The "Trojan Horse" in the Ethereum Fusaka Upgrade: How to Turn Billions of Phones into Hardware Wallets?

You Already Have a Hardware Wallet in Your Pocket

Everyday devices like smartphones and computers are equipped with dedicated security chips. For instance, iPhones feature the Secure Enclave, while Android devices use Keystore, Trust Zone, or StrongBox.

This independent physical zone is known as the TEE (Trusted Execution Environment). Its core principle is “input only, no output”: private keys are generated and remain inside, never leaving this physical area. External applications can only request it to sign data.

This setup aligns with the standard for hardware wallets. These chips typically use an industry-standard cryptographic curve selected by NIST (National Institute of Standards and Technology): secp256r1. This same standard underpins WebAuthn and FIDO2 authentication, such as fingerprint and FaceID logins.

A One-Letter Divide with Major Consequences

However, Ethereum does not natively support the widely adopted secp256r1.

Historically, the Bitcoin community, concerned about potential “national-level backdoors” in NIST curves, opted for the less common secp256k1. Ethereum inherited this approach when designing its account system.

Although r1 and k1 differ by just one letter, they are mathematically distinct. This creates a significant challenge: the security chip in your phone cannot directly sign Ethereum transactions because it does not understand Ethereum’s cryptography.

If Hardware Can’t Change, Make This Version Compatible

Ethereum cannot force Apple or Samsung to redesign their chips for secp256k1 compatibility. The only viable path is for Ethereum to adapt to secp256r1.

Could smart contracts be used to verify r1 signatures? In theory, yes—but the computations are so complex that a single verification could consume hundreds of thousands of Gas, making it economically unfeasible.

To address this, the Fusaka upgrade introduced a game-changer: precompiled contracts. This approach embeds the verification logic directly into the Ethereum Virtual Machine (EVM) client code, bypassing the need for step-by-step computation. Developers can simply call a designated address to perform verification at minimal cost.

Under EIP-7951, this verification cost is fixed at 6,900 Gas, slashing it from hundreds of thousands to just a few thousand—finally making everyday use feasible.

The Final Piece of Account Abstraction

With this EIP implemented, it is now possible to authorize smart account signatures for Ethereum directly within a phone’s TEE environment.

Importantly, this does not apply to current MetaMask EOA addresses, as their public key logic still relies on k1.

This solution is tailored for Account Abstraction (AA wallets). In the future, wallets will no longer rely on mnemonic phrases, but will operate as smart contracts. The contract code might specify:

“If this fingerprint (r1 signature) is validated, then transfers are permitted.”

Conclusion

EIP-7951 may not eliminate mnemonic phrases overnight, but it removes the largest roadblock to Ethereum’s mainstream adoption.

Previously, users faced a harsh choice: To achieve “institutional-grade” self-custody, you needed to purchase a OneKey, Keystone, or Ledger and safeguard your mnemonic phrase. For the smoothest experience, you had to store assets on an exchange or custodial wallet. This meant relinquishing control and sacrificing decentralization.

After the Fusaka upgrade, this trade-off will no longer exist.

With EIP-7951 in place, using your phone as a hardware wallet becomes a reality. For the next billion users, there will no longer be a need to understand private keys or endure the stress of writing down 12 words.

Instead, users can simply scan their face or fingerprint, and the iPhone’s security chip will use secp256r1 to sign transactions, which Ethereum’s precompiled contract will then verify.

This is the right approach for Ethereum to reach its next billion users: not by demanding users master complex cryptography, but by embracing universal internet standards and meeting users where they are.

Disclaimer:

1. This article is republished from [nake13], with copyright belonging to the original author [nake13]. If you have any concerns regarding this republication, please contact the Gate Learn team, and we will respond promptly according to our procedures.
2. The views and opinions expressed in this article are those of the author alone and do not constitute investment advice.
3. Other language versions of this article are translated by the Gate Learn team. Unless Gate is specifically mentioned, reproduction or distribution of the translated content is not permitted.