OpenZeppelin · Amxx · Feb 7, 2024 · Feb 7, 2024 · Feb 7, 2024 · Feb 7, 2024
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
@@ -66,6 +66,8 @@ jobs:
         run: bash scripts/upgradeable/transpile.sh
       - name: Run tests
         run: npm run test
+        env:
+          UNLIMITED: true
       - name: Check linearisation of the inheritance graph
         run: npm run test:inheritance
       - name: Check storage layout

diff --git a/contracts/abstraction/account/Account.sol b/contracts/abstraction/account/Account.sol
@@ -0,0 +1,145 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {PackedUserOperation, IAccount, IAccountExecute, IEntryPoint} from "../../interfaces/IERC4337.sol";
+import {ERC4337Utils} from "./../utils/ERC4337Utils.sol";
+import {SignatureChecker} from "../../utils/cryptography/SignatureChecker.sol";
+import {Address} from "../../utils/Address.sol";
+
+abstract contract Account is IAccount, IAccountExecute {
+    error AccountEntryPointRestricted();
+
+    /****************************************************************************************************************
+     *                                                  Modifiers                                                   *
+     ****************************************************************************************************************/
+
+    modifier onlyEntryPointOrSelf() {
+        if (msg.sender != address(this) && msg.sender != address(entryPoint())) {
+            revert AccountEntryPointRestricted();
+        }
+        _;
+    }
+
+    modifier onlyEntryPoint() {
+        if (msg.sender != address(entryPoint())) {
+            revert AccountEntryPointRestricted();
+        }
+        _;
+    }
+
+    /****************************************************************************************************************
+     *                                                    Hooks                                                     *
+     ****************************************************************************************************************/
+
+    /**
+     * @dev Return the entryPoint used by this account.
+     *
+     * Subclass should return the current entryPoint used by this account.
+     */
+    function entryPoint() public view virtual returns (IEntryPoint);
+
+    /**
+     * @dev Return weither an address (identity) is authorized to operate on this account. Depending on how the
+     * account is configured, this can be interpreted as either the owner of the account (if operating using a single
+     * owner -- default) or as an authorized signer if operating using as a multisig account.
+     *
+     * Subclass must implement this using their own access control mechanism.
+     */
+    function _isAuthorized(address) internal view virtual returns (bool);
+
+    /**
+     * @dev Recover the signer for a given signature and user operation hash. This function does not need to verify
+     * that the recovered signer is authorized.
+     *
+     * Subclass must implement this using their own choice of cryptography.
+     */
+    function _recoverSigner(bytes32 userOpHash, bytes calldata signature) internal view virtual returns (address);
+
+    /****************************************************************************************************************
+     *                                               Public interface                                               *
+     ****************************************************************************************************************/
+
+    /**
+     * @dev Return the account nonce for the canonical sequence.
+     */
+    function getNonce() public view virtual returns (uint256) {
+        return entryPoint().getNonce(address(this), 0);
+    }
+
+    /**
+     * @dev Return the account nonce for a given sequence (key).
+     */
+    function getNonce(uint192 key) public view virtual returns (uint256) {
+        return entryPoint().getNonce(address(this), key);
+    }
+
+    /// @inheritdoc IAccount
+    function validateUserOp(
+        PackedUserOperation calldata userOp,
+        bytes32 userOpHash,
+        uint256 missingAccountFunds
+    ) public virtual onlyEntryPoint returns (uint256 validationData) {
+        (bool valid, , uint48 validAfter, uint48 validUntil) = _processSignature(userOpHash, userOp.signature);
+        _validateNonce(userOp.nonce);
+        _payPrefund(missingAccountFunds);
+        return ERC4337Utils.packValidationData(valid, validAfter, validUntil);
+    }
+
+    /// @inheritdoc IAccountExecute
+    function executeUserOp(PackedUserOperation calldata userOp, bytes32 /*userOpHash*/) public virtual onlyEntryPoint {
+        Address.functionDelegateCall(address(this), userOp.callData[4:]);
+    }
+
+    /****************************************************************************************************************
+     *                                             Internal mechanisms                                              *
+     ****************************************************************************************************************/
+
+    /**
+     * @dev Process the signature is valid for this message.
