A UserOperation is the fundamental data structure in ERC-4337 account abstraction that replaces traditional Ethereum transactions for smart contract wallets.

Structure

A UserOperation contains all the information needed to execute an action on behalf of a smart account:

• sender — the smart account address initiating the operation
• nonce — replay protection counter managed by the EntryPoint
• callData — the encoded function call the account should execute
• callGasLimit — gas allocated for the execution phase
• verificationGasLimit — gas allocated for the validation phase
• preVerificationGas — gas to compensate the bundler for overhead
• maxFeePerGas / maxPriorityFeePerGas — EIP-1559 gas pricing
• signature — the authentication data validated by the smart account
• paymasterAndData — optional paymaster address and associated data
• initCode — optional factory data for deploying the account on first use

Lifecycle

A UserOperation follows a distinct path from creation to execution. The user constructs the operation and submits it to a bundler via an alternative mempool (not the standard Ethereum mempool). The bundler simulates the operation locally, checking that validateUserOp succeeds without violating storage access rules. Valid operations are bundled into a single transaction calling handleOps on the EntryPoint contract, which orchestrates on-chain validation and execution.

Security Considerations

The UserOperation struct introduces unique security properties. The userOpHash computed by the EntryPoint includes the chain ID, EntryPoint address, and full operation contents — making it the correct value to use for signature verification. Teams that re-hash only callData or omit chain binding create cross-chain replay vulnerabilities.

The separation between validation gas and execution gas is also security-relevant. A UserOperation can pass validation (consuming verificationGasLimit) but fail during execution (consuming callGasLimit), with different gas accounting implications for paymasters and bundlers.