Account/safe7579

accounts/safe7579/script/Deploy.s.sol

@@ -0,0 +1 @@
+

accounts/safe7579/src/SafeERC7579.sol

@@ -4,7 +4,12 @@ pragma solidity ^0.8.23;
 import { IERC7579Account, Execution } from "erc7579/interfaces/IERC7579Account.sol";
 import { IMSA } from "erc7579/interfaces/IMSA.sol";
 import {
-    CallType, ModeCode, ModeLib, CALLTYPE_SINGLE, CALLTYPE_BATCH
+    CallType,
+    ModeCode,
+    ModeLib,
+    CALLTYPE_SINGLE,
+    CALLTYPE_BATCH,
+    CALLTYPE_DELEGATECALL
 } from "erc7579/lib/ModeLib.sol";
 import { ExecutionLib } from "erc7579/lib/ExecutionLib.sol";
 import {
@@ -23,20 +28,31 @@ import {
     UserOperationLib
 } from "@ERC4337/account-abstraction/contracts/core/UserOperationLib.sol";
 import { _packValidationData } from "@ERC4337/account-abstraction/contracts/core/Helpers.sol";
+import { IEntryPoint } from "@ERC4337/account-abstraction/contracts/interfaces/IEntryPoint.sol";
+import { ISafe7579Init } from "./interfaces/ISafe7579Init.sol";
 
 /**
  * @title ERC7579 Adapter for Safe accounts.
  * By using Safe's Fallback and Execution modules,
  * this contract creates full ERC7579 compliance to Safe accounts
  * @author zeroknots.eth | rhinestone.wtf
  */
-contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManager {
+contract SafeERC7579 is
+    ISafeOp,
+    IERC7579Account,
+    ISafe7579Init,
+    AccessControl,
+    IMSA,
+    HookManager
+{
     using UserOperationLib for PackedUserOperation;
     using ModeLib for ModeCode;
     using ExecutionLib for bytes;
 
     error Unsupported();
 
+    event Safe7579Initialized(address indexed safe);
+
     bytes32 private constant DOMAIN_SEPARATOR_TYPEHASH =
         0x47e79534a245952e8b16893a336b85a3d9ea9fa8c573f3d803afb92a79469218;
 
@@ -62,6 +78,10 @@ contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManag
             (address target, uint256 value, bytes calldata callData) =
                 executionCalldata.decodeSingle();
             _execute(msg.sender, target, value, callData);
+        } else if (callType == CALLTYPE_DELEGATECALL) {
+            address target = address(bytes20(executionCalldata[:20]));
+            bytes calldata callData = executionCalldata[20:];
+            _executeDelegateCall(msg.sender, target, callData);
         } else {
             revert UnsupportedCallType(callType);
         }
@@ -91,6 +111,11 @@ contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManag
                 executionCalldata.decodeSingle();
             returnData = new bytes[](1);
             returnData[0] = _executeReturnData(msg.sender, target, value, callData);
+        } else if (callType == CALLTYPE_DELEGATECALL) {
+            address target = address(bytes20(executionCalldata[:20]));
+            bytes calldata callData = executionCalldata[20:];
+            returnData = new bytes[](1);
+            returnData[0] = _executeDelegateCallReturnData(msg.sender, target, callData);
         } else {
             revert UnsupportedCallType(callType);
         }
@@ -124,16 +149,19 @@ contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManag
     {
         address validator;
         uint256 nonce = userOp.nonce;
+
         // solhint-disable-next-line no-inline-assembly
         assembly {
             validator := shr(96, nonce)
         }
 
         // check if validator is enabled. If not, use Safe's checkSignatures()
-        if (!_isValidatorInstalled(validator)) return _validateSignatures(userOp);
-
-        // bubble up the return value of the validator module
-        validSignature = IValidator(validator).validateUserOp(userOp, userOpHash);
+        if (validator == address(0) || !_isValidatorInstalled(validator)) {
+            return _validateSignatures(userOp);
+        } else {
+            // bubble up the return value of the validator module
+            validSignature = IValidator(validator).validateUserOp(userOp, userOpHash);
+        }
 
         // pay prefund
         if (missingAccountFunds != 0) {
@@ -175,7 +203,20 @@ contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManag
     /**
      * @inheritdoc IERC7579Account
      */
-    function isValidSignature(bytes32 hash, bytes calldata data) external view returns (bytes4) { }
+    function isValidSignature(
+        bytes32 hash,
+        bytes calldata data
+    )
+        external
+        view
+        returns (bytes4 magicValue)
+    {
+        address validationModule = address(bytes20(data[:20]));
+
+        if (!_isValidatorInstalled(validationModule)) return 0xFFFFFFFF;
+        magicValue =
+            IValidator(validationModule).isValidSignatureWithSender(msg.sender, hash, data[20:]);
+    }
 
     /**
      * @inheritdoc IERC7579Account
@@ -226,6 +267,7 @@ contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManag
         CallType callType = encodedMode.getCallType();
         if (callType == CALLTYPE_BATCH) return true;
         else if (callType == CALLTYPE_SINGLE) return true;
+        else if (callType == CALLTYPE_DELEGATECALL) return true;
         else return false;
     }
 
