Skip to content

Add signature argument to internal _validateUserOp in Account.sol #5976

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add signature argument to internal _validateUserOp in Account.sol #5976

wants to merge 1 commit into from
+20 −7

Conversation

ernestognw
Copy link
Member

Fixes #????

PR Checklist

  • Tests
  • Documentation
  • Changeset entry (run npx changeset add)

@ernestognw ernestognw requested a review from a team as a code owner October 6, 2025 20:18
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Oct 6, 2025

🦋 Changeset detected

Latest commit: 76f8fb4

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
openzeppelin-solidity Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Oct 6, 2025

Walkthrough

Introduces a new bytes calldata signature parameter to the internal _validateUserOp function across Account, AccountERC7579, and Account mock contracts. validateUserOp now forwards userOp.signature to _validateUserOp as the third argument. Derived contracts update their overrides to accept and pass through the signature to super._validateUserOp. Internal logic in Account now uses the provided signature instead of userOp.signature for _rawSignatureValidation. Documentation comments are updated accordingly. A changeset records the internal signature parameter addition and bumps openzeppelin-solidity to a minor release.

Suggested labels

breaking change

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)
Check name Status Explanation Resolution
Description Check ❓ Inconclusive The pull request description is just the default contribution template with placeholders and lacks any summary of the actual changes, context, or link to an issue, making it too vague to assess the PR’s intent. Please update the description to include a concise summary of the changes introduced, relevant context or motivation, and replace the placeholder issue reference with a valid issue number.
✅ Passed checks (2 passed)
Check name Status Explanation
Title Check ✅ Passed The title clearly and concisely describes the main change of adding a signature argument to the internal _validateUserOp function in Account.sol, matching the primary modification in the diff.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 765b288 and 76f8fb4.

📒 Files selected for processing (4)
  • .changeset/wet-bottles-tie.md (1 hunks)
  • contracts/account/Account.sol (2 hunks)
  • contracts/account/extensions/draft-AccountERC7579.sol (1 hunks)
  • contracts/mocks/account/AccountMock.sol (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)
  • GitHub Check: tests-upgradeable
  • GitHub Check: coverage
  • GitHub Check: tests-foundry
  • GitHub Check: slither
  • GitHub Check: halmos
  • GitHub Check: tests
🔇 Additional comments (6)
.changeset/wet-bottles-tie.md (1)

1-5: LGTM!

The changeset accurately documents the addition of the signature parameter to the internal _validateUserOp function. A minor version bump is appropriate since this changes the signature of an internal virtual function that derived contracts may override.

contracts/mocks/account/AccountMock.sol (1)

103-109: LGTM!

The mock correctly updates the _validateUserOp override to include the new signature parameter and forwards it to the parent implementation. The change is consistent with the base class modifications.

contracts/account/Account.sol (3)

78-78: LGTM!

The change correctly extracts userOp.signature and forwards it to _validateUserOp, enabling the signature parameter to be used throughout the validation chain.

87-91: Well-documented design rationale.

The documentation clearly explains that the signature parameter is taken from userOp.signature and describes how derived contracts can leverage this for custom signature handling logic, such as embedding additional data within the signature.

95-104: LGTM!

The function signature is correctly updated to include the bytes calldata signature parameter, and the implementation now uses this parameter instead of extracting it from userOp.signature directly. This design enables derived contracts to intercept and process the signature before validation.

contracts/account/extensions/draft-AccountERC7579.sol (1)

208-218: All _validateUserOp overrides updated consistently
Verified that each declaration in Account.sol, AccountMock.sol, and draft-AccountERC7579.sol includes the new signature parameter and correctly forwards it.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ernestognw