-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add WebAuthN validator #68
Conversation
b391fe8
to
3b8ac00
Compare
@KONFeature Is this going to utilize the EIP-7212 precompile under the hood? |
Not yet, this is just a POC. Still a few stuff needing to be done here:
And btw, this verification code isn't audited yet, if I remember correctly an audit is planned during Q1 |
4df861e
to
5538f67
Compare
- Stay in calldata for webauthn challenge formatting - Stay inside the WebAuthN validator contract for challenge preparation etc, only exit for p256 verification - Better SoC between validator / webauthn / p256 - Wrap the p256 verification logic inside a contract that can be easily replaced when RIP-7212 is deployed
81c48e9
to
59b2afa
Compare
Small update regarding last comment:
And the FCL code as been audited by gnosis internal team once, thx to the Cometh team |
* Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) * Documentation & minor gas optimisation during userOpExecution (#50) * Add storage slot documentation & run coverage * Gas improvment on disabled mode check during execution Between 1 to 22% gas saved during userOp execution * Missing funds check gas improvments * Adding a bit of comments * Add p256 validator (#48) * Dev (#47) * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) --------- Co-authored-by: David Eiber <davideiber@gmail.com> * Initial commit * Update P256Validator.t.sol * forge install: FreshCryptoLib * Refactor with helper functions * Add P256Validator, tests, deps * Remove py scripts used for initial testing * Update foundry.toml * update deps * add non-malleable signatures --------- Co-authored-by: taek <leekt216@gmail.com> * deterministic deploy (#51) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments (#52) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments - Reducing the number of indexed variable inside a log highly decrease his gas usage, in the p256 validator, we only matter about the kernel account as index (it's 375 gas per topic, so per indexed props, so reducing the index on both key reduce the enabling gas cost by 375 * 4 -> 1500 gas) - Add a few reflexion todo comment, do you rly need to send the previous key in the event? Since it's cost with a `sload`& also in the event itself * ⚡️ Remove the oldKeys for the event signature * ⚡️ Only compare to raw msg signing instead of eth signed message for p256 * Fix/audit recovery (#53) * added threshold check to make sure threshold is not zero * added userOp.sender on callDataAndNonceHash * added userOp.sender on callDataAndNonceHash * added check if guardian is msg.sender * fmt * ZeroDev-RW-2 : using live weights * ZeroDev-RW-4 and ZeroDev-RW-2 fix * fmt * ✨ Introduce a new Ecdsa Validator, using EIP-712 as signature (#55) * ✨ Add a new ECDSA Typed validator, using EIP-712 signature to validate userOp * ✅ Adding unit test arround EcdsaTypedValidator * ✏️ Rename hash -> userOpHash in AllowUserOp sig * Fix/conflict master (#57) * Dev (#47) * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) --------- Co-authored-by: David Eiber <davideiber@gmail.com> * Update recovery audit report * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) * Documentation & minor gas optimisation during userOpExecution (#50) * Add storage slot documentation & run coverage * Gas improvment on disabled mode check during execution Between 1 to 22% gas saved during userOp execution * Missing funds check gas improvments * Adding a bit of comments * Add p256 validator (#48) * Dev (#47) * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) --------- Co-authored-by: David Eiber <davideiber@gmail.com> * Initial commit * Update P256Validator.t.sol * forge install: FreshCryptoLib * Refactor with helper functions * Add P256Validator, tests, deps * Remove py scripts used for initial testing * Update foundry.toml * update deps * add non-malleable signatures --------- Co-authored-by: taek <leekt216@gmail.com> * deterministic deploy (#51) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments (#52) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments - Reducing the number of indexed variable inside a log highly decrease his gas usage, in the p256 validator, we only matter about the kernel account as index (it's 375 gas per topic, so per indexed props, so reducing the index on both key reduce the enabling gas cost by 375 * 4 -> 1500 gas) - Add a few reflexion todo comment, do you rly need to send the previous key in the event? Since it's cost with a `sload`& also in the event itself * ⚡️ Remove the oldKeys for the event signature * ⚡️ Only compare to raw msg signing instead of eth signed message for p256 * Fix/audit recovery (#53) * added threshold check to make sure threshold is not zero * added userOp.sender