npm - @ensuro/account-abstraction - Versions diffs - 0.0.5 → 0.2.0 - Mend

@ensuro/account-abstraction 0.0.5 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/build/contracts/mock/ERC20With2771.sol/artifacts.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+// This file was autogenerated by Hardhat, do not edit it.
+// prettier-ignore
+// tslint:disable
+// eslint-disable
+// biome-ignore format: see above
+export interface ERC20With2771$Type {
+  readonly _format: "hh3-artifact-1";
+  readonly contractName: "ERC20With2771";
+  readonly sourceName: "contracts/mock/ERC20With2771.sol";
+  readonly abi: [{"inputs":[{"internalType":"string","name":"name_","type":"string"},{"internalType":"string","name":"symbol_","type":"string"},{"internalType":"uint256","name":"initialSupply","type":"uint256"},{"internalType":"uint8","name":"decimals_","type":"uint8"},{"internalType":"address","name":"trustedForwarder","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[{"internalType":"address","name":"spender","type":"address"},{"internalType":"uint256","name":"allowance","type":"uint256"},{"internalType":"uint256","name":"needed","type":"uint256"}],"name":"ERC20InsufficientAllowance","type":"error"},{"inputs":[{"internalType":"address","name":"sender","type":"address"},{"internalType":"uint256","name":"balance","type":"uint256"},{"internalType":"uint256","name":"needed","type":"uint256"}],"name":"ERC20InsufficientBalance","type":"error"},{"inputs":[{"internalType":"address","name":"approver","type":"address"}],"name":"ERC20InvalidApprover","type":"error"},{"inputs":[{"internalType":"address","name":"receiver","type":"address"}],"name":"ERC20InvalidReceiver","type":"error"},{"inputs":[{"internalType":"address","name":"sender","type":"address"}],"name":"ERC20InvalidSender","type":"error"},{"inputs":[{"internalType":"address","name":"spender","type":"address"}],"name":"ERC20InvalidSpender","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"owner","type":"address"},{"indexed":true,"internalType":"address","name":"spender","type":"address"},{"indexed":false,"internalType":"uint256","name":"value","type":"uint256"}],"name":"Approval","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"from","type":"address"},{"indexed":true,"internalType":"address","name":"to","type":"address"},{"indexed":false,"internalType":"uint256","name":"value","type":"uint256"}],"name":"Transfer","type":"event"},{"inputs":[{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"spender","type":"address"}],"name":"allowance","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"spender","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"}],"name":"approve","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"account","type":"address"}],"name":"balanceOf","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"decimals","outputs":[{"internalType":"uint8","name":"","type":"uint8"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"forwarder","type":"address"}],"name":"isTrustedForwarder","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"name","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"symbol","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"totalSupply","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"}],"name":"transfer","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"from","type":"address"},{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"}],"name":"transferFrom","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"trustedForwarder","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"}];
+  readonly bytecode: "0x60c060405234801561000f575f5ffd5b50604051610d48380380610d4883398101604081905261002e91610274565b808585600361003d838261039d565b50600461004a828261039d565b5050506001600160a01b031660805260ff821660a05261006a3384610074565b505050505061047c565b6001600160a01b0382166100a25760405163ec442f0560e01b81525f60048201526024015b60405180910390fd5b6100ad5f83836100b1565b5050565b6001600160a01b0383166100db578060025f8282546100d09190610457565b9091555061014b9050565b6001600160a01b0383165f908152602081905260409020548181101561012d5760405163391434e360e21b81526001600160a01b03851660048201526024810182905260448101839052606401610099565b6001600160a01b0384165f9081526020819052604090209082900390555b6001600160a01b03821661016757600280548290039055610185565b6001600160a01b0382165f9081526020819052604090208054820190555b816001600160a01b0316836001600160a01b03167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef836040516101ca91815260200190565b60405180910390a3505050565b634e487b7160e01b5f52604160045260245ffd5b5f82601f8301126101fa575f5ffd5b81516001600160401b03811115610213576102136101d7565b604051601f8201601f19908116603f011681016001600160401b0381118282101715610241576102416101d7565b604052818152838201602001851015610258575f5ffd5b8160208501602083015e5f918101602001919091529392505050565b5f5f5f5f5f60a08688031215610288575f5ffd5b85516001600160401b0381111561029d575f5ffd5b6102a9888289016101eb565b602088015190965090506001600160401b038111156102c6575f5ffd5b6102d2888289016101eb565b94505060408601519250606086015160ff811681146102ef575f5ffd5b60808701519092506001600160a01b038