Coinbase Smart Wallet: Passkey & Base Account Guide 2026

Intent check: This page is the smart-wallet and Base-account explainer for Coinbase's passkey model. If you want the practical self-custody walkthrough for the regular Coinbase Wallet app, read How to Use Coinbase Wallet.

Coinbase Smart Wallet (Base Account): The Passkey Era of Self Custody

For a decade, the price of admission to crypto was twelve random words on a sheet of paper, an awkward browser extension, and the constant fear that one wrong click would liquidate your savings. Coinbase Smart Wallet, the product now publicly branded as Base account, set out to dismantle that ritual. It replaces seed phrases with passkeys, gas fees with sponsored transactions, and browser extensions with a tab that just works. Since its June 2024 public launch, it has quietly become the most downloaded onboarding ramp into Base, the Coinbase Layer 2 led by Jesse Pollak, and one of the most cited reference implementations of ERC-4337 account abstraction in production.

This guide is for the trader who keeps losing seed phrases, the developer evaluating account abstraction stacks, and the curious user who heard friends mention passkeys but never understood what the cryptography actually does. We will cover the WebAuthn signing path, the P-256 ECDSA curve that makes mobile chips sign Ethereum transactions natively, the Magic Spend feature that pays gas on your behalf, the new Spend Permissions system for recurring debits, and the sub-account model that lets you split identities without juggling extensions.

By the end you will know how to create a Base account in under sixty seconds, how to recover one if your phone is lost, how it compares with MetaMask, Phantom, and Rabby, and where the honest tradeoffs sit.

What Is Coinbase Smart Wallet?

Coinbase Smart Wallet is a smart contract wallet that authenticates users with WebAuthn passkeys instead of private keys stored on a device. The wallet contract lives on chain, the passkey lives in the secure hardware of your phone or laptop, and a relayer broadcasts your signed user operations to whichever EVM network you choose. The user never sees a seed phrase, never installs an extension, and never copies a private key into a text file.

The product was first announced by Coinbase Wallet in 2024 and entered general availability in June 2024. In late 2025 Coinbase began rolling out the Base account brand, which is the same underlying contract code wrapped in a name that ties the experience to the Base Layer 2 network. From a user standpoint, Smart Wallet and Base account are the same wallet. From a developer standpoint, the JavaScript SDK still ships under the @coinbase/wallet-sdk npm package, and the contract source still lives at github.com/coinbase/smart-wallet.

The wallet is non custodial. Coinbase does not hold a copy of your passkey. If iCloud Keychain, Google Password Manager, Windows Hello, or your hardware security key disappears at the same instant, and you have not configured a recovery key, the funds are unrecoverable. The flip side is that Coinbase, a court order, or a corporate policy change cannot freeze the account in the way a custodial exchange account can be frozen. The trust assumption shifts from a company to a chain of consumer cryptography primitives that were already protecting your bank logins, your email account, and your work single sign on.

A Short History: From Browser Wallet to Smart Account

Coinbase Wallet started life in 2017 as Toshi, an Ethereum browser and chat client. It became Coinbase Wallet in 2018 and shipped a browser extension in 2021 to compete with MetaMask. By 2023, the team had a problem: their own data showed that more than ninety percent of new web3 users abandoned setup at the seed phrase screen. The same problem haunted every wallet on the market, but Coinbase had a unique asset, the Base chain, which Jesse Pollak had launched as an OP Stack Layer 2 in August 2023.

Account abstraction had matured in parallel. ERC-4337, drafted by Vitalik Buterin, Yoav Weiss, and the team at the Ethereum Foundation, went live on mainnet in March 2023. It introduced a new mempool for user operations, a bundler role for packaging them, and an EntryPoint contract that orchestrates the flow. For the first time, a smart contract could be the wallet itself, validate any signature scheme it liked, and pay gas in any token.

Smart Wallet was Coinbase's bet that ERC-4337 plus passkeys would be the combination that finally crossed the chasm. The wallet shipped in preview in March 2024, opened publicly in June 2024, and within a year had become the default option that thousands of Base mini apps presented to users. In late 2025, the rebrand to Base account aligned the wallet with the Base app, an in-app onchain social and finance experience that ships in the main Coinbase mobile application.

How Coinbase Smart Wallet Works Under the Hood

To understand why Smart Wallet feels different, it helps to walk through what happens when you press a single button labeled "Sign in with passkey." The flow touches four layers: the browser WebAuthn API, the operating system secure enclave, the ERC-4337 bundler, and the on chain smart account contract. Each layer was designed by a different community, but they slot together into one experience that takes less than a second.