on callDataAndNonceHash * added userOp.sender on callDataAndNonceHash * added check if guardian is msg.sender * fmt * ZeroDev-RW-2 : using live weights * ZeroDev-RW-4 and ZeroDev-RW-2 fix * fmt * rebase master --------- Co-authored-by: David Eiber <davideiber@gmail.com> Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: Quentin Nivelais <quentin@nivelais.com> * fix: removed duplicate function * feat: added delegateCall support in session key (#54) * feat: added delegateCall support in session key * fix: remove deps * feat: added wildcard target permission condition in session key --------- Co-authored-by: taek <leekt216@gmail.com> * fmt (#60) * Script/deploy recovery (#59) * added broadcast to git * script for recovery deployment * recovery plugin on arbitrum goerli and base goerli * deployed to base * Deploy/sepolia (#61) * deployed on arbitrum sepolia * deployed on optimism sepolia * deployed on base sepolia * Deploy/session key (#62) * optimism and arbitrum * optimism mainnet and polygon mainnet * deployed on avalanche * deployed on base * session key deploy completed * deployed on gnosischain (#63) * ⚡️ Migrte from require(string) to revert error on Factory & LiteEcdsa (#58) * feat: add stealth address plugin (#64) Add stealth address plugin to preserve privacy of smart acount owner. Two modes to validate signature - 0: signed by private key of stealth address - 1: signed by owner's private key and secret used to generate stealth address. * Feat/event weighted ecdsa (#65) * script for old factory * script for stake updated * events for add/removing guardian * weighted ecdsa deployed on mumbai * Cherrypick dev (#67) * Link to AA SDKs * script for old factory * Update deployment addresses for Kernel and KernelLite v2.3 in README (#66) * Add Kernel factory address --------- Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: David Eiber <davideiber@gmail.com> * Temp/script (#69) * moved to script folder * moved shell scripts * added broadcast * removed Caldera broadcast * Restructure - move plugin to separate repo (#70) * restructured to seprate plugins folder * removed via-ir based plugins, todo: remove all plugins to kernel-plugins * Restructure (#71) * restructured to seprate plugins folder * removed via-ir based plugins, todo: remove all plugins to kernel-plugins * fix: import path fix for kerneltestbase * Add WebAuthN validator (#68) * 🚧 Simple webauthn validator * 🚧 Add deploy script for WebAuthN validator * 🚧 Fix pre op estimation by removing early exit during webauthn msg format * ✅ Add webauthn validator unit test * 🚚 rename WebAuthnValidator -> WebAuthnFclValidator * ♻️ Lot of WebAuthN review - Stay in calldata for webauthn challenge formatting - Stay inside the WebAuthN validator contract for challenge preparation etc, only exit for p256 verification - Better SoC between validator / webauthn / p256 - Wrap the p256 verification logic inside a contract that can be easily replaced when RIP-7212 is deployed * ⚡️ Minor gas optimisation (switching to solady base64 lib) * ✅ Add more tests on sig validation, dummy sig bypass etc * ⚡️ Gas optimisation during webauthn msg check / format * 🐛 Post rebase fix * 🚚 Move webauthn helper and validator inside subfolder validator/webauthn * ⚡️ Switched to foundry cheatcode for p256 sig validation during test And fix deploy script * Feat/add validate (#73) * feat: implement validateSignature of WeightedECDSAValidator * fix: init totalWeight as 0 in validateSignature * Fix validSignature for WeightedECDSAValidator --------- Co-authored-by: adnpark <aidenp.dev@gmail.com> Co-authored-by: Derek Chiang <me@derekchiang.com> * updated forge-std * forge fmt * Feat/weighted ecdsa (#74) * updated dependencies * updates solady to latest * weighted ecdsa to valdiate the userOp for the last sig * removed toEthSignedMessage * test done * Feat/weighted ecdsa (#77) * weighted ecdsa to valdiate the userOp for the last sig * removed toEthSignedMessage * test done * allow non-userOpHash signed mode when paymaster != 0 * fixed Console.sol (#79) * audit fixes (#80) * audit fixes * fix: update prevSigner to signer on validateSignature and added invariant testing for this * Upload recovery v2 audit * Update audit report * changed test to use standard message hash (#81) * gas snapshot and ci * added snapshot flow * added ci profile to foundry.toml * added coverage workflow * removed ci profile * via-ir for snapshot * Fix dead link * ✨ Add the options to upgrade to the RIP-7212 p256 verifier (#82) * ✨ Add the options to upgrade to the RIP-7212 p256 verifier * 🐛 Handle empty response from the pre compiled p256 verifier * 🐛 Switch between pre-compiled and on chain p256 verifier via a signature flag * Modular permission (#84) * restructured to seprate plugins folder * added modular permission * fmt * synced dev * fix: shadowed variable * modular permission encoding checked * intersect supports validation data with aggregator * draft for modular permission * forge fmt * non-view for validCaller * fix: test for helper * changed validCaller to non-view * removed rawMessage, move this to policy...? * gas policy example for policy * execute policy for interval based execution limits * added natspec for modular permission validator * added flag to skip validation data * moved policy config to separate file * remapping to includ I4337 * temp * modular permission test without validCaller support * support requestor feature * now call it allowed requestor * forge fmt * example for eip712 * test fix to check if signature validation result is ok * fix: nonce fixes in ModularPermissionValidator * fix: use calldata for sig * fix: proof fetching in MerklePolicy * fix : use msg.sender instead of caller for signature verification on eip712 policy * chore: deploy signaturePolicy * fix: added validator in the storage mapping of SignaturePolicy to fix unauthenticated state change vuln * fix: remove p256-verifier lib * feat: added WebAuthnSigner for ModularPermissionValidator (#83) * feat: added Sudo policy for ModularPermissionValidator * fix: nonce for single tx dual enable and ECDSASigner sig --------- Co-authored-by: Sahil Vasava <sahilvasava@gmail.com> * Fix/execute batch (#85) * fixed execute batch with long return value * added testcase * bumped version to 2.4 * added validator setup * added broadcast for 2.4 on mumbai * Add webauthn audit * Update README.md (#86) * Link to AA SDKs * Update deployment addresses for Kernel and KernelLite v2.3 in README (#66) * Add Kernel factory address * Update README.md --------- Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: David Eiber <davideiber@gmail.com> --------- Co-authored-by: David Eiber <davideiber@gmail.com> Co-authored-by: Quentin Nivelais <quentin@nivelais.com> Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: Sahil Vasava <sahilvasava@gmail.com> Co-authored-by: jhw <justin@moonchute.xyz> Co-authored-by: adnpark <aidenp.dev@gmail.com>
* Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) * Documentation & minor gas optimisation during userOpExecution (#50) * Add storage slot documentation & run coverage * Gas improvment on disabled mode check during execution Between 1 to 22% gas saved during userOp execution * Missing funds check gas improvments * Adding a bit of comments * Add p256 validator (#48) * Dev (#47) * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) --------- Co-authored-by: David Eiber <davideiber@gmail.com> * Initial commit * Update P256Validator.t.sol * forge install: FreshCryptoLib * Refactor with helper functions * Add P256Validator, tests, deps * Remove py scripts used for initial testing * Update foundry.toml * update deps * add non-malleable signatures --------- Co-authored-by: taek <leekt216@gmail.com> * deterministic deploy (#51) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments (#52) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments - Reducing the number of indexed variable inside a log highly decrease his gas usage, in the p256 validator, we only matter about the kernel account as index (it's 375 gas per topic, so per indexed props, so reducing the index on both key reduce the enabling gas cost by 375 * 4 -> 1500 gas) - Add a few reflexion todo comment, do you rly need to send the previous key in the event? Since it's cost with a `sload`& also in the event itself * ⚡️ Remove the oldKeys for the event signature * ⚡️ Only compare to raw msg signing instead of eth signed message for p256 * Fix/audit recovery (#53) * added threshold check to make sure threshold is not zero * added userOp.sender on callDataAndNonceHash * added userOp.sender on callDataAndNonceHash * added check if guardian is msg.sender * fmt * ZeroDev-RW-2 : using live weights * ZeroDev-RW-4 and ZeroDev-RW-2 fix * fmt * ✨ Introduce a new Ecdsa Validator, using EIP-712 as signature (#55) * ✨ Add a new ECDSA Typed validator, using EIP-712 signature to validate userOp * ✅ Adding unit test arround EcdsaTypedValidator * ✏️ Rename hash -> userOpHash in AllowUserOp sig * Fix/conflict master (#57) * Dev (#47) * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) --------- Co-authored-by: David Eiber <davideiber@gmail.com> * Update recovery audit report * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) * Documentation & minor gas optimisation during userOpExecution (#50) * Add storage slot documentation & run coverage * Gas improvment on disabled mode check during execution Between 1 to 22% gas saved during userOp execution * Missing funds check gas improvments * Adding a bit of comments * Add