Source Code
Overview
ETH Balance
0 ETH
ETH Value
$0.00| Transaction Hash |
Method
|
Block
|
From
|
To
|
|||||
|---|---|---|---|---|---|---|---|---|---|
Latest 1 internal transaction
Advanced mode:
| Parent Transaction Hash | Block | From | To | |||
|---|---|---|---|---|---|---|
| 16895267 | 2 days ago | Contract Creation | 0 ETH |
Cross-Chain Transactions
Loading...
Loading
Contract Source Code Verified (Exact Match)
Contract Name:
K1MeeValidator
Compiler Version
v0.8.27+commit.40a35a09
Optimization Enabled:
Yes with 999 runs
Other Settings:
cancun EvmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
import { IValidator, MODULE_TYPE_VALIDATOR } from "erc7579/interfaces/IERC7579Module.sol";
import { IStatelessValidator } from "contracts/interfaces/standard/erc-7780/IStatelessValidator.sol";
import { EnumerableSet } from "EnumerableSet4337/EnumerableSet4337.sol";
import { PackedUserOperation } from "account-abstraction/interfaces/PackedUserOperation.sol";
import { ERC7739Validator } from "erc7739Validator/ERC7739Validator.sol";
import {
SIG_TYPE_SIMPLE,
SIG_TYPE_ON_CHAIN,
SIG_TYPE_ERC20_PERMIT,
ERC1271_SUCCESS,
ERC1271_FAILED,
MODULE_TYPE_STATELESS_VALIDATOR,
SIG_TYPE_MEE_FLOW
} from "contracts/types/Constants.sol";
// Fusion libraries - validate userOp using on-chain tx or off-chain permit
import { PermitValidatorLib } from "../../lib/stx-validator/validation-modes/PermitValidatorLib.sol";
import { TxValidatorLib } from "../../lib/stx-validator/validation-modes/TxValidatorLib.sol";
import { SimpleValidatorLib } from "../../lib/stx-validator/validation-modes/SimpleValidatorLib.sol";
import { NoMeeFlowLib } from "../../lib/stx-validator/validation-modes/NoMeeFlowLib.sol";
import { EcdsaHelperLib } from "../../lib/util/EcdsaHelperLib.sol";
/**
* @title K1MeeValidator
* @dev An ERC-7579 validator (module type 1) and stateless validator (module type 7) for the MEE stack.
* Supports 3 MEE modes:
* - Simple (Super Tx hash is signed)
* - On-chain Tx (Super Tx hash is appended to a regular txn and signed)
* - ERC-2612 Permit (Super Tx hash is pasted into deadline field of the ERC-2612 Permit and signed)
*
* Further improvements:
* - Further gas optimizations
* - Use EIP-712 to make superTx hash not blind => use 7739 for the MEE 1271 flows
*
* Using erc7739 for MEE flows makes no sense currently because user signs blind hashes anyways
* (except permit mode, but the superTx hash is still blind in it).
* So we just hash smart account address into the og hash for 1271 MEE flow currently.
* In future full scale 7739 will replace it when superTx hash is 712 and transparent.
*
*/
contract K1MeeValidator is IValidator, IStatelessValidator, ERC7739Validator {
using EnumerableSet for EnumerableSet.AddressSet;
/*//////////////////////////////////////////////////////////////////////////
CONSTANTS & STORAGE
//////////////////////////////////////////////////////////////////////////*/
uint256 private constant ENCODED_DATA_OFFSET = 4;
/// @notice Mapping of smart account addresses to their respective owner addresses
mapping(address => address) public smartAccountOwners;
/// @notice Set of safe senders for each smart account
EnumerableSet.AddressSet private _safeSenders;
/// @notice Error to indicate that no owner was provided during installation
error NoOwnerProvided();
/// @notice Error to indicate that the new owner cannot be the zero address
error ZeroAddressNotAllowed();
/// @notice Error to indicate the module is already initialized
error ModuleAlreadyInitialized();
/// @notice Error to indicate that the new owner cannot be a contract address
error NewOwnerIsNotEoa();
/// @notice Error to indicate that the owner cannot be the zero address
error OwnerCannotBeZeroAddress();
/// @notice Error to indicate that the data length is invalid
error InvalidDataLength();
/// @notice Error to indicate that the safe senders length is invalid
error SafeSendersLengthInvalid();
/*//////////////////////////////////////////////////////////////////////////
CONFIG
//////////////////////////////////////////////////////////////////////////*/
/**
* Initialize the module with the given data
*
* @param data The data to initialize the module with
*/
function onInstall(bytes calldata data) external override {
require(data.length != 0, NoOwnerProvided());
require(!_isInitialized(msg.sender), ModuleAlreadyInitialized());
address newOwner = address(bytes20(data[:20]));
require(newOwner != address(0), OwnerCannotBeZeroAddress());
if (_isNotEoa(newOwner)) {
revert NewOwnerIsNotEoa();
}
smartAccountOwners[msg.sender] = newOwner;
if (data.length > 20) {
_fillSafeSenders(data[20:]);
}
}
/**
* De-initialize the module with the given data
*/
function onUninstall(bytes calldata) external override {
delete smartAccountOwners[msg.sender];
_safeSenders.removeAll(msg.sender);
}
/// @notice Transfers ownership of the validator to a new owner
/// @param newOwner The address of the new owner
function transferOwnership(address newOwner) external {
require(newOwner != address(0), ZeroAddressNotAllowed());
if (_isNotEoa(newOwner)) {
revert NewOwnerIsNotEoa();
}
smartAccountOwners[msg.sender] = newOwner;
}
/**
* Check if the module is initialized
* @param smartAccount The smart account to check
*
* @return true if the module is initialized, false otherwise
*/
function isInitialized(address smartAccount) external view returns (bool) {
return _isInitialized(smartAccount);
}
/// @notice Adds a safe sender to the _safeSenders list for the smart account
function addSafeSender(address sender) external {
_safeSenders.add(msg.sender, sender);
}
/// @notice Removes a safe sender from the _safeSenders list for the smart account
function removeSafeSender(address sender) external {
_safeSenders.remove(msg.sender, sender);
}
/// @notice Checks if a sender is in the _safeSenders list for the smart account
function isSafeSender(address sender, address smartAccount) external view returns (bool) {
return _safeSenders.contains(smartAccount, sender);
}
/*//////////////////////////////////////////////////////////////////////////
MODULE LOGIC
//////////////////////////////////////////////////////////////////////////*/
/**
* Validates PackedUserOperation
*
* @param userOp UserOperation to be validated
* @param userOpHash Hash of the UserOperation to be validated
* @dev fallback flow => non MEE flow => no dedicated prefix introduced for the sake of compatibility.
* It may lead to a case where some signature turns out to have first bytes matching the prefix.
* However, this is very unlikely to happen and even if it does, the consequences are just
* that the signature is not validated which is easily solved by altering userOp => hash => sig.
* The userOp.signature is encoded as follows:
* MEE flow: [65 bytes node master signature] [4 bytes sigType] [encoded data for this validator]
* Non-MEE flow: [65 bytes regular secp256k1 sig]
*
* @return vd validation data = the result of the signature validation, which can be:
* - 0 if the signature is valid
* - 1 if the signature is invalid
* - <20-byte> aggregatorOrSigFail, <6-byte> validUntil and <6-byte> validAfter (see ERC-4337
* for more details)
*/
function validateUserOp(
PackedUserOperation calldata userOp,
bytes32 userOpHash
)
external
override
returns (uint256 vd)
{
address owner = getOwner(userOp.sender);
if (userOp.signature.length < ENCODED_DATA_OFFSET) {
// if sig is short then we are sure it is a non-MEE flow
vd = NoMeeFlowLib.validateUserOp(userOpHash, userOp.signature, owner);
} else {
bytes4 sigType = bytes4(userOp.signature[0:ENCODED_DATA_OFFSET]);
if (sigType == SIG_TYPE_SIMPLE) {
vd = SimpleValidatorLib.validateUserOp(userOpHash, userOp.signature[ENCODED_DATA_OFFSET:], owner);
} else if (sigType == SIG_TYPE_ON_CHAIN) {
vd = TxValidatorLib.validateUserOp(
userOpHash, userOp.signature[ENCODED_DATA_OFFSET:userOp.signature.length], owner
);
} else if (sigType == SIG_TYPE_ERC20_PERMIT) {
vd = PermitValidatorLib.validateUserOp(userOpHash, userOp.signature[ENCODED_DATA_OFFSET:], owner);
} else {
// fallback flow => non MEE flow => no prefix
vd = NoMeeFlowLib.validateUserOp(userOpHash, userOp.signature, owner);
}
}
}
/**
* Validates an ERC-1271 signature
*
* @param sender The sender of the ERC-1271 call to the account
* @param dataHash The hash of the message
* @param signature The signature of the message
*
* @return sigValidationResult the result of the signature validation, which can be:
* - ERC1271_SUCCESS if the signature is valid
* - ERC1271_FAILED if the signature is invalid
*/
function isValidSignatureWithSender(
address sender,
bytes32 dataHash,
bytes calldata signature
)
external
view
virtual
override
returns (bytes4 sigValidationResult)
{
if (
signature.length == 0 // for erc7739 detection
|| bytes3(signature[0:3]) != SIG_TYPE_MEE_FLOW // non-mee flow
) {
// Non MEE flow => uses 7739
// goes to ERC7739Validator to apply 7739 magic and then returns back
// to this contract's _erc1271IsValidSignatureNowCalldata() method.
