Merge branch 'master' into feature/zk-email

Author: ernestognw

.github/workflows/checks.yml

@@ -45,6 +45,8 @@ jobs:
         run: npm run test:inheritance
       - name: Check pragma consistency between files
         run: npm run test:pragma
+      - name: Check procedurally generated contracts are up-to-date
+        run: npm run test:generation
 
   coverage:
     runs-on: ubuntu-latest

CHANGELOG.md

@@ -1,3 +1,13 @@
+## 12-04-2025
+
+- `SignerERC7913`: Abstract signer that verifies signatures using the ERC-7913 workflow.
+- `ERC7913SignatureVerifierP256` and `ERC7913SignatureVerifierRSA`: Ready to use ERC-7913 verifiers that implement key verification for P256 (secp256r1) and RSA keys.
+- `ERC7913Utils`: Utilities library for verifying signatures by ERC-7913 formatted signers.
+
+## 11-04-2025
+
+- `EnumerableSetExtended` and `EnumerableMapExtended`: Extensions of the `EnumerableSet` and `EnumerableMap` libraries with more types, including non-value types.
+
 ## 03-04-2025
 
 - `PaymasterERC20`: Extension of `PaymasterCore` that sponsors user operations against payment in ERC-20 tokens.

audits/2025-04-18db32c.pdf

@@ -0,0 +1,5 @@
+# Audits
+
+| Date          | Commit                                                                                     | Auditor      | Scope                | Links                                                       |
+| ------------- | ------------------------------------------------------------------------------------------ | ------------ | -------------------- | ----------------------------------------------------------- |
+| April 2025    | [`18db32c`](https://github.com/openzeppelin/openzeppelin-community-contracts/tree/18db32c) | OpenZeppelin | (see report)         | [🔗](./2025-04-18db32c.pdf)                                 |

audits/README.md

@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+/**
+ * @dev Signature verifier interface.
+ */
+interface IERC7913SignatureVerifier {
+    /**
+     * @dev Verifies `signature` as a valid signature of `hash` by `key`.
+     *
+     * MUST return the bytes4 magic value IERC7913SignatureVerifier.verify.selector if the signature is valid.
+     * SHOULD return 0xffffffff or revert if the signature is not valid.
+     * SHOULD return 0xffffffff or revert if the key is empty
+     */
+    function verify(bytes calldata key, bytes32 hash, bytes calldata signature) external view returns (bytes4);
+}

contracts/interfaces/IERC7913.sol

@@ -0,0 +1,28 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {IERC7913SignatureVerifier} from "../../contracts/interfaces/IERC7913.sol";
+
+contract ERC7913VerifierMock is IERC7913SignatureVerifier {
+    // Store valid keys and their corresponding signatures
+    mapping(bytes32 => bool) private _validKeys;
+    mapping(bytes32 => mapping(bytes32 => bool)) private _validSignatures;
+
+    constructor() {
+        // For testing purposes, we'll consider a specific key as valid
+        bytes32 validKeyHash = keccak256(abi.encodePacked("valid_key"));
+        _validKeys[validKeyHash] = true;
+    }
+
+    function verify(bytes calldata key, bytes32 /* hash */, bytes calldata signature) external pure returns (bytes4) {
+        // For testing purposes, we'll only accept a specific key and signature combination
+        if (
+            keccak256(key) == keccak256(abi.encodePacked("valid_key")) &&
+            keccak256(signature) == keccak256(abi.encodePacked("valid_signature"))
+        ) {
+            return IERC7913SignatureVerifier.verify.selector;
+        }
+        return 0xffffffff;
+    }
+}