p256 validator (#48) * Dev (#47) * Added new ERC1271 signature verification logic in Kernel v0.2.3 (#43) * Added 1271 wrapper * Update kernel version to 0.2.3 * use kernel name and version from constants in tests * added delegatecall support (#44) * session key validator fixed for batch scenario * test: fuzz testing for batched options include array * fix: warning removed, forge fmt (#46) --------- Co-authored-by: David Eiber <davideiber@gmail.com> * Initial commit * Update P256Validator.t.sol * forge install: FreshCryptoLib * Refactor with helper functions * Add P256Validator, tests, deps * Remove py scripts used for initial testing * Update foundry.toml * update deps * add non-malleable signatures --------- Co-authored-by: taek <leekt216@gmail.com> * deterministic deploy (#51) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments (#52) * ⚡️ Optimise gas usage when enabling p256 validator, add a few comments - Reducing the number of indexed variable inside a log highly decrease his gas usage, in the p256 validator, we only matter about the kernel account as index (it's 375 gas per topic, so per indexed props, so reducing the index on both key reduce the enabling gas cost by 375 * 4 -> 1500 gas) - Add a few reflexion todo comment, do you rly need to send the previous key in the event? Since it's cost with a `sload`& also in the event itself * ⚡️ Remove the oldKeys for the event signature * ⚡️ Only compare to raw msg signing instead of eth signed message for p256 * Fix/audit recovery (#53) * added threshold check to make sure threshold is not zero * added userOp.sender on callDataAndNonceHash * added userOp.sender on callDataAndNonceHash * added check if guardian is msg.sender * fmt * ZeroDev-RW-2 : using live weights * ZeroDev-RW-4 and ZeroDev-RW-2 fix * fmt * rebase master --------- Co-authored-by: David Eiber <davideiber@gmail.com> Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: Quentin Nivelais <quentin@nivelais.com> * fix: removed duplicate function * feat: added delegateCall support in session key (#54) * feat: added delegateCall support in session key * fix: remove deps * feat: added wildcard target permission condition in session key --------- Co-authored-by: taek <leekt216@gmail.com> * fmt (#60) * Script/deploy recovery (#59) * added broadcast to git * script for recovery deployment * recovery plugin on arbitrum goerli and base goerli * deployed to base * Deploy/sepolia (#61) * deployed on arbitrum sepolia * deployed on optimism sepolia * deployed on base sepolia * Deploy/session key (#62) * optimism and arbitrum * optimism mainnet and polygon mainnet * deployed on avalanche * deployed on base * session key deploy completed * deployed on gnosischain (#63) * ⚡️ Migrte from require(string) to revert error on Factory & LiteEcdsa (#58) * feat: add stealth address plugin (#64) Add stealth address plugin to preserve privacy of smart acount owner. Two modes to validate signature - 0: signed by private key of stealth address - 1: signed by owner's private key and secret used to generate stealth address. * Feat/event weighted ecdsa (#65) * script for old factory * script for stake updated * events for add/removing guardian * weighted ecdsa deployed on mumbai * Cherrypick dev (#67) * Link to AA SDKs * script for old factory * Update deployment addresses for Kernel and KernelLite v2.3 in README (#66) * Add Kernel factory address --------- Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: David Eiber <davideiber@gmail.com> * Temp/script (#69) * moved to script folder * moved shell scripts * added broadcast * removed Caldera broadcast * Restructure - move plugin to separate repo (#70) * restructured to seprate plugins folder * removed via-ir based plugins, todo: remove all plugins to kernel-plugins * Restructure (#71) * restructured to seprate plugins folder * removed via-ir based plugins, todo: remove all plugins to kernel-plugins * fix: import path fix for kerneltestbase * Add WebAuthN validator (#68) * 🚧 Simple webauthn validator * 🚧 Add deploy script for WebAuthN validator * 🚧 Fix pre op estimation by removing early exit during webauthn msg format * ✅ Add webauthn validator unit test * 🚚 rename WebAuthnValidator -> WebAuthnFclValidator * ♻️ Lot of WebAuthN review - Stay in calldata for webauthn challenge formatting - Stay inside the WebAuthN validator contract for challenge preparation etc, only exit for p256 verification - Better SoC between validator / webauthn / p256 - Wrap the p256 verification logic inside a contract that can be easily replaced when RIP-7212 is deployed * ⚡️ Minor gas optimisation (switching to solady base64 lib) * ✅ Add more tests on sig validation, dummy sig bypass etc * ⚡️ Gas optimisation during webauthn msg check / format * 🐛 Post rebase fix * 🚚 