return _erc1271IsValidSignatureWithSender(sender, dataHash, _erc1271UnwrapSignature(signature));
} else {
// MEE flow:
// 1) in simple mode, domain separator used for 712 is the domain separator
// of the smart account, which includes the account address,
// so 7739 is not needed for simple mode
// 2) for permit mode and on-chain mode we still need the secure hash
bytes4 sigType = bytes4(signature[0:4]);
if (sigType == SIG_TYPE_ERC20_PERMIT || sigType == SIG_TYPE_ON_CHAIN) {
// since we do not know if the underlying hash is safe or not,
// and :
// - for permit mode it is blind anyways since it is packed into the deadline field
// - for on-chain mode it is blind anyways since it is packed into the txn data
// so we can hash the SA into the final hash to protect against two SA's with same owner vector
// dataHash = keccak256(abi.encodePacked(dataHash, msg.sender))
assembly {
let ptr := mload(0x40)
mstore(ptr, dataHash)
mstore(add(ptr, 0x20), shl(96, caller()))
dataHash := keccak256(ptr, 0x34)
}
}
return _validateSignatureForOwner(getOwner(msg.sender), dataHash, _erc1271UnwrapSignature(signature))
? ERC1271_SUCCESS
: ERC1271_FAILED;
}
}
/// @notice IStatelessValidator interface
/// @param hash The hash of the data to validate
/// @param sig The signature data
/// @param data The data to validate against (owner address in this case)
function validateSignatureWithData(
bytes32 hash,
bytes calldata sig,
bytes calldata data
)
external
view
returns (bool isValidSig)
{
require(data.length >= 20, InvalidDataLength());
isValidSig = _validateSignatureForOwner(address(bytes20(data[:20])), hash, sig);
}
/**
* Get the owner of the smart account
* @param smartAccount The address of the smart account
* @return The owner of the smart account
*/
function getOwner(address smartAccount) public view returns (address) {
address owner = smartAccountOwners[smartAccount];
return owner == address(0) ? smartAccount : owner;
}
/*//////////////////////////////////////////////////////////////////////////
METADATA
//////////////////////////////////////////////////////////////////////////*/
/// @notice Returns the name of the module
/// @return The name of the module
function name() external pure returns (string memory) {
return "K1MeeValidator";
}
/// @notice Returns the version of the module
/// @return The version of the module
/// @dev
/// - supports appended 65-bytes signature for on-chain fusion mode
/// - supports erc7702-delegated EOAs as owners
function version() external pure returns (string memory) {
return "1.1.0";
}
/// @notice Checks if the module is of the specified type
/// @param typeId The type ID to check
/// @return True if the module is of the specified type, false otherwise
function isModuleType(uint256 typeId) external pure returns (bool) {
return typeId == MODULE_TYPE_VALIDATOR || typeId == MODULE_TYPE_STATELESS_VALIDATOR;
}
/*//////////////////////////////////////////////////////////////////////////
INTERNAL
//////////////////////////////////////////////////////////////////////////*/
/// @notice Internal method that does the job of validating the signature via ECDSA (secp256k1)
/// @param owner The address of the owner
/// @param hash The hash of the data to validate
/// @param signature The signature data
function _validateSignatureForOwner(
address owner,
bytes32 hash,
bytes calldata signature
)
internal
view
returns (bool isValidSig)
{
bytes4 sigType = bytes4(signature[0:4]);
if (sigType == SIG_TYPE_SIMPLE) {
isValidSig = SimpleValidatorLib.validateSignatureForOwner(owner, hash, signature[4:]);
} else if (sigType == SIG_TYPE_ON_CHAIN) {
isValidSig = TxValidatorLib.validateSignatureForOwner(owner, hash, signature[4:]);
} else if (sigType == SIG_TYPE_ERC20_PERMIT) {
isValidSig = PermitValidatorLib.validateSignatureForOwner(owner, hash, signature[4:]);
} else {
// fallback flow => non MEE flow => no prefix
isValidSig = NoMeeFlowLib.validateSignatureForOwner(owner, hash, signature);
}
}
/// @notice Checks if the smart account is initialized with an owner
/// @param smartAccount The address of the smart account
/// @return isInitializedRet True if the smart account has an owner, false otherwise
function _isInitialized(address smartAccount) private view returns (bool isInitializedRet) {
isInitializedRet = smartAccountOwners[smartAccount] != address(0);
}
// @notice Fills the _safeSenders list from the given data
function _fillSafeSenders(bytes calldata data) private {
uint256 length = data.length;
require(length % 20 == 0, SafeSendersLengthInvalid());
for (uint256 i; i < length / 20; ++i) {
_safeSenders.add(msg.sender, address(bytes20(data[20 * i:20 * (i + 1)])));
}
}
/// @notice Checks if the address is a contract
/// @param account The address to check
/// @return True if the address is a contract, false otherwise
function _isNotEoa(address account) private view returns (bool) {
uint256 size;
assembly {
size := extcodesize(account)
}
// has code and is not delegated via eip-7702
return (size > 0) && (size != 23);
}
/// @dev Returns whether the `hash` and `signature` are valid.
/// Obtains the authorized signer's credentials and calls some
/// module's specific internal function to validate the signature
/// against credentials.
function _erc1271IsValidSignatureNowCalldata(
bytes32 hash,
bytes calldata signature
)
internal
view
override
returns (bool isValidSig)
{
// call custom internal function to validate the signature against credentials
isValidSig = EcdsaHelperLib.isValidSignature(getOwner(msg.sender), hash, signature);
}
/// @dev Returns whether the `sender` is considered safe, such
/// that we don't need to use the nested EIP-712 workflow.
/// See: https://mirror.xyz/curiousapple.eth/pFqAdW2LiJ-6S4sg_u1z08k4vK6BCJ33LcyXpnNb8yU
// The canonical `MulticallerWithSigner` at 0x000000000000D9ECebf3C23529de49815Dac1c4c
// is known to include the account in the hash to be signed.
// msg.sender = Smart Account
// sender = 1271 og request sender
function _erc1271CallerIsSafe(address sender) internal view virtual override returns (bool isCallerSafe) {
isCallerSafe =
(sender == 0x000000000000D9ECebf3C23529de49815Dac1c4c // MulticallerWithSigner
|| sender == msg.sender // Smart Account. Assume smart account never sends non safe eip-712 struct
|| _safeSenders.contains(msg.sender, sender)); // check if sender is in _safeSenders for the Smart
// Account
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.21;
import { PackedUserOperation } from "account-abstraction/interfaces/PackedUserOperation.sol";
uint256 constant VALIDATION_SUCCESS = 0;
uint256 constant VALIDATION_FAILED = 1;
uint256 constant MODULE_TYPE_VALIDATOR = 1;
uint256 constant MODULE_TYPE_EXECUTOR = 2;
uint256 constant MODULE_TYPE_FALLBACK = 3;
uint256 constant MODULE_TYPE_HOOK = 4;
uint256 constant MODULE_TYPE_PREVALIDATION_HOOK_ERC1271 = 8;
uint256 constant MODULE_TYPE_PREVALIDATION_HOOK_ERC4337 = 9;
interface IModule {
error AlreadyInitialized(address smartAccount);
error NotInitialized(address smartAccount);
/**
* @dev This function is called by the smart account during installation of the module
* @param data arbitrary data that may be required on the module during `onInstall`
* initialization
*
* MUST revert on error (i.e. if module is already enabled)
*/
function onInstall(bytes calldata data) external;
/**
* @dev This function is called by the smart account during uninstallation of the module
* @param data arbitrary data that may be required on the module during `onUninstall`
* de-initialization
*
* MUST revert on error
*/
function onUninstall(bytes calldata data) external;
/**
* @dev Returns boolean value if module is a certain type
* @param moduleTypeId the module type ID according the ERC-7579 spec
*
* MUST return true if the module is of the given type and false otherwise
*/
function isModuleType(uint256 moduleTypeId) external view returns (bool);
/**
* @dev Returns if the module was already initialized for a provided smartaccount
*/
function isInitialized(address smartAccount) external view returns (bool);
}
interface IValidator is IModule {
error InvalidTargetAddress(address target);
/**
* @dev Validates a transaction on behalf of the account.
* This function is intended to be called by the MSA during the ERC-4337 validaton phase
* Note: solely relying on bytes32 hash and signature is not suffcient for some
* validation implementations (i.e. SessionKeys often need access to userOp.calldata)
* @param userOp The user operation to be validated. The userOp MUST NOT contain any metadata.
* The MSA MUST clean up the userOp before sending it to the validator.
* @param userOpHash The hash of the user operation to be validated
* @return return value according to ERC-4337
*/
function validateUserOp(
PackedUserOperation calldata userOp,
bytes32 userOpHash
)
external
returns (uint256);
/**
* Validator can be used for ERC-1271 validation
*/
function isValidSignatureWithSender(
address sender,
bytes32 hash,
bytes calldata data
)
external
view
returns (bytes4);
}
interface IExecutor is IModule { }
interface IHook is IModule {
function preCheck(
address msgSender,
uint256 msgValue,
bytes calldata msgData
)
external
returns (bytes memory hookData);
function postCheck(bytes calldata hookData) external;
}
interface IFallback is IModule { }
interface IPreValidationHookERC1271 is IModule {
function preValidationHookERC1271(
address sender,
bytes32 hash,
bytes calldata data
)
external
view
returns (bytes32 hookHash, bytes memory hookSignature);
}
interface IPreValidationHookERC4337 is IModule {
function preValidationHookERC4337(
PackedUserOperation calldata userOp,
uint256 missingAccountFunds,
bytes32 userOpHash
)
external
returns (bytes32 hookHash, bytes memory hookSignature);
}// SPDX-License-Identifier: LGPL-3.0-only
pragma solidity ^0.8.27;
import { IModule } from "erc7579/interfaces/IERC7579Module.sol";
interface IStatelessValidator is IModule {
/**
* Validates a signature given some data
*
* @param hash The data that was signed over
* @param signature The signature to verify
* @param data The data to validate the verified signature against
*
* MUST validate that the signature is a valid signature of the hash
* MUST compare the validated signature against the data provided
* MUST return true if the signature is valid and false otherwise
*/
function validateSignatureWithData(
bytes32 hash,
bytes calldata signature,
bytes calldata data
)
external
view
returns (bool);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import "./AssociatedArrayLib.sol";
/**
* Fork of OZ's EnumerableSet that makes all storage access ERC-4337 compliant via associated storage
* @author zeroknots.eth (rhinestone)
*/
library EnumerableSet {
using AssociatedArrayLib for AssociatedArrayLib.Bytes32Array;
// To implement this library for multiple types with as little code
// repetition as possible, we write it in terms of a generic Set type with
// bytes32 values.
// The Set implementation uses private functions, and user-facing
// implementations (such as AddressSet) are just wrappers around the
// underlying Set.
// This means that we can only create new EnumerableSets for types that fit
// in bytes32.
struct Set {
// Storage of set values
AssociatedArrayLib.Bytes32Array _values;
// Position is the index of the value in the `values` array plus 1.
