Add ERC-4337 and ERC-7702 account implementations (#25)

* WIP: Migrate Account code

* Checkpoint

* Fix lint

* Checkpoint

* up

* up

* Adjust

* up

* Simplify CallReceiverMock

* Fix slither + Codespell

* Fix coverage

* Remove entrypoint

* Readd entrypoint

* Run --ir-minimum in forge coverage

* up

* Make Accounts initializable

* Finish docs

* rewrite helpers/signers as alternative to ethers.SigningKey and
ethers.BaseWallet

* Rename _validateNestedEIP712Signature -> _validateSignature

* Read virtual to ERC7739Signer functions

* lint

* Implement review recommendations

* Include signer into account factory hash

* Update Account inheritance order

* up

* Remove ERC1155HolderLean

* Abstract AccountSignerDomain

* up

* Remove signed hash fn

* Add standalone example of usage

* Remove docs

* ERC4337 userOp validation should not be 7739 wrapped

* documentation

* Rename `_validateSignature` to `_rawSignatureValidation` and remove _validateUserOp

* errata

* Default _signableUserOpHash to a typed userop signature

* Remove docs mocks

* Remove ERC7739 from AccountBase

* Make ERC7739Signer validations private

* Move EIP712 userop signing to Accountbase

* Split AccountCore / Account

* remove intermediary variable

* doc

* spelling

* abstract signer

* docs

* ERC7702 signer

* fix

* doc example for ERC7739 use signers

* Complete minimal documentation

* Update CHANGELOG.md

Co-authored-by: Hadrien Croubois <[email protected]>

---------

Co-authored-by: Hadrien Croubois <[email protected]>

Author: ernestognw

.solcover.js

@@ -1,4 +1,12 @@
 module.exports = {
   skipFiles: ['mocks'],
   istanbulReporter: ['html', 'lcov', 'text-summary'],
+  // Work around stack too deep for coverage
+  configureYulOptimizer: true,
+  solcOptimizerDetails: {
+    yul: true,
+    yulDetails: {
+      optimizerSteps: '',
+    },
+  },
 };

CHANGELOG.md

@@ -1,3 +1,10 @@
+## XX-XX-2024
+
+- `AccountCore`: Added a simple ERC-4337 account implementation with minimal logic to process user operations.
+- `Account`: Extensions of {AccountCore} with recommended features that most accounts should have.
+- `AbstractSigner`, `SignerECDSA`, `SignerP256`, and `SignerRSA`: Add an abstract contract, and various implementations, for contracts that deal with signature verification. Used by {AccountCore} and {ERC7739Utils}.
+- `AccountSignerERC7702`: Implementation of `AbstractSigner` for ERC-7702 compatible accounts.
+
 ## 06-11-2024
 
 - `ERC7739Utils`: Add a library that implements a defensive rehashing mechanism to prevent replayability of smart contract signatures based on the ERC-7739.

contracts/account/README.adoc

@@ -0,0 +1,15 @@
+= Account
+[.readme-notice]
+NOTE: This document is better viewed at https://docs.openzeppelin.com/community-contracts/api/account
+
+This directory includes contracts to build accounts for ERC-4337.
+
+== Core
+
+{{AccountCore}}
+
+{{Account}}
+
+== Extensions
+
+{{AccountSignerERC7702}}

contracts/account/draft-Account.sol

@@ -0,0 +1,19 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ERC721Holder} from "@openzeppelin/contracts/token/ERC721/utils/ERC721Holder.sol";
+import {ERC1155Holder} from "@openzeppelin/contracts/token/ERC1155/utils/ERC1155Holder.sol";
+import {ERC7739Signer} from "../utils/cryptography/draft-ERC7739Signer.sol";
+import {AccountCore} from "./draft-AccountCore.sol";
+
+/**
+ * @dev Extension of {AccountCore} with recommended feature that most account abstraction implementation will want:
+ *
+ * * {ERC721Holder} and {ERC1155Holder} to accept ERC-712 and ERC-1155 token transfers transfers.
+ * * {ERC7739Signer} for ERC-1271 signature support with ERC-7739 replay protection
+ *
+ * NOTE: To use this contract, the {ERC7739Signer-_rawSignatureValidation} function must be
+ * implemented using a specific signature verification algorithm. See {SignerECDSA}, {SignerP256} or {SignerRSA}.
+ */
+abstract contract Account is AccountCore, ERC721Holder, ERC1155Holder, ERC7739Signer {}