116811461030b575f5ffd5b809150509295509295909350565b600181811c9082168061032d57607f821691505b60208210810361034b57634e487b7160e01b5f52602260045260245ffd5b50919050565b601f82111561039857805f5260205f20601f840160051c810160208510156103765750805b601f840160051c820191505b81811015610395575f8155600101610382565b50505b505050565b81516001600160401b038111156103b6576103b66101d7565b6103ca816103c48454610319565b84610351565b6020601f8211600181146103fc575f83156103e55750848201515b5f19600385901b1c1916600184901b178455610395565b5f84815260208120601f198516915b8281101561042b578785015182556020948501946001909201910161040b565b508482101561044857868401515f19600387901b60f8161c191681555b50505050600190811b01905550565b8082018082111561047657634e487b7160e01b5f52601160045260245ffd5b92915050565b60805160a05161089d6104ab5f395f61011701525f8181610151015281816101b60152610448015261089d5ff3fe608060405234801561000f575f5ffd5b50600436106100a6575f3560e01c8063572b6c051161006e578063572b6c051461014157806370a08231146101815780637da0a877146101a957806395d89b41146101e0578063a9059cbb146101e8578063dd62ed3e146101fb575f5ffd5b806306fdde03146100aa578063095ea7b3146100c857806318160ddd146100eb57806323b872dd146100fd578063313ce56714610110575b5f5ffd5b6100b2610233565b6040516100bf9190610699565b60405180910390f35b6100db6100d63660046106e9565b6102c3565b60405190151581526020016100bf565b6002545b6040519081526020016100bf565b6100db61010b366004610711565b6102e6565b60405160ff7f00000000000000000000000000000000000000000000000000000000000000001681526020016100bf565b6100db61014f36600461074b565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0390811691161490565b6100ef61018f36600461074b565b6001600160a01b03165f9081526020819052604090205490565b6040516001600160a01b037f00000000000000000000000000000000000000000000000000000000000000001681526020016100bf565b6100b2610313565b6100db6101f63660046106e9565b610322565b6100ef61020936600461076b565b6001600160a01b039182165f90815260016020908152604080832093909416825291909152205490565b6060600380546102429061079c565b80601f016020809104026020016040519081016040528092919081815260200182805461026e9061079c565b80156102b95780601f10610290576101008083540402835291602001916102b9565b820191905f5260205f20905b81548152906001019060200180831161029c57829003601f168201915b5050505050905090565b5f5f6102cd610339565b90506102da818585610347565b60019150505b92915050565b5f5f6102f0610339565b90506102fd858285610359565b6103088585856103da565b506001949350505050565b6060600480546102429061079c565b5f5f61032c610339565b90506102da8185856103da565b5f610342610437565b905090565b61035483838360016104a1565b505050565b6001600160a01b038381165f908152600160209081526040808320938616835292905220545f198110156103d457818110156103c657604051637dc7a0d960e11b81526001600160a01b038416600482015260248101829052604481018390526064015b60405180910390fd5b6103d484848484035f6104a1565b50505050565b6001600160a01b03831661040357604051634b637e8f60e11b81525f60048201526024016103bd565b6001600160a01b03821661042c5760405163ec442f0560e01b81525f60048201526024016103bd565b610354838383610573565b5f36601480821080159061047357507f00000000000000000000000000000000000000000000000000000000000000006001600160a01b031633145b156104995761048636828403815f6107d4565b61048f916107fb565b60601c9250505090565b339250505090565b6001600160a01b0384166104ca5760405163e602df0560e01b81525f60048201526024016103bd565b6001600160a01b0383166104f357604051634a1406b160e11b81525f60048201526024016103bd565b6001600160a01b038085165f90815260016020908152604080832093871683529290522082905580156103d457826001600160a01b0316846001600160a01b03167f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b9258460405161056591815260200190565b60405180910390a350505050565b6001600160a01b03831661059d578060025f8282546105929190610848565b9091555061060d9050565b6001600160a01b0383165f90815260208190526040902054818110156105ef5760405163391434e360e21b81526001600160a01b038516600482015260248101829052604481018390526064016103bd565b6001600160a01b0384165f9081526020819052604090209082900390555b6001600160a01b03821661062957600280548290039055610647565b6001600160a01b0382165f9081526020819052604090208054820190555b816001600160a01b0316836001600160a01b03167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef8360405161068c91815260200190565b60405180910390a3505050565b602081525f82518060208401528060208501604085015e5f604082850101526040601f19601f83011684010191505092915050565b80356001600160a01b03811681146106e4575f5ffd5b919050565b5f5f604083850312156106fa575f5ffd5b610703836106ce565b946020939093013593505050565b5f5f5f60608486031215610723575f5ffd5b61072c846106ce565b925061073a602085016106ce565b929592945050506040919091013590565b5f6020828403121561075b575f5ffd5b610764826106ce565b9392505050565b5f5f6040838503121561077c575f5ffd5b610785836106ce565b9150610793602084016106ce565b90509250929050565b600181811c908216806107b057607f821691505b6020821081036107ce57634e487b7160e01b5f52602260045260245ffd5b50919050565b5f5f858511156107e2575f5ffd5b838611156107ee575f5ffd5b5050820193919092039150565b80356bffffffffffffffffffffffff198116906014841015610841576bffffffffffffffffffffffff196bffffffffffffffffffffffff198560140360031b1b82161691505b5092915050565b808201808211156102e057634e487b7160e01b5f52601160045260245ffdfea26469706673582212209052ca3b7d16208877574fb8688288b972afaa142be43385402a72663c099d9564736f6c634300081e0033";