+     * @param userOpHash  - Hash of the request that must be signed (includes the entrypoint and chain id)
+     * @param signature   - The user's signature
+     * @return valid      - Signature is valid
+     * @return signer     - Address of the signer that produced the signature
+     * @return validAfter - first timestamp this operation is valid
+     * @return validUntil - last timestamp this operation is valid. 0 for "indefinite"
+     */
+    function _processSignature(
+        bytes32 userOpHash,
+        bytes calldata signature
+    ) internal view virtual returns (bool valid, address signer, uint48 validAfter, uint48 validUntil) {
+        address recovered = _recoverSigner(userOpHash, signature);
+        return (recovered != address(0) && _isAuthorized(recovered), recovered, 0, 0);
+    }
+
+    /**
+     * @dev Validate the nonce of the UserOperation.
+     * This method may validate the nonce requirement of this account.
+     * e.g.
+     * To limit the nonce to use sequenced UserOps only (no "out of order" UserOps):
+     *      `require(nonce < type(uint64).max)`
+     *
+     * The actual nonce uniqueness is managed by the EntryPoint, and thus no other
+     * action is needed by the account itself.
+     *
+     * @param nonce to validate
+     */
+    function _validateNonce(uint256 nonce) internal view virtual {}
+
+    /**
+     * @dev Sends to the entrypoint (msg.sender) the missing funds for this transaction.
+     * SubClass MAY override this method for better funds management
+     * (e.g. send to the entryPoint more than the minimum required, so that in future transactions
+     * it will not be required to send again).
+     * @param missingAccountFunds - The minimum value this method should send the entrypoint.
+     *                              This value MAY be zero, in case there is enough deposit,
+     *                              or the userOp has a paymaster.
+     */
+    function _payPrefund(uint256 missingAccountFunds) internal virtual {
+        if (missingAccountFunds > 0) {
+            (bool success, ) = payable(msg.sender).call{value: missingAccountFunds}("");
+            success;
+            //ignore failure (its EntryPoint's job to verify, not account.)
+        }
+    }
+}
diff --git a/contracts/abstraction/account/ERC7579Account.sol b/contracts/abstraction/account/ERC7579Account.sol
@@ -0,0 +1,233 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {Account} from "./Account.sol";
+import {Address} from "../../utils/Address.sol";
+import {ERC1155Holder} from "../../token/ERC1155/utils/ERC1155Holder.sol";
+import {ERC721Holder} from "../../token/ERC721/utils/ERC721Holder.sol";
+import {IEntryPoint} from "../../interfaces/IERC4337.sol";
+import {IERC165, ERC165} from "../../utils/introspection/ERC165.sol";
+import {IERC1271} from "../../interfaces/IERC1271.sol";
+import {IERC7579Execution, IERC7579AccountConfig, IERC7579ModuleConfig} from "../../interfaces/IERC7579Account.sol";
+import {IERC7579Module, MODULE_TYPE_EXECUTOR} from "../../interfaces/IERC7579Module.sol";
+import {ERC7579Utils, Execution, Mode, CallType, ExecType} from "../utils/ERC7579Utils.sol";
+
+abstract contract ERC7579Account is
+    IERC165, // required by erc-7579
+    IERC1271, // required by erc-7579
+    IERC7579Execution, // required by erc-7579
+    IERC7579AccountConfig, // required by erc-7579
+    IERC7579ModuleConfig, // required by erc-7579
+    Account,
+    ERC165,
+    ERC721Holder,
+    ERC1155Holder
+{
+    using ERC7579Utils for *;
+
+    IEntryPoint private immutable _entryPoint;
+
+    event ERC7579TryExecuteUnsuccessful(uint256 batchExecutionindex, bytes result);
+    error ERC7579UnsupportedCallType(CallType callType);
+    error ERC7579UnsupportedExecType(ExecType execType);
+    error MismatchModuleTypeId(uint256 moduleTypeId, address module);
+    error UnsupportedModuleType(uint256 moduleTypeId);
+    error ModuleRestricted(uint256 moduleTypeId, address caller);
+    error ModuleAlreadyInstalled(uint256 moduleTypeId, address module);
+    error ModuleNotInstalled(uint256 moduleTypeId, address module);
+
+    modifier onlyModule(uint256 moduleTypeId) {
+        if (!isModuleInstalled(moduleTypeId, msg.sender, msg.data)) {
+            revert ModuleRestricted(moduleTypeId, msg.sender);
+        }
+        _;
+    }
+
+    constructor(IEntryPoint entryPoint_) {
+        _entryPoint = entryPoint_;
+    }
+
+    receive() external payable {}
+
+    function entryPoint() public view virtual override returns (IEntryPoint) {
+        return _entryPoint;
+    }
+
+    /// @inheritdoc IERC165
+    function supportsInterface(
+        bytes4 interfaceId
+    ) public view virtual override(IERC165, ERC165, ERC1155Holder) returns (bool) {
+        // TODO: more?
