What starting position does this attack require?

The first step is Generate thousands of UserOperations (T1078) — a initial access primitive. Assumed environment: target dApp deploys an ERC-4337 paymaster that sponsors any UserOperation matching a permissive validation (e.

What is the final impact of this kill-chain?

The final step lands on Bundler executes — paymaster pays (AA-4337-ENTRYPOINT), which falls under Impact. From here, an operator typically pivots into post-exploitation or maintains persistence.

How can defenders detect or prevent this attack?

Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

← RegistryDossier · 5 steps · 4 edges

Approved

ERC-4337 paymaster sponsor drain

A paymaster sponsors all UserOperations without per-user gas accounting. Spam tiny UserOps from many bundled addresses — paymaster pays the gas until its deposit hits zero.

Filed by AD Knowledge BasePublished 2026-05-26

§ Kill-chainDrag · zoom · scroll

Initial Access

Generate thousands of UserOperations

T1078 · Valid Accounts

Reconnaissance

Identify permissive paymaster

W-RECON-FINGERPRINT · Tech Stack Fingerprinting

Impact

Paymaster deposit hits zero

T1485 · Data Destruction

Impact

Confirm validatePaymasterUserOp doesn't rate-limit

AA-PAYMASTER-DRAIN · Paymaster Sponsor Drain

Impact

Bundler executes — paymaster pays

AA-4337-ENTRYPOINT · ERC-4337 EntryPoint Abuse

§ Context

Assumed environment: target dApp deploys an ERC-4337 paymaster that sponsors any UserOperation matching a permissive validation (e.g. anyone can be sponsored). Paymaster has a real ETH deposit funding sponsorships.

§ Steps

01
Generate thousands of UserOperationsInitial Access
T1078— Valid Accounts
02
Identify permissive paymasterReconnaissance
W-RECON-FINGERPRINT— Tech Stack Fingerprinting
03
Paymaster deposit hits zeroImpact
T1485— Data Destruction
04
Confirm validatePaymasterUserOp doesn't rate-limitImpact
AA-PAYMASTER-DRAIN— Paymaster Sponsor Drain
05
Bundler executes — paymaster paysImpact
AA-4337-ENTRYPOINT— ERC-4337 EntryPoint Abuse

§ References

T1078Valid Accounts
T1485Data Destruction

§ Frequently asked

What is the "ERC-4337 paymaster sponsor drain" attack path?: A paymaster sponsors all UserOperations without per-user gas accounting. Spam tiny UserOps from many bundled addresses — paymaster pays the gas until its deposit hits zero. It chains 5 steps drawn from real-world offensive-security techniques.
What starting position does this attack require?: The first step is Generate thousands of UserOperations (T1078) — a initial access primitive. Assumed environment: target dApp deploys an ERC-4337 paymaster that sponsors any UserOperation matching a permissive validation (e.
What is the final impact of this kill-chain?: The final step lands on Bundler executes — paymaster pays (AA-4337-ENTRYPOINT), which falls under Impact. From here, an operator typically pivots into post-exploitation or maintains persistence.
How can defenders detect or prevent this attack?: Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

ERC-4337 paymaster sponsor drain

§ Context

§ Steps

§ References

§ Frequently asked

§ Related dossiers

Industroyer2 IEC-104 substation hijack

Vesting beneficiary replace → silently drain stream

Trusted updater hijack → wormable destructive payload (NotPetya / M.E.Doc)

F5 BIG-IP iControl auth bypass (CVE-2022-1388) → root on LB

Uninitialised UUPS proxy implementation → brick contracts

Citrix Bleed → steal authenticated session → MFA bypass