+  readonly deployedBytecode: "0x608060405234801561000f575f5ffd5b50600436106100a6575f3560e01c8063572b6c051161006e578063572b6c051461014157806370a08231146101815780637da0a877146101a957806395d89b41146101e0578063a9059cbb146101e8578063dd62ed3e146101fb575f5ffd5b806306fdde03146100aa578063095ea7b3146100c857806318160ddd146100eb57806323b872dd146100fd578063313ce56714610110575b5f5ffd5b6100b2610233565b6040516100bf9190610699565b60405180910390f35b6100db6100d63660046106e9565b6102c3565b60405190151581526020016100bf565b6002545b6040519081526020016100bf565b6100db61010b366004610711565b6102e6565b60405160ff7f00000000000000000000000000000000000000000000000000000000000000001681526020016100bf565b6100db61014f36600461074b565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0390811691161490565b6100ef61018f36600461074b565b6001600160a01b03165f9081526020819052604090205490565b6040516001600160a01b037f00000000000000000000000000000000000000000000000000000000000000001681526020016100bf565b6100b2610313565b6100db6101f63660046106e9565b610322565b6100ef61020936600461076b565b6001600160a01b039182165f90815260016020908152604080832093909416825291909152205490565b6060600380546102429061079c565b80601f016020809104026020016040519081016040528092919081815260200182805461026e9061079c565b80156102b95780601f10610290576101008083540402835291602001916102b9565b820191905f5260205f20905b81548152906001019060200180831161029c57829003601f168201915b5050505050905090565b5f5f6102cd610339565b90506102da818585610347565b60019150505b92915050565b5f5f6102f0610339565b90506102fd858285610359565b6103088585856103da565b506001949350505050565b6060600480546102429061079c565b5f5f61032c610339565b90506102da8185856103da565b5f610342610437565b905090565b61035483838360016104a1565b505050565b6001600160a01b038381165f908152600160209081526040808320938616835292905220545f198110156103d457818110156103c657604051637dc7a0d960e11b81526001600160a01b038416600482015260248101829052604481018390526064015b60405180910390fd5b6103d484848484035f6104a1565b50505050565b6001600160a01b03831661040357604051634b637e8f60e11b81525f60048201526024016103bd565b6001600160a01b03821661042c5760405163ec442f0560e01b81525f60048201526024016103bd565b610354838383610573565b5f36601480821080159061047357507f00000000000000000000000000000000000000000000000000000000000000006001600160a01b031633145b156104995761048636828403815f6107d4565b61048f916107fb565b60601c9250505090565b339250505090565b6001600160a01b0384166104ca5760405163e602df0560e01b81525f60048201526024016103bd565b6001600160a01b0383166104f357604051634a1406b160e11b81525f60048201526024016103bd565b6001600160a01b038085165f90815260016020908152604080832093871683529290522082905580156103d457826001600160a01b0316846001600160a01b03167f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b9258460405161056591815260200190565b60405180910390a350505050565b6001600160a01b03831661059d578060025f8282546105929190610848565b9091555061060d9050565b6001600160a01b0383165f90815260208190526040902054818110156105ef5760405163391434e360e21b81526001600160a01b038516600482015260248101829052604481018390526064016103bd565b6001600160a01b0384165f9081526020819052604090209082900390555b6001600160a01b03821661062957600280548290039055610647565b6001600160a01b0382165f9081526020819052604090208054820190555b816001600160a01b0316836001600160a01b03167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef8360405161068c91815260200190565b60405180910390a3505050565b602081525f82518060208401528060208501604085015e5f604082850101526040601f19601f83011684010191505092915050565b80356001600160a01b03811681146106e4575f5ffd5b919050565b5f5f604083850312156106fa575f5ffd5b610703836106ce565b946020939093013593505050565b5f5f5f60608486031215610723575f5ffd5b61072c846106ce565b925061073a602085016106ce565b929592945050506040919091013590565b5f6020828403121561075b575f5ffd5b610764826106ce565b9392505050565b5f5f6040838503121561077c575f5ffd5b610785836106ce565b9150610793602084016106ce565b90509250929050565b600181811c908216806107b057607f821691505b6020821081036107ce57634e487b7160e01b5f52602260045260245ffd5b50919050565b5f5f858511156107e2575f5ffd5b838611156107ee575f5ffd5b5050820193919092039150565b80356bffffffffffffffffffffffff198116906014841015610841576bffffffffffffffffffffffff196bffffffffffffffffffffffff198560140360031b1b82161691505b5092915050565b808201808211156102e057634e487b7160e01b5f52601160045260245ffdfea26469706673582212209052ca3b7d16208877574fb8688288b972afaa142be43385402a72663c099d9564736f6c634300081e0033";
+  readonly linkReferences: {};
+  readonly deployedLinkReferences: {};
+  readonly immutableReferences: {"2301":[{"length":32,"start":337},{"length":32,"start":438},{"length":32,"start":1096}],"14976":[{"length":32,"start":279}]};
+  readonly inputSourceName: "project/contracts/mock/ERC20With2771.sol";
+  readonly buildInfoId: "solc-0_8_30-95f43f1788cfd8898b8023be4a1aea1d69744865";
+};
+import "hardhat/types/artifacts";
+declare module "hardhat/types/artifacts" {
+  interface ArtifactMap {
+    ["ERC20With2771"]: ERC20With2771$Type;
+    ["contracts/mock/ERC20With2771.sol:ERC20With2771"]: ERC20With2771$Type;
+  }
+}

package/contracts/AccessControlAccount.sol CHANGED Viewed

@@ -47,7 +47,7 @@ contract AccessControlAccount is AccessControl, BaseAccount {
    * @param value the value to pass in this call
    * @param func the calldata to pass in this call
    */
-  function execute(address dest, uint256 value, bytes calldata func) external {
+  function execute(address dest, uint256 value, bytes calldata func) external override {
     _requireFromEntryPointOrExecutor();
     Address.functionCallWithValue(dest, func, value);
   }

package/contracts/AccessManagerAccount.sol CHANGED Viewed

@@ -40,7 +40,7 @@ contract AccessManagerAccount is AccessManager, BaseAccount {
    * @param value the value to pass in this call
    * @param func the calldata to pass in this call
    */
-  function execute(address dest, uint256 value, bytes calldata func) external {
+  function execute(address dest, uint256 value, bytes calldata func) external override {
     _requireFromEntryPoint();
     Address.functionCallWithValue(dest, func, value);
   }

package/contracts/ERC2771ForwarderAccount.sol ADDED Viewed

@@ -0,0 +1,187 @@
+// SPDX-License-Identifier: Apache-2.0
+pragma solidity ^0.8.23;
+import {Address} from "@openzeppelin/contracts/utils/Address.sol";
+import {BaseAccount} from "@account-abstraction/contracts/core/BaseAccount.sol";
+import {ECDSA} from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
+import {ERC2771Context} from "@openzeppelin/contracts/metatx/ERC2771Context.sol";
+import {IAccountExecute} from "@account-abstraction/contracts/interfaces/IAccountExecute.sol";
+import {IEntryPoint} from "@account-abstraction/contracts/interfaces/IEntryPoint.sol";
+import {MessageHashUtils} from "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
+import {PackedUserOperation} from "@account-abstraction/contracts/interfaces/PackedUserOperation.sol";
+import {SIG_VALIDATION_SUCCESS, SIG_VALIDATION_FAILED} from "@account-abstraction/contracts/core/Helpers.sol";
+import {UUPSUpgradeable} from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol";
+/**
+ * @title ERC2771ForwarderAccount
+ *
+ * @dev Smart Account that acts as an ERC2771 Trusted Forwarder, forwarding calls to a pre-defined contract
+ *      on behalf of the signer of the userOp.
+ *
+ *      Assumes the target contract is designed to work with ERC2771Context and trusts this account as a forwarder.
+ *
+ *      This contract is designed to be used with an AccessManagedProxy for runtime access control management.
+ *
+ * @custom:security-contact security@ensuro.co
+ * @author Ensuro
+ */
+contract ERC2771ForwarderAccount is UUPSUpgradeable, BaseAccount, IAccountExecute {
+  IEntryPoint private immutable _entryPoint;
+  /// @custom:storage-location erc7201:ensuro.storage.ERC2771ForwarderAccount
+  struct ERC2771ForwarderAccountStorage {
+    mapping(address => ERC2771Context) targets;
+  }
+  // keccak256(abi.encode(uint256(keccak256("ensuro.storage.ERC2771ForwarderAccount")) - 1)) & ~bytes32(uint256(0xff))
+  // solhint-disable-next-line const-name-snakecase
+  bytes32 internal constant ERC2771ForwarderAccountStorageLocation =
+    0x32800a8a254400b8b55434a22b827759dcb96a572133b419f26b7155e3843000;
+  function _getAccountStorage() internal pure returns (ERC2771ForwarderAccountStorage storage $) {
+    // solhint-disable-next-line no-inline-assembly
+    assembly {
+      $.slot := ERC2771ForwarderAccountStorageLocation
+    }
+  }
+  event ExecutorAdded(address indexed executor, ERC2771Context indexed target);
+  event ExecutorRemoved(address indexed executor);
+  error RequiredEntryPointOrExecutor(address sender);
+  error InvalidTarget(ERC2771Context target, address signer);
+  error OnlyExecuteUserOpAllowed();
+  error InvalidCall();
+  constructor(IEntryPoint anEntryPoint) {
+    _entryPoint = anEntryPoint;
+  }
+  // solhint-disable-next-line no-empty-blocks
+  function _authorizeUpgrade(address newImpl) internal view override {}
+  /**
+   * @dev This is a noop, for deployment convenience where an initializer is expected.
+   */
+  //solhint-disable-next-line no-empty-blocks
+  function initialize() external {}
+  // solhint-disable-next-line no-empty-blocks
+  receive() external payable {}
+  function executeBatch(Call[] calldata) external virtual override {
+    revert OnlyExecuteUserOpAllowed();
+  }
+  function execute(address, uint256, bytes calldata) external virtual override {
+    revert OnlyExecuteUserOpAllowed();
+  }
