Zy0n/7702 base main#139
Open
zy0n wants to merge 6 commits into
Open
Conversation
zy0n
force-pushed
the
zy0n/7702-base-main
branch
from
3585d67 to
10595af
Compare
zy0n
force-pushed
the
zy0n/7702-base-main
branch
from
10595af to
e52f5bd
Compare
Address correctness, concurrency, and validation findings on the EIP-7702 hooked-signer feature, with regression tests throughout. Correctness - bind the RelayAdapt7702 execute nonce across signing and population on the cross-contract and base-token paths, so the signed nonce matches the encoded nonce (previously diverged for any nonce > 0) - reject ephemeral derivation on out-of-range (>= 2^31) chain IDs and indices with a clear error instead of an opaque ethers failure - carry chain IDs as bigint through the execution signature to preserve precision above 2^53 Concurrency and key safety - serialize ephemeral key index ratcheting per chain so concurrent callers cannot derive the same ephemeral signer (key/nonce reuse), including the history-recovery scan - scope index ratcheting and history scan to the default derivation provider; custom signer providers manage their own index - stop setEphemeralWalletDerivationStrategy from mutating the shared provider singleton, which leaked a custom strategy across wallets Validation - verify the configured RelayAdapt7702 delegate against the on-chain registry (advisory, timeout-bounded) and assert the expected signer in authorization validation - add an advisory execution-signature check on the spendable-transaction extraction path Cleanups - type the internal contract as RelayAdapt7702, guard a non-numeric stored index, drop a dead getActionData overload and an unnecessary cast, and rename the registry test fixture
…ivation The EIP-7702 ephemeral signer derived its key from the password-less seed (HDNodeWallet.fromPhrase(mnemonic, undefined, path)), while the wallet's id, spending keys, and EOA address all derive from the password-protected seed. For a wallet created with a mnemonic password the ephemeral key was therefore not bound to the password and was derivable from the mnemonic alone. Thread mnemonicPassword through the ephemeral derivation (deriveEphemeralWallet*, getEphemeralWallet, getCurrentEphemeral* helpers, sign7702Request, and EphemeralKeyManager) and assert it reproduces the wallet id at the derivation chokepoint, matching the spending-key path. Custom signer providers (hardware wallets) do not derive from the mnemonic and are unaffected.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces support for the new
RelayAdapt7702contract and the associatedRegistrycontract, updating the ABI imports, typechain factories, and contract store to accommodate these new contracts. It also adds helper utilities and contract wrappers to enable interaction withRelayAdapt7702and theRegistry, and updates the logic for retrieving the correct relay adapt contract based on configuration.New contract integration and ABI updates:
RelayAdapt7702andRegistry, enabling typed contract interaction and deployment in the codebase. (src/abi/V2/Registry.json,src/abi/abi.ts,src/abi/typechain/factories/Registry__factory.ts,src/abi/typechain/index.ts,src/abi/typechain/factories/index.ts) [1] [2] [3] [4] [5]Contract store and registry enhancements:
ContractStoreto include registries forRelayAdapt7702ContractandRegistryContract, allowing the system to manage and retrieve these contracts per chain. (src/contracts/contract-store.ts) [1] [2]RegistryContractclass to encapsulate interaction with the on-chain registry, including a method to fetch contract addresses by name. (src/contracts/relay-adapt/V2/registry.ts)RelayAdapt7702 support and selection logic:
RelayAdapt7702contracts via a newuseRelayAdapt7702flag. (src/contracts/railgun-smart-wallet/railgun-versioned-smart-contracts.ts)RelayAdapt7702and related types. (src/__tests__/railgun-engine.test.ts,src/contracts/relay-adapt/index.ts) [1] [2]These changes collectively enable the project to interact with and manage deployments of the new
RelayAdapt7702contract and its registry, supporting future upgrades and improved contract management.