Programmable wallets add power and new attack surfaces. A bug in validateUserOp can let anyone drain funds. An upgrade key controlled by a single admin can replace wallet logic silently. Audits and conservative module design are not optional extras.
ERC-4337 adds aggregator contracts and entry-point dependencies that must stay compatible across wallet versions. A wallet that validates signatures correctly but points at a compromised factory address is still unsafe.
Users should treat smart wallets like software with privileges, not magic security boxes. Review guardian lists, understand upgrade rights, and prefer wallets that publish audit reports and open-source their core modules.