@towns-protocol/contracts 0.0.383 → 0.0.385

package/src/apps/facets/factory/AppFactoryFacet.sol

@@ -3,26 +3,50 @@ pragma solidity ^0.8.29;
 
 // interfaces
 import {IAppFactory} from "./IAppFactory.sol";
-import {ISimpleApp} from "../../helpers/ISimpleApp.sol";
 import {ITownsApp} from "../../ITownsApp.sol";
 
 // libraries
-import {LibClone} from "solady/utils/LibClone.sol";
 import {CustomRevert} from "../../../utils/libraries/CustomRevert.sol";
+import {AppFactoryStorage} from "./AppFactoryStorage.sol";
 
 // contracts
 import {Facet} from "@towns-protocol/diamond/src/facets/Facet.sol";
 import {AppRegistryBase} from "../registry/AppRegistryBase.sol";
+import {OwnableBase} from "@towns-protocol/diamond/src/facets/ownable/OwnableBase.sol";
 import {ReentrancyGuardTransient} from "solady/utils/ReentrancyGuardTransient.sol";
+import {AppFactoryBase} from "./AppFactoryBase.sol";
 
 /// @title AppInstallerFacet
 /// @author Towns Protocol
 /// @notice Facet for installing apps to spaces
-contract AppFactoryFacet is IAppFactory, AppRegistryBase, ReentrancyGuardTransient, Facet {
+contract AppFactoryFacet is
+    IAppFactory,
+    AppRegistryBase,
+    OwnableBase,
+    ReentrancyGuardTransient,
+    Facet,
+    AppFactoryBase
+{
     using CustomRevert for bytes4;
 
-    function __AppFactory_init() external onlyInitializing {
+    function __AppFactory_init(
+        Beacon[] calldata beacons,
+        address entryPoint
+    ) external onlyInitializing {
+        _addBeacons(beacons);
         _addInterface(type(IAppFactory).interfaceId);
+        _setEntryPoint(entryPoint);
+    }
+
+    function createAppByBeacon(
+        bytes32 beaconId,
+        AppParams calldata params
+    ) external payable nonReentrant returns (address app, bytes32 appId) {
+        _validateParams(params);
+
+        app = _createApp(beaconId, params);
+        appId = _registerApp(ITownsApp(app), params.client);
+        emit AppCreated(app, appId);
     }
 
     /// @notice Create an upgradeable simple app contract
@@ -30,23 +54,35 @@ contract AppFactoryFacet is IAppFactory, AppRegistryBase, ReentrancyGuardTransie
     function createApp(
         AppParams calldata params
     ) external payable nonReentrant returns (address app, bytes32 appId) {
-        if (bytes(params.name).length == 0) AppFactory__InvalidAppName.selector.revertWith();
-        if (params.permissions.length == 0) AppFactory__InvalidArrayInput.selector.revertWith();
-        if (params.client == address(0)) AppFactory__InvalidAddressInput.selector.revertWith();
-
-        uint48 duration = _validateDuration(params.accessDuration);
-
-        app = LibClone.deployERC1967BeaconProxy(address(this));
-        ISimpleApp(app).initialize(
-            msg.sender,
-            params.name,
-            params.permissions,
-            params.installPrice,
-            duration,
-            params.client
-        );
+        _validateParams(params);
 
+        bytes32 beaconId = _getDefaultBeaconId();
+        app = _createApp(beaconId, params);
         appId = _registerApp(ITownsApp(app), params.client);
         emit AppCreated(app, appId);
     }
+
+    function addBeacons(Beacon[] calldata beacons) external onlyOwner {
+        _addBeacons(beacons);
+    }
+
+    function removeBeacons(bytes32[] calldata beaconIds) external onlyOwner {
+        _removeBeacons(beaconIds);
+    }
+
+    function setEntryPoint(address entryPoint) external onlyOwner {
+        _setEntryPoint(entryPoint);
+    }
+
+    function getBeacon(bytes32 beaconId) external view returns (address beacon) {
+        return _getBeacon(beaconId);
+    }
+
+    function getBeacons() external view returns (bytes32[] memory beaconIds) {
+        return _getBeacons();
+    }
+
+    function getEntryPoint() external view returns (address entryPoint) {
+        entryPoint = AppFactoryStorage.getLayout().entryPoint;
+    }
 }

