OpenZeppelin · ernestognw · Dec 17, 2024 · Nov 26, 2024 · Nov 29, 2024 · Dec 3, 2024
@@ -1,4 +1,12 @@
 module.exports = {
   skipFiles: ['mocks'],
   istanbulReporter: ['html', 'lcov', 'text-summary'],
+  // Work around stack too deep for coverage
+  configureYulOptimizer: true,
+  solcOptimizerDetails: {
+    yul: true,
+    yulDetails: {
+      optimizerSteps: '',
+    },
+  },
 };
@@ -1,3 +1,8 @@
+## XX-XX-2024
+
+- `AccountECDSA`, `AccountP256` and `AccountRSA`: Add implementations of `AccountBase` based on the available signature schemes (i.e. ECDSA, P256, RSA).
+- `AccountBase`: Added a simple ERC-4337 account implementation with the minimal logic to process user operations.
+
 ## 06-11-2024
 
 - `ERC7739Utils`: Add a library that implements a defensive rehashing mechanism to prevent replayability of smart contract signatures based on the ERC-7739.

@@ -0,0 +1,19 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ERC721Holder} from "@openzeppelin/contracts/token/ERC721/utils/ERC721Holder.sol";
+import {ERC1155Holder} from "@openzeppelin/contracts/token/ERC1155/utils/ERC1155Holder.sol";
+import {ERC7739Signer} from "../utils/cryptography/draft-ERC7739Signer.sol";
+import {AccountCore} from "./draft-AccountCore.sol";
+
+/**
+ * @dev Extension of {AccountCore} with recommended feature that most account abstraction implementation will want:
+ *
+ * * {ERC721Holder} for ERC-721 token handling
+ * * {ERC1155Holder} for ERC-1155 token handling
+ * * {ERC7739Signer} for ERC-1271 signature support with ERC-7739 replay protection
+ *
+ * NOTE: This needs to be combine with a signer implementation such as {SignerECDSA}, {SignerP256} or {SignerRSA}
+ */
+abstract contract Account is AccountCore, ERC721Holder, ERC1155Holder, ERC7739Signer {}
@@ -0,0 +1,164 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {PackedUserOperation, IAccount, IEntryPoint, IAccountExecute} from "@openzeppelin/contracts/interfaces/draft-IERC4337.sol";
+import {ERC4337Utils} from "@openzeppelin/contracts/account/utils/draft-ERC4337Utils.sol";
+import {Address} from "@openzeppelin/contracts/utils/Address.sol";
+import {MessageHashUtils} from "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
+import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
+import {AbstractSigner} from "../utils/cryptography/AbstractSigner.sol";
+
+/**
+ * @dev A simple ERC4337 account implementation. This base implementation only includes the minimal logic to process
+ * user operations.
+ *
+ * Developers must implement the {_rawSignatureValidation} function to define the account's validation logic.
+ *
+ * IMPORTANT: Implementing a mechanism to validate signatures is a security-sensitive operation as it may allow an
+ * attacker to bypass the account's security measures. Check out {AccountECDSA}, {AccountP256}, or {AccountRSA} for
+ * digital signature validation implementations.
+ */
+abstract contract AccountCore is AbstractSigner, EIP712, IAccount, IAccountExecute {
+    using MessageHashUtils for bytes32;
+
+    bytes32 internal constant _PACKED_USER_OPERATION =
+        keccak256(
+            "PackedUserOperation(address sender,uint256 nonce,bytes initCode,bytes callData,bytes32 accountGasLimits,uint256 preVerificationGas,bytes32 gasFees,bytes paymasterAndData,address entrypoint)"
+        );
+
+    /**
+     * @dev Unauthorized call to the account.
+     */
+    error AccountUnauthorized(address sender);
+
+    /**
+     * @dev Revert if the caller is not the entry point or the account itself.
+     */
+    modifier onlyEntryPointOrSelf() {
+        _checkEntryPointOrSelf();
+        _;
+    }
+
+    /**
+     * @dev Revert if the caller is not the entry point.
