Skip to content

Zy0n/7702 base main#139

Open
zy0n wants to merge 6 commits into
mainfrom
zy0n/7702-base-main
Open

Zy0n/7702 base main#139
zy0n wants to merge 6 commits into
mainfrom
zy0n/7702-base-main

Conversation

@zy0n

@zy0n zy0n commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

This pull request introduces support for the new RelayAdapt7702 contract and the associated Registry contract, updating the ABI imports, typechain factories, and contract store to accommodate these new contracts. It also adds helper utilities and contract wrappers to enable interaction with RelayAdapt7702 and the Registry, and updates the logic for retrieving the correct relay adapt contract based on configuration.

New contract integration and ABI updates:

  • Added ABI definitions and typechain factories for RelayAdapt7702 and Registry, enabling typed contract interaction and deployment in the codebase. (src/abi/V2/Registry.json, src/abi/abi.ts, src/abi/typechain/factories/Registry__factory.ts, src/abi/typechain/index.ts, src/abi/typechain/factories/index.ts) [1] [2] [3] [4] [5]

Contract store and registry enhancements:

  • Extended ContractStore to include registries for RelayAdapt7702Contract and RegistryContract, allowing the system to manage and retrieve these contracts per chain. (src/contracts/contract-store.ts) [1] [2]
  • Added a new RegistryContract class to encapsulate interaction with the on-chain registry, including a method to fetch contract addresses by name. (src/contracts/relay-adapt/V2/registry.ts)

RelayAdapt7702 support and selection logic:

  • Updated the contract selection logic to allow choosing between the legacy and new RelayAdapt7702 contracts via a new useRelayAdapt7702 flag. (src/contracts/railgun-smart-wallet/railgun-versioned-smart-contracts.ts)
  • Updated test and helper exports to support RelayAdapt7702 and related types. (src/__tests__/railgun-engine.test.ts, src/contracts/relay-adapt/index.ts) [1] [2]

These changes collectively enable the project to interact with and manage deployments of the new RelayAdapt7702 contract and its registry, supporting future upgrades and improved contract management.

@zy0n zy0n force-pushed the zy0n/7702-base-main branch from 3585d67 to 10595af Compare June 23, 2026 14:49
@zy0n zy0n requested review from bhflm and mesquka June 23, 2026 14:55
@zy0n zy0n force-pushed the zy0n/7702-base-main branch from 10595af to e52f5bd Compare June 23, 2026 15:04
zy0n added 2 commits June 24, 2026 18:55
Address correctness, concurrency, and validation findings on the EIP-7702 hooked-signer
feature, with regression tests throughout.

Correctness
- bind the RelayAdapt7702 execute nonce across signing and population on the cross-contract
  and base-token paths, so the signed nonce matches the encoded nonce (previously diverged
  for any nonce > 0)
- reject ephemeral derivation on out-of-range (>= 2^31) chain IDs and indices with a clear
  error instead of an opaque ethers failure
- carry chain IDs as bigint through the execution signature to preserve precision above 2^53

Concurrency and key safety
- serialize ephemeral key index ratcheting per chain so concurrent callers cannot derive the
  same ephemeral signer (key/nonce reuse), including the history-recovery scan
- scope index ratcheting and history scan to the default derivation provider; custom signer
  providers manage their own index
- stop setEphemeralWalletDerivationStrategy from mutating the shared provider singleton, which
  leaked a custom strategy across wallets

Validation
- verify the configured RelayAdapt7702 delegate against the on-chain registry (advisory,
  timeout-bounded) and assert the expected signer in authorization validation
- add an advisory execution-signature check on the spendable-transaction extraction path

Cleanups
- type the internal contract as RelayAdapt7702, guard a non-numeric stored index, drop a dead
  getActionData overload and an unnecessary cast, and rename the registry test fixture
…ivation

The EIP-7702 ephemeral signer derived its key from the password-less seed
(HDNodeWallet.fromPhrase(mnemonic, undefined, path)), while the wallet's id, spending keys,
and EOA address all derive from the password-protected seed. For a wallet created with a
mnemonic password the ephemeral key was therefore not bound to the password and was
derivable from the mnemonic alone.

Thread mnemonicPassword through the ephemeral derivation (deriveEphemeralWallet*,
getEphemeralWallet, getCurrentEphemeral* helpers, sign7702Request, and EphemeralKeyManager)
and assert it reproduces the wallet id at the derivation chokepoint, matching the
spending-key path. Custom signer providers (hardware wallets) do not derive from the
mnemonic and are unaffected.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant