After some digging, I realize that I am not able to understand this subject. I understand the source code of ERC4337's entrypoint and how paymasters and wallet contracts are written(mainly SimpleAccount).
Everyone can't stop talking about that ERC4337 allows limitless possibilities such as logging users with web2 way(such as social login). The problem here seems to be that once the SimpleAccount contract is deployed for the userA that signed up with an email, any new times, he signs again, we should be able to verify that if he logged in, then his address that dapp figures out is 100% valid.
If the idTokens returned by social providers(i.e google) were never to be changed, then at least I'd understand that upon signing up the first time, SimpleAccount contract would store the idToken, but since it changes, I am totally lost.
There're projects like particle network and web3auth. Their source code is gigantic, I spent some time on it, but got frustrated.
The question: I am wondering how particle network/web3auth actually use ERC4337 to easy the process ? What does ERC4337 allow them to do that wouldn't be possible before ? all I can understand is these projects both use MPC-TSS/SSS schemes to not store private key shares on a single device. Where does ERC4337 help with ? I'd really, really appreciate the practical, easy to follow answer. Mainly, what's the overall flow starting from user's first click on signup with google, how they use jwt or id token from social providers, what would be impossible to do without ERC4337 and so on ?
