Add ERC7579SelectorExecutor and ERC7579MultisigStorage (#162)

Co-authored-by: Bence Háromi <[email protected]>

Author: ernestognw

contracts/account/README.adoc

@@ -10,11 +10,13 @@ This directory includes contracts to build accounts for ERC-4337. These include:
  * {ERC7821}: Minimal batch executor implementation contracts. Useful to enable easy batch execution for smart contracts.
  * {ERC7579Executor}: An executor module that enables executing calls from accounts where the it's installed.
  * {ERC7579DelayedExecutor}: An executor module that adds a delay before executing an account operation.
+ * {ERC7579SelectorExecutor}: An executor module that restricts execution to specific function selectors.
  * {ERC7579Validator}: Abstract validator module for ERC-7579 accounts that provides base implementation for signature validation.
  * {ERC7579Signature}: Implementation of {ERC7579Validator} using ERC-7913 signature verification for address-less cryptographic keys and account signatures.
  * {ERC7579Multisig}: An extension of {ERC7579Validator} that enables validation using ERC-7913 signer keys.
  * {ERC7579MultisigWeighted}: An extension of {ERC7579Multisig} that allows different weights to be assigned to signers.
  * {ERC7579MultisigConfirmation}: An extension of {ERC7579Multisig} that requires each signer to provide a confirmation signature.
+ * {ERC7579MultisigStorage}: An extension of {ERC7579Multisig} that allows storing presigned approvals in storage.
  * {PaymasterCore}: An ERC-4337 paymaster implementation that includes the core logic to validate and pay for user operations.
  * {PaymasterERC20}: A paymaster that allows users to pay for user operations using ERC-20 tokens.
  * {PaymasterERC20Guarantor}: A paymaster that enables third parties to guarantee user operations by pre-funding gas costs, with the option for users to repay or for guarantors to absorb the cost.
@@ -41,6 +43,8 @@ This directory includes contracts to build accounts for ERC-4337. These include:
 
 {{ERC7579DelayedExecutor}}
 
+{{ERC7579SelectorExecutor}}
+
 === Validators
 
 {{ERC7579Validator}}
@@ -53,6 +57,8 @@ This directory includes contracts to build accounts for ERC-4337. These include:
 
 {{ERC7579MultisigConfirmation}}
 
+{{ERC7579MultisigStorage}}
+
 == Paymaster
 
 {{PaymasterCore}}

contracts/account/modules/ERC7579MultisigStorage.sol

@@ -0,0 +1,90 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.27;
+
+import {ERC7579Multisig} from "./ERC7579Multisig.sol";
+import {ERC7913Utils} from "../../utils/cryptography/ERC7913Utils.sol";
+
+/**
+ * @dev Extension of {ERC7579Multisig} that allows storing presigned approvals in storage.
+ *
+ * This module extends the multisignature module to allow signers to presign operations,
+ * which are then stored in a mapping and can be used during validation. This enables
+ * more flexible multisignature workflows where signatures can be collected over time
+ * without requiring all signers to be online simultaneously.
+ *
+ * When validating signatures, if a signature is empty, it indicates a presignature
+ * and the validation will check the storage mapping instead of cryptographic verification.
+ */
+abstract contract ERC7579MultisigStorage is ERC7579Multisig {
+    using ERC7913Utils for bytes;
+
+    /// @dev Emitted when a signer signs a hash
+    event ERC7579MultisigStoragePresigned(address indexed account, bytes32 indexed hash, bytes signer);
+
+    mapping(address account => mapping(bytes signer => mapping(bytes32 hash => bool))) private _presigned;
+
+    /// @dev Returns whether a signer has presigned a specific hash for the account
+    function presigned(address account, bytes memory signer, bytes32 hash) public view virtual returns (bool) {
+        return _presigned[account][signer][hash];
+    }
+
+    /**
+     * @dev Allows a signer to presign a hash by providing a valid signature.
+     * The signature will be verified and if valid, the presignature will be stored.
+     *
+     * Emits {ERC7579MultisigStoragePresigned} if the signature is valid and the hash is not already
+     * signed, otherwise acts as a no-op.
+     *
+     * NOTE: Does not check if the signer is authorized for the account. Valid signatures from
+     * invalid signers won't be executable. See {_validateSignatures} for more details.
+     */
+    function presign(address account, bytes calldata signer, bytes32 hash, bytes calldata signature) public virtual {
+        if (!presigned(account, signer, hash) && signer.isValidSignatureNow(hash, signature)) {
+            _presigned[account][signer][hash] = true;
+            emit ERC7579MultisigStoragePresigned(account, hash, signer);
+        }
+    }
+
+    /**
+     * @dev See {ERC7579Multisig-_validateSignatures}.
+     *
+     * If a signature is empty, it indicates a presignature and the validation will check the storage mapping
+     * instead of cryptographic verification. See {sign} for more details.
+     */
+    function _validateSignatures(
+        address account,
+        bytes32 hash,
+        bytes[] memory signingSigners,
+        bytes[] memory signatures
+    ) internal view virtual override returns (bool valid) {
+        uint256 signersLength = signingSigners.length;
+
+        // Check validity of presigned signatures
+        uint256 presignedCount = 0;
+        for (uint256 i = 0; i < signersLength; i++) {
+            if (signatures[i].length == 0) {
+                // Presigned signature
+                if (!isSigner(account, signingSigners[i]) || !presigned(account, signingSigners[i], hash)) {
+                    return false;
+                }
+                presignedCount++;
+            }
+        }
+
+        // Filter out presigned signatures
+        uint256 regular = signersLength - presignedCount;
+        bytes[] memory _signingSigners = new bytes[](regular);
+        bytes[] memory _signatures = new bytes[](regular);
+
+        uint256 regularIndex = 0;
+        for (uint256 i = 0; i < signersLength; i++) {
+            if (signatures[i].length != 0) {
+                _signingSigners[regularIndex] = signingSigners[i];
+                _signatures[regularIndex] = signatures[i];
+                regularIndex++;
+            }
+        }
+
+        return super._validateSignatures(account, hash, _signingSigners, _signatures);
+    }
+}

