On Ethereum, there are two kinds of accounts: Externally Owned Accounts (EOA) and Contract Accounts (CA).
Externally Owned Account (EOA)
An EOA is an account derived from a public–private key pair—for example, an address you create with MetaMask.
The public key (and its derived address) is used to receive assets and to verify signatures. The private key is used to sign transactions and prove you control the account. It must be kept strictly secret: if it leaks, someone else can fully control your assets.
To submit a transaction on-chain, you typically need to:
- Hold enough native token (e.g. ETH) to pay for gas
- Sign the transaction with your private key
- Wait for the network to confirm it
Contract Account (CA)
A Contract Account is an on-chain address where contract bytecode has been deployed. It is not directly “owned” by a private key in the same way as an EOA; its behavior is defined by contract code.
- Every action follows the contract's logic, which enables flexible, programmable behavior
- You can implement advanced features—multisig wallets, permission rules, automated flows, and more
Limits of EOAs and CAs—and Account Abstraction
Both account types have trade-offs. EOAs depend on a single private key: if it is lost or exposed, funds are usually unrecoverable, and out of the box they do not support rich features like batched transactions or custom security policies. Contract accounts cannot initiate transactions by themselves; they need an EOA (or another account) to call them first.
To address these trade-offs, Account Abstraction (AA) aims to give an account both the ability to initiate transactions and programmable control—bridging EOA usage with smart-contract–style flexibility.