package/src/apps/facets/factory/AppFactoryStorage.sol

@@ -0,0 +1,29 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.23;
+
+// interfaces
+
+// libraries
+import {EnumerableSetLib} from "solady/utils/EnumerableSetLib.sol";
+
+// contracts
+
+library AppFactoryStorage {
+    using EnumerableSetLib for EnumerableSetLib.Bytes32Set;
+
+    // keccak256(abi.encode(uint256(keccak256("app.factory.storage")) - 1)) & ~bytes32(uint256(0xff))
+    bytes32 internal constant STORAGE_SLOT =
+        0xca64e2f4a307cd87bb6e650a2b64b61bb8e05eb19e155e37ac786fdc5c4f0500;
+
+    struct Layout {
+        address entryPoint;
+        EnumerableSetLib.Bytes32Set beaconIds;
+        mapping(bytes32 beaconId => address beacon) beacons;
+    }
+
+    function getLayout() internal pure returns (Layout storage $) {
+        assembly {
+            $.slot := STORAGE_SLOT
+        }
+    }
+}

package/src/apps/facets/factory/IAppFactory.sol

@@ -16,12 +16,20 @@ interface IAppFactoryBase {
         uint48 accessDuration;
     }
 
+    struct Beacon {
+        bytes32 beaconId;
+        address beacon;
+    }
+
     /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
     /*                           ERRORS                           */
     /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
     error AppFactory__InvalidAppName();
     error AppFactory__InvalidArrayInput();
     error AppFactory__InvalidAddressInput();
+    error AppFactory__BeaconNotFound();
+    error AppFactory__InvalidBeaconId();
+    error AppFactory__BeaconAlreadyExists();
 
     /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
 
@@ -29,6 +37,9 @@ interface IAppFactoryBase {
     /*                           EVENTS                           */
     /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
     event AppCreated(address indexed app, bytes32 indexed uid);
+    event BeaconAdded(bytes32 indexed beaconId, address indexed beacon);
+    event BeaconRemoved(bytes32 indexed beaconId, address indexed beacon);
+    event EntryPointSet(address indexed oldEntryPoint, address indexed newEntryPoint);
 }
 
 interface IAppFactory is IAppFactoryBase {
@@ -39,4 +50,39 @@ interface IAppFactory is IAppFactoryBase {
     function createApp(
         AppParams calldata params
     ) external payable returns (address app, bytes32 appId);
+
+    /// @notice Create an app by beacon ID
+    /// @param beaconId The ID of the beacon to use for app deployment
+    /// @param params The parameters of the app
+    /// @return app The app address
+    /// @return appId The attestation UID of the registered app
+    function createAppByBeacon(
+        bytes32 beaconId,
+        AppParams calldata params
+    ) external payable returns (address app, bytes32 appId);
+
+    /// @notice Add new beacon contracts for app deployment
+    /// @param beacons Array of beacon contracts to add with their IDs
+    function addBeacons(Beacon[] calldata beacons) external;
+
+    /// @notice Remove existing beacon contracts
+    /// @param beaconIds Array of beacon IDs to remove
+    function removeBeacons(bytes32[] calldata beaconIds) external;
+
+    /// @notice Get the beacon contract address for a given beacon ID
+    /// @param beaconId The ID of the beacon to look up
+    /// @return beacon The address of the beacon contract
+    function getBeacon(bytes32 beaconId) external view returns (address beacon);
+
+    /// @notice Get all registered beacon IDs
+    /// @return beaconIds Array of all registered beacon IDs
+    function getBeacons() external view returns (bytes32[] memory beaconIds);
+
+    /// @notice Set the entry point contract address for account abstraction
+    /// @param entryPoint The address of the entry point contract
+    function setEntryPoint(address entryPoint) external;
+
+    /// @notice Get the current entry point contract address
+    /// @return entryPoint The address of the entry point contract
+    function getEntryPoint() external view returns (address entryPoint);
 }