// Position 0 is used to mean a value is not in the set.
mapping(bytes32 value => mapping(address account => uint256)) _positions;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function _add(Set storage set, address account, bytes32 value) private returns (bool) {
if (!_contains(set, account, value)) {
set._values.push(account, value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._positions[value][account] = set._values.length(account);
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function _remove(Set storage set, address account, bytes32 value) private returns (bool) {
// We cache the value's position to prevent multiple reads from the same storage slot
uint256 position = set._positions[value][account];
if (position != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 valueIndex = position - 1;
uint256 lastIndex = set._values.length(account) - 1;
if (valueIndex != lastIndex) {
bytes32 lastValue = set._values.get(account, lastIndex);
// Move the lastValue to the index where the value to delete is
set._values.set(account, valueIndex, lastValue);
// Update the tracked position of the lastValue (that was just moved)
set._positions[lastValue][account] = position;
}
// Delete the slot where the moved value was stored
set._values.pop(account);
// Delete the tracked position for the deleted slot
delete set._positions[value][account];
return true;
} else {
return false;
}
}
function _removeAll(Set storage set, address account) internal {
// get length of the array
uint256 len = _length(set, account);
for (uint256 i = 1; i <= len; i++) {
// get last value
bytes32 value = _at(set, account, len - i);
_remove(set, account, value);
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function _contains(Set storage set, address account, bytes32 value) private view returns (bool) {
return set._positions[value][account] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function _length(Set storage set, address account) private view returns (uint256) {
return set._values.length(account);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function _at(Set storage set, address account, uint256 index) private view returns (bytes32) {
return set._values.get(account, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function _values(Set storage set, address account) private view returns (bytes32[] memory) {
return set._values.getAll(account);
}
// Bytes32Set
struct Bytes32Set {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(Bytes32Set storage set, address account, bytes32 value) internal returns (bool) {
return _add(set._inner, account, value);
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(Bytes32Set storage set, address account, bytes32 value) internal returns (bool) {
return _remove(set._inner, account, value);
}
function removeAll(Bytes32Set storage set, address account) internal {
return _removeAll(set._inner, account);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(Bytes32Set storage set, address account, bytes32 value) internal view returns (bool) {
return _contains(set._inner, account, value);
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(Bytes32Set storage set, address account) internal view returns (uint256) {
return _length(set._inner, account);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32Set storage set, address account, uint256 index) internal view returns (bytes32) {
return _at(set._inner, account, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(Bytes32Set storage set, address account) internal view returns (bytes32[] memory) {
bytes32[] memory store = _values(set._inner, account);
bytes32[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// AddressSet
struct AddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address account, address value) internal returns (bool) {
return _add(set._inner, account, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address account, address value) internal returns (bool) {
return _remove(set._inner, account, bytes32(uint256(uint160(value))));
}
function removeAll(AddressSet storage set, address account) internal {
return _removeAll(set._inner, account);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address account, address value) internal view returns (bool) {
return _contains(set._inner, account, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(AddressSet storage set, address account) internal view returns (uint256) {
return _length(set._inner, account);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, address account, uint256 index) internal view returns (address) {
return address(uint160(uint256(_at(set._inner, account, index))));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(AddressSet storage set, address account) internal view returns (address[] memory) {
bytes32[] memory store = _values(set._inner, account);
address[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// UintSet
struct UintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(UintSet storage set, address account, uint256 value) internal returns (bool) {
return _add(set._inner, account, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(UintSet storage set, address account, uint256 value) internal returns (bool) {
return _remove(set._inner, account, bytes32(value));
}
function removeAll(UintSet storage set, address account) internal {
return _removeAll(set._inner, account);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(UintSet storage set, address account, uint256 value) internal view returns (bool) {
return _contains(set._inner, account, bytes32(value));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(UintSet storage set, address account) internal view returns (uint256) {
return _length(set._inner, account);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintSet storage set, address account, uint256 index) internal view returns (uint256) {
return uint256(_at(set._inner, account, index));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(UintSet storage set, address account) internal view returns (uint256[] memory) {
bytes32[] memory store = _values(set._inner, account);
uint256[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
}// SPDX-License-Identifier: GPL-3.0
pragma solidity >=0.7.5;
/**
* User Operation struct
* @param sender - The sender account of this request.
* @param nonce - Unique value the sender uses to verify it is not a replay.
* @param initCode - If set, the account contract will be created by this constructor/
* @param callData - The method call to execute on this account.
* @param accountGasLimits - Packed gas limits for validateUserOp and gas limit passed to the callData method call.
* @param preVerificationGas - Gas not calculated by the handleOps method, but added to the gas paid.
* Covers batch overhead.
* @param gasFees - packed gas fields maxPriorityFeePerGas and maxFeePerGas - Same as EIP-1559 gas parameters.
* @param paymasterAndData - If set, this field holds the paymaster address, verification gas limit, postOp gas limit and paymaster-specific extra data
* The paymaster will pay for the transaction instead of the sender.
* @param signature - Sender-verified signature over the entire request, the EntryPoint address and the chain ID.
*/
struct PackedUserOperation {
address sender;
uint256 nonce;
bytes initCode;
bytes callData;
bytes32 accountGasLimits;
uint256 preVerificationGas;
bytes32 gasFees;
bytes paymasterAndData;
bytes signature;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
interface IERC5267 {
function eip712Domain() external view returns (
bytes1 fields,
string memory name,
string memory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
);
}
/// @title ERC-7739: Nested Typed Data Sign Support for ERC-7579 Validators
abstract contract ERC7739Validator {
error InvalidSignature();
/// @dev `keccak256("PersonalSign(bytes prefixed)")`.
bytes32 internal constant _PERSONAL_SIGN_TYPEHASH = 0x983e65e5148e570cd828ead231ee759a8d7958721a768f93bc4483ba005c32de;
bytes32 internal constant _DOMAIN_TYPEHASH = 0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f;
bytes4 internal constant SUPPORTS_ERC7739_V1 = 0x77390001;
/*//////////////////////////////////////////////////////////////////////////
INTERNAL
//////////////////////////////////////////////////////////////////////////*/
/// @dev Returns whether the `signature` is valid for the `hash.
/// Use this in your validator's `isValidSignatureWithSender` implementation.
function _erc1271IsValidSignatureWithSender(address sender, bytes32 hash, bytes calldata signature)
internal
view
virtual
returns (bytes4)
{
// detection request
// this check only takes 17 gas units
// in theory, it can be moved out of this function so it doesn't apply to every
// isValidSignatureWithSender() call, but it would require an additional standard
// interface for SA to check if the IValidator supports ERC-7739
// while isValidSignatureWithSender() is specified by ERC-7579, so
// it makes sense to use it in SA to check if the validator supports ERC-7739
unchecked {
if (signature.length == uint256(0)) {
// Forces the compiler to optimize for smaller bytecode size.
if (uint256(hash) == ~signature.length / 0xffff * 0x7739)
return SUPPORTS_ERC7739_V1;
}
}
// sig malleability prevention
bytes32 s;
assembly {
// same as `s := mload(add(signature, 0x40))` but for calldata
s := calldataload(add(signature.offset, 0x20))
}
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
revert InvalidSignature();
}
bool success = _erc1271IsValidSignatureViaSafeCaller(sender, hash, signature)
|| _erc1271IsValidSignatureViaNestedEIP712(hash, signature)
|| _erc1271IsValidSignatureViaRPC(hash, signature);
bytes4 sigValidationResult;
assembly {
// `success ? bytes4(keccak256("isValidSignature(bytes32,bytes)")) : 0xffffffff`.
// We use `0xffffffff` for invalid, in convention with the reference implementation.
sigValidationResult := shl(224, or(0x1626ba7e, sub(0, iszero(success))))
}
return sigValidationResult;
}
/// @dev Returns whether the `msg.sender` is considered safe, such
/// that we don't need to use the nested EIP-712 workflow.
/// Override to return true for more callers.
/// See: https://mirror.xyz/curiousapple.eth/pFqAdW2LiJ-6S4sg_u1z08k4vK6BCJ33LcyXpnNb8yU
function _erc1271CallerIsSafe(address sender) internal view virtual returns (bool) {
// The canonical `MulticallerWithSigner` at 0x000000000000D9ECebf3C23529de49815Dac1c4c
// is known to include the account in the hash to be signed.
return sender == 0x000000000000D9ECebf3C23529de49815Dac1c4c;
}
/// @dev Returns whether the `hash` and `signature` are valid.
/// Obtains the authorized signer's credentials and calls some
/// module's specific internal function to validate the signature
/// against credentials.
/// Override for your module's custom logic.
function _erc1271IsValidSignatureNowCalldata(bytes32 hash, bytes calldata signature)
internal
view
virtual
returns (bool);
/// @dev Unwraps and returns the signature.
function _erc1271UnwrapSignature(bytes calldata signature)
internal
view
virtual
returns (bytes calldata result)
{
result = signature;
/// @solidity memory-safe-assembly
assembly {
// Unwraps the ERC6492 wrapper if it exists.
// See: https://eips.ethereum.org/EIPS/eip-6492
if eq(
calldataload(add(result.offset, sub(result.length, 0x20))),
mul(0x6492, div(not(shr(address(), address())), 0xffff)) // `0x6492...6492`.
) {
let o := add(result.offset, calldataload(add(result.offset, 0x40)))
result.length := calldataload(o)
result.offset := add(o, 0x20)
}
}
}
/// @dev Performs the signature validation without nested EIP-712 if the caller is
/// a safe caller. A safe caller must include the address of this account in the hash.
function _erc1271IsValidSignatureViaSafeCaller(address sender, bytes32 hash, bytes calldata signature)
internal
view
virtual
returns (bool result)
{
if (_erc1271CallerIsSafe(sender)) result = _erc1271IsValidSignatureNowCalldata(hash, signature);
}
/// @dev ERC1271 signature validation (Nested EIP-712 workflow).
///
/// This uses ECDSA recovery by default (see: `_erc1271IsValidSignatureNowCalldata`).
/// It also uses a nested EIP-712 approach to prevent signature replays when a single EOA
/// owns multiple smart contract accounts,
/// while still enabling wallet UIs (e.g. Metamask) to show the EIP-712 values.
///
/// Crafted for phishing resistance, efficiency, flexibility.
/// __________________________________________________________________________________________
///
/// Glossary:
///
/// - `APP_DOMAIN_SEPARATOR`: The domain separator of the `hash` passed in by the application.
/// Provided by the front end. Intended to be the domain separator of the contract
/// that will call `isValidSignature` on this account.
///
/// - `ACCOUNT_DOMAIN_SEPARATOR`: The domain separator of this account.
/// See: `EIP712._domainSeparator()`.