contracts/account/draft-AccountCore.sol

@@ -0,0 +1,164 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {PackedUserOperation, IAccount, IEntryPoint, IAccountExecute} from "@openzeppelin/contracts/interfaces/draft-IERC4337.sol";
+import {ERC4337Utils} from "@openzeppelin/contracts/account/utils/draft-ERC4337Utils.sol";
+import {Address} from "@openzeppelin/contracts/utils/Address.sol";
+import {MessageHashUtils} from "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
+import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
+import {AbstractSigner} from "../utils/cryptography/AbstractSigner.sol";
+
+/**
+ * @dev A simple ERC4337 account implementation. This base implementation only includes the minimal logic to process
+ * user operations.
+ *
+ * Developers must implement the {AbstractSigner-_rawSignatureValidation} function to define the account's validation logic.
+ *
+ * IMPORTANT: Implementing a mechanism to validate signatures is a security-sensitive operation as it may allow an
+ * attacker to bypass the account's security measures. Check out {SignerECDSA}, {SignerP256}, or {SignerRSA} for
+ * digital signature validation implementations.
+ */
+abstract contract AccountCore is AbstractSigner, EIP712, IAccount, IAccountExecute {
+    using MessageHashUtils for bytes32;
+
+    bytes32 internal constant _PACKED_USER_OPERATION =
+        keccak256(
+            "PackedUserOperation(address sender,uint256 nonce,bytes initCode,bytes callData,bytes32 accountGasLimits,uint256 preVerificationGas,bytes32 gasFees,bytes paymasterAndData,address entrypoint)"
+        );
+
+    /**
+     * @dev Unauthorized call to the account.
+     */
+    error AccountUnauthorized(address sender);
+
+    /**
+     * @dev Revert if the caller is not the entry point or the account itself.
+     */
+    modifier onlyEntryPointOrSelf() {
+        _checkEntryPointOrSelf();
+        _;
+    }
+
+    /**
+     * @dev Revert if the caller is not the entry point.
+     */
+    modifier onlyEntryPoint() {
+        _checkEntryPoint();
+        _;
+    }
+
+    /**
+     * @dev Canonical entry point for the account that forwards and validates user operations.
+     */
+    function entryPoint() public view virtual returns (IEntryPoint) {
+        return IEntryPoint(0x0000000071727De22E5E9d8BAf0edAc6f37da032);
+    }
+
+    /**
+     * @dev Return the account nonce for the canonical sequence.
+     */
+    function getNonce() public view virtual returns (uint256) {
+        return getNonce(0);
+    }
+
+    /**
+     * @dev Return the account nonce for a given sequence (key).
+     */
+    function getNonce(uint192 key) public view virtual returns (uint256) {
+        return entryPoint().getNonce(address(this), key);
+    }
+
+    /**
+     * @inheritdoc IAccount
+     */
+    function validateUserOp(
+        PackedUserOperation calldata userOp,
+        bytes32 userOpHash,
+        uint256 missingAccountFunds
+    ) public virtual onlyEntryPoint returns (uint256) {
+        uint256 validationData = _rawSignatureValidation(_signableUserOpHash(userOp, userOpHash), userOp.signature)
+            ? ERC4337Utils.SIG_VALIDATION_SUCCESS
+            : ERC4337Utils.SIG_VALIDATION_FAILED;
+        _payPrefund(missingAccountFunds);
+        return validationData;
+    }
+
+    /**
+     * @inheritdoc IAccountExecute
+     */
+    function executeUserOp(
+        PackedUserOperation calldata userOp,
+        bytes32 /*userOpHash*/
+    ) public virtual onlyEntryPointOrSelf {
+        (address target, uint256 value, bytes memory data) = abi.decode(userOp.callData[4:], (address, uint256, bytes));
+        Address.functionCallWithValue(target, data, value);
+    }
+
+    /**
+     * @dev Returns the digest used by an offchain signer instead of the opaque `userOpHash`.
+     *
+     * Given the `userOpHash` calculation is defined by ERC-4337, offchain signers
+     * may need to sign again this hash by rehashing it with other schemes (e.g. ERC-191).
+     *
+     * Returns a typehash following EIP-712 typed data hashing for readability.
+     */
+    function _signableUserOpHash(
+        PackedUserOperation calldata userOp,
+        bytes32 /* userOpHash */
+    ) internal view virtual returns (bytes32) {
+        return
+            _hashTypedDataV4(
+                keccak256(
+                    abi.encode(
+                        _PACKED_USER_OPERATION,
+                        userOp.sender,
+                        userOp.nonce,
+                        keccak256(userOp.initCode),
+                        keccak256(userOp.callData),
+                        userOp.accountGasLimits,
+                        userOp.preVerificationGas,
+                        userOp.gasFees,
+                        keccak256(userOp.paymasterAndData),
+                        entryPoint()
+                    )
+                )
+            );
+    }
+
+    /**
+     * @dev Sends the missing funds for executing the user operation to the {entrypoint}.
+     * The `missingAccountFunds` must be defined by the entrypoint when calling {validateUserOp}.
+     */
+    function _payPrefund(uint256 missingAccountFunds) internal virtual {
+        if (missingAccountFunds > 0) {
+            (bool success, ) = payable(msg.sender).call{value: missingAccountFunds}("");
+            success; // Silence warning. The entrypoint should validate the result.
+        }
+    }
+
+    /**
+     * @dev Ensures the caller is the {entrypoint}.
+     */
+    function _checkEntryPoint() internal view virtual {
+        address sender = msg.sender;
+        if (sender != address(entryPoint())) {
+            revert AccountUnauthorized(sender);
+        }
+    }
+
+    /**
+     * @dev Ensures the caller is the {entrypoint} or the account itself.
+     */
+    function _checkEntryPointOrSelf() internal view virtual {
+        address sender = msg.sender;
+        if (sender != address(this) && sender != address(entryPoint())) {
+            revert AccountUnauthorized(sender);
+        }
+    }
+
+    /**
+     * @dev Receive Ether.
+     */
+    receive() external payable virtual {}
+}