+  function _getSigner(PackedUserOperation calldata userop, bytes32 userOpHash) internal pure returns (address) {
+    bytes32 hash = MessageHashUtils.toEthSignedMessageHash(userOpHash);
+    return ECDSA.recover(hash, userop.signature);
+  }
+  /**
+   * @dev Validates that the user operation is well formed and that the destination is correct. Does not validate signature.
+   * @return call A Call struct containing the call to be made
+   */
+  function _validateAndDecodeCall(
+    PackedUserOperation calldata userOp,
+    bytes32 userOpHash
+  ) internal pure returns (Call memory call) {
+    require(userOp.callData.length >= 56 && bytes4(userOp.callData[0:4]) == this.executeUserOp.selector, InvalidCall());
+    (call.target, call.value, call.data) = abi.decode(userOp.callData[4:], (address, uint256, bytes));
+    if (call.target == address(0)) {
+      // This is an if and not a require to avoid evaluating the _getSigner call in the happy path
+      revert InvalidTarget(ERC2771Context(call.target), _getSigner(userOp, userOpHash));
+    }
+  }
+  function _isAuthorized(address signer, address target) internal view returns (bool) {
+    ERC2771ForwarderAccountStorage storage $ = _getAccountStorage();
+    return $.targets[signer] == ERC2771Context(target);
+  }
+  /**
+   * @notice Add an executor and its corresponding target contract.
+   * @param executor The executor address to add
+   * @param target The ERC2771Context target contract for this executor
+   */
+  function addExecutor(address executor, ERC2771Context target) external {
+    ERC2771ForwarderAccountStorage storage $ = _getAccountStorage();
+    $.targets[executor] = target;
+    emit ExecutorAdded(executor, target);
+  }
+  /**
+   * @notice Remove an executor by setting its target to the zero address.
+   * @param executor The executor address to remove
+   */
+  function removeExecutor(address executor) external {
+    ERC2771ForwarderAccountStorage storage $ = _getAccountStorage();
+    $.targets[executor] = ERC2771Context(address(0));
+    emit ExecutorRemoved(executor);
+  }
+  /// implement template method of BaseAccount
+  function _validateSignature(
+    PackedUserOperation calldata userOp,
+    bytes32 userOpHash
+  ) internal virtual override returns (uint256 validationData) {
+    Call memory call = _validateAndDecodeCall(userOp, userOpHash);
+    address signer = _getSigner(userOp, userOpHash);
+    if (!_isAuthorized(signer, call.target)) {
+      return SIG_VALIDATION_FAILED;
+    }
+    return SIG_VALIDATION_SUCCESS;
+  }
+  /**
+   * @dev Executes a user operation by forwarding the call to the target contract with the signer as the msgSender.
+   *      It re-validates the signature and checks that the signer is authorized. Reverts with InvalidTarget if it isn't.
+   *      The calldata is expected to contain this function's selector followed by an ABI-encoded Call:
+   *         - dest (address): the target contract address (must be the same as _target)
+   *         - value (uint256): the amount of ETH to send with the call
+   *         - func (bytes): the calldata for the target function
+   *
+   * @param userOp The packed user operation containing the call data and signature.
+   * @param userOpHash The hash of the user operation, used for signature verification.
+   */
+  function executeUserOp(PackedUserOperation calldata userOp, bytes32 userOpHash) external override {
+    Call memory call = _validateAndDecodeCall(userOp, userOpHash);
+    address signer = _getSigner(userOp, userOpHash);
+    require(_isAuthorized(signer, call.target), InvalidTarget(ERC2771Context(call.target), signer));
+    Address.functionCallWithValue(call.target, abi.encodePacked(call.data, signer), call.value);
+  }
+  /**
+   * check current account deposit in the entryPoint
+   */
+  function getDeposit() public view returns (uint256) {
+    return entryPoint().balanceOf(address(this));
+  }
+  /**
+   * deposit more funds for this account in the entryPoint
+   */
+  function addDeposit() public payable {
+    entryPoint().depositTo{value: msg.value}(address(this));
+  }
+  /**
+   * withdraw value from the account's deposit
+   * @param withdrawAddress target to send to
+   * @param amount to withdraw
+   */
+  function withdrawDepositTo(address payable withdrawAddress, uint256 amount) public {
+    entryPoint().withdrawTo(withdrawAddress, amount);
+  }
+  /// @inheritdoc BaseAccount
+  function entryPoint() public view virtual override returns (IEntryPoint) {
+    return _entryPoint;
+  }
+}