/// __________________________________________________________________________________________
///
/// For the `TypedDataSign` workflow, the final hash will be:
/// ```
/// keccak256(\x19\x01 ‖ APP_DOMAIN_SEPARATOR ‖
/// hashStruct(TypedDataSign({
/// contents: hashStruct(originalStruct),
/// name: keccak256(bytes(eip712Domain().name)),
/// version: keccak256(bytes(eip712Domain().version)),
/// chainId: eip712Domain().chainId,
/// verifyingContract: eip712Domain().verifyingContract,
/// salt: eip712Domain().salt
/// }))
/// )
/// ```
/// where `‖` denotes the concatenation operator for bytes.
/// The order of the fields is important: `contents` comes before `name`.
///
/// The signature will be `r ‖ s ‖ v ‖ APP_DOMAIN_SEPARATOR ‖
/// contents ‖ contentsDescription ‖ uint16(contentsDescription.length)`,
/// where:
/// - `contents` is the bytes32 struct hash of the original struct.
/// - `contentsDescription` can be either:
/// a) `contentsType` (implicit mode)
/// where `contentsType` starts with `contentsName`.
/// b) `contentsType ‖ contentsName` (explicit mode)
/// where `contentsType` may not necessarily start with `contentsName`.
///
/// The `APP_DOMAIN_SEPARATOR` and `contents` will be used to verify if `hash` is indeed correct.
/// __________________________________________________________________________________________
///
/// For the `PersonalSign` workflow, the final hash will be:
/// ```
/// keccak256(\x19\x01 ‖ ACCOUNT_DOMAIN_SEPARATOR ‖
/// hashStruct(PersonalSign({
/// prefixed: keccak256(bytes(\x19Ethereum Signed Message:\n ‖
/// base10(bytes(someString).length) ‖ someString))
/// }))
/// )
/// ```
/// where `‖` denotes the concatenation operator for bytes.
///
/// The `PersonalSign` type hash will be `keccak256("PersonalSign(bytes prefixed)")`.
/// The signature will be `r ‖ s ‖ v`.
/// __________________________________________________________________________________________
///
/// For demo and typescript code, see:
/// - https://github.com/junomonster/nested-eip-712
/// - https://github.com/frangio/eip712-wrapper-for-eip1271
///
/// Their nomenclature may differ from ours, although the high-level idea is similar.
///
/// Of course, if you have control over the codebase of the wallet client(s) too,
/// you can choose a more minimalistic signature scheme like
/// `keccak256(abi.encode(address(this), hash))` instead of all these acrobatics.
/// All these are just for widespread out-of-the-box compatibility with other wallet clients.
/// We want to create bazaars, not walled castles.
/// And we'll use push the Turing Completeness of the EVM to the limits to do so.
function _erc1271IsValidSignatureViaNestedEIP712(bytes32 hash, bytes calldata signature)
internal
view
virtual
returns (bool result)
{
//bytes32 t = _typedDataSignFieldsForAccount(msg.sender);
uint256 t = uint256(uint160(address(this)));
// Forces the compiler to pop the variables after the scope, avoiding stack-too-deep.
if (t != uint256(0)) {
(
,
string memory name,
string memory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
) = IERC5267(msg.sender).eip712Domain();
/// @solidity memory-safe-assembly
assembly {
t := mload(0x40) // Grab the free memory pointer.
// Skip 2 words for the `typedDataSignTypehash` and `contents` struct hash.
mstore(add(t, 0x40), keccak256(add(name, 0x20), mload(name)))
mstore(add(t, 0x60), keccak256(add(version, 0x20), mload(version)))
mstore(add(t, 0x80), chainId)
mstore(add(t, 0xa0), shr(96, shl(96, verifyingContract)))
mstore(add(t, 0xc0), salt)
mstore(0x40, add(t, 0xe0)) // Allocate the memory.
}
}
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
// `c` is `contentsDescription.length`, which is stored in the last 2 bytes of the signature.
let c := shr(240, calldataload(add(signature.offset, sub(signature.length, 2))))
for {} 1 {} {
let l := add(0x42, c) // Total length of appended data (32 + 32 + c + 2).
let o := add(signature.offset, sub(signature.length, l)) // Offset of appended data.
mstore(0x00, 0x1901) // Store the "\x19\x01" prefix.
calldatacopy(0x20, o, 0x40) // Copy the `APP_DOMAIN_SEPARATOR` and `contents` struct hash.
// Use the `PersonalSign` workflow if the reconstructed hash doesn't match,
// or if the appended data is invalid, i.e.
// `appendedData.length > signature.length || contentsDescription.length == 0`.
if or(xor(keccak256(0x1e, 0x42), hash), or(lt(signature.length, l), iszero(c))) {
t := 0 // Set `t` to 0, denoting that we need to `hash = _hashTypedData(hash)`.
mstore(t, _PERSONAL_SIGN_TYPEHASH)
mstore(0x20, hash) // Store the `prefixed`.
hash := keccak256(t, 0x40) // Compute the `PersonalSign` struct hash.
break
}
// Else, use the `TypedDataSign` workflow.
// `TypedDataSign({ContentsName} contents,string name,...){ContentsType}`.
mstore(m, "TypedDataSign(") // Store the start of `TypedDataSign`'s type encoding.
let p := add(m, 0x0e) // Advance 14 bytes to skip "TypedDataSign(".
calldatacopy(p, add(o, 0x40), c) // Copy `contentsName`, optimistically.
mstore(add(p, c), 40) // Store a '(' after the end.
if iszero(eq(byte(0, mload(sub(add(p, c), 1))), 41)) {
let e := 0 // Length of `contentsName` in explicit mode.
for { let q := sub(add(p, c), 1) } 1 {} {
e := add(e, 1) // Scan backwards until we encounter a ')'.
if iszero(gt(lt(e, c), eq(byte(0, mload(sub(q, e))), 41))) { break }
}
c := sub(c, e) // Truncate `contentsDescription` to `contentsType`.
calldatacopy(p, add(add(o, 0x40), c), e) // Copy `contentsName`.
mstore8(add(p, e), 40) // Store a '(' exactly right after the end.
}
// `d & 1 == 1` means that `contentsName` is invalid.
let d := shr(byte(0, mload(p)), 0x7fffffe000000000000010000000000) // Starts with `[a-z(]`.
// Advance `p` until we encounter '('.
for {} iszero(eq(byte(0, mload(p)), 40)) { p := add(p, 1) } {
d := or(shr(byte(0, mload(p)), 0x120100000001), d) // Has a byte in ", )\x00".
}
mstore(p, " contents,string name,string") // Store the rest of the encoding.
mstore(add(p, 0x1c), " version,uint256 chainId,address")
mstore(add(p, 0x3c), " verifyingContract,bytes32 salt)")
p := add(p, 0x5c)
calldatacopy(p, add(o, 0x40), c) // Copy `contentsType`.
// Fill in the missing fields of the `TypedDataSign`.
calldatacopy(t, o, 0x40) // Copy the `contents` struct hash to `add(t, 0x20)`.
mstore(t, keccak256(m, sub(add(p, c), m))) // Store `typedDataSignTypehash`.
// The "\x19\x01" prefix is already at 0x00.
// `APP_DOMAIN_SEPARATOR` is already at 0x20.
mstore(0x40, keccak256(t, 0xe0)) // `hashStruct(typedDataSign)`.
// Compute the final hash, corrupted if `contentsName` is invalid.
hash := keccak256(0x1e, add(0x42, and(1, d)))
signature.length := sub(signature.length, l) // Truncate the signature.
break
}
mstore(0x40, m) // Restore the free memory pointer.
}
if (t == uint256(0)) hash = _hashTypedDataForAccount(msg.sender, hash); // `PersonalSign` workflow.
result = _erc1271IsValidSignatureNowCalldata(hash, signature);
}
/// @dev Performs the signature validation without nested EIP-712 to allow for easy sign ins.
/// This function must always return false or revert if called on-chain.
function _erc1271IsValidSignatureViaRPC(bytes32 hash, bytes calldata signature)
internal
view
virtual
returns (bool result)
{
// Non-zero gasprice is a heuristic to check if a call is on-chain,
// but we can't fully depend on it because it can be manipulated.
// See: https://x.com/NoahCitron/status/1580359718341484544
if (tx.gasprice == uint256(0)) {
/// @solidity memory-safe-assembly
assembly {
mstore(gasprice(), gasprice())
// See: https://gist.github.com/Vectorized/3c9b63524d57492b265454f62d895f71
let b := 0x000000000000378eDCD5B5B0A24f5342d8C10485 // Basefee contract,
pop(staticcall(0xffff, b, codesize(), gasprice(), gasprice(), 0x20))
// If `gasprice < basefee`, the call cannot be on-chain, and we can skip the gas burn.
if iszero(mload(gasprice())) {
let m := mload(0x40) // Cache the free memory pointer.
mstore(gasprice(), 0x1626ba7e) // `isValidSignature(bytes32,bytes)`.
mstore(0x20, b) // Recycle `b` to denote if we need to burn gas.
mstore(0x40, 0x40)
let gasToBurn := or(add(0xffff, gaslimit()), gaslimit())
// Burns gas computationally efficiently. Also, requires that `gas > gasToBurn`.
if or(eq(hash, b), lt(gas(), gasToBurn)) { invalid() }
// Make a call to this with `b`, efficiently burning the gas provided.
// No valid transaction can consume more than the gaslimit.
// See: https://ethereum.github.io/yellowpaper/paper.pdf
// Most RPCs perform calls with a gas budget greater than the gaslimit.
pop(staticcall(gasToBurn, address(), 0x1c, 0x64, gasprice(), gasprice()))
mstore(0x40, m) // Restore the free memory pointer.
}
}
result = _erc1271IsValidSignatureNowCalldata(hash, signature);
}
}
/// @notice Hashes typed data according to eip-712
/// Uses account's domain separator
/// @param account the smart account, who's domain separator will be used
/// @param structHash the typed data struct hash
function _hashTypedDataForAccount(address account, bytes32 structHash) private view returns (bytes32 digest) {
(
/*bytes1 fields*/,
string memory name,
string memory version,
uint256 chainId,
address verifyingContract,
/*bytes32 salt*/,
/*uint256[] memory extensions*/
) = IERC5267(account).eip712Domain();
/// @solidity memory-safe-assembly
assembly {
//Rebuild domain separator out of 712 domain
let m := mload(0x40) // Load the free memory pointer.
mstore(m, _DOMAIN_TYPEHASH)
mstore(add(m, 0x20), keccak256(add(name, 0x20), mload(name))) // Name hash.
mstore(add(m, 0x40), keccak256(add(version, 0x20), mload(version))) // Version hash.
mstore(add(m, 0x60), chainId)
mstore(add(m, 0x80), verifyingContract)
digest := keccak256(m, 0xa0) //domain separator
// Hash typed data
mstore(0x00, 0x1901000000000000) // Store "\x19\x01".
mstore(0x1a, digest) // Store the domain separator.
mstore(0x3a, structHash) // Store the struct hash.
digest := keccak256(0x18, 0x42)
// Restore the part of the free memory slot that was overwritten.
mstore(0x3a, 0)
}
}
/// @dev Backwards compatibility stuff
/// For automatic detection that the smart account supports the nested EIP-712 workflow.
