chore: improved signature validation algorithmic complexity

Author: gonzaotc

contracts/account/extensions/ERC7579Modules/SocialRecoveryExecutor.sol

@@ -82,8 +82,8 @@ contract SocialRecoveryExecutor is IERC7579Module, EIP712, Nonces {
     error TooManyGuardians();
     error AlreadyGuardian();
 
+    error DuplicatedOrUnsortedGuardianSignatures();
     error ExecutionDiffersFromPending();
-    error DuplicateGuardianSignature();
     error TooManyGuardianSignatures();
     error InvalidGuardianSignature();
     error ThresholdNotMet();
@@ -329,9 +329,9 @@ contract SocialRecoveryExecutor is IERC7579Module, EIP712, Nonces {
     //////////////////////////////////////////////////////////////////////////*/
 
     /// @notice Verifies multiple guardian signatures for a given digest
-    /// @dev Ensures each signer is an unique guardian, and threshold is met
+    /// @dev Ensures signatures are unique, and threshold is met
     /// @param account The account the signatures are for
-    /// @param guardianSignatures Array of guardian signatures to verify
+    /// @param guardianSignatures Array of guardian signatures sorted by signer address in ascending order
     /// @param digest The digest to verify the signatures against
     function _validateGuardianSignatures(
         address account,
@@ -357,12 +357,9 @@ contract SocialRecoveryExecutor is IERC7579Module, EIP712, Nonces {
             ) {
                 revert InvalidGuardianSignature();
             }
-            // @TBD optimize O(n^2): check for signature duplication
-            address currentSigner = guardianSignatures[i].signer;
-            for (uint256 j = 0; j < i; j++) {
-                if (guardianSignatures[j].signer == currentSigner) {
-                    revert DuplicateGuardianSignature();
-                }
+            // ensures signers are unique in O(n), requires sorted signatures by signer address in ascending order
+            if (i > 0 && uint160(guardianSignatures[i].signer) <= uint160(guardianSignatures[i - 1].signer)) {
+                revert DuplicatedOrUnsortedGuardianSignatures();
             }
         }
     }

test/account/extensions/ERC7579Modules/SocialRecoveryExecutorModule.test.js

@@ -24,9 +24,9 @@ async function fixture() {
   const newSigner = ethers.Wallet.createRandom();
 
   // ERC-4337 account
-  const helper = new ERC4337Helper();
-  const env = await helper.wait();
-  const accountMock = await helper.newAccount('$AccountERC7579Mock', [
+  const erc4337Helper = new ERC4337Helper();
+  const env = await erc4337Helper.wait();
+  const accountMock = await erc4337Helper.newAccount('$AccountERC7579Mock', [
     'AccountERC7579',
     '1',
     validatorMock.target,
@@ -55,16 +55,16 @@ async function fixture() {
   // impersonate ERC-4337 Canonical Entrypoint
   const accountMockFromEntrypoint = accountMock.connect(await impersonate(entrypoint.target));
 
+  // ERC-7579 Social Recovery Executor Module
+  const mock = await ethers.deployContract('$SocialRecoveryExecutor', ['SocialRecoveryExecutor', '0.0.1']);
+
   // ERC-7579 Social Recovery Executor Module Initial Config
   const recoveryConfig = {
     guardians: new Array(3).fill(null).map(() => ethers.Wallet.createRandom()),
     threshold: 2,
     timelock: time.duration.days(1),
   };
 
-  // ERC-7579 Social Recovery Executor Module
-  const mock = await ethers.deployContract('$SocialRecoveryExecutor', ['SocialRecoveryExecutor', '0.0.1']);
-
   return {
     ...env,
     validatorMock,
@@ -149,14 +149,33 @@ describe('SocialRecoveryExecutorModule', function () {
         const message = 'Hello Social Recovery';
         const digest = ethers.hashMessage(message);
 
-        const guardianSignatures = invalidGuardians.map(g => ({
+        const guardianSignatures = SocialRecoveryExecutorHelper.sortGuardianSignatures(
+          invalidGuardians.map(g => ({
+            signer: g.address,
+            signature: g.signMessage(message),
+          })),
+        );
+
+        await expect(
+          this.mock.validateGuardianSignatures(this.accountMock.target, guardianSignatures, digest),
+        ).to.be.revertedWithCustomError(this.mock, 'InvalidGuardianSignature');
+      });
+
+      it('should invalidate unsorted guardian signatures', async function () {
+        const guardians = this.recoveryConfig.guardians.slice(0, 2);
+        const reversedGuardians = guardians.sort().reverse();
+
+        const message = 'Hello Social Recovery';
+        const digest = ethers.hashMessage(message);
+
+        const guardianSignatures = reversedGuardians.map(g => ({
           signer: g.address,
           signature: g.signMessage(message),
         }));
 
         await expect(
           this.mock.validateGuardianSignatures(this.accountMock.target, guardianSignatures, digest),
-        ).to.be.revertedWithCustomError(this.mock, 'InvalidGuardianSignature');
+        ).to.be.revertedWithCustomError(this.mock, 'DuplicatedOrUnsortedGuardianSignatures');
       });
 
       it('should invalidate duplicate guardian signatures', async function () {
@@ -166,25 +185,29 @@ describe('SocialRecoveryExecutorModule', function () {
         const message = 'Hello Social Recovery';
         const digest = ethers.hashMessage(message);
 