+        return super.supportsInterface(interfaceId);
+    }
+
+    /// @inheritdoc IERC1271
+    function isValidSignature(bytes32 hash, bytes calldata signature) public view returns (bytes4 magicValue) {
+        (bool valid, , uint48 validAfter, uint48 validUntil) = _processSignature(hash, signature);
+        return
+            (valid && validAfter < block.timestamp && (validUntil == 0 || validUntil > block.timestamp))
+                ? IERC1271.isValidSignature.selector
+                : bytes4(0);
+    }
+
+    /****************************************************************************************************************
+     *                                              ERC-7579 Execution                                              *
+     ****************************************************************************************************************/
+
+    /// @inheritdoc IERC7579Execution
+    function execute(bytes32 mode, bytes calldata executionCalldata) public virtual onlyEntryPoint {
+        _execute(Mode.wrap(mode), executionCalldata);
+    }
+
+    /// @inheritdoc IERC7579Execution
+    function executeFromExecutor(
+        bytes32 mode,
+        bytes calldata executionCalldata
+    ) public virtual onlyModule(MODULE_TYPE_EXECUTOR) returns (bytes[] memory) {
+        return _execute(Mode.wrap(mode), executionCalldata);
+    }
+
+    function _execute(
+        Mode mode,
+        bytes calldata executionCalldata
+    ) internal virtual returns (bytes[] memory returnData) {
+        // TODO: ModeSelector? ModePayload?
+        (CallType callType, ExecType execType, , ) = mode.decodeMode();
+
+        if (callType == ERC7579Utils.CALLTYPE_SINGLE) {
+            (address target, uint256 value, bytes calldata callData) = executionCalldata.decodeSingle();
+            returnData = new bytes[](1);
+            returnData[0] = _execute(0, execType, target, value, callData);
+        } else if (callType == ERC7579Utils.CALLTYPE_BATCH) {
+            Execution[] calldata executionBatch = executionCalldata.decodeBatch();
+            returnData = new bytes[](executionBatch.length);
+            for (uint256 i = 0; i < executionBatch.length; ++i) {
+                returnData[i] = _execute(
+                    i,
+                    execType,
+                    executionBatch[i].target,
+                    executionBatch[i].value,
+                    executionBatch[i].callData
+                );
+            }
+        } else if (callType == ERC7579Utils.CALLTYPE_DELEGATECALL) {
+            (address target, bytes calldata callData) = executionCalldata.decodeDelegate();
+            returnData = new bytes[](1);
+            returnData[0] = _executeDelegate(0, execType, target, callData);
+        } else {
+            revert ERC7579UnsupportedCallType(callType);
+        }
+    }
+
+    function _execute(
+        uint256 index,
+        ExecType execType,
+        address target,
+        uint256 value,
+        bytes memory data
+    ) private returns (bytes memory) {
+        if (execType == ERC7579Utils.EXECTYPE_DEFAULT) {
+            (bool success, bytes memory returndata) = target.call{value: value}(data);
+            Address.verifyCallResult(success, returndata);
+            return returndata;
+        } else if (execType == ERC7579Utils.EXECTYPE_TRY) {
+            (bool success, bytes memory returndata) = target.call{value: value}(data);
+            if (!success) emit ERC7579TryExecuteUnsuccessful(index, returndata);
+            return returndata;
+        } else {
+            revert ERC7579UnsupportedExecType(execType);
+        }
+    }
+
+    function _executeDelegate(
+        uint256 index,
+        ExecType execType,
+        address target,
