What is an EOA?
An Externally Owned Account (EOA) is an Ethereum account controlled by a person’s private key — in other words, a regular user wallet. EOAs are distinguished from smart contract accounts, which are controlled by deployed code.
Key Characteristics
- Has a private key: An EOA is generated from a 256-bit private key. Whoever holds the private key controls the account.
- Can initiate transactions: Only EOAs can send transactions on Ethereum. Smart contracts cannot initiate transactions on their own — they can only respond to calls from EOAs (or from other contracts that were ultimately called by an EOA).
- No code: An EOA has no associated bytecode. It is a pure keypair with an ETH balance and optional token balances.
- Gas payer: Every transaction must be paid for (in gas) by an EOA.
EOA vs Smart Contract Account
| Property | EOA | Smart Contract |
|---|---|---|
| Controlled by | Private key | Code (bytecode) |
| Can initiate txns | Yes | No (only EOA can) |
| Has bytecode | No | Yes |
| Address format | Starts with 0x + 40 hex | Starts with 0x + 40 hex |
| Creation | Generated from seed/private key | Deployed via transaction |
Why EOA Matters for Risk Scoring
The distinction between EOA and contract is fundamental to risk assessment:
- EOA risk signals: Phishing activity, mixer interaction, blacklist membership, sanctions status, abnormal outgoing patterns
- Contract risk signals: Unverified source, dangerous functions (
selfdestruct,delegatecall), proxy patterns, honeypot logic, reentrancy vulnerabilities
The Onchain Diary Risk API returns is_contract: false for EOAs and is_contract: true for contract addresses, applying completely different scoring methodologies for each type.
EIP-7702 and Account Abstraction
With EIP-7702 (included in the Pectra upgrade), EOAs can temporarily delegate execution to smart contract code while remaining EOAs. This blurs the traditional EOA/contract distinction. The Risk API includes an eip7702_delegated field to flag these accounts — they are technically EOAs but may exhibit contract-like behavior.