EOA wallet limits
An EOA is one key for everything.
Identity, custody, signing, recovery — all bound to a single private key.
address = keccak(pubkey)[12:] contract Account is ERC-725 + LSP6 + LSP1 If you're dealing with EOA wallet limits, the LUKSO route is LSP0 + LSP3 + LSP6. A Universal Profile is an account contract. Controllers (LSP6) sign for it; profile metadata (LSP3) describes it; LSP1 hooks let it react. The address survives controller rotation.
Why this breaks
An EOA is address = keccak(pubkey)[12:]. The private key signs, owns, and identifies the
account. There is no social fallback, no time-locked recovery, no rotating authority, no
profile metadata, no app-readable identity — those are product problems wallet vendors have
to solve outside the account.
Dapps cannot ask for limited authority in a standard account-level way. Profile information usually lives in app databases or separate protocols. Gas, recovery, and device management become product problems outside the account.
What people try
Hardware wallets
Better key custody. Same fundamental model — one key still signs everything.
Custodial backends
Privy, Magic, Web3Auth. Trade self-custody for a reset-password experience.
Wallet SDKs that mimic accounts
RainbowKit, wagmi connectors. Smooth UX over the same EOA primitive.
ENS for identity, app DBs for profile
Identity layer separate from custody. App-by-app profile state.
How LSP solves it
A Universal Profile is an account contract. It stores profile metadata through ERC-725Y and LSP3, delegates control through LSP6 Key Manager controllers, reacts to interactions through LSP1, and supports relay execution through LSP25.
The account is a user-owned object apps can read and interact with, rather than just an address controlled by one key. Add a controller, remove a controller, rotate a controller — the address is the same. The profile is the same. The history is the same.