Smart Accounts

Every SnowMind user gets their own non-custodial smart account. Your funds stay in your account at all times — SnowMind never holds custody.

Why Smart Accounts?

A normal wallet (EOA) requires manual signing for every transaction. A smart account is a smart contract acting as the user's wallet, with programmable rules:

• Your funds stay in your own smart account
• SnowMind's AI agent gets a limited session key that can only call approved DeFi protocol functions
• The agent can rebalance yields but can never steal funds

ZeroDev Kernel v3.1

ERC-4337 Transaction Flow

AI Agent creates UserOperation
        ↓
Pimlico Bundler validates and bundles UserOp
        ↓
EntryPoint contract receives the bundle
        ↓
EntryPoint → Kernel.validateUserOp()
        ↓
Kernel routes to Permission Validator (session key)
        ↓
Permission Validator checks:
  ✓ Signature valid for this session key?
  ✓ Target contract is whitelisted?
  ✓ Function selector is whitelisted?
  ✓ Rate limit not exceeded?
  ✓ Timestamp within valid window?
        ↓
All pass → Execute → Protocol interaction
Any fail → Reject UserOp

Defense in Depth

Layer 1: Session Key Scoping (on-chain, EVM-enforced)
         → Only approved contracts + functions
         → Rate limits, time bounds, gas caps

Layer 2: TWAP + Cross-Validation (off-chain)
         → 15-min smoothed rates, DefiLlama cross-check
         → 25% APY sanity cap

Layer 3: Allocator Constraints (off-chain)
         → 7.5% TVL cap per protocol
         → Profitability gate (daily gain > gas)

Layer 4: Application Security (off-chain)
         → AES-256-GCM session key encryption at rest
         → Authenticated API access
         → Rate limiting

Layer 5: Emergency (user-controlled)
         → Withdraw full balance at any time
         → Direct smart account access via master key
         → Works even if SnowMind backend is down

Key Infrastructure