package/contracts/dependencies/AccessManager.sol CHANGED Viewed

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Contracts (last updated v5.0.0) (access/manager/AccessManager.sol)
+// OpenZeppelin Contracts (last updated v5.1.0) (access/manager/AccessManager.sol)
 pragma solidity ^0.8.20;
@@ -56,8 +56,8 @@ import {FrozenTime} from "./FrozenTime.sol";
  * will be {AccessManager} itself.
  *
  * WARNING: When granting permissions over an {Ownable} or {AccessControl} contract to an {AccessManager}, be very
- * mindful of the danger associated with functions such as {{Ownable-renounceOwnership}} or
- * {{AccessControl-renounceRole}}.
+ * mindful of the danger associated with functions such as {Ownable-renounceOwnership} or
+ * {AccessControl-renounceRole}.
  */
 contract AccessManager is Context, Multicall, IAccessManager {
     using Time for *;
@@ -98,7 +98,15 @@ contract AccessManager is Context, Multicall, IAccessManager {
         uint32 nonce;
     }
+    /**
+     * @dev The identifier of the admin role. Required to perform most configuration operations including
+     * other roles' management and target restrictions.
+     */
     uint64 public constant ADMIN_ROLE = type(uint64).min; // 0
+    /**
+     * @dev The identifier of the public role. Automatically granted to all addresses with no delay.
+     */
     uint64 public constant PUBLIC_ROLE = type(uint64).max; // 2**64-1
     mapping(address target => TargetConfig mode) private _targets;
@@ -109,11 +117,11 @@ contract AccessManager is Context, Multicall, IAccessManager {
     // This should be transient storage when supported by the EVM.
     bytes32 private _executionId;
-    bool private _isFrozen;
+    bool transient _isFrozen;
     /**
-     * @dev Check that the caller is authorized to perform the operation, following the restrictions encoded in
-     * {_getAdminRestrictions}.
+     * @dev Check that the caller is authorized to perform the operation.
+     * See {AccessManager} description for a detailed breakdown of the authorization logic.
      */
     modifier onlyAuthorized() {
         _checkAuthorized();
@@ -425,9 +433,6 @@ contract AccessManager is Context, Multicall, IAccessManager {
      * Emits a {TargetClosed} event.
      */
     function _setTargetClosed(address target, bool closed) internal virtual {
-        if (target == address(this)) {
-            revert AccessManagerLockedAccount(target);
-        }
         _targets[target].closed = closed;
         emit TargetClosed(target, closed);
     }
@@ -457,7 +462,7 @@ contract AccessManager is Context, Multicall, IAccessManager {
         uint48 minWhen = Time.timestamp() + setback;
-        // if call with delay is not authorized, or if requested timing is too soon
+        // If call with delay is not authorized, or if requested timing is too soon, revert
         if (setback == 0 || (when > 0 && when < minWhen)) {
             revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
         }
@@ -483,7 +488,8 @@ contract AccessManager is Context, Multicall, IAccessManager {
     /**
      * @dev Reverts if the operation is currently scheduled and has not expired.
-     * (Note: This function was introduced due to stack too deep errors in schedule.)
+     *
+     * NOTE: This function was introduced due to stack too deep errors in schedule.
      */
     function _checkNotScheduled(bytes32 operationId) private view {
         uint48 prevTimepoint = _schedules[operationId].timepoint;
@@ -502,7 +508,7 @@ contract AccessManager is Context, Multicall, IAccessManager {
         // Fetch restrictions that apply to the caller on the targeted function
         (bool immediate, uint32 setback) = _canCallExtended(caller, target, data);
-        // If caller is not authorised, revert
+        // If call is not authorized, revert
         if (!immediate && setback == 0) {
             revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
         }
@@ -598,7 +604,9 @@ contract AccessManager is Context, Multicall, IAccessManager {
     // ================================================= ADMIN LOGIC ==================================================
     /**
-     * @dev Check if the current call is authorized according to admin logic.
+     * @dev Check if the current call is authorized according to admin and roles logic.
+     *
+     * WARNING: Carefully review the considerations of {AccessManaged-restricted} since they apply to this modifier.
      */
     function _checkAuthorized() private {
         address caller = _msgSender();
@@ -623,7 +631,7 @@ contract AccessManager is Context, Multicall, IAccessManager {
      */
     function _getAdminRestrictions(
         bytes calldata data
-    ) private view returns (bool restricted, uint64 roleAdminId, uint32 executionDelay) {
+    ) private view returns (bool adminRestricted, uint64 roleAdminId, uint32 executionDelay) {
         if (data.length < 4) {
             return (false, 0, 0);
         }
@@ -660,7 +668,7 @@ contract AccessManager is Context, Multicall, IAccessManager {
             return (true, getRoleAdmin(roleId), 0);
         }
-        return (false, 0, 0);
+        return (false, getTargetFunctionRole(address(this), selector), 0);
     }
     // =================================================== HELPERS ====================================================
@@ -685,7 +693,7 @@ contract AccessManager is Context, Multicall, IAccessManager {
     }
     /**
-     * @dev A version of {canCall} that checks for admin restrictions in this contract.
+     * @dev A version of {canCall} that checks for restrictions in this contract.
      */
     function _canCallSelf(address caller, bytes calldata data) private view returns (bool immediate, uint32 delay) {
         if (data.length < 4) {
@@ -698,8 +706,10 @@ contract AccessManager is Context, Multicall, IAccessManager {
             return (_isExecuting(address(this), _checkSelector(data)), 0);
         }
-        (bool enabled, uint64 roleId, uint32 operationDelay) = _getAdminRestrictions(data);
-        if (!enabled) {
+        (bool adminRestricted, uint64 roleId, uint32 operationDelay) = _getAdminRestrictions(data);
+        // isTargetClosed apply to non-admin-restricted function
+        if (!adminRestricted && isTargetClosed(address(this))) {
             return (false, 0);
         }