Move webauthn helper and validator inside subfolder validator/webauthn * ⚡️ Switched to foundry cheatcode for p256 sig validation during test And fix deploy script * Feat/add validate (#73) * feat: implement validateSignature of WeightedECDSAValidator * fix: init totalWeight as 0 in validateSignature * Fix validSignature for WeightedECDSAValidator --------- Co-authored-by: adnpark <aidenp.dev@gmail.com> Co-authored-by: Derek Chiang <me@derekchiang.com> * updated forge-std * forge fmt * Feat/weighted ecdsa (#74) * updated dependencies * updates solady to latest * weighted ecdsa to valdiate the userOp for the last sig * removed toEthSignedMessage * test done * Feat/weighted ecdsa (#77) * weighted ecdsa to valdiate the userOp for the last sig * removed toEthSignedMessage * test done * allow non-userOpHash signed mode when paymaster != 0 * fixed Console.sol (#79) * audit fixes (#80) * audit fixes * fix: update prevSigner to signer on validateSignature and added invariant testing for this * Upload recovery v2 audit * Update audit report * changed test to use standard message hash (#81) * gas snapshot and ci * added snapshot flow * added ci profile to foundry.toml * added coverage workflow * removed ci profile * via-ir for snapshot * Fix dead link * ✨ Add the options to upgrade to the RIP-7212 p256 verifier (#82) * ✨ Add the options to upgrade to the RIP-7212 p256 verifier * 🐛 Handle empty response from the pre compiled p256 verifier * 🐛 Switch between pre-compiled and on chain p256 verifier via a signature flag * Modular permission (#84) * restructured to seprate plugins folder * added modular permission * fmt * synced dev * fix: shadowed variable * modular permission encoding checked * intersect supports validation data with aggregator * draft for modular permission * forge fmt * non-view for validCaller * fix: test for helper * changed validCaller to non-view * removed rawMessage, move this to policy...? * gas policy example for policy * execute policy for interval based execution limits * added natspec for modular permission validator * added flag to skip validation data * moved policy config to separate file * remapping to includ I4337 * temp * modular permission test without validCaller support * support requestor feature * now call it allowed requestor * forge fmt * example for eip712 * test fix to check if signature validation result is ok * fix: nonce fixes in ModularPermissionValidator * fix: use calldata for sig * fix: proof fetching in MerklePolicy * fix : use msg.sender instead of caller for signature verification on eip712 policy * chore: deploy signaturePolicy * fix: added validator in the storage mapping of SignaturePolicy to fix unauthenticated state change vuln * fix: remove p256-verifier lib * feat: added WebAuthnSigner for ModularPermissionValidator (#83) * feat: added Sudo policy for ModularPermissionValidator * fix: nonce for single tx dual enable and ECDSASigner sig --------- Co-authored-by: Sahil Vasava <sahilvasava@gmail.com> * Fix/execute batch (#85) * fixed execute batch with long return value * added testcase * bumped version to 2.4 * added validator setup * added broadcast for 2.4 on mumbai * Add webauthn audit * Update README.md (#86) * Link to AA SDKs * Update deployment addresses for Kernel and KernelLite v2.3 in README (#66) * Add Kernel factory address * Update README.md --------- Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: David Eiber <davideiber@gmail.com> * fix: weigthed ecdsa validator (#90) * fix: avoid infinite loop on renew * fix: set max address as first guardian when renew * fix: update code for dummy signature issue * ✨ Add webauthn authenticator id in the enable event (#89) * ✨ Add webauthn authenticator id in the enable event * 🚀 Add deterministic deployment of the webauthn fcl validator * Update README.md * Document Kernel v3 addresses * Upload chainlight audit report for Kernel v3 * Add v3 plugins audit * V3 (#93) * chore: forge init * forge install: forge-std v1.7.1 * temp * cleanup * temp * fmt * fmt * temp * small steps * initial test for permission manager * enable with selector * removed coverage folder * removed coverage folder * separated validation from validator * permission rule added * draft for bootloader * cleanup code to work with permission mode * nonce starts from 0 * nonce starts from 0 * renamed validation config/storage * push for example ecdsa * updated 7579 * removed module type lib * forge install: openzeppelin-contracts v5.0.2 * feat: port ecdsa, weighted ecdsa, webauthn validators * feat: add isModuleType to webauthn validator * push * works with via-ir, remove for next commit * removed oz * removed webauthn * module types * fallback and action separation * refactor * mock policy * additional data for check