-        const guardianSignatures = identicalGuardians.map(g => ({
-          signer: g.address,
-          signature: g.signMessage(message),
-        }));
+        const guardianSignatures = SocialRecoveryExecutorHelper.sortGuardianSignatures(
+          identicalGuardians.map(g => ({
+            signer: g.address,
+            signature: g.signMessage(message),
+          })),
+        );
 
         await expect(
           this.mock.validateGuardianSignatures(this.accountMock.target, guardianSignatures, digest),
-        ).to.be.revertedWithCustomError(this.mock, 'DuplicateGuardianSignature');
+        ).to.be.revertedWithCustomError(this.mock, 'DuplicatedOrUnsortedGuardianSignatures');
       });
 
       it('should fail if threshold is not met', async function () {
         const insufficientGuardians = this.recoveryConfig.guardians.slice(0, this.recoveryConfig.threshold - 1);
         const message = 'Hello Social Recovery';
         const digest = ethers.hashMessage(message);
 
-        const guardianSignatures = insufficientGuardians.map(g => ({
-          signer: g.address,
-          signature: g.signMessage(message),
-        }));
+        const guardianSignatures = SocialRecoveryExecutorHelper.sortGuardianSignatures(
+          insufficientGuardians.map(g => ({
+            signer: g.address,
+            signature: g.signMessage(message),
+          })),
+        );
 
         await expect(
           this.mock.validateGuardianSignatures(this.accountMock.target, guardianSignatures, digest),
@@ -196,10 +219,12 @@ describe('SocialRecoveryExecutorModule', function () {
         const message = 'Hello Social Recovery';
         const digest = ethers.hashMessage(message);
 
-        const guardianSignatures = guardians.map(g => ({
-          signer: g.address,
-          signature: g.signMessage(message),
-        }));
+        const guardianSignatures = SocialRecoveryExecutorHelper.sortGuardianSignatures(
+          guardians.map(g => ({
+            signer: g.address,
+            signature: g.signMessage(message),
+          })),
+        );
 
         await expect(this.mock.validateGuardianSignatures(this.accountMock.target, guardianSignatures, digest)).to.not
           .be.reverted;
@@ -232,10 +257,12 @@ describe('SocialRecoveryExecutorModule', function () {
             executionCalldata: executionCalldata,
           };
 
-          const guardianSignatures = guardians.map(g => ({
-            signer: g.address,
-            signature: g.signTypedData(domain, SocialRecoveryExecutorHelper.START_RECOVERY_TYPEHASH, message),
-          }));
+          const guardianSignatures = SocialRecoveryExecutorHelper.sortGuardianSignatures(
+            guardians.map(g => ({
+              signer: g.address,
+              signature: g.signTypedData(domain, SocialRecoveryExecutorHelper.START_RECOVERY_TYPEHASH, message),
+            })),
+          );
 
           await expect(this.mock.startRecovery(this.accountMock.target, guardianSignatures, executionCalldata))
             .to.emit(this.mock, 'RecoveryStarted')
@@ -353,10 +380,12 @@ describe('SocialRecoveryExecutorModule', function () {
                 nonce: await this.mock.nonces(this.accountMock.target),
               };
 
-              const guardianSignatures = guardians.map(g => ({
-                signer: g.address,
-                signature: g.signTypedData(domain, SocialRecoveryExecutorHelper.CANCEL_RECOVERY_TYPEHASH, message),
-              }));
+              const guardianSignatures = SocialRecoveryExecutorHelper.sortGuardianSignatures(
+                guardians.map(g => ({
+                  signer: g.address,
+                  signature: g.signTypedData(domain, SocialRecoveryExecutorHelper.CANCEL_RECOVERY_TYPEHASH, message),
+                })),
+              );
 
               await expect(this.mock.cancelRecovery(this.accountMock.target, guardianSignatures))
                 .to.emit(this.mock, 'RecoveryCancelled')
@@ -418,10 +447,12 @@ describe('SocialRecoveryExecutorModule', function () {
                 executionCalldata: executionCalldata,
               };
 
-              const guardianSignatures = guardians.map(g => ({
-                signer: g.address,
-                signature: g.signTypedData(domain, SocialRecoveryExecutorHelper.START_RECOVERY_TYPEHASH, message),
-              }));
+              const guardianSignatures = SocialRecoveryExecutorHelper.sortGuardianSignatures(
+                guardians.map(g => ({
+                  signer: g.address,
+                  signature: g.signTypedData(domain, SocialRecoveryExecutorHelper.START_RECOVERY_TYPEHASH, message),
+                })),
+              );
 
               await expect(
                 this.mock.startRecovery(this.accountMock.target, guardianSignatures, executionCalldata),

test/helpers/erc7579-modules.js

@@ -1,15 +1,22 @@
 const { Enum } = require('@openzeppelin/contracts/test/helpers/enums');
 const { formatType } = require('@openzeppelin/contracts/test/helpers/eip712');
 
-const SocialRecoveryExecutorHelper = {
-  RecoveryStatus: Enum('NotStarted', 'Started', 'Ready'),
-  START_RECOVERY_TYPEHASH: {
+class SocialRecoveryExecutorHelper {
+  static RecoveryStatus = Enum('NotStarted', 'Started', 'Ready');
+  static START_RECOVERY_TYPEHASH = {
     StartRecovery: formatType({ account: 'address', executionCalldata: 'bytes', nonce: 'uint256' }),
-  },
-  CANCEL_RECOVERY_TYPEHASH: {
+  };
+  static CANCEL_RECOVERY_TYPEHASH = {
     CancelRecovery: formatType({ account: 'address', nonce: 'uint256' }),
-  },
-};
+  };
+  static sortGuardianSignatures(guardianSignatures) {
+    return guardianSignatures.sort((a, b) => {
+      if (a.signer < b.signer) return -1;
+      if (a.signer > b.signer) return 1;
+      return 0;
+    });
+  }
+}
 
 module.exports = {
   SocialRecoveryExecutorHelper,