contracts/account/extensions/AccountSignerERC7702.sol

@@ -0,0 +1,22 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ECDSA} from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
+import {AccountCore} from "../draft-AccountCore.sol";
+
+/**
+ * @dev {Account} implementation whose low-level signature validation is done by an EOA.
+ */
+abstract contract AccountSignerERC7702 is AccountCore {
+    /**
+     * @dev Validates the signature using the EOA's address (ie. `address(this)`).
+     */
+    function _rawSignatureValidation(
+        bytes32 hash,
+        bytes calldata signature
+    ) internal view virtual override returns (bool) {
+        (address recovered, ECDSA.RecoverError err, ) = ECDSA.tryRecover(hash, signature);
+        return address(this) == recovered && err == ECDSA.RecoverError.NoError;
+    }
+}

contracts/mocks/CallReceiverMock.sol

@@ -0,0 +1,13 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {CallReceiverMock} from "@openzeppelin/contracts/mocks/CallReceiverMock.sol";
+
+contract CallReceiverMockExtended is CallReceiverMock {
+    event MockFunctionCalledExtra(address caller, uint256 value);
+
+    function mockFunctionExtra() public payable {
+        emit MockFunctionCalledExtra(msg.sender, msg.value);
+    }
+}

contracts/mocks/Create2Mock.sol

@@ -0,0 +1,19 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {Create2} from "@openzeppelin/contracts/utils/Create2.sol";
+
+contract Create2Mock {
+    function $deploy(uint256 amount, bytes32 salt, bytes memory bytecode) external returns (address) {
+        return Create2.deploy(amount, salt, bytecode);
+    }
+
+    function $computeAddress(bytes32 salt, bytes32 bytecodeHash) external view returns (address) {
+        return Create2.computeAddress(salt, bytecodeHash, address(this));
+    }
+
+    function $computeAddress(bytes32 salt, bytes32 bytecodeHash, address deployer) external pure returns (address) {
+        return Create2.computeAddress(salt, bytecodeHash, deployer);
+    }
+}

contracts/mocks/ERC1155Mock.sol

@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ERC1155} from "@openzeppelin/contracts/token/ERC1155/ERC1155.sol";
+
+abstract contract ERC1155Mock is ERC1155 {}

contracts/mocks/ERC721Mock.sol

@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {ERC721} from "@openzeppelin/contracts/token/ERC721/ERC721.sol";
+
+abstract contract ERC721Mock is ERC721 {}