package/contracts/dependencies/FrozenTime.sol CHANGED Viewed

@@ -88,7 +88,7 @@ library FrozenTime {
     /**
      * @dev Get the current value.
      */
-    function get(Delay self) internal view returns (uint32) {
+    function get(Delay self) internal pure returns (uint32) {
         (uint32 delay, , ) = self.getFull();
         return delay;
     }
@@ -102,7 +102,7 @@ library FrozenTime {
         Delay self,
         uint32 newValue,
         uint32 minSetback
-    ) internal view returns (Delay updatedDelay, uint48 effect) {
+    ) internal pure returns (Delay updatedDelay, uint48 effect) {
         uint32 value = self.get();
         uint32 setback = uint32(Math.max(minSetback, value > newValue ? value - newValue : 0));
         effect = timestamp() + setback;

package/contracts/mock/ERC20With2771.sol ADDED Viewed

@@ -0,0 +1,40 @@
+//SPDX-License-Identifier: Apache-2.0
+pragma solidity ^0.8.0;
+import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
+import {ERC2771Context} from "@openzeppelin/contracts/metatx/ERC2771Context.sol";
+import {Context} from "@openzeppelin/contracts/utils/Context.sol";
+contract ERC20With2771 is ERC20, ERC2771Context {
+  uint8 internal immutable _decimals;
+  constructor(
+    string memory name_,
+    string memory symbol_,
+    uint256 initialSupply,
+    uint8 decimals_,
+    address trustedForwarder
+  ) ERC20(name_, symbol_) ERC2771Context(trustedForwarder) {
+    _decimals = decimals_;
+    _mint(msg.sender, initialSupply);
+  }
+  function decimals() public view virtual override returns (uint8) {
+    return _decimals;
+  }
+  /// @inheritdoc ERC2771Context
+  function _contextSuffixLength() internal view override(Context, ERC2771Context) returns (uint256) {
+    return ERC2771Context._contextSuffixLength();
+  }
+  /// @inheritdoc ERC2771Context
+  function _msgSender() internal view override(Context, ERC2771Context) returns (address) {
+    return ERC2771Context._msgSender();
+  }
+  /// @inheritdoc ERC2771Context
+  function _msgData() internal view override(Context, ERC2771Context) returns (bytes calldata) {
+    return ERC2771Context._msgData();
+  }
+}