package/src/apps/facets/registry/AppRegistryBase.sol

@@ -8,7 +8,6 @@ import {IERC165} from "@openzeppelin/contracts/interfaces/IERC165.sol";
 import {ITownsApp} from "../../ITownsApp.sol";
 import {IAppRegistryBase} from "./IAppRegistry.sol";
 import {ISchemaResolver} from "@ethereum-attestation-service/eas-contracts/resolver/ISchemaResolver.sol";
-import {ISimpleApp} from "../../helpers/ISimpleApp.sol";
 import {IPlatformRequirements} from "../../../factory/facets/platform/requirements/IPlatformRequirements.sol";
 import {IERC173} from "@towns-protocol/diamond/src/facets/ownable/IERC173.sol";
 import {IAppAccount} from "../../../spaces/facets/account/IAppAccount.sol";
@@ -20,6 +19,7 @@ import {AppRegistryStorage, ClientInfo, AppInfo} from "./AppRegistryStorage.sol"
 import {LibClone} from "solady/utils/LibClone.sol";
 import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
 import {CurrencyTransfer} from "../../../utils/libraries/CurrencyTransfer.sol";
+import {LibAppRegistry} from "./LibAppRegistry.sol";
 
 // types
 import {ExecutionManifest} from "@erc6900/reference-implementation/interfaces/IExecutionModule.sol";
@@ -33,8 +33,6 @@ import {AttestationBase} from "../attest/AttestationBase.sol";
 abstract contract AppRegistryBase is IAppRegistryBase, SchemaBase, AttestationBase {
     using CustomRevert for bytes4;
 
-    uint48 private constant MAX_DURATION = 365 days;
-
     modifier onlyAllowed(IAppAccount account) {
         if (IERC173(address(account)).owner() != msg.sender) NotAllowed.selector.revertWith();
         _;
@@ -99,10 +97,11 @@ abstract contract AppRegistryBase is IAppRegistryBase, SchemaBase, AttestationBa
 
     function _getAppDuration(address app) internal view returns (uint48 duration) {
         try ITownsApp(app).accessDuration() returns (uint48 accessDuration) {
-            return _validateDuration(accessDuration);
+            duration = LibAppRegistry.validateDuration(accessDuration);
         } catch {
-            return MAX_DURATION;
+            duration = LibAppRegistry.validateDuration(0);
         }
+        return duration;
     }
 
     /// @notice Retrieves detailed information about an app by its ID
@@ -389,18 +388,6 @@ abstract contract AppRegistryBase is IAppRegistryBase, SchemaBase, AttestationBa
         newVersionId = _attest(msg.sender, msg.value, request).uid;
     }
 
-    function _validatePricing(uint256 price) internal view returns (uint256) {
-        uint256 minPlatformFee = _getPlatformRequirements().getMembershipFee();
-        if (price > 0 && price < minPlatformFee) InvalidPrice.selector.revertWith();
-        return price;
-    }
-
-    function _validateDuration(uint48 duration) internal pure returns (uint48) {
-        if (duration > MAX_DURATION) InvalidDuration.selector.revertWith();
-        if (duration == 0) duration = MAX_DURATION;
-        return duration;
-    }
-
     /// @notice Validates inputs for adding a new app
     /// @param appContract The app contract to verify
     /// @param client The client address to verify
@@ -434,8 +421,8 @@ abstract contract AppRegistryBase is IAppRegistryBase, SchemaBase, AttestationBa
         if (permissions.length == 0) InvalidArrayInput.selector.revertWith();
         if (owner == address(0)) InvalidAddressInput.selector.revertWith();
 
-        _validatePricing(installPrice);
-        uint48 duration = _validateDuration(accessDuration);
+        installPrice = LibAppRegistry.validatePricing(_getPlatformRequirements(), installPrice);
+        accessDuration = LibAppRegistry.validateDuration(accessDuration);
 
         if (
             !IERC165(appAddress).supportsInterface(type(IModule).interfaceId) ||
@@ -445,7 +432,7 @@ abstract contract AppRegistryBase is IAppRegistryBase, SchemaBase, AttestationBa
             AppDoesNotImplementInterface.selector.revertWith();
         }
 
-        return (owner, permissions, manifest, duration);
+        return (owner, permissions, manifest, accessDuration);
     }
 
     function _getPlatformRequirements() internal view returns (IPlatformRequirements) {

package/src/apps/facets/registry/IAppRegistry.sol

@@ -35,13 +35,14 @@ interface IAppRegistryBase {
     error InvalidArrayInput();
     error BannedApp();
     error InvalidAppId();
-    error InvalidPrice();
-    error InvalidDuration();
     error InsufficientPayment();
     error NotAllowed();
     error ClientAlreadyRegistered();
     error ClientNotRegistered();
 