@@ -246,25 +288,32 @@ contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManag
     function isModuleInstalled(
         uint256 moduleType,
         address module,
-        bytes calldata /*additionalContext*/
+        bytes calldata additionalContext
     )
         external
         view
         override
         returns (bool)
     {
-        if (moduleType == MODULE_TYPE_VALIDATOR) return _isValidatorInstalled(module);
-        else if (moduleType == MODULE_TYPE_EXECUTOR) return _isExecutorInstalled(module);
-        else if (moduleType == MODULE_TYPE_FALLBACK) return _isFallbackHandlerInstalled(module);
-        else if (moduleType == MODULE_TYPE_HOOK) return _isHookInstalled(module);
-        else return false;
+        if (moduleType == MODULE_TYPE_VALIDATOR) {
+            return _isValidatorInstalled(module);
+        } else if (moduleType == MODULE_TYPE_EXECUTOR) {
+            return _isExecutorInstalled(module);
+        } else if (moduleType == MODULE_TYPE_FALLBACK) {
+            return _isFallbackHandlerInstalled(module, additionalContext);
+        } else if (moduleType == MODULE_TYPE_HOOK) {
+            return _isHookInstalled(module);
+        } else {
+            return false;
+        }
     }
 
     /**
      * @inheritdoc IERC7579Account
      */
-    function accountId() external pure override returns (string memory accountImplementationId) {
-        return "safe-erc7579.v0.0.0";
+    function accountId() external view override returns (string memory accountImplementationId) {
+        string memory safeVersion = ISafe(_msgSender()).VERSION();
+        return string(abi.encodePacked(safeVersion, "erc7579.v0.0.0"));
     }
 
     /**
@@ -352,12 +401,56 @@ contract SafeERC7579 is ISafeOp, IERC7579Account, AccessControl, IMSA, HookManag
         return keccak256(abi.encode(DOMAIN_SEPARATOR_TYPEHASH, block.chainid, this));
     }
 
-    function initializeAccount(bytes calldata data) external payable {
+    function initializeAccount(bytes calldata callData) external payable override {
+        // TODO: destructuring callData
+    }
+
+    function initializeAccount(
+        ModuleInit[] calldata validators,
+        ModuleInit[] calldata executors,
+        ModuleInit[] calldata fallbacks,
+        ModuleInit[] calldata hooks
+    )
+        public
+        payable
+        override
+    {
         _initModuleManager();
 
-        (address bootstrap, bytes memory bootstrapCall) = abi.decode(data, (address, bytes));
+        uint256 length = validators.length;
+        for (uint256 i; i < length; i++) {
+            ModuleInit calldata validator = validators[i];
+            _installValidator(validator.module, validator.initData);
+        }
+
+        length = executors.length;
+        for (uint256 i; i < length; i++) {
+            ModuleInit calldata executor = executors[i];
+            _installExecutor(executor.module, executor.initData);
+        }
+
+        length = fallbacks.length;
+        for (uint256 i; i < length; i++) {
+            ModuleInit calldata fallBack = fallbacks[i];
+            _installFallbackHandler(fallBack.module, fallBack.initData);
+        }
+
+        length = hooks.length;
+        for (uint256 i; i < length; i++) {
+            ModuleInit calldata hook = hooks[i];
+            _installFallbackHandler(hook.module, hook.initData);
+        }
+
+        emit Safe7579Initialized(msg.sender);
+    }
 
-        (bool success,) = bootstrap.delegatecall(bootstrapCall);
-        if (!success) revert AccountInitializationFailed();
+    /**
+     * Safe7579 is using validator selection encoding in the userop nonce.
+     * to make it easier for SDKs / devs to integrate, this function can be
+     * called to get the next nonce for a specific validator
+     */
+    function getNonce(address safe, address validator) external view returns (uint256 nonce) {
+        uint192 key = uint192(bytes24(bytes20(address(validator))));
+        nonce = IEntryPoint(entryPoint()).getNonce(safe, key);
     }
 }

accounts/safe7579/src/core/ExecutionHelper.sol

@@ -71,6 +71,25 @@ abstract contract ExecutionHelper {
         }
     }
 
+    function _executeDelegateCall(address safe, address target, bytes calldata callData) internal {
+        bool success = ISafe(safe).execTransactionFromModule(target, 0, callData, 1);
+        if (!success) revert ExecutionFailed();
+    }
+
+    function _executeDelegateCallReturnData(
+        address safe,
+        address target,
+        bytes calldata callData
+    )
+        internal
+        returns (bytes memory returnData)
+    {
+        bool success;
+        (success, returnData) =
+            ISafe(safe).execTransactionFromModuleReturnData(target, 0, callData, 1);
+        if (!success) revert ExecutionFailed();
+    }
+
     /**
      * Execute call on Safe
      * @dev This function will revert if the call fails
@@ -93,4 +112,30 @@ abstract contract ExecutionHelper {
                 _executeReturnData(safe, execution.target, execution.value, execution.callData);
         }
     }
+
+    /**
+     * Execute staticcall on Safe, get return value from call
+     * @dev This function will revert if the call fails
+     * @param safe address of the safe
+     * @param target address of the contract to call
+     * @param value value of the transaction
+     * @param callData data of the transaction
+     * @return returnData data returned from the call
+     */
+    function _executeStaticReturnData(
+        address safe,
+        address target,
+        uint256 value,
+        bytes memory callData
+    )
+        internal
+        view
+        returns (bytes memory returnData)
+    {
+        bool success;
+        (success, returnData) = safe.staticcall(
+            abi.encodeCall(ISafe.execTransactionFromModuleReturnData, (target, value, callData, 0))
+        );
+        if (!success) revert ExecutionFailed();
+    }
 }