contracts/mocks/ERC7913VerifierMock.sol

@@ -0,0 +1,25 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.24;
+
+import {Account} from "../../account/Account.sol";
+import {ERC721Holder} from "@openzeppelin/contracts/token/ERC721/utils/ERC721Holder.sol";
+import {ERC1155Holder} from "@openzeppelin/contracts/token/ERC1155/utils/ERC1155Holder.sol";
+import {ERC7739} from "../../utils/cryptography/ERC7739.sol";
+import {ERC7821} from "../../account/extensions/ERC7821.sol";
+import {SignerERC7913} from "../../utils/cryptography/SignerERC7913.sol";
+
+abstract contract AccountERC7913Mock is Account, SignerERC7913, ERC7739, ERC7821, ERC721Holder, ERC1155Holder {
+    constructor(bytes memory _signer) {
+        _setSigner(_signer);
+    }
+
+    /// @inheritdoc ERC7821
+    function _erc7821AuthorizedExecutor(
+        address caller,
+        bytes32 mode,
+        bytes calldata executionData
+    ) internal view virtual override returns (bool) {
+        return caller == address(entryPoint()) || super._erc7821AuthorizedExecutor(caller, mode, executionData);
+    }
+}

contracts/mocks/account/AccountERC7913Mock.sol

@@ -0,0 +1,20 @@
+// contracts/MyAccountERC7702.sol
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.20;
+
+import {Account} from "../../../account/Account.sol";
+import {ERC721Holder} from "@openzeppelin/contracts/token/ERC721/utils/ERC721Holder.sol";
+import {ERC1155Holder} from "@openzeppelin/contracts/token/ERC1155/utils/ERC1155Holder.sol";
+import {ERC7821} from "../../../account/extensions/ERC7821.sol";
+import {SignerERC7702} from "../../../utils/cryptography/SignerERC7702.sol";
+
+contract MyAccountERC7702 is Account, SignerERC7702, ERC7821, ERC721Holder, ERC1155Holder {
+    /// @dev Allows the entry point as an authorized executor.
+    function _erc7821AuthorizedExecutor(
+        address caller,
+        bytes32 mode,
+        bytes calldata executionData
+    ) internal view virtual override returns (bool) {
+        return caller == address(entryPoint()) || super._erc7821AuthorizedExecutor(caller, mode, executionData);
+    }
+}

contracts/mocks/docs/account/MyAccountERC7702.sol

@@ -0,0 +1,30 @@
+// contracts/MyAccount.sol
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.24;
+
+import {Account} from "../../../account/Account.sol";
+import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
+import {ERC721Holder} from "@openzeppelin/contracts/token/ERC721/utils/ERC721Holder.sol";
+import {ERC1155Holder} from "@openzeppelin/contracts/token/ERC1155/utils/ERC1155Holder.sol";
+import {ERC7739} from "../../../utils/cryptography/ERC7739.sol";
+import {ERC7821} from "../../../account/extensions/ERC7821.sol";
+import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
+import {SignerERC7913} from "../../../utils/cryptography/SignerERC7913.sol";
+
+contract MyAccount7913 is Account, SignerERC7913, ERC7739, ERC7821, ERC721Holder, ERC1155Holder, Initializable {
+    constructor() EIP712("MyAccount7913", "1") {}
+
+    function initialize(bytes memory signer) public initializer {
+        _setSigner(signer);
+    }
+
+    /// @dev Allows the entry point as an authorized executor.
+    function _erc7821AuthorizedExecutor(
+        address caller,
+        bytes32 mode,
+        bytes calldata executionData
+    ) internal view virtual override returns (bool) {
+        return caller == address(entryPoint()) || super._erc7821AuthorizedExecutor(caller, mode, executionData);
+    }
+}

contracts/mocks/docs/account/MyAccountERC7913.sol

@@ -4,3 +4,4 @@ pragma solidity ^0.8.20;
 
 import {UpgradeableBeacon} from "@openzeppelin/contracts/proxy/beacon/UpgradeableBeacon.sol";
 import {ECDSAOwnedDKIMRegistry} from "@zk-email/email-tx-builder/utils/ECDSAOwnedDKIMRegistry.sol";
+import {ERC1271WalletMock} from "@openzeppelin/contracts/mocks/ERC1271WalletMock.sol";