+     */
+    modifier onlyEntryPoint() {
+        _checkEntryPoint();
+        _;
+    }
+
+    /**
+     * @dev Canonical entry point for the account that forwards and validates user operations.
+     */
+    function entryPoint() public view virtual returns (IEntryPoint) {
+        return IEntryPoint(0x0000000071727De22E5E9d8BAf0edAc6f37da032);
+    }
+
+    /**
+     * @dev Return the account nonce for the canonical sequence.
+     */
+    function getNonce() public view virtual returns (uint256) {
+        return getNonce(0);
+    }
+
+    /**
+     * @dev Return the account nonce for a given sequence (key).
+     */
+    function getNonce(uint192 key) public view virtual returns (uint256) {
+        return entryPoint().getNonce(address(this), key);
+    }
+
+    /**
+     * @inheritdoc IAccount
+     */
+    function validateUserOp(
+        PackedUserOperation calldata userOp,
+        bytes32 userOpHash,
+        uint256 missingAccountFunds
+    ) public virtual onlyEntryPoint returns (uint256) {
+        uint256 validationData = _rawSignatureValidation(_signableUserOpHash(userOp, userOpHash), userOp.signature)
+            ? ERC4337Utils.SIG_VALIDATION_SUCCESS
+            : ERC4337Utils.SIG_VALIDATION_FAILED;
+        _payPrefund(missingAccountFunds);
+        return validationData;
+    }
+
+    /**
+     * @inheritdoc IAccountExecute
+     */
+    function executeUserOp(
+        PackedUserOperation calldata userOp,
+        bytes32 /*userOpHash*/
+    ) public virtual onlyEntryPointOrSelf {
+        (address target, uint256 value, bytes memory data) = abi.decode(userOp.callData[4:], (address, uint256, bytes));
+        Address.functionCallWithValue(target, data, value);
+    }
+
+    /**
+     * @dev Returns the digest used by an offchain signer instead of the opaque `userOpHash`.
+     *
+     * Given the `userOpHash` calculation is defined by ERC-4337, offchain signers
+     * may need to sign again this hash by rehashing it with other schemes (e.g. ERC-191).
+     *
+     * Returns a typehash following EIP-712 typed data hashing for readability.
+     */
+    function _signableUserOpHash(
+        PackedUserOperation calldata userOp,
+        bytes32 /* userOpHash */
+    ) internal view virtual returns (bytes32) {
+        return
+            _hashTypedDataV4(
+                keccak256(
+                    abi.encode(
+                        _PACKED_USER_OPERATION,
+                        userOp.sender,
+                        userOp.nonce,
+                        keccak256(userOp.initCode),
+                        keccak256(userOp.callData),
+                        userOp.accountGasLimits,
+                        userOp.preVerificationGas,
+                        userOp.gasFees,
+                        keccak256(userOp.paymasterAndData),
+                        entryPoint()
+                    )
+                )
+            );
+    }
+
+    /**
+     * @dev Sends the missing funds for executing the user operation to the {entrypoint}.
+     * The `missingAccountFunds` must be defined by the entrypoint when calling {validateUserOp}.
+     */
+    function _payPrefund(uint256 missingAccountFunds) internal virtual {
+        if (missingAccountFunds > 0) {
+            (bool success, ) = payable(msg.sender).call{value: missingAccountFunds}("");
+            success; // Silence warning. The entrypoint should validate the result.
+        }
+    }
+
+    /**
+     * @dev Ensures the caller is the {entrypoint}.
+     */
+    function _checkEntryPoint() internal view virtual {
+        address sender = msg.sender;
+        if (sender != address(entryPoint())) {
+            revert AccountUnauthorized(sender);
+        }
+    }
+
+    /**
+     * @dev Ensures the caller is the {entrypoint} or the account itself.
+     */
+    function _checkEntryPointOrSelf() internal view virtual {
+        address sender = msg.sender;
+        if (sender != address(this) && sender != address(entryPoint())) {
+            revert AccountUnauthorized(sender);
+        }
+    }
+
+    /**
+     * @dev Receive Ether.