1. Passkeys, WebAuthn, and the P-256 Curve

A passkey is an asymmetric key pair generated by your device. The private half never leaves the secure enclave, the public half is published to the relying party, which in this case is the wallet contract. When you sign in, the relying party sends a random challenge, the device asks you for biometrics or a PIN, and the secure enclave signs the challenge with the private key. The browser delivers the signature back to the page through the WebAuthn API.

The technical detail that matters for crypto is the curve. Ethereum natively verifies signatures on secp256k1, the curve that backs every externally owned account. Passkeys use secp256r1, sometimes written P-256, because that is the curve baked into every mobile chip, every laptop TPM, and every WebAuthn certified security key on the market. The Smart Wallet contract includes a verifier that can check P-256 signatures on chain using the precompile that landed on Base and Optimism in 2024 and a Solidity fallback library for chains without the precompile.

This sounds like a footnote, but it is the entire reason passkey wallets work. Without on chain P-256 verification, the wallet would have to ship secp256k1 keys to the device, which would defeat the purpose. The combination of RIP-7212, the precompile EIP, and ERC-4337 is what makes Smart Wallet practical at scale.

2. ERC-4337 and the User Operation

When you press Send in a Smart Wallet, the SDK does not produce a transaction. It produces a UserOperation, a struct defined in ERC-4337 that contains the sender, the calldata, the gas limits, the paymaster information, and the signature. The bundler, a node that watches an alternative mempool, packages multiple user operations and submits them to the canonical EntryPoint contract on the target chain. The EntryPoint calls each smart account's validateUserOp function, which is where the P-256 passkey signature is verified, and then dispatches the calldata.

This indirection is what enables every Smart Wallet feature. Gas sponsorship works because the EntryPoint can call a Paymaster contract that agrees to pay for the operation. Batching works because the calldata can contain multiple inner calls. Recovery works because the smart account contract can rotate its authorized public keys without invalidating the on chain address. None of these would be possible on a standard externally owned account.

3. Magic Spend and the Coinbase Paymaster

Magic Spend is the brand name for the Coinbase Paymaster, a contract that sponsors gas on Base, Optimism, Arbitrum, Polygon, and Zora when the user is signed into a Coinbase account. The Paymaster is funded by Coinbase, the dApp developer, or the user, depending on the configuration. From the user perspective, the transaction confirmation modal shows "Free" instead of a gas fee in ETH.

Magic Spend also extends to USDC. If your Smart Wallet has USDC but no ETH on a given network, Magic Spend can settle the gas in USDC by routing through a paymaster that accepts that token. The user signs a single user operation, and the Paymaster handles the conversion. The effect is that you can land on Optimism with only USDC and start swapping immediately, which is the kind of frictionless onboarding that older wallets cannot match without a manual bridge.

For developers, the Coinbase Paymaster exposes an RPC endpoint that returns a sponsorship signature. If you are integrating Smart Wallet through wagmi, viem, or the official SDK, you can flip on Paymaster mode with a single line of config. The cost model is per operation, with free tiers for hackathon projects and small Base mini apps.

4. Sub Accounts, Spend Permissions, and Sessions

Smart Wallet ships two features that older externally owned accounts cannot offer without painful workarounds. Sub accounts let you create child smart accounts that share the same passkey but have different on chain addresses. The parent can fund, freeze, or revoke the child. This is the closest crypto has come to the parent and child account model that everyone uses on Stripe, Plaid, or any consumer bank API.

Spend Permissions let an app request the right to debit a fixed amount per period, with a hard cap, an expiration date, and a callable revoke. This is how a subscription, a recurring deposit into a yield strategy, or an automated dollar cost average can run without you signing every time. The permission is stored on chain, and it can be revoked from the wallet UI in two taps. For an idea of why permissioned spends matter, read our deep dive on Permit2 and modern token approval safety.

How to Create a Coinbase Smart Wallet in 60 Seconds

The selling point in the official launch materials was that account creation takes less than a minute. That claim survives contact with reality because Smart Wallet outsources the slow parts, identity verification and key generation, to systems the user already configured years ago. Here is the exact path from a cold browser tab to a funded wallet.

Steps one through five typically clock in under thirty seconds on a modern device. Steps six and seven are optional for the initial flow. If you only need a fresh address to receive an airdrop or sign into a Farcaster client, you can stop at step five and be done. For a wider walkthrough of where to use this wallet, read our guide on how to use Base chain end to end and our companion piece on what Base chain is and why it matters.

Recovery: What Happens When You Lose the Phone

Loss recovery is the question everyone asks five minutes after the setup demo finishes. The answer depends on how you set up the passkey. There are three meaningful scenarios.