contracts/account/modules/ERC7579SelectorExecutor.sol

@@ -0,0 +1,122 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.27;
+
+import {IERC7579Module, MODULE_TYPE_EXECUTOR} from "@openzeppelin/contracts/interfaces/draft-IERC7579.sol";
+import {ERC7579Executor} from "./ERC7579Executor.sol";
+import {ERC7579Utils} from "@openzeppelin/contracts/account/utils/draft-ERC7579Utils.sol";
+import {EnumerableSet} from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
+
+/**
+ * @dev Implementation of an {ERC7579Executor} that allows authorizing specific function selectors
+ * that can be executed on the account.
+ *
+ * This module provides a way to restrict which functions can be executed on the account by
+ * maintaining a set of allowed function selectors. Only calls to functions with selectors
+ * in the set will be allowed to execute.
+ */
+abstract contract ERC7579SelectorExecutor is ERC7579Executor {
+    using EnumerableSet for EnumerableSet.Bytes32Set;
+
+    /// @dev Emitted when a selector is added to the set
+    event ERC7579ExecutorSelectorAuthorized(address indexed account, bytes4 selector);
+
+    /// @dev Emitted when a selector is removed from the set
+    event ERC7579ExecutorSelectorRemoved(address indexed account, bytes4 selector);
+
+    /// @dev Error thrown when attempting to execute a non-authorized selector
+    error ERC7579ExecutorSelectorNotAuthorized(bytes4 selector);
+
+    /// @dev Mapping from account to set of authorized selectors
+    mapping(address account => EnumerableSet.Bytes32Set) private _authorizedSelectors;
+
+    ///  @dev Returns whether a selector is authorized for the specified account
+    function isAuthorized(address account, bytes4 selector) public view virtual returns (bool) {
+        return _authorizedSelectors[account].contains(selector);
+    }
+
+    /**
+     * @dev Returns the set of authorized selectors for the specified account.
+     *
+     * WARNING: This operation copies the entire selectors set to memory, which
+     * can be expensive or may result in unbounded computation.
+     */
+    function selectors(address account) public view virtual returns (bytes4[] memory) {
+        bytes32[] memory bytes32Selectors = _authorizedSelectors[account].values();
+        bytes4[] memory selectors_ = new bytes4[](bytes32Selectors.length);
+        for (uint256 i = 0; i < bytes32Selectors.length; i++) {
+            selectors_[i] = bytes4(bytes32Selectors[i]);
+        }
+        return selectors_;
+    }
+
+    /**
+     * @dev Sets up the module's initial configuration when installed by an account.
+     * The initData should be encoded as: `abi.encode(bytes4[] selectors)`
+     */
+    function onInstall(bytes calldata initData) public virtual override {
+        if (initData.length > 0) {
+            bytes4[] memory selectors_ = abi.decode(initData, (bytes4[]));
+            _addSelectors(msg.sender, selectors_);
+        }
+    }
+
+    /**
+     * @dev Cleans up module's configuration when uninstalled from an account.
+     * Clears all selectors.
+     *
+     * WARNING: This function has unbounded gas costs and may become uncallable if the set grows too large.
+     * See {EnumerableSetExtended-clear}.
+     */
+    function onUninstall(bytes calldata /* data */) public virtual override {
+        _authorizedSelectors[msg.sender].clear();
+    }
+
+    /// @dev Adds `selectors` to the set for the calling account
+    function addSelectors(bytes4[] memory newSelectors) public virtual {
+        _addSelectors(msg.sender, newSelectors);
+    }
+
+    /// @dev Removes a selector from the set for the calling account
+    function removeSelectors(bytes4[] memory oldSelectors) public virtual {
+        _removeSelectors(msg.sender, oldSelectors);
+    }
+
+    /// @dev Internal version of {addSelectors} that takes an `account` as argument
+    function _addSelectors(address account, bytes4[] memory newSelectors) internal virtual {
+        uint256 newSelectorsLength = newSelectors.length;
+        for (uint256 i = 0; i < newSelectorsLength; i++) {
+            if (_authorizedSelectors[account].add(newSelectors[i])) {
+                emit ERC7579ExecutorSelectorAuthorized(account, newSelectors[i]);
+            } // no-op if the selector is already in the set
+        }
+    }
+
+    /// @dev Internal version of {removeSelectors} that takes an `account` as argument
+    function _removeSelectors(address account, bytes4[] memory oldSelectors) internal virtual {
+        uint256 oldSelectorsLength = oldSelectors.length;
+        for (uint256 i = 0; i < oldSelectorsLength; i++) {
+            if (_authorizedSelectors[account].remove(oldSelectors[i])) {
+                emit ERC7579ExecutorSelectorRemoved(account, oldSelectors[i]);
+            } // no-op if the selector is not in the set
+        }
+    }
+
+    /**
+     * @dev See {ERC7579Executor-_validateExecution}.
+     * Validates that the selector (first 4 bytes of the actual callData) is authorized before execution.
+     */
+    function _validateExecution(
+        address account,
+        bytes32 /* salt */,
+        bytes32 /* mode */,
+        bytes calldata data
+    ) internal virtual override returns (bytes calldata) {
+        // Decode ERC7579 single execution calldata to extract the actual function callData
+        (, , bytes calldata callData) = ERC7579Utils.decodeSingle(data);
+
+        bytes4 selector = bytes4(callData[0:4]);
+        require(isAuthorized(account, selector), ERC7579ExecutorSelectorNotAuthorized(selector));
+
+        return data;
+    }
+}

