// GLOSSARY -- BLOCKCHAIN & CRYPTO FUNDAMENTALS

What is Externally Owned Account (EOA)?

1 min read Updated

An Externally Owned Account (EOA) is a blockchain account controlled by a private key held by a person or system — as opposed to a contract account which is controlled by smart contract code.

WHY IT MATTERS

Ethereum has two account types: EOAs and Contract Accounts. EOAs are controlled by whoever holds the private key. They can initiate transactions, sign messages, and hold ETH and tokens. Every human user interacts with Ethereum through an EOA.

The limitation: EOAs have no programmable logic. They can't enforce spending rules, require multi-sig, or implement recovery mechanisms natively. This is why account abstraction (ERC-4337) is significant — it brings smart contract capabilities to user accounts.

For AI agents, EOAs are the simplest wallet type but the most dangerous to give direct access to. An agent with an EOA's private key has unrestricted access to all funds.

HOW POLICYLAYER USES THIS

PolicyLayer addresses the EOA limitation for agents. Instead of giving an agent an EOA's private key (unrestricted access), PolicyLayer uses session keys and smart contract policies to give agents limited, controlled access — the programmability that raw EOAs lack.

FREQUENTLY ASKED QUESTIONS

EOA vs Contract Account?
EOAs are controlled by private keys and can initiate transactions. Contract Accounts are controlled by code and can only respond to transactions. EOAs are simple but inflexible.
What is account abstraction?
A paradigm that replaces EOAs with smart contract wallets, enabling programmable accounts with features like social recovery, gas sponsorship, and batch transactions (ERC-4337).
Can EOAs enforce spending limits?
Not natively. EOAs have binary access — full control or no control. Spending limits require a smart contract layer on top, which is what PolicyLayer and account abstraction provide.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.