/// By default, it returns `bytes32(bytes4(keccak256("supportsNestedTypedDataSign()")))`,
/// denoting support for the default behavior, as implemented in
/// `_erc1271IsValidSignatureViaNestedEIP712`, which is called in `isValidSignature`.
/// Future extensions should return a different non-zero `result` to denote different behavior.
/// This method intentionally returns bytes32 to allow freedom for future extensions.
function supportsNestedTypedDataSign() public view virtual returns (bytes32 result) {
result = bytes4(0xd620c85a);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
// STX Sig types
bytes3 constant SIG_TYPE_MEE_FLOW = 0x177eee;
bytes4 constant SIG_TYPE_SIMPLE = 0x177eee00;
bytes4 constant SIG_TYPE_ON_CHAIN = 0x177eee01;
bytes4 constant SIG_TYPE_ERC20_PERMIT = 0x177eee02;
// ...other sig types: ERC-7683, Permit2, etc
// EIP-1271 constants
bytes4 constant ERC1271_SUCCESS = 0x1626ba7e;
bytes4 constant ERC1271_FAILED = 0xffffffff;
// Node PM constants
bytes4 constant NODE_PM_MODE_USER = 0x170de000; // refund goes to the user
bytes4 constant NODE_PM_MODE_DAPP = 0x170de001; // refund goes to the dApp
bytes4 constant NODE_PM_MODE_KEEP = 0x170de002; // no refund as node sponsored
bytes4 constant NODE_PM_PREMIUM_PERCENT = 0x9ee4ce00; // premium percentage
bytes4 constant NODE_PM_PREMIUM_FIXED = 0x9ee4ce01;
// ERC-4337 validation constants
uint256 constant VALIDATION_SUCCESS = 0;
uint256 constant VALIDATION_FAILED = 1;
// Module type identifiers
uint256 constant MODULE_TYPE_MULTI = 0; // Module type identifier for Multitype install
uint256 constant MODULE_TYPE_VALIDATOR = 1;
uint256 constant MODULE_TYPE_EXECUTOR = 2;
uint256 constant MODULE_TYPE_FALLBACK = 3;
uint256 constant MODULE_TYPE_HOOK = 4;
uint256 constant MODULE_TYPE_STATELESS_VALIDATOR = 7;
uint256 constant MODULE_TYPE_PREVALIDATION_HOOK_ERC1271 = 8;
uint256 constant MODULE_TYPE_PREVALIDATION_HOOK_ERC4337 = 9;
// Nexus Validation modes
bytes1 constant MODE_VALIDATION = 0x00;
bytes1 constant MODE_MODULE_ENABLE = 0x01;
bytes1 constant MODE_PREP = 0x02;
// ERC-7739 support constants
bytes4 constant SUPPORTS_ERC7739 = 0x77390000;
bytes4 constant SUPPORTS_ERC7739_V1 = 0x77390001;
// Typehashes
// keccak256("ModuleEnableMode(address module,uint256 moduleType,bytes32 userOpHash,bytes initData)")
bytes32 constant MODULE_ENABLE_MODE_TYPE_HASH = 0xf6c866c1cd985ce61f030431e576c0e82887de0643dfa8a2e6efc3463e638ed0;
// keccak256("EmergencyUninstall(address hook,uint256 hookType,bytes deInitData,uint256 nonce)")
bytes32 constant EMERGENCY_UNINSTALL_TYPE_HASH = 0xd3ddfc12654178cc44d4a7b6b969cfdce7ffe6342326ba37825314cffa0fba9c;// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
import { MerkleProofLib } from "solady/utils/MerkleProofLib.sol";
import { EcdsaHelperLib } from "../../util/EcdsaHelperLib.sol";
import { MEEUserOpHashLib } from "../MEEUserOpHashLib.sol";
import { ERC20 } from "solady/tokens/ERC20.sol";
import { EfficientHashLib } from "solady/utils/EfficientHashLib.sol";
import { SIG_VALIDATION_FAILED, _packValidationData } from "account-abstraction/core/Helpers.sol";
/**
* @dev Library to validate the signature for MEE ERC-2612 Permit mode
* This is the mode where superTx hash is pasted into deadline field of the ERC-2612 Permit
* So the whole permit is signed along with the superTx hash
* For more details see Fusion docs:
* - https://ethresear.ch/t/fusion-module-7702-alternative-with-no-protocol-changes/20949
* - https://docs.biconomy.io/explained/eoa#fusion-module
*
* @dev Important: since ERC20 permit token knows nothing about the MEE, it will treat the superTx hash as a
* deadline:
* - if (very unlikely) the superTx hash being converted to uint256 is a timestamp in the past, the permit will
* fail
* - the deadline with most superTx hashes will be very far in the future
*
* @dev Since at this point bytes32 superTx hash is a blind hash, users and wallets should pay attention if
* the permit2 deadline field does not make sense as the timestamp. In this case, it can be a sign of a
* phishing attempt (injecting super txn hash as the deadline) and the user should not sign the permit.
* This is going to be mitigated in the future by making superTx hash a EIP-712 hash.
*/
//keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
struct DecodedErc20PermitSig {
ERC20 token;
address spender;
bytes32 domainSeparator;
uint256 amount;
uint256 nonce;
bool isPermitTx;
bytes32 superTxHash;
uint48 lowerBoundTimestamp;
uint48 upperBoundTimestamp;
uint8 v;
bytes32 r;
bytes32 s;
bytes32[] proof;
}
struct DecodedErc20PermitSigShort {
address spender;
bytes32 domainSeparator;
uint256 amount;
uint256 nonce;
bytes32 superTxHash;
uint8 v;
bytes32 r;
bytes32 s;
bytes32[] proof;
}
library PermitValidatorLib {
error PermitFailed();
uint8 internal constant EIP_155_MIN_V_VALUE = 37;
using EcdsaHelperLib for bytes32;
/**
* This function parses the given userOpSignature into a DecodedErc20PermitSig data structure.
*
* Once parsed, the function will check for two conditions:
* 1. is the userOp part of the merkle tree
* 2. is the recovered message signer equal to the expected signer?
*
* NOTES: This function will revert if either of following is met:
* 1. the userOpSignature couldn't be abi.decoded into a valid DecodedErc20PermitSig struct as defined in this
* contract
* 2. userOp is not part of the merkle tree
* 3. recovered Permit message signer wasn't equal to the expected signer
*
* The function will also perform the Permit approval on the given token in case the
* isPermitTx flag was set to true in the decoded signature struct.
*
* @param userOpHash UserOp hash being validated.
* @param parsedSignature Signature provided as the userOp.signature parameter (minus the prepended tx type byte).
* @param expectedSigner Signer expected to be recovered when decoding the ERC20OPermit signature.
*/
function validateUserOp(
bytes32 userOpHash,
bytes calldata parsedSignature,
address expectedSigner
)
internal
returns (uint256)
{
DecodedErc20PermitSig memory decodedSig = _decodeFullPermitSig(parsedSignature);
bytes32 meeUserOpHash = MEEUserOpHashLib.getMEEUserOpHash(
userOpHash, decodedSig.lowerBoundTimestamp, decodedSig.upperBoundTimestamp
);
if (!EcdsaHelperLib.isValidSignature(
expectedSigner,
_getSignedDataHash(expectedSigner, decodedSig),
abi.encodePacked(decodedSig.r, decodedSig.s, uint8(decodedSig.v))
)) {
return SIG_VALIDATION_FAILED;
}
if (!MerkleProofLib.verify(decodedSig.proof, decodedSig.superTxHash, meeUserOpHash)) {
return SIG_VALIDATION_FAILED;
}
if (decodedSig.isPermitTx) {
try decodedSig.token
.permit(
expectedSigner,
decodedSig.spender,
decodedSig.amount,
uint256(decodedSig.superTxHash),
uint8(decodedSig.v),
decodedSig.r,
decodedSig.s
) {
// all good
}
catch {
// check if by some reason this permit was already successfully used (and not spent yet)
if (ERC20(address(decodedSig.token)).allowance(expectedSigner, decodedSig.spender) < decodedSig.amount)
{
// if the above expectationis not true, revert
revert PermitFailed();
}
}
}
return _packValidationData(false, decodedSig.upperBoundTimestamp, decodedSig.lowerBoundTimestamp);
}
function validateSignatureForOwner(
address expectedSigner,
bytes32 dataHash,
bytes calldata parsedSignature
)
internal
view
returns (bool)
{
DecodedErc20PermitSigShort calldata decodedSig = _decodeShortPermitSig(parsedSignature);
if (!EcdsaHelperLib.isValidSignature(
expectedSigner,
_getSignedDataHash(expectedSigner, decodedSig),
abi.encodePacked(decodedSig.r, decodedSig.s, uint8(decodedSig.v))
)) {
return false;
}
if (!MerkleProofLib.verify(decodedSig.proof, decodedSig.superTxHash, dataHash)) {
return false;
}
return true;
}
function _decodeFullPermitSig(bytes calldata parsedSignature)
private
pure
returns (DecodedErc20PermitSig calldata decodedSig)
{
assembly {
decodedSig := add(parsedSignature.offset, 0x20)
}
}
function _decodeShortPermitSig(bytes calldata parsedSignature)
private
pure
returns (DecodedErc20PermitSigShort calldata)
{
DecodedErc20PermitSigShort calldata decodedSig;
assembly {
decodedSig := add(parsedSignature.offset, 0x20)
}
return decodedSig;
}
function _getSignedDataHash(
address expectedSigner,
DecodedErc20PermitSig memory decodedSig
)
private
pure
returns (bytes32)
{
return _hashTypedData(
_hashPermitDataStruct(
expectedSigner, decodedSig.spender, decodedSig.amount, decodedSig.nonce, decodedSig.superTxHash
),
decodedSig.domainSeparator
);
}
function _getSignedDataHash(
address expectedSigner,
DecodedErc20PermitSigShort memory decodedSig
)
private
pure
returns (bytes32)
{
return _hashTypedData(
_hashPermitDataStruct(
expectedSigner, decodedSig.spender, decodedSig.amount, decodedSig.nonce, decodedSig.superTxHash
),
decodedSig.domainSeparator
);
}
function _hashPermitDataStruct(
address expectedSigner,
address spender,
uint256 amount,
uint256 nonce,
bytes32 superTxHash
)
private
pure
returns (bytes32)
{
return EfficientHashLib.hash(
uint256(PERMIT_TYPEHASH),
uint256(uint160(expectedSigner)),
uint256(uint160(spender)),
amount,
nonce,
uint256(superTxHash)
);
}
function _hashTypedData(bytes32 structHash, bytes32 domainSeparator) private pure returns (bytes32) {
return EcdsaHelperLib.toTypedDataHash(domainSeparator, structHash);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
import { MerkleProofLib } from "solady/utils/MerkleProofLib.sol";
import { RLPReader as RLPDecoder } from "rlp-reader/RLPReader.sol";
import { RLPEncoder } from "../rlp/RLPEncoder.sol";
import { MEEUserOpHashLib } from "../MEEUserOpHashLib.sol";
import { EcdsaHelperLib } from "../../util/EcdsaHelperLib.sol";
import { BytesLib } from "byteslib/BytesLib.sol";
import { SIG_VALIDATION_FAILED, _packValidationData } from "account-abstraction/core/Helpers.sol";
import { EfficientHashLib } from "solady/utils/EfficientHashLib.sol";
/**
* @dev Library to validate the signature for MEE on-chain Txn mode
* This is the mode where superTx hash is appended to a regular txn (legacy or 1559) calldata
* Type 1 (EIP-2930) transactions are not supported.