+        bytes memory data
+    ) private returns (bytes memory) {
+        if (execType == ERC7579Utils.EXECTYPE_DEFAULT) {
+            (bool success, bytes memory returndata) = target.delegatecall(data);
+            Address.verifyCallResult(success, returndata);
+            return returndata;
+        } else if (execType == ERC7579Utils.EXECTYPE_TRY) {
+            (bool success, bytes memory returndata) = target.delegatecall(data);
+            if (!success) emit ERC7579TryExecuteUnsuccessful(index, returndata);
+            return returndata;
+        } else {
+            revert ERC7579UnsupportedExecType(execType);
+        }
+    }
+
+    /****************************************************************************************************************
+     *                                         ERC-7579 Account and Modules                                         *
+     ****************************************************************************************************************/
+
+    /// @inheritdoc IERC7579AccountConfig
+    function accountId() public view virtual returns (string memory) {
+        //vendorname.accountname.semver
+        return "@openzeppelin/contracts.erc7579account.v0-beta";
+    }
+
+    /// @inheritdoc IERC7579AccountConfig
+    function supportsExecutionMode(bytes32 encodedMode) public view virtual returns (bool) {
+        (CallType callType, , , ) = Mode.wrap(encodedMode).decodeMode();
+        return
+            callType == ERC7579Utils.CALLTYPE_SINGLE ||
+            callType == ERC7579Utils.CALLTYPE_BATCH ||
+            callType == ERC7579Utils.CALLTYPE_DELEGATECALL;
+    }
+
+    /// @inheritdoc IERC7579AccountConfig
+    function supportsModule(uint256 /*moduleTypeId*/) public view virtual returns (bool) {
+        return false;
+    }
+
+    /// @inheritdoc IERC7579ModuleConfig
+    function installModule(
+        uint256 moduleTypeId,
+        address module,
+        bytes calldata initData
+    ) public virtual onlyEntryPointOrSelf {
+        if (!IERC7579Module(module).isModuleType(moduleTypeId)) revert MismatchModuleTypeId(moduleTypeId, module);
+        _installModule(moduleTypeId, module, initData);
+        /// TODO: silent unreachable and re-enable this event
+        // emit ModuleInstalled(moduleTypeId, module);
+    }
+
+    /// @inheritdoc IERC7579ModuleConfig
+    function uninstallModule(
+        uint256 moduleTypeId,
+        address module,
+        bytes calldata deInitData
+    ) public virtual onlyEntryPointOrSelf {
+        _uninstallModule(moduleTypeId, module, deInitData);
+        /// TODO: silent unreachable and re-enable this event
+        // emit ModuleUninstalled(moduleTypeId, module);
+    }
+
+    /// @inheritdoc IERC7579ModuleConfig
+    function isModuleInstalled(
+        uint256 /*moduleTypeId*/,
+        address /*module*/,
+        bytes calldata /*additionalContext*/
+    ) public view virtual returns (bool) {
+        return false;
+    }
+
+    /****************************************************************************************************************
+     *                                                    Hooks                                                     *
+     ****************************************************************************************************************/
+
+    function _installModule(uint256 moduleTypeId, address /*module*/, bytes calldata /*initData*/) internal virtual {
+        revert UnsupportedModuleType(moduleTypeId);
+    }
+
+    function _uninstallModule(
+        uint256 moduleTypeId,
+        address /*module*/,
+        bytes calldata /*deInitData*/
+    ) internal virtual {
+        revert UnsupportedModuleType(moduleTypeId);
+    }
+}