+    error AppRegistry__InvalidDuration();
+    error AppRegistry__InvalidPrice();
+
     /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
     /*                           EVENTS                           */
     /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/

package/src/apps/facets/registry/LibAppRegistry.sol

@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.29;
+
+// interfaces
+import {IPlatformRequirements} from "../../../factory/facets/platform/requirements/IPlatformRequirements.sol";
+import {IAppRegistryBase} from "./IAppRegistry.sol";
+
+// libraries
+import {CustomRevert} from "../../../utils/libraries/CustomRevert.sol";
+
+// contracts
+
+library LibAppRegistry {
+    using CustomRevert for bytes4;
+
+    uint48 internal constant MAX_DURATION = 365 days;
+
+    function validateDuration(uint48 accessDuration) internal pure returns (uint48 duration) {
+        if (accessDuration > MAX_DURATION)
+            IAppRegistryBase.AppRegistry__InvalidDuration.selector.revertWith();
+        duration = accessDuration == 0 ? MAX_DURATION : accessDuration;
+    }
+
+    function validatePricing(
+        IPlatformRequirements platformRequirements,
+        uint256 price
+    ) internal view returns (uint256) {
+        uint256 minPlatformFee = platformRequirements.getMembershipFee();
+        if (price > 0 && price < minPlatformFee)
+            IAppRegistryBase.AppRegistry__InvalidPrice.selector.revertWith();
+        return price;
+    }
+}

package/src/apps/simple/account/ISimpleAccount.sol

@@ -0,0 +1,40 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.23;
+
+// interfaces
+import {IEntryPoint} from "@eth-infinitism/account-abstraction/interfaces/IEntryPoint.sol";
+
+// libraries
+
+// contracts
+
+interface ISimpleAccountBase {
+    error SimpleAccount__NotFromTrustedCaller();
+    error SimpleAccount__OpDataNotSupported();
+
+    /// @notice Emitted when the entry point is updated
+    /// @param oldEntryPoint The old entry point
+    /// @param newEntryPoint The new entry point
+    event EntryPointUpdated(address indexed oldEntryPoint, address indexed newEntryPoint);
+
+    /// @notice Emitted when the coordinator is updated
+    /// @param oldCoordinator The old coordinator
+    /// @param newCoordinator The new coordinator
+    event CoordinatorUpdated(address indexed oldCoordinator, address indexed newCoordinator);
+}
+
+interface ISimpleAccount is ISimpleAccountBase {
+    /// @notice Return the account nonce.
+    /// @dev This method returns the next sequential nonce.
+    /// @dev For a nonce of a specific key, use `entrypoint.getNonce(account, key)`
+    /// @return The next sequential nonce.
+    function getNonce() external view returns (uint256);
+
+    /// @notice Updates the entry point of the account
+    /// @param newEntryPoint The new entry point
+    function updateEntryPoint(address newEntryPoint) external;
+
+    /// @notice Updates the coordinator of the account
+    /// @param newCoordinator The new coordinator
+    function updateCoordinator(address newCoordinator) external;
+}

package/src/apps/simple/account/SimpleAccountBase.sol

@@ -0,0 +1,58 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.29;
+
+// interfaces
+import {IAccount} from "@eth-infinitism/account-abstraction/interfaces/IAccount.sol";
+import {IEntryPoint} from "@eth-infinitism/account-abstraction/interfaces/IEntryPoint.sol";
+import {ISimpleAccountBase} from "./ISimpleAccount.sol";
+
+// libraries
+import {UserOperationLib, PackedUserOperation} from "@eth-infinitism/account-abstraction/core/UserOperationLib.sol";
+import {CustomRevert} from "../../../utils/libraries/CustomRevert.sol";
+import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
+
+/// @title SimpleAccountBase
+/// @notice Base contract for simple accounts implementing core ERC-6900 account functionality
+abstract contract SimpleAccountBase is IAccount, ISimpleAccountBase {
+    using UserOperationLib for PackedUserOperation;
+    using CustomRevert for bytes4;
+
+    /// @notice Return the entryPoint used by this account.
+    /// @dev Subclass should return the current entryPoint used by this account.
+    function entryPoint() public view virtual returns (IEntryPoint);
+
+    /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
+    /*                         Hooks                              */
+    /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
+
+    /// @dev Internal function to require the sender to be the entry point.
+    function _requireFromEntryPoint() internal view virtual {
+        if (msg.sender != address(entryPoint()))
+            SimpleAccount__NotFromTrustedCaller.selector.revertWith();
+    }
+
+    /// @dev Internal function to require the sender to be the entry point.
+    function _requireForExecute() internal view virtual {
+        _requireFromEntryPoint();
+    }
+
+    /// @dev Internal function to validate the signature of the user operation.
+    /// @param userOp The user operation to validate.
+    /// @param userOpHash The hash of the user operation.
+    /// @return validationData The validation data.
+    function _validateSignature(
+        PackedUserOperation calldata userOp,
+        bytes32 userOpHash
+    ) internal virtual returns (uint256 validationData);
+
+    /// @dev Internal function to validate the nonce of the user operation.
+    /// @param nonce The nonce of the user operation.
+    function _validateNonce(uint256 nonce) internal view virtual {}
+
+    /// @dev Internal function to pay the prefund.
+    /// @param missingAccountFunds The missing account funds.
+    function _payPrefund(uint256 missingAccountFunds) internal virtual {
+        if (missingAccountFunds == 0) return;
+        SafeTransferLib.safeTransferETH(msg.sender, missingAccountFunds);
+    }
+}

