deploying new smart accounts from scratch. Both can coexist: ERC-4337 paymasters can sponsor gas for EIP-7702 delegated accounts.
- Yes. That is the core value proposition of EIP-7702. Your existing EOA signs a delegation authorization tuple that points to a smart wallet contract supporting session key logic. Your address does not change and assets do not need to migrate. After Ethereum's Pectra upgrade in May 2025, Wintermute tracked nearly 190,000 EIP-7702 delegations on mainnet, confirming rapid adoption. No asset migration is required and the master key stays in cold storage throughout.
- The wallet owner calls a revokeSessionKey function that deletes the permission struct from on-chain storage. This takes effect in the next block, which is typically 12 seconds on Ethereum mainnet. Revocation must be enforced on-chain, not only in the SDK layer. Wire your monitoring pipeline to trigger revocation automatically on anomalous gas patterns or unexpected contract calls. With $3.4 billion stolen across the ecosystem in 2025 and private key compromise the leading attack vector, fast on-chain revocation is non-negotiable for any production agent wallet.
- Session keys work on any EVM-compatible chain that supports EIP-7702 or smart wallet contracts. ZeroDev operates across 130 or more networks including Arbitrum, Base, Optimism, and Polygon. The permission struct itself is chain-agnostic, but you must bind each session key policy to a specific chainId in the signed delegation hash to prevent cross-chain replay attacks where a key authorized for mainnet gets replayed on a different network.
- Session key validation adds roughly 20,000 to 40,000 gas per transaction for on-chain permission checks. At typical Ethereum L1 gas prices that translates to approximately 0.01 to 0.03 USD per transaction. On L2 networks the cost is fractions of a cent. For most agent wallet use cases the overhead is acceptable given the security guarantees: scoped access, on-chain expiry enforcement, and instant revocation without exposing the master key.
Don't Miss What's Next
Subscribe to newsletter
EIP-7702
session keys
AI agent wallet
smart wallet security
account abstraction
Get in Touch
Our team will get back to you within 24 hours.

