Scenario one: synced passkey, lost device. If your passkey was saved to iCloud Keychain, Google Password Manager, Microsoft Cloud, or 1Password, signing into a new device with the same account restores the passkey automatically. You sign into iCloud on a fresh iPhone, the passkey appears, you authenticate with Face ID, and you are back in the wallet. This is the default flow for ninety percent of consumer users and it works without any crypto specific steps.

Scenario two: device only passkey, lost device. If the passkey was created on a hardware key without sync, or you disabled cloud sync, recovery requires a previously authorized backup signer. Smart Wallet supports multiple owners on a single account, and the official UI nudges you to add a recovery key at setup. The recovery key can be another passkey on a different device, a Coinbase Wallet seed phrase exported from the legacy product, or an externally owned address you control.

Scenario three: no recovery, no sync. If you skip cloud sync and skip recovery, and you lose the only device with the passkey, the wallet is permanently lost. There is no Coinbase customer support reset because Coinbase never had access to the key. This is the same risk profile as losing a seed phrase, except the recovery channels available to you are arguably broader because they include every passkey provider on the market.

Coinbase Smart Wallet vs MetaMask vs Phantom vs Rabby

Every wallet review reduces to a tradeoff between user experience, security model, recovery, chain coverage, and developer ergonomics. Smart Wallet, MetaMask, Phantom, and Rabby each picked a different point on that tradeoff curve. The table below maps the salient differences honestly. None of these wallets is universally better, they target different users and the right answer depends on how much sovereignty, complexity, and convenience you can balance.

A few honest readings of the table. If you need transaction simulation with strong scam detection across every chain, Rabby is still in front. If you live in Solana plus Bitcoin plus a touch of Ethereum, Phantom is unrivaled. If you want every EVM chain ever, every custom RPC, every hardware integration, MetaMask is still the universal hammer. Smart Wallet wins on onboarding friction, gas abstraction, batched calls, and the recovery story. For the deeper Coinbase ecosystem comparison, see the Coinbase vs MetaMask master guide. For a closer look at Rabby's risk previews, read our Rabby Wallet multi chain tutorial.

Apps That Support Coinbase Smart Wallet

A wallet only matters if the apps you use accept it. Smart Wallet has the unusual distinction of being the default option on most Base mini apps, which means once you create one, the friction of opening a new app shrinks to a single passkey prompt. The list below highlights the most active categories and the leading apps in each.

Trading apps in particular benefit from Smart Wallet because the batched call pattern can combine token approval and swap into a single signature. That removes the classic two transaction MetaMask experience that costs gas twice and confuses new users. Smart Wallet also surfaces a structured simulation before signing, similar in spirit to the experience described in our walkthrough on how transaction simulation actually works in modern wallets.

Risks, Tradeoffs, and What Smart Wallet Is Not

No wallet is free. Smart Wallet trades one set of complexity for another, and the only honest review acknowledges the friction it inherits from its design choices. The biggest tradeoff is platform dependency. If your passkey lives in iCloud Keychain, your wallet inherits the trust assumptions of Apple ID security. If it lives in Google Password Manager, you inherit Google account security. The cryptographic key never leaves the device, but the cloud sync layer is a corporate service with its own threat model.

Second, no browser extension means no familiar UI for power users. There is no MetaMask sidebar with the constant balance and the dApp activity timeline. Smart Wallet sessions live inside the page or inside the Coinbase mobile app. For traders who keep five tabs open with five different wallets, this is an adjustment.

Third, smart contract wallets pay slightly higher gas than externally owned accounts because each user operation triggers a contract call rather than a plain transfer. On Base, the difference is fractions of a cent. On Ethereum mainnet, where Smart Wallet is not officially supported as the primary chain, the cost would be more meaningful, which is part of why the L2 first strategy makes sense.

Fourth, signature schemes that legacy dApps assume can break. Some old contracts hardcode ecrecover on secp256k1 and do not accept ERC-1271 contract signatures. Most modern dApps support both, but if a site refuses to sign you in with Smart Wallet, this is the reason. The fix is to wait for the dApp to add ERC-1271 verification or to use a fallback wallet for that one site.

Fifth, on chain risk is unchanged. The wallet does not protect you from approving a malicious contract, sending funds to a poisoned address, or signing a permit that drains your stablecoins. Our guide on how to avoid crypto address poisoning scams and the broader crypto wallet security tips piece apply with equal force to a passkey wallet.

Migrating from MetaMask to Smart Wallet

Migration is not a single button. Smart Wallet generates a fresh address tied to the passkey, so your existing MetaMask address does not become a Smart Wallet address by magic. The practical workflow is two phase: bridge or transfer your active balances to the new Smart Wallet address, then keep the old MetaMask for legacy positions or future cold storage.