contracts/mocks/account/modules/ERC7579MultisigMocks.sol

@@ -8,6 +8,7 @@ import {ERC7579Validator} from "../../../account/modules/ERC7579Validator.sol";
 import {ERC7579Multisig} from "../../../account/modules/ERC7579Multisig.sol";
 import {ERC7579MultisigWeighted} from "../../../account/modules/ERC7579MultisigWeighted.sol";
 import {ERC7579MultisigConfirmation} from "../../../account/modules/ERC7579MultisigConfirmation.sol";
+import {ERC7579MultisigStorage} from "../../../account/modules/ERC7579MultisigStorage.sol";
 import {MODULE_TYPE_EXECUTOR, IERC7579Hook} from "@openzeppelin/contracts/interfaces/draft-IERC7579.sol";
 import {Mode} from "@openzeppelin/contracts/account/utils/draft-ERC7579Utils.sol";
 
@@ -106,3 +107,35 @@ abstract contract ERC7579MultisigConfirmationExecutorMock is ERC7579Executor, ER
         return _hashTypedDataV4(keccak256(abi.encode(EXECUTE_OPERATION, account, salt, mode, executionCalldata)));
     }
 }
+
+abstract contract ERC7579MultisigStorageExecutorMock is EIP712, ERC7579Executor, ERC7579MultisigStorage {
+    bytes32 private constant EXECUTE_OPERATION =
+        keccak256("ExecuteOperation(address account,bytes32 mode,bytes executionCalldata,bytes32 salt)");
+
+    function isModuleType(uint256 moduleTypeId) public pure override(ERC7579Executor, ERC7579Validator) returns (bool) {
+        return ERC7579Executor.isModuleType(moduleTypeId) || ERC7579Executor.isModuleType(moduleTypeId);
+    }
+
+    // Data encoding: [uint16(executionCalldataLength), executionCalldata, signature]
+    function _validateExecution(
+        address account,
+        bytes32 salt,
+        bytes32 mode,
+        bytes calldata data
+    ) internal view override returns (bytes calldata) {
+        uint16 executionCalldataLength = uint16(bytes2(data[0:2])); // First 2 bytes are the length
+        bytes calldata executionCalldata = data[2:2 + executionCalldataLength]; // Next bytes are the calldata
+        bytes32 typeHash = _getExecuteTypeHash(account, salt, mode, executionCalldata);
+        require(_rawERC7579Validation(account, typeHash, data[2 + executionCalldataLength:])); // Remaining bytes are the signature
+        return executionCalldata;
+    }
+
+    function _getExecuteTypeHash(
+        address account,
+        bytes32 salt,
+        bytes32 mode,
+        bytes calldata executionCalldata
+    ) internal view returns (bytes32) {
+        return _hashTypedDataV4(keccak256(abi.encode(EXECUTE_OPERATION, account, salt, mode, executionCalldata)));
+    }
+}

docs/modules/ROOT/pages/account-modules.adoc

@@ -126,3 +126,4 @@ For additional functionality, developers can use:
 
 * xref:api:account.adoc#ERC7579MultisigWeighted[`ERC7579MultisigWeighted`] to assign different weights to signers
 * xref:api:account.adoc#ERC7579MultisigConfirmation[`ERC7579MultisigConfirmation`] to implement a confirmation system that verifies signatures when adding signers
+* xref:api:account.adoc#ERC7579MultisigStorage[`ERC7579MultisigStorage`] to allow guardians to presign recovery operations for more flexible coordination