* The whole txn is signed along with the superTx hash
* Txn is executed prior to a superTx, so it can pass some funds from the EOA to the smart account
* For more details see Fusion docs:
* - https://ethresear.ch/t/fusion-module-7702-alternative-with-no-protocol-changes/20949
* - https://docs.biconomy.io/explained/eoa#fusion-module
* @dev Some smart contracts may not be able to consume the txn with bytes32 appended to the calldata.
* However this is very small subset. One of the cases when it can happen is when the smart contract
* is has separate receive() and fallback() functions. Then if a txn is a value transfer, it will
* be expected to be consumed by the receive() function. However, if there's bytes32 appended to the calldata,
* it will be consumed by the fallback() function which may not be expected. In this case, the provided
* contracts/forwarder/Forwarder.sol can be used to 'clear' the bytes32 from the calldata.
* @dev In theory, the last 32 bytes of calldata from any transaction by the EOA can be interpreted as
* a superTx hash. Even if it was not assumed. This introduces the potential risk of phishing attacks
* where the user may unknowingly sign a transaction where the last 32 bytes of the calldata end up
* being a superTx hash. However, it is not easy to craft a txn that makes sense for a user and allows
* arbitrary bytes32 as last 32 bytes. Thus, wallets and users should be aware of this potential risk
* and should not sign txns where the last 32 bytes of the calldata do not belong to the function arguments
* and are just appended at the end.
*/
library TxValidatorLib {
error TxDecoder_CallDataLengthTooShort();
error TxValidatorLib_UnsupportedTxType();
uint8 internal constant LEGACY_TX_TYPE = 0x00;
uint8 internal constant EIP1559_TX_TYPE = 0x02;
uint8 internal constant EIP_155_MIN_V_VALUE = 37;
uint8 internal constant HASH_BYTE_SIZE = 32;
uint8 internal constant TIMESTAMP_BYTE_SIZE = 6;
uint8 internal constant PROOF_ITEM_BYTE_SIZE = 32;
uint8 internal constant ITX_HASH_BYTE_SIZE = 32;
using RLPDecoder for RLPDecoder.RLPItem;
using RLPDecoder for bytes;
using RLPEncoder for uint256;
using BytesLib for bytes;
struct TxData {
uint8 txType;
uint8 v;
bytes32 r;
bytes32 s;
bytes32 utxHash;
bytes32 superTxHash;
bytes32[] proof;
uint48 lowerBoundTimestamp;
uint48 upperBoundTimestamp;
}
// To save a bit of gas, not pass timestamps where not needed
struct TxDataShort {
uint8 txType;
uint8 v;
bytes32 r;
bytes32 s;
bytes32 utxHash;
bytes32 superTxHash;
bytes32[] proof;
}
struct TxParams {
uint256 v;
bytes32 r;
bytes32 s;
bytes callData;
}
/**
* This function parses the given userOpSignature into a valid fully signed EVM transaction.
* Once parsed, the function will check for three conditions:
* 1. is the userOp part of the superTX merkle tree
* 2. is the recovered tx signer equal to the expected signer?
* 3. is the given UserOp a part of the merkle tree
*
* If all the conditions are met - outside contract can be sure that the expected signer has indeed
* approved the given hash by performing given on-chain transaction.
*
* NOTES: This function will revert if either of following is met:
* 1. the userOpSignature couldn't be parsed to a valid fully signed EVM transaction
* 2. hash couldn't be extracted from the tx.data
* 3. extracted hash wasn't equal to the provided expected hash
* 4. recovered signer wasn't equal to the expected signer
*
* @param userOpHash UserOp hash being validated.
* @param parsedSignature Signature provided as the userOp.signature parameter (minus the prepended tx type byte).
* Expecting to receive fully signed serialized EVM transaction here of type 0x00 (LEGACY)
* or 0x02 (EIP1556).
* For LEGACY tx type the "0x00" prefix has to be added manually while the EIP1559 tx type
* already contains 0x02 prefix.
* @param expectedSigner Expected EOA signer of the given EVM transaction => superTX.
*/
function validateUserOp(
bytes32 userOpHash,
bytes calldata parsedSignature,
address expectedSigner
)
internal
view
returns (uint256)
{
TxData memory decodedTx = decodeTx(parsedSignature);
bytes32 meeUserOpHash =
MEEUserOpHashLib.getMEEUserOpHash(userOpHash, decodedTx.lowerBoundTimestamp, decodedTx.upperBoundTimestamp);
bytes memory signature = abi.encodePacked(decodedTx.r, decodedTx.s, decodedTx.v);
if (!EcdsaHelperLib.isValidSignature(expectedSigner, decodedTx.utxHash, signature)) {
return SIG_VALIDATION_FAILED;
}
if (!MerkleProofLib.verify(decodedTx.proof, decodedTx.superTxHash, meeUserOpHash)) {
return SIG_VALIDATION_FAILED;
}
return _packValidationData(false, decodedTx.upperBoundTimestamp, decodedTx.lowerBoundTimestamp);
}
/**
* @dev validate the signature for the owner of the superTx
* used fot the 1271 flow and for the stateless validators (erc7579 module type 7)
* @param expectedSigner the expected signer of the superTx
* @param dataHash the hash of the data to be signed
* @param parsedSignature the signature to be validated
* @return true if the signature is valid, false otherwise
*/
function validateSignatureForOwner(
address expectedSigner,
bytes32 dataHash,
bytes calldata parsedSignature
)
internal
view
returns (bool)
{
TxDataShort memory decodedTx = decodeTxShort(parsedSignature);
bytes memory signature = abi.encodePacked(decodedTx.r, decodedTx.s, decodedTx.v);
if (!EcdsaHelperLib.isValidSignature(expectedSigner, decodedTx.utxHash, signature)) {
return false;
}
if (!MerkleProofLib.verify(decodedTx.proof, decodedTx.superTxHash, dataHash)) {
return false;
}
return true;
}
function decodeTx(bytes calldata self) internal pure returns (TxData memory) {
uint8 txType = uint8(self[0]); //first byte is tx type
uint48 lowerBoundTimestamp =
uint48(bytes6((self[self.length - 2 * TIMESTAMP_BYTE_SIZE:self.length - TIMESTAMP_BYTE_SIZE])));
uint48 upperBoundTimestamp = uint48(bytes6(self[self.length - TIMESTAMP_BYTE_SIZE:]));
uint8 proofItemsCount = uint8(self[self.length - 2 * TIMESTAMP_BYTE_SIZE - 1]);
uint256 appendedDataLen = (uint256(proofItemsCount) * PROOF_ITEM_BYTE_SIZE + 1) + 2 * TIMESTAMP_BYTE_SIZE;
bytes calldata rlpEncodedTx = self[1:self.length - appendedDataLen];
RLPDecoder.RLPItem memory parsedRlpEncodedTx = rlpEncodedTx.toRlpItem();
RLPDecoder.RLPItem[] memory parsedRlpEncodedTxItems = parsedRlpEncodedTx.toList();
TxParams memory params = extractParams(txType, parsedRlpEncodedTxItems);
return TxData({
txType: txType,
v: _adjustV(params.v),
r: params.r,
s: params.s,
utxHash: calculateUnsignedTxHash(
txType, rlpEncodedTx, parsedRlpEncodedTx.payloadLen(), params.v, params.r, params.s
),
superTxHash: extractAppendedHash(params.callData),
proof: extractProof(self, proofItemsCount),
lowerBoundTimestamp: lowerBoundTimestamp,
upperBoundTimestamp: upperBoundTimestamp
});
}
function decodeTxShort(bytes calldata self) internal pure returns (TxDataShort memory) {
uint8 txType = uint8(self[0]); //first byte is tx type
uint8 proofItemsCount = uint8(self[self.length - 1]);
uint256 appendedDataLen = (uint256(proofItemsCount) * PROOF_ITEM_BYTE_SIZE + 1);
bytes calldata rlpEncodedTx = self[1:self.length - appendedDataLen];
RLPDecoder.RLPItem memory parsedRlpEncodedTx = rlpEncodedTx.toRlpItem();
RLPDecoder.RLPItem[] memory parsedRlpEncodedTxItems = parsedRlpEncodedTx.toList();
TxParams memory params = extractParams(txType, parsedRlpEncodedTxItems);
return TxDataShort({
txType: txType,
v: _adjustV(params.v),
r: params.r,
s: params.s,
utxHash: calculateUnsignedTxHash(
txType, rlpEncodedTx, parsedRlpEncodedTx.payloadLen(), params.v, params.r, params.s
),
superTxHash: extractAppendedHash(params.callData),
proof: extractProofShort(self, proofItemsCount)
});
}
function extractParams(
uint8 txType,
RLPDecoder.RLPItem[] memory items
)
private
pure
returns (TxParams memory params)
{
uint8 dataPos;
uint8 vPos;
uint8 rPos;
uint8 sPos;
if (txType == LEGACY_TX_TYPE) {
dataPos = 5;
vPos = 6;
rPos = 7;
sPos = 8;
} else if (txType == EIP1559_TX_TYPE) {
dataPos = 7;
vPos = 9;
rPos = 10;
sPos = 11;
} else {
revert TxValidatorLib_UnsupportedTxType();
