v3.1

What's Changed

• multisignature ecdsa validator by @leekt in #95
• multisignature signer by @leekt in #96
• Fix/modules by @leekt in #100
• Fix/ci by @leekt in #102
• fix: resolve signature replication issue in weighted ecdsa validator by @adnpark in #101
• Feat/on received by @leekt in #108
• chore: update package.json by @rokso in #107
• feat: add default hook, now only support msg.sender == entrypoint as default by @leekt in #110
• Fix/return data for delegate call by @leekt in #111
• v3.1 rc1 by @leekt in #112
• Fix/posthook 0xff by @leekt in #113
• feat: change contract name and add dummy signature verification by @adnpark in #109
• changeRootValidator by @leekt in #114
• Feat/v3.1 rc3 by @leekt in #118
• fix: revert before reaching postCheck by @leekt in #119
• Feat/events by @leekt in #120
• docs: update address for 3.1 deployments by @leekt in #121

New Contributors

• @rokso made their first contribution in #107

Full Changelog: v3.0...v3.1

v3.0

What's Changed

• V3 by @leekt in #93

Full Changelog: v2.4...v3.0

Kernel v3.0

ERC7579 wallet

Kernel V3 is adopting the erc7579 standard to leverage the plugin ecosystem built by the community.

Kernel V3 aims to be the fully compatible wallet for erc7579, while maintaining the high security standards.

erc7579 has these following modules

• 1 - Validator
• 2 - Executor
• 3 - Fallback
• 4 - Hook
• 5 - Policy
• 6 - Signer

Validation Methods

For validation, kernel v3 has 2 types of validation methods, using simple erc7579 validator modules or using permission system that is built with N policies and 1 signer.

For both validator and permission, they can be assigned to the function selector to check if the validator or permission is allowed to call specific userOp.callData[0:4](or userOp.callData[4:8] if userOp.callData starts with executeUserOp)

And for both methods, they can be assigned with specific hook. If validation has been done with the method that needs hook, then userOp.callData will go through executeUserOp , which is optional interface for erc4337 account, to let wallet know of validation phase info on execution phase.

And executeUserOp will trigger the hook before/after the call.

erc7579 Validator

using erc7579 validator is nothing special, wallet will forward the requested userOp and userOpHash to validator with validator.validateUserOp(userOp, userOpHash) and return the result back to entrypoint.

Modular Permission

Modular permission is designed to have the most composable validation method.

Main focus of the modular permission is to separate the signer and policy and the set of the composed list can be identified by permission id.

Why Modular Permission?

Most of the current “modular smart accounts” use single validator to use within a validation phase. This works but this hurts developer experience and user experience.

For example, let’s say there is a session key validator plugin, and session key validator can filter the userOp.calldata and check if signature is properly with secp256k1.

This is fine but if, a developer, wants to build a session key plugin that checks the signature with secp256r1 to introduce passkey usage.

Developer needs to build a new session key plugin that works for this, even though there is audited version of “session key k1 signature validator” / “r1 signature validator” and get audited for the new plugin.

But what if we was able to separate the “session key validator” into “session policy” and “k1 signer”, and “r1 validator” can be “r1 signer”. In this case, developer can just use “session policy” and “r1 signer” without any issues.

And if a user wants to be extra cautious about the session key and wants to add the “time validity” on top of the requested permission, it is not possible without writing new contract if we rely on static plugin implementation(including hardcoded pre-validation hooks).

Again, if we have a composable modular permission, then it means that user can add more policy on top of what is requested, thus making it more secure and user friendly by making user choose what permission they are going to grant.

Modular Permission in Kernel v3

In kernel v3, or at least on kernel v3 initial launch spec, permission can be composed of N policy(maximum of 254) and 1 signer.

You can assign a 4 bytes permissionId to the set, and we call it “permission”.

When you trigger a validation with permission, kernel will go through the policies if the userOp meets the standard, and signer will check if the userOpHash has been signed.

Selectors

For selector, kernel supports 2 options. 1) fallback 2) action

Action will be mapped to specific msg.sig and kernel will delegate call to the action when requested.

If selector installed fallback, it will do erc7579-fallback that will be called with "CALL" instead of "DELEGATECALL" by having 20bytes of the address(this) encoded at the end of the msg.data

Executors

Executors are external entities that can call “executeFromExecutor” to account.

Kernel will map a hook per executor to make sure executor can call those data

Hooks

Hooks are widely used on kernel v3 to properly control the access to the operation.

