* fix factories
BLSFactory use same model as SimpleAccount, using immutable wallet and
only user-specific params in initializer
add factory for TestAggregatedAccount sapmle contract
Create2Factory - use arachnid's de-facto standard deployer, instead of of
the nonstandard EIP2470 (specifically, arachnid's deployer revert on errors)
* gnosis account factory
now Gnosis-Safe based account uses only standard gnosis contracts. The new GnosisSafeAcccountFactory only wraps the standard GnosisSafeProxyFactory to create the proxy (and initialize it with our modules)
initCode as deployer+data, instead of constructor code
- supports any deployer contract
- initCode doesn't have to include entire CREATE2 constructor code (it is only a method call to the deployer contract)
* update the EIP to support aggregated signatures
* support creation of aggregated wallet (simulateValidation)
* simulateValidation with param offChainSigCheck
if false, calls aggregator.validateUserOpSignature
if true, returns also offChainSigInfo to be used by off-chain code to
validate the signature
* hash pubkey into requestId
Vitalik Buterin [01/08/2022 10:40]:
Basically, if one account has a pubkey P, someone can make an evil
account with key Q - P, where they know q (the privkey of Q), and then
they pass off a signature with q as being an "aggregate" signature of
the same message signed by both K1 = P and K2 = Q-P (because K1 + K2 =
Q)
The fix to this is to hash the pubkey into the msghash, so you never get
two different keys signing the same message.
And I think this has to be enforced at the BLS aggregate verifier layer
Co-authored-by: Alex Forshtat <forshtat1@gmail.com>
* inital code
import Gnosis code as-is.
probably can remove all non-essential contracts (e.g. test, samples)
or better, import as external library.
* removed unused contracts (not used,fail compilation)
* initial Gnosis-Safe Proxy account
* refactor:
- use @gnosis.pm/safe-contracts package
- separate contracts into separate files.
* cleanup, single owner
* cleanup contracts
simpler fallback handler
* added tests
failure cases
counterfactual creation
* change to "Manager"
- manager is not a module, only fallback, entrypoint
- replaceManager now works
* ignore from coverage
(fails to compile for coverage)
* fix dangling test
* Fix lint
* Set expected code lenght to be 324
Co-authored-by: Alex Forshtat <forshtat1@gmail.com>
* add eth-gas-reporter to "yarn ci" build
* `createWalletOwner()` (and `createAddress()`) now generate deterministic addresses, so they don't skew gas calculations (zero-bytes in calldata fluctuate gas usage)
gas optimizations
* gas optimization, test tool (runop)
- [some] userOp accessors (calldata struct members are accessed badly)
- lighter signature calculation (by 1200gas)
directly hash the UserOperation on from calldata, instead of copy fields
* execFromEntryPoint to call directly target
* compact nonce and sender into a single storage cell.
saves 15000k on wallet creation (first initialization of both fields).
then saves ~1000 on each call)
- runop - run a single op against a local/remote network (for easier tenderly work)
- runop3 - run 3 txs to fit a bundle.
* support multiple requests in AASigner
- AASigner is now more robust. supports 3 modes of userop handling
-- rpcUserOpSender - connect to RPC that supports the
eth_sendUserOperation
-- queueUserOpSender - handler that collects requests over 5 seconds
before sending a bundle
-- localUserOpSender - send each userop as it is received
- updated API: added nonce to events (so sender/nonce is a unique identifier)
* added perOpOverhead
* added batch tests , large batches for testing construction, large TXs, heavy cpu.
* test for banned opcodes in simulateWalletVerification
* removed banning of GAS opcode in payForSelf testing.
* add github test workflow