userop policy * updated interface * removed group * removed group type * extradata * todo : set root validator sig * policy/signer mock test * feat: removed validuntil/validfrom * fmt * 0xff dedicated to signer * to permissionConfig * fmt * to easier naming * permission data to policy data * pass flag for permission * KernelTestBase (#4) * temp * mock and sdk * format * pack bytes32 id oninstall * only static call for fallback * mock data * to kernel test base * kernel test base * prepare userOp functions for sdk * iteration * encodeExecute * fmt * fix: return valid success for tryexecute/delegatecall * added sudo validation and vId verification * moved check permission signature to permissionManager * action with hook testcase * fix: fallback2771 memory issue * fmt * test: added fallback without install * test: executor test cases * feat: added permission PassFlag * Fix/module base (#5) * temp * mock and sdk * format * pack bytes32 id oninstall * only static call for fallback * mock data * to kernel test base * kernel test base * prepare userOp functions for sdk * iteration * encodeExecute * fmt * fix: return valid success for tryexecute/delegatecall * added sudo validation and vId verification * moved check permission signature to permissionManager * action with hook testcase * fix: fallback2771 memory issue * fmt * test: added fallback without install * test: executor test cases * feat: added permission PassFlag * error type for initialize error * fixed interface * Update SignerBase.sol (#6) * fix: signer oninstall with permission id (#7) * changed solady remapping (#8) * fix: return false for rejected proposal (#9) * fix: max limit for invalidation size is 10 (#10) * fix: installValidations function to allow multiple validation install and explicit permission install interface (#11) * Fix/zerodev 005 (#12) * refactor: moved to validation manager * fix: kernel to have proper deinit scenario * Feat/optional hook uninstall (#14) * feat: made hook uninstall optional * fix: added fix for hookData encoding * feat: conditional nonce increase, current nonce only increases when same vId has already been enabled (#15) * fix: use msg.sender for isValidSignatureWithSender (#16) * clean up the permission data first when there is pre exsiting permission with same permissionId (#21) * Feat/excessively safe call (#23) * using module lib for removing module * using erc2771 call * rollback to action/fallback separation * Feat/selector call support (#28) * using module lib for removing module * using erc2771 call * rollback to action/fallback separation * minor changes * added support for call type fallback * upgradeTo (#29) * validUntil (#30) * doing abi.encodeWithSelector (#31) * Feat/install selector (#33) * use non _ functions for library * install fallback to work as install selector * removal of fallback of fallback * removed action, it's only fallback now * Script/deploy (#34) * deploy script * script for deployment * fix: signature offset for root (#37) * fix: change offset to length * added sdk for signature * factory : factory staker added (#38) * Refactor/cleanup (#39) * Hardhat for refactoring * chore: moved constants to Constants.sol * test: test for signatures * testcases for signature * Test/factory (#40) * test and script for factory * changed script to use create2 * Test/factory (#41) * test and script for factory * changed script to use create2 * script: added stake part * Refactor/cleanup (#42) * chore: unchecked * fmt * fix: changed order of enable sig validation and enable install * hook changed * compact sdk test cases * fuzz testing for installation * executor uninstall test * rc1 * added gitignore * scripts for deploy * added addresses * Refactor/cleanup (#44) * chore: unchecked * fmt * fix: changed order of enable sig validation and enable install * hook changed * compact sdk test cases * fuzz testing for installation * executor uninstall test * rc1 * added gitignore * scripts for deploy * added addresses * stake script * added amoy * approving and staking * staked/approved on nova and linea * script finalized * removed v2 --------- Co-authored-by: adnpark <aidenp.dev@gmail.com> * removed staketofactory * removed ikernel * removed kernel lite ecdsa * removed legacy files --------- Co-authored-by: David Eiber <davideiber@gmail.com> Co-authored-by: Quentin Nivelais <quentin@nivelais.com> Co-authored-by: Derek Chiang <me@derekchiang.com> Co-authored-by: Sahil Vasava <sahilvasava@gmail.com> Co-authored-by: jhw <justin@moonchute.xyz> Co-authored-by: adnpark <aidenp.dev@gmail.com> Co-authored-by: Aiden Park <97845814+adnpark@users.noreply.github.com>
Missing unit test, currently in the process of writing script to generate the different stuff required for the webauthn msg hash & signin