Hooks should be assigned to 1) validator 2) action/fallback 3) executor to make sure the execution is handled with proper access control

v2.4

What's Changed

• Added new ERC1271 signature verification logic in Kernel v0.2.3 by @de33 in #43
• added delegatecall support by @leekt in #44
• session key validator fixed for batch scenario by @leekt in #45
• fix: warning removed, forge fmt by @leekt in #46
• Documentation & minor gas optimisation during userOpExecution by @KONFeature in #50
• Add p256 validator by @de33 in #48
• deterministic deploy by @leekt in #51
• ⚡️ Optimise gas usage when enabling p256 validator, add a few comments by @KONFeature in #52
• Fix/audit recovery by @leekt in #53
• ✨ Introduce a new Ecdsa Validator, using EIP-712 as signature by @KONFeature in #55
• Fix/conflict master by @leekt in #57
• feat: added delegateCall support in session key by @SahilVasava in #54
• fmt by @leekt in #60
• Script/deploy recovery by @leekt in #59
• Deploy/sepolia by @leekt in #61
• Deploy/session key by @leekt in #62
• deployed on gnosischain by @leekt in #63
• Update deployment addresses for Kernel and KernelLite v2.3 in README by @de33 in #66
• ⚡️ Migrate from require(string) to revert error on Factory & LiteEcdsa by @KONFeature in #58
• feat: add stealth address validator by @jstinhw in #64
• Feat/event weighted ecdsa by @leekt in #65
• Cherrypick dev by @leekt in #67
• Temp/script by @leekt in #69
• Restructure - move plugin to separate repo by @leekt in #70
• Restructure by @leekt in #71
• Add WebAuthN validator by @KONFeature in #68
• Feat/add validate by @leekt in #73
• Feat/weighted ecdsa by @leekt in #74
• Feat/weighted ecdsa by @leekt in #77
• fixed Console.sol by @leekt in #79
• audit fixes by @leekt in #80
• changed test to use standard message hash by @leekt in #81
• ✨ Add the options to upgrade to the RIP-7212 p256 verifier by @KONFeature in #82
• Modular permission by @leekt in #84
• Fix/execute batch by @leekt in #85
• Update README.md by @leekt in #86
• v2.4 by @leekt in #56
• fix: weigthed ecdsa validator by @adnpark in #90
• ✨ Add webauthn authenticator id in the enable event by @KONFeature in #89
• V2 script by @leekt in #99

New Contributors

• @de33 made their first contribution in #43
• @KONFeature made their first contribution in #50
• @jstinhw made their first contribution in #64
• @adnpark made their first contribution in #90

Full Changelog: v2.3...v2.4

Kernel v2.3

What's Changed

• executeDelegateCall support
• protected eip1271

New Contributors

• @SahilVasava made their first contribution in #34
• @0xca11 made their first contribution in #37

Full Changelog: v2.1...v2.3

v2.2

What's Changed

• V2.1 typed primitives by @leekt in #26
• Deploy/v2.1 by @leekt in #28
• Deploy/v2.1 by @leekt in #29
• feat: added back the force unblock in kill switch validator by @SahilVasava in #34
• fix: modified kill switch action to disable kill switch when unblocking by @SahilVasava in #35
• feat: verify typed data and ETH message signatures on SessionKeyOwnedValidator by @0xca11 in #37
• fix: use absolute imports to fix forge coverage by @0xca11 in #38
• [WIP] Recovery plugin and weighted ecdsa by @leekt in #31
• V2.2 lite by @leekt in #39

New Contributors

• @0xca11 made their first contribution in #37

Full Changelog: v2.1...v2.2

Kernel v2.1

V2.1 (#25)

* v4.0.0-beta.10

* updator draft

* removed temp kernel

* create account 142873

* added validCaller

* forge fmt

* small touch on comments

* validCaller changed

* test for external call

* renamed modifier

* removed callcode test

* forge fmt

* added snapshot

* custom errors

* using gas() for prepay

* removed unused copy

* payable for gas optimization

* using solady for optimization

* forge fmt

* cache storage for optimization

* admin less erc 1967 optimization

* unchecked blocks

* validator to payable

* using constant for gas optimization

* removed return

* via-ir for optimization

* change in order of ecdsa validator to lower the gas cost

* squeezing gas

* more squeezing

* removed exec

* kernel helper in yul

* more optimization

* updated aa dependency

* V2.1 optimize (#20)

* factory merged with erc1967 minimal factory

* Kernel Storage to abstract the initData setting

* only one factory to decrease deployment gas

* test cleanup to properly structure the test

* removing killswitch test too

* KernelLite PoC

* files for setting a proper gas report

* using memory directly to reduce gas

* changed order for validator to reduce gas cost

* optimize only

* remove kernel lite gas report

* internal functions for erc1967factory

* change kernel sig order for validUntil and validAfter (#21)

* forge fmt

* fix: parsing typo and mode(1)

* V2.1 session key (#22)

* session Key debug done

* foundry viaIr setting enabled

* forge fmt

* V2.1 stake factory (#23)

* gas optimization by using memory for validateUserOp

* optimization with calldata parsing

* stake for factory

* stake factory

* report

* fmt

* removed unused file

* session key now filters the operation

* fix: using proper bytes for parsing operation

* script for deploying kernel/kernel factory for v2.1

* script for deploying session key

* deployed to all testnet

* kilswitch (#24)

Kernel v1 sessionkey fix

kernel v1 session key short circuit issue fixed