package/src/apps/simple/account/SimpleAccountFacet.sol

@@ -0,0 +1,151 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.29;
+
+// interfaces
+import {IEntryPoint} from "@eth-infinitism/account-abstraction/core/EntryPoint.sol";
+import {IAccount} from "@eth-infinitism/account-abstraction/interfaces/IAccount.sol";
+import {ISimpleAccount} from "./ISimpleAccount.sol";
+import {IERC7821} from "@openzeppelin/contracts/interfaces/draft-IERC7821.sol";
+
+// contracts
+import {SimpleAccountBase} from "./SimpleAccountBase.sol";
+import {Facet} from "@towns-protocol/diamond/src/facets/Facet.sol";
+import {OwnableBase} from "@towns-protocol/diamond/src/facets/ownable/OwnableBase.sol";
+import {ERC7821} from "solady/accounts/ERC7821.sol";
+
+// libraries
+import {CustomRevert} from "../../../utils/libraries/CustomRevert.sol";
+import {UserOperationLib, PackedUserOperation} from "@eth-infinitism/account-abstraction/core/UserOperationLib.sol";
+import {ECDSA} from "solady/utils/ECDSA.sol";
+import {LibBit} from "solady/utils/LibBit.sol";
+import {SIG_VALIDATION_FAILED, SIG_VALIDATION_SUCCESS} from "@eth-infinitism/account-abstraction/core/Helpers.sol";
+import {SimpleAppStorage} from "../app/SimpleAppStorage.sol";
+import {SimpleAccountStorage} from "./SimpleAccountStorage.sol";
+import {Validator} from "../../../utils/libraries/Validator.sol";
+
+contract SimpleAccountFacet is ISimpleAccount, SimpleAccountBase, OwnableBase, ERC7821, Facet {
+    using CustomRevert for bytes4;
+    using UserOperationLib for PackedUserOperation;
+
+    function __SimpleAccountFacet_init(
+        address entrypoint,
+        address coordinator
+    ) external onlyInitializing {
+        Validator.checkAddress(entrypoint);
+        Validator.checkAddress(coordinator);
+        __SimpleAccountFacet_init_unchained(entrypoint, coordinator);
+    }
+
+    function __SimpleAccountFacet_init_unchained(address entrypoint, address coordinator) internal {
+        SimpleAccountStorage.Layout storage $ = SimpleAccountStorage.getLayout();
+        $.entryPoint = entrypoint;
+        $.coordinator = coordinator;
+        _addInterface(type(IAccount).interfaceId);
+        _addInterface(type(ISimpleAccount).interfaceId);
+        _addInterface(type(IERC7821).interfaceId);
+    }
+
+    /// @inheritdoc ISimpleAccount
+    function updateEntryPoint(address newEntryPoint) external onlyOwner {
+        Validator.checkAddress(newEntryPoint);
+        SimpleAccountStorage.Layout storage $ = SimpleAccountStorage.getLayout();
+        address oldEntryPoint = $.entryPoint;
+        $.entryPoint = newEntryPoint;
+        emit EntryPointUpdated(oldEntryPoint, newEntryPoint);
+    }
+
+    /// @inheritdoc ISimpleAccount
+    function updateCoordinator(address newCoordinator) external onlyOwner {
+        Validator.checkAddress(newCoordinator);
+        SimpleAccountStorage.Layout storage $ = SimpleAccountStorage.getLayout();
+        address oldCoordinator = $.coordinator;
+        $.coordinator = newCoordinator;
+        emit CoordinatorUpdated(oldCoordinator, newCoordinator);
+    }
+
+    /// @notice Return the account nonce.
+    /// @dev This method returns the next sequential nonce.
+    /// @dev For a nonce of a specific key, use `entrypoint.getNonce(account, key)`
+    /// @return The next sequential nonce.
+    function getNonce() public view virtual returns (uint256) {
+        return entryPoint().getNonce(address(this), 0);
+    }
+
+    /// @notice Return the entryPoint used by this account.
+    function entryPoint() public view override(SimpleAccountBase) returns (IEntryPoint) {