}
return TxParams(
items[vPos].toUint(), bytes32(items[rPos].toUint()), bytes32(items[sPos].toUint()), items[dataPos].toBytes()
);
}
function extractAppendedHash(bytes memory callData) private pure returns (bytes32 iTxHash) {
if (callData.length < ITX_HASH_BYTE_SIZE) revert TxDecoder_CallDataLengthTooShort();
iTxHash = bytes32(callData.slice(callData.length - ITX_HASH_BYTE_SIZE, ITX_HASH_BYTE_SIZE));
}
function extractProof(bytes calldata signedTx, uint8 proofItemsCount)
private
pure
returns (bytes32[] memory proof)
{
proof = new bytes32[](proofItemsCount);
uint256 pos = signedTx.length - 2 * TIMESTAMP_BYTE_SIZE - 1;
for (proofItemsCount; proofItemsCount > 0; proofItemsCount--) {
proof[proofItemsCount - 1] = bytes32(signedTx[pos - PROOF_ITEM_BYTE_SIZE:pos]);
pos = pos - PROOF_ITEM_BYTE_SIZE;
}
}
function extractProofShort(
bytes calldata signedTx,
uint8 proofItemsCount
)
private
pure
returns (bytes32[] memory proof)
{
proof = new bytes32[](proofItemsCount);
uint256 pos = signedTx.length - 1;
for (proofItemsCount; proofItemsCount > 0; proofItemsCount--) {
proof[proofItemsCount - 1] = bytes32(signedTx[pos - PROOF_ITEM_BYTE_SIZE:pos]);
pos = pos - PROOF_ITEM_BYTE_SIZE;
}
}
function calculateUnsignedTxHash(
uint8 txType,
bytes memory rlpEncodedTx,
uint256 rlpEncodedTxPayloadLen,
uint256 v,
bytes32 r,
bytes32 s
)
private
pure
returns (bytes32 hash)
{
uint256 totalSignatureSize =
uint256(r).encodeUint().length + uint256(s).encodeUint().length + v.encodeUint().length;
uint256 totalPrefixSize = rlpEncodedTx.length - rlpEncodedTxPayloadLen;
bytes memory rlpEncodedTxNoSigAndPrefix =
rlpEncodedTx.slice(totalPrefixSize, rlpEncodedTx.length - totalSignatureSize - totalPrefixSize);
if (txType == EIP1559_TX_TYPE) {
return
EfficientHashLib.hash(abi.encodePacked(txType, prependRlpContentSize(rlpEncodedTxNoSigAndPrefix, "")));
} else if (txType == LEGACY_TX_TYPE) {
if (v >= EIP_155_MIN_V_VALUE) {
return EfficientHashLib.hash(
prependRlpContentSize(
rlpEncodedTxNoSigAndPrefix,
abi.encodePacked(
uint256(_extractChainIdFromV(v)).encodeUint(),
uint256(0).encodeUint(),
uint256(0).encodeUint()
)
)
);
} else {
return EfficientHashLib.hash(prependRlpContentSize(rlpEncodedTxNoSigAndPrefix, ""));
}
} else {
revert TxValidatorLib_UnsupportedTxType();
}
}
function prependRlpContentSize(bytes memory content, bytes memory extraData) public pure returns (bytes memory) {
bytes memory combinedContent = abi.encodePacked(content, extraData);
return abi.encodePacked(combinedContent.length.encodeLength(RLPDecoder.LIST_SHORT_START), combinedContent);
}
function _adjustV(uint256 v) internal pure returns (uint8) {
if (v >= EIP_155_MIN_V_VALUE) {
return uint8((v - 2 * _extractChainIdFromV(v) - 35) + 27);
} else if (v <= 1) {
/// forge-lint:disable-next-line(unsafe-typecast)
return uint8(v + 27);
} else {
/// forge-lint:disable-next-line(unsafe-typecast)
return uint8(v);
}
}
function _extractChainIdFromV(uint256 v) internal pure returns (uint256 chainId) {
chainId = (v - 35) / 2;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
import { EcdsaHelperLib } from "../../util/EcdsaHelperLib.sol";
import { MEEUserOpHashLib } from "../MEEUserOpHashLib.sol";
import { SIG_VALIDATION_FAILED, _packValidationData } from "account-abstraction/core/Helpers.sol";
import { UserOperationLib } from "account-abstraction/core/UserOperationLib.sol";
// solhint-disable-next-line no-unused-import
import { HashLib, STATIC_HEAD_LENGTH } from "../HashLib.sol";
/**
* @dev Library to validate the signature for MEE Simple mode
* In this mode, Fusion is not involved and just the superTx hash is signed
*/
library SimpleValidatorLib {
/**
* This function validates the signature for the MEE Simple mode
* 1. Parse the signature data
* 2. Compare the current item (mee user op) hash with the item hash at the index in the itemHashes array
* 3. Get the superTx hash as per EIP-712
* 4. Validate the signature against the superTx hash
*
* @param userOpHash UserOp hash being validated.
* @param signatureData Signature provided as the userOp.signature parameter (minus the prepended tx type byte).
* @param expectedSigner Signer expected to be recovered when decoding the ERC20OPermit signature.
*/
// solhint-disable-next-line gas-named-return-values
function validateUserOp(
bytes32 userOpHash,
bytes calldata signatureData,
address expectedSigner
)
internal
view
returns (uint256)
{
/*
* packedSignatureData layout :
* ======== static head part : 0x61 (97) bytes========
* ... static head part ...
* ======== static tail for simple mode =====
* uint256 = 32 bytes : packedTimestamps
* packedTimestamps is expected to be in the following format:
* lowerBoundTimestamp in the most significant 128 bits (left)
* upperBoundTimestamp in the least significant 128 bits (right)
* ======== dynamic tail ==========
* ... dynamic tail ...
*/
(bytes32 outerTypeHash, uint256 itemIndex, bytes32[] calldata itemHashes, bytes calldata signature) =
HashLib.parsePackedSigDataHead(signatureData);
bytes32 packedTimestamps;
assembly {
packedTimestamps := calldataload(add(signatureData.offset, STATIC_HEAD_LENGTH))
}
(uint256 lowerBoundTimestamp, uint256 upperBoundTimestamp) = UserOperationLib.unpackUints(packedTimestamps);
bytes32 currentItemHash =
MEEUserOpHashLib.getMeeUserOpEip712Hash(userOpHash, lowerBoundTimestamp, upperBoundTimestamp);
bytes32 superTxEip712Hash =
HashLib.compareAndGetFinalHash(outerTypeHash, currentItemHash, itemIndex, itemHashes);
if (superTxEip712Hash == bytes32(0)) {
return SIG_VALIDATION_FAILED;
}
if (!EcdsaHelperLib.isValidSignature(expectedSigner, superTxEip712Hash, signature)) {
return SIG_VALIDATION_FAILED;
}
/// timestamps are never big enough to overflow uint48
/// forge-lint:disable-next-line(unsafe-typecast)
return _packValidationData(false, uint48(upperBoundTimestamp), uint48(lowerBoundTimestamp));
}
/**
* @notice Validates the signature against the expected signer (owner)
* @dev In this case everything is even simpler, as this interface expects
* a ready hash to be provided as dataHash, we do not need to rehash
* Task to rehash data and provide the dataHash lies on the protocol,
* that requests isValidSignature/validateSignatureWithData
*
* @dev What we expect is that dataHash is a properly made in according to
* the algorithm of getting the superTxEip712Hash.
* Since this is the hash of the superTx entry, and superTx is a struct,
* and the entry is a struct as well, according to EIP-712,
* "the struct values are encoded recursively as hashStruct(value)".
* So when the SuperTx data struct is hashed as per eip-712 on front-end,
* the inner structs are also hashed as hashStruct(s : 𝕊) = keccak256(typeHash ‖ encodeData(s))
* So this function expects protocol to build `dataHash` as describe above.
* Which will be true for most cases.
*
* @param owner Signer expected to be recovered
* @param dataHash the hash of the superTx entry that is being validated
* @param signatureData Signature
*/
// solhint-disable-next-line gas-named-return-values
function validateSignatureForOwner(
address owner,
bytes32 dataHash,
bytes calldata signatureData
)
internal
view
returns (bool)
{
(bytes32 outerTypeHash, uint256 itemIndex, bytes32[] calldata itemHashes, bytes calldata signature) =
HashLib.parsePackedSigDataHead(signatureData);
bytes32 superTxEip712Hash = HashLib.compareAndGetFinalHash(outerTypeHash, dataHash, itemIndex, itemHashes);
if (superTxEip712Hash == bytes32(0)) {
return false;
}
if (!EcdsaHelperLib.isValidSignature(owner, superTxEip712Hash, signature)) {
return false;
}
return true;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
import { SIG_VALIDATION_FAILED, SIG_VALIDATION_SUCCESS } from "account-abstraction/core/Helpers.sol";
import { EcdsaHelperLib } from "../../util/EcdsaHelperLib.sol";
library NoMeeFlowLib {
/**
* Standard userOp validator - validates by simply checking if the userOpHash was signed by the account's EOA owner.
*
* @param userOpHash userOpHash being validated.