+     */
+    receive() external payable virtual {}
+}
@@ -0,0 +1,19 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ECDSA} from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
+import {AccountCore} from "../draft-AccountCore.sol";
+
+abstract contract AccountSignerERC7702 is AccountCore {
+    /**
+     * @dev Validates the signature using the account's address.
+     */
+    function _rawSignatureValidation(
+        bytes32 hash,
+        bytes calldata signature
+    ) internal view virtual override returns (bool) {
+        (address recovered, ECDSA.RecoverError err, ) = ECDSA.tryRecover(hash, signature);
+        return address(this) == recovered && err == ECDSA.RecoverError.NoError;
+    }
+}
@@ -0,0 +1,13 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {CallReceiverMock} from "@openzeppelin/contracts/mocks/CallReceiverMock.sol";
+
+contract CallReceiverMockExtended is CallReceiverMock {
+    event MockFunctionCalledExtra(address caller, uint256 value);
+
+    function mockFunctionExtra() public payable {
+        emit MockFunctionCalledExtra(msg.sender, msg.value);
+    }
+}
@@ -0,0 +1,19 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {Create2} from "@openzeppelin/contracts/utils/Create2.sol";
+
+contract Create2Mock {
+    function $deploy(uint256 amount, bytes32 salt, bytes memory bytecode) external returns (address) {
+        return Create2.deploy(amount, salt, bytecode);
+    }
+
+    function $computeAddress(bytes32 salt, bytes32 bytecodeHash) external view returns (address) {
+        return Create2.computeAddress(salt, bytecodeHash, address(this));
+    }
+
+    function $computeAddress(bytes32 salt, bytes32 bytecodeHash, address deployer) external pure returns (address) {
+        return Create2.computeAddress(salt, bytecodeHash, deployer);
+    }
+}
@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ERC1155} from "@openzeppelin/contracts/token/ERC1155/ERC1155.sol";
+
+abstract contract ERC1155Mock is ERC1155 {}
@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ERC721} from "@openzeppelin/contracts/token/ERC721/ERC721.sol";
+
+abstract contract ERC721Mock is ERC721 {}
@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {PackedUserOperation} from "@openzeppelin/contracts/interfaces/draft-IERC4337.sol";
+import {ERC4337Utils} from "@openzeppelin/contracts/account/utils/draft-ERC4337Utils.sol";
+import {Account} from "../../account/draft-Account.sol";
+
+abstract contract AccountBaseMock is Account {
+    /// Validates a user operation with a boolean signature.
+    function _rawSignatureValidation(
+        bytes32 /* userOpHash */,
+        bytes calldata signature
+    ) internal pure override returns (bool) {
+        return bytes1(signature[0:1]) == bytes1(0x01);
+    }
+}
@@ -0,0 +1,12 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {Account} from "../../account/draft-Account.sol";
+import {SignerECDSA} from "../../utils/cryptography/SignerECDSA.sol";
+
+abstract contract AccountECDSAMock is Account, SignerECDSA {
+    constructor(address signerAddr) {
+        _initializeSigner(signerAddr);
+    }
+}
@@ -0,0 +1,8 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {Account} from "../../account/draft-Account.sol";
+import {AccountSignerERC7702} from "../../account/extensions/AccountSignerERC7702.sol";
+
+abstract contract AccountERC7702Mock is Account, AccountSignerERC7702 {}
@@ -0,0 +1,12 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {Account} from "../../account/draft-Account.sol";
+import {SignerP256} from "../../utils/cryptography/SignerP256.sol";
+
+abstract contract AccountP256Mock is Account, SignerP256 {
+    constructor(bytes32 qx, bytes32 qy) {
+        _initializeSigner(qx, qy);
+    }
+}
@@ -0,0 +1,12 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {Account} from "../../account/draft-Account.sol";
+import {SignerRSA} from "../../utils/cryptography/SignerRSA.sol";
+
+abstract contract AccountRSAMock is Account, SignerRSA {
+    constructor(bytes memory e, bytes memory n) {
+        _initializeSigner(e, n);
+    }
+}