+        return IEntryPoint(SimpleAccountStorage.getLayout().entryPoint);
+    }
+
+    /// @inheritdoc IAccount
+    function validateUserOp(
+        PackedUserOperation calldata userOp,
+        bytes32 userOpHash,
+        uint256 missingAccountFunds
+    ) external virtual override returns (uint256 validationData) {
+        _requireFromEntryPoint();
+        validationData = _validateSignature(userOp, userOpHash);
+        _validateNonce(userOp.nonce);
+        _payPrefund(missingAccountFunds);
+    }
+
+    /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
+    /*                      INTERNAL FUNCTIONS                    */
+    /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
+    function _getCoordinator() internal view returns (address) {
+        return SimpleAccountStorage.getLayout().coordinator;
+    }
+
+    /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
+    /*                           Overrides                        */
+    /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
+    /// @dev Override the 4-parameter execution to add custom authorization before the standard checks
+    function _execute(
+        bytes32,
+        bytes calldata,
+        Call[] calldata calls,
+        bytes calldata opData
+    ) internal virtual override {
+        if (opData.length == 0) {
+            _requireForExecute();
+            return _execute(calls, bytes32(0));
+        }
+
+        SimpleAccount__OpDataNotSupported.selector.revertWith();
+    }
+
+    /// @notice Override the _requireForExecute function to allow the owner, client, coordinator, entry point, and self-calls.
+    function _requireForExecute() internal view override {
+        // Early return for owner
+        if (msg.sender == _owner()) return;
+
+        SimpleAppStorage.Layout storage $ = SimpleAppStorage.getLayout();
+        SimpleAccountStorage.Layout storage $$ = SimpleAccountStorage.getLayout();
+
+        // Use LibBit.or for efficient multi-condition check
+        if (
+            LibBit.or(
+                LibBit.or(msg.sender == $.client, msg.sender == $$.coordinator),
+                LibBit.or(msg.sender == $$.entryPoint, msg.sender == address(this))
+            )
+        ) return;
+
+        SimpleAccount__NotFromTrustedCaller.selector.revertWith();
+    }
+
+    function _validateSignature(
+        PackedUserOperation calldata userOp,
+        bytes32 userOpHash
+    ) internal virtual override returns (uint256 validationData) {
+        address signer = ECDSA.recoverCalldata(userOpHash, userOp.signature);
+        address owner = _owner();
+
+        // Early return for owner
+        if (signer == owner) return SIG_VALIDATION_SUCCESS;
+
+        // Check client using LibBit for consistency
+        SimpleAppStorage.Layout storage $ = SimpleAppStorage.getLayout();
+        if (signer == $.client) return SIG_VALIDATION_SUCCESS;
+
+        return SIG_VALIDATION_FAILED;
+    }
+}

package/src/apps/simple/account/SimpleAccountStorage.sol

@@ -0,0 +1,25 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.29;
+
+// interfaces
+
+// libraries
+
+// contracts
+
+library SimpleAccountStorage {
+    // keccak256(abi.encode(uint256(keccak256("simple.account.storage")) - 1)) & ~bytes32(uint256(0xff))
+    bytes32 internal constant STORAGE_SLOT =
+        0x50b1c084b04d93141a198030532d2108cf8654a43d025af0de681aa06dac5f00;
+
+    struct Layout {
+        address entryPoint;
+        address coordinator;
+    }
+
+    function getLayout() internal pure returns (Layout storage $) {
+        assembly ("memory-safe") {
+            $.slot := STORAGE_SLOT
+        }
+    }
+}