A bundler is the off-chain infrastructure component in ERC-4337 that bridges user intent with on-chain execution, functioning as the equivalent of a block builder for account abstraction operations.

Role in the ERC-4337 Pipeline

Bundlers operate an alternative mempool that receives UserOperations from users and wallets. Their primary responsibilities include validating operations through local simulation, enforcing ERC-4337 storage access rules, aggregating multiple valid operations into efficient batches, and submitting these batches as single transactions to the EntryPoint contract.

Simulation and Validation

Before including a UserOperation in a bundle, the bundler simulates the operation locally. This simulation calls validateUserOp on the smart account and validatePaymasterUserOp on any associated paymaster. The simulation enforces strict storage access rules — validation functions may only access storage slots associated with the sender account, preventing operations that could pass simulation but fail on-chain due to state changes between simulation and execution.

Security Implications

Bundlers are not a security layer — they enforce protocol conformance, not application logic. A common misconception is that bundler validation provides security guarantees. In reality, any UserOperation that passes validateUserOp will be executed by the EntryPoint regardless of whether the operation is economically harmful to the account owner. The bundler protects itself from griefing (operations that waste gas without paying for it) but does not protect users from logic vulnerabilities in their own account contracts.

Bundlers can also silently reject operations that violate storage access rules without providing clear error messages, making debugging difficult for teams whose validation logic reads from unauthorized storage slots.