package/js/userOp.js CHANGED Viewed

@@ -1,13 +1,13 @@
-const ethers = require("ethers");
+import * as ethers from "ethers";
 const { ZeroAddress } = ethers;
 const defaultAbiCoder = ethers.AbiCoder.defaultAbiCoder();
-function packAccountGasLimits(verificationGasLimit, callGasLimit) {
+export function packAccountGasLimits(verificationGasLimit, callGasLimit) {
   return ethers.toBeHex(verificationGasLimit, 16) + ethers.toBeHex(callGasLimit, 16).slice(2);
 }
-function packUserOp(userOp) {
+export function packUserOp(userOp) {
   const accountGasLimits = packAccountGasLimits(userOp.verificationGasLimit, userOp.callGasLimit);
   const gasFees = packAccountGasLimits(userOp.maxPriorityFeePerGas, userOp.maxFeePerGas);
   let paymasterAndData = "0x";
@@ -32,7 +32,7 @@ function packUserOp(userOp) {
   };
 }
-function packedUserOpAsArray(packedUserOp, includeSignature = true) {
+export function packedUserOpAsArray(packedUserOp, includeSignature = true) {
   if (includeSignature) {
     return [
       packedUserOp.sender,
@@ -59,7 +59,7 @@ function packedUserOpAsArray(packedUserOp, includeSignature = true) {
   }
 }
-function encodeUserOp(userOp, forSignature = true) {
+export function encodeUserOp(userOp, forSignature = true) {
   const packedUserOp = packUserOp(userOp);
   if (forSignature) {
     return defaultAbiCoder.encode(
@@ -94,47 +94,39 @@ function encodeUserOp(userOp, forSignature = true) {
   }
 }
-function getUserOpHash(op, entryPoint, chainId) {
+export function getUserOpHash(op, entryPoint, chainId) {
   const userOpHash = ethers.keccak256(encodeUserOp(op, true));
   const enc = defaultAbiCoder.encode(["bytes32", "address", "uint256"], [userOpHash, entryPoint, chainId]);
   return ethers.keccak256(enc);
 }
-const DefaultsForUserOp = {
+export const DefaultsForUserOp = {
   sender: ZeroAddress,
   nonce: 0,
   initCode: "0x",
   callData: "0x",
-  callGasLimit: 0,
-  verificationGasLimit: 150000, // default verification gas. will add create2 cost (3200+200*length) if initCode exists
-  preVerificationGas: 21000, // should also cover calldata cost.
-  maxFeePerGas: 0,
+  callGasLimit: 0n,
+  verificationGasLimit: 150000n, // default verification gas. will add create2 cost (3200+200*length) if initCode exists
+  preVerificationGas: 21000n, // should also cover calldata cost.
+  maxFeePerGas: 0n,
   maxPriorityFeePerGas: 1e9,
   paymaster: ZeroAddress,
   paymasterData: "0x",
-  paymasterVerificationGasLimit: 3e5,
+  paymasterVerificationGasLimit: 300000n,
   paymasterPostOpGasLimit: 0,
   signature: "0x",
 };
-function signUserOp(op, signer, entryPoint, chainId) {
-  const message = getUserOpHash(op, entryPoint, chainId);
-  const msg1 = Buffer.concat([
-    Buffer.from("\x19Ethereum Signed Message:\n32", "ascii"),
-    Buffer.from(arrayify(message)),
-  ]);
-  const sig = ecsign(keccak256_buffer(msg1), Buffer.from(arrayify(signer.privateKey)));
-  // that's equivalent of:  await signer.signMessage(message);
-  // (but without "async"
-  const signedMessage1 = toRpcSig(sig.v, sig.r, sig.s);
+export async function signUserOp(op, signer, entryPoint, chainId) {
+  const userOpHash = getUserOpHash(op, entryPoint, chainId);
+  const signature = await signer.signMessage(ethers.getBytes(userOpHash));
   return {
     ...op,
-    signature: signedMessage1,
+    signature,
   };
 }
-function fillUserOpDefaults(op, defaults = DefaultsForUserOp) {
+export function fillUserOpDefaults(op, defaults = DefaultsForUserOp) {
   const partial = { ...op };
   // we want "item:undefined" to be used from defaults, and not override defaults, so we must explicitly
   // remove those so "merge" will succeed.
@@ -147,14 +139,3 @@ function fillUserOpDefaults(op, defaults = DefaultsForUserOp) {
   const filled = { ...defaults, ...partial };
   return filled;
 }
-module.exports = {
-  packAccountGasLimits,
-  packUserOp,
-  packedUserOpAsArray,
-  encodeUserOp,
-  getUserOpHash,
-  DefaultsForUserOp,
-  signUserOp,
-  fillUserOpDefaults,
-};

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@ensuro/account-abstraction",
   "description": "ERC-4337 related contracts by the Ensuro Team",
-  "version": "0.0.5",
+  "version": "0.2.0",
   "files": [
     "**/*.sol",
     "/build",