Step one, create your Smart Wallet using the sixty second flow above. Step two, copy the new address from the wallet UI. Step three, in MetaMask, send a small test transaction to the new address on the target chain to confirm it works. Step four, send the bulk balance once the test confirms. Step five, decide whether you want to keep MetaMask as a backup signer added to the Smart Wallet, which gives you a hardware key style recovery option without buying a new device.

Bridging from non Base chains is worth a sentence. Smart Wallet works on Optimism, Arbitrum, Polygon, and Zora, so for those chains you can simply move funds to the new address. For Ethereum mainnet, since Smart Wallet does not currently optimize for that chain, the natural move is to bridge to Base or Optimism through the official bridges, the Across protocol, or the Coinbase Onramp which can deliver USDC and ETH directly to Base. Our companion piece on how to use Base chain step by step covers bridging timing and fees in detail.

Self Custody Reality Check

A common confusion is whether Smart Wallet is custodial because Coinbase is the brand on the label. It is not. The smart contract is deployed by Coinbase factories, but Coinbase does not hold a key that can sign transactions on your behalf. The only key that authorizes a user operation is the passkey on your device, plus any additional signers you have explicitly added.

The clean mental model is to think of Smart Wallet as three layers. Layer one, the on chain smart contract, is permissionless and Coinbase cannot shut it off. Layer two, the SDK and the wallet website, are operated by Coinbase but the source code is open and can be self hosted by any developer. Layer three, the passkey, is held by you and your cloud provider. The custody chain ends at the device, which is the textbook definition of self custody.

The corollary is that Coinbase Smart Wallet is not the same as the Coinbase exchange account. The exchange is custodial, regulated, KYC required, subject to court orders. The Smart Wallet is a separate product. Funds in the Smart Wallet are not in your exchange account, do not appear on your exchange balance sheet, and cannot be frozen by exchange compliance.

Pros and Cons Cheat Sheet

Best Practices When Running a Smart Wallet

Smart Wallet shifts the security model, but it does not remove the user's responsibility. The same habits that keep an externally owned account safe apply, with a few new ones for the passkey ecosystem. Treat your iCloud or Google account like you would treat the keys to a safe. Enable two factor on those accounts using a hardware key, not SMS. Review your Spend Permissions monthly and revoke any subscriptions you no longer use. Add at least one recovery signer at setup, not later, because you will forget. Use sub accounts to segregate trading capital from long term holdings, the same way professional traders maintain hot and cold wallets.

If you bridge funds in from Coinbase exchange, check the address twice before confirming. The wallet has a chain selector that can silently send to the wrong network if you click in a hurry. Pin a small balance to the wallet for the first week, run a few low value transactions, and only scale up after the workflow feels natural. The honest reason most users lose funds is impatience during the first session, not a flaw in the wallet itself. The guide on burner wallets for airdrops and meme coins applies just as well to Smart Wallet sub accounts.

Finally, treat the recovery key as you would a hardware backup. Print it, store it in a fire safe, do not photograph it, do not store it in plaintext on a phone. The recovery key is the only way to recreate signer authority if all your synced passkeys disappear at once, and that scenario, while rare, is the one that ends in total loss when ignored.

Frequently Asked Questions

Conclusion: The First Wallet That Feels Like the Internet

Coinbase Smart Wallet, now branded Base account, is the closest the industry has come to a crypto wallet that feels like signing into a normal website. The cryptography is real, the self custody is real, the on chain transparency is real, and the experience is finally close to what regular consumers expect from modern apps. The combination of ERC-4337 smart accounts, P-256 passkeys on the WebAuthn standard, gas sponsorship through Magic Spend, and the Base chain ecosystem creates a stack that lowers the cost of trying crypto to about thirty seconds of attention.

That does not make every other wallet obsolete. MetaMask still dominates on chain coverage and extension UX. Rabby still leads on simulation. Phantom is the home of Solana. The right answer for most users in 2026 is to keep one or two specialized wallets for the chains and use cases they are best at, and to use Smart Wallet as the daily driver for Base, Optimism, Arbitrum, Polygon, and Zora activity. The friction reduction alone justifies the migration for anyone who spends time in the Coinbase ecosystem.

If you have read this far, you have already done the hardest part of crypto, which is paying attention. The next step is small: open a supported dApp, click connect, approve a passkey, and watch your first Base account come to life. From there, you can layer in sub accounts, recovery signers, and Spend Permissions as your needs grow. Pair the experience with our reading list on Ethereum from scratch and how cryptocurrencies actually work if you want to keep building context. The wallet is ready when you are.