* @param parsedSignature Signature
* @param expectedSigner Signer expected to be recovered
*/
function validateUserOp(
bytes32 userOpHash,
bytes memory parsedSignature,
address expectedSigner
)
internal
view
returns (uint256)
{
if (!EcdsaHelperLib.isValidSignature(expectedSigner, userOpHash, parsedSignature)) {
return SIG_VALIDATION_FAILED;
}
return SIG_VALIDATION_SUCCESS;
}
/**
* @notice Validates the signature against the expected signer (owner)
* @param expectedSigner Signer expected to be recovered
* @param hash Hash of the userOp
* @param parsedSignature Signature
*/
function validateSignatureForOwner(
address expectedSigner,
bytes32 hash,
bytes memory parsedSignature
)
internal
view
returns (bool)
{
return EcdsaHelperLib.isValidSignature(expectedSigner, hash, parsedSignature);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
import { ECDSA } from "solady/utils/ECDSA.sol";
/**
* @title EcdsaHelperLib
* @notice A library that provides helper functions for ECDSA operations
* @author Biconomy
*/
library EcdsaHelperLib {
using ECDSA for bytes32;
/**
* @notice Checks if the signature is valid for the given hash and expected signer
* @param expectedSigner The expected signer of the signature
* @param hash The hash of the data to be signed
* @param signature The signature to be validated
* @return bool True if the signature is valid, false otherwise
* @dev Solady ECDSA does not revert on incorrect signatures.
* Instead, it returns address(0) as the recovered address.
* Make sure to never pass address(0) as expectedSigner to this function.
*/
// solhint-disable-next-line gas-named-return-values
function isValidSignature(
address expectedSigner,
bytes32 hash,
bytes memory signature
)
internal
view
returns (bool)
{
if (hash.tryRecover(signature) == expectedSigner) return true;
if (hash.toEthSignedMessageHash().tryRecover(signature) == expectedSigner) return true;
return false;
}
/**
* @notice Returns the keccak256 digest of an EIP-712 typed data (EIP-191 version `0x01`).
* @param domainSeparator The domain separator of the typed data
* @param structHash The struct hash of the typed data
* @return digest The keccak256 digest of the typed data
* @dev Returns the keccak256 digest of an EIP-712 typed data (EIP-191 version `0x01`).
*
* The digest is calculated from a `domainSeparator` and a `structHash`, by prefixing them with
* `\x19\x01` and hashing the result. It corresponds to the hash signed by the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`] JSON-RPC method as part of EIP-712.
*
* See {ECDSA-recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32 digest) {
/// @solidity memory-safe-assembly
assembly {
let ptr := mload(0x40)
mstore(ptr, hex"1901")
mstore(add(ptr, 0x02), domainSeparator)
mstore(add(ptr, 0x22), structHash)
digest := keccak256(ptr, 0x42)
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
/**
* Dynamic arrays associated with an account address as per ERC-7562/ERC-4337
* @author filio.eth (Biconomy), zeroknots.eth (rhinestone)
*/
library AssociatedArrayLib {
using AssociatedArrayLib for *;
error AssociatedArray_OutOfBounds(uint256 index);
struct Array {
uint256 _spacer;
}
function _slot(Array storage s, address account) private pure returns (bytes32 __slot) {
assembly {
mstore(0x00, account)
mstore(0x20, s.slot)
__slot := keccak256(0x00, 0x40)
}
}
function _length(Array storage s, address account) private view returns (uint256 __length) {
bytes32 slot = _slot(s, account);
assembly {
__length := sload(slot)
}
}
function _get(Array storage s, address account, uint256 index) private view returns (bytes32 value) {
return _get(_slot(s, account), index);
}
function _get(bytes32 slot, uint256 index) private view returns (bytes32 value) {
assembly {
//if (index >= _length(s, account)) revert AssociatedArray_OutOfBounds(index);
if iszero(lt(index, sload(slot))) {
mstore(0, 0x8277484f) // `AssociatedArray_OutOfBounds(uint256)`
mstore(0x20, index)
revert(0x1c, 0x24)
}
value := sload(add(slot, mul(0x20, add(index, 1))))
}
}
function _getAll(Array storage s, address account) private view returns (bytes32[] memory values) {
bytes32 slot = _slot(s, account);
uint256 __length;
assembly {
__length := sload(slot)
}
values = new bytes32[](__length);
for (uint256 i; i < __length; i++) {
values[i] = _get(slot, i);
}
}
// inefficient. complexity = O(n)
// use with caution
// in case of large arrays, consider using EnumerableSet4337 instead
function _contains(Array storage s, address account, bytes32 value) private view returns (bool) {
bytes32 slot = _slot(s, account);
uint256 __length;
assembly {
__length := sload(slot)
}
for (uint256 i; i < __length; i++) {
if (_get(slot, i) == value) {
return true;
}
}
return false;
}
function _set(Array storage s, address account, uint256 index, bytes32 value) private {
_set(_slot(s, account), index, value);
}
function _set(bytes32 slot, uint256 index, bytes32 value) private {
assembly {
//if (index >= _length(s, account)) revert AssociatedArray_OutOfBounds(index);
if iszero(lt(index, sload(slot))) {
mstore(0, 0x8277484f) // `AssociatedArray_OutOfBounds(uint256)`
mstore(0x20, index)
revert(0x1c, 0x24)
}
sstore(add(slot, mul(0x20, add(index, 1))), value)
}
}
function _push(Array storage s, address account, bytes32 value) private {
bytes32 slot = _slot(s, account);
assembly {
// load length (stored @ slot), add 1 to it => index.
// mul index by 0x20 and add it to orig slot to get the next free slot
let index := add(sload(slot), 1)
sstore(add(slot, mul(0x20, index)), value)
sstore(slot, index) //increment length by 1
}
}
function _pop(Array storage s, address account) private {
bytes32 slot = _slot(s, account);
uint256 __length;
assembly {
__length := sload(slot)
}
if (__length == 0) return;
_set(slot, __length - 1, 0);
assembly {
sstore(slot, sub(__length, 1))
}
}
function _remove(Array storage s, address account, uint256 index) private {
bytes32 slot = _slot(s, account);
uint256 __length;
assembly {
__length := sload(slot)
if iszero(lt(index, __length)) {
mstore(0, 0x8277484f) // `AssociatedArray_OutOfBounds(uint256)`
mstore(0x20, index)
revert(0x1c, 0x24)
}
}
_set(slot, index, _get(s, account, __length - 1));
assembly {
// clear the last slot
// this is the 'unchecked' version of _set(slot, __length - 1, 0)
// as we use length-1 as index, so the check is excessive.
// also removes extra -1 and +1 operations
sstore(add(slot, mul(0x20, __length)), 0)
// store new length
sstore(slot, sub(__length, 1))
}
}
struct Bytes32Array {
Array _inner;
}
function length(Bytes32Array storage s, address account) internal view returns (uint256) {
return _length(s._inner, account);
}
function get(Bytes32Array storage s, address account, uint256 index) internal view returns (bytes32) {
return _get(s._inner, account, index);
}
function getAll(Bytes32Array storage s, address account) internal view returns (bytes32[] memory) {
return _getAll(s._inner, account);
}
function contains(Bytes32Array storage s, address account, bytes32 value) internal view returns (bool) {
return _contains(s._inner, account, value);
}
function add(Bytes32Array storage s, address account, bytes32 value) internal {
if (!_contains(s._inner, account, value)) {
_push(s._inner, account, value);
}
}
function set(Bytes32Array storage s, address account, uint256 index, bytes32 value) internal {
_set(s._inner, account, index, value);
}
function push(Bytes32Array storage s, address account, bytes32 value) internal {
_push(s._inner, account, value);
}
function pop(Bytes32Array storage s, address account) internal {
_pop(s._inner, account);
}
function remove(Bytes32Array storage s, address account, uint256 index) internal {
_remove(s._inner, account, index);
}
struct AddressArray {
Array _inner;
}
function length(AddressArray storage s, address account) internal view returns (uint256) {
return _length(s._inner, account);
}
function get(AddressArray storage s, address account, uint256 index) internal view returns (address) {
return address(uint160(uint256(_get(s._inner, account, index))));
}
function getAll(AddressArray storage s, address account) internal view returns (address[] memory) {
bytes32[] memory bytes32Array = _getAll(s._inner, account);
address[] memory addressArray;
/// @solidity memory-safe-assembly
assembly {
addressArray := bytes32Array
}
return addressArray;
}
function contains(AddressArray storage s, address account, address value) internal view returns (bool) {
return _contains(s._inner, account, bytes32(uint256(uint160(value))));
}
function add(AddressArray storage s, address account, address value) internal {
if (!_contains(s._inner, account, bytes32(uint256(uint160(value))))) {
_push(s._inner, account, bytes32(uint256(uint160(value))));
}
}
function set(AddressArray storage s, address account, uint256 index, address value) internal {
_set(s._inner, account, index, bytes32(uint256(uint160(value))));
}
function push(AddressArray storage s, address account, address value) internal {
_push(s._inner, account, bytes32(uint256(uint160(value))));
}
function pop(AddressArray storage s, address account) internal {
_pop(s._inner, account);
}
function remove(AddressArray storage s, address account, uint256 index) internal {
_remove(s._inner, account, index);
}
struct UintArray {
Array _inner;
}
function length(UintArray storage s, address account) internal view returns (uint256) {
return _length(s._inner, account);
}
function get(UintArray storage s, address account, uint256 index) internal view returns (uint256) {
return uint256(_get(s._inner, account, index));
}
function getAll(UintArray storage s, address account) internal view returns (uint256[] memory) {
bytes32[] memory bytes32Array = _getAll(s._inner, account);
uint256[] memory uintArray;
/// @solidity memory-safe-assembly
assembly {
uintArray := bytes32Array
}
return uintArray;
}
function contains(UintArray storage s, address account, uint256 value) internal view returns (bool) {
return _contains(s._inner, account, bytes32(value));
}
function add(UintArray storage s, address account, uint256 value) internal {
if (!_contains(s._inner, account, bytes32(value))) {
_push(s._inner, account, bytes32(value));
}
}
function set(UintArray storage s, address account, uint256 index, uint256 value) internal {
_set(s._inner, account, index, bytes32(value));
}
function push(UintArray storage s, address account, uint256 value) internal {
_push(s._inner, account, bytes32(value));
}
function pop(UintArray storage s, address account) internal {
_pop(s._inner, account);
}
function remove(UintArray storage s, address account, uint256 index) internal {
_remove(s._inner, account, index);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
/// @notice Gas optimized verification of proof of inclusion for a leaf in a Merkle tree.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/MerkleProofLib.sol)
/// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/MerkleProofLib.sol)
/// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/MerkleProof.sol)
library MerkleProofLib {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* MERKLE PROOF VERIFICATION OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns whether `leaf` exists in the Merkle tree with `root`, given `proof`.
function verify(bytes32[] memory proof, bytes32 root, bytes32 leaf)
internal
pure
returns (bool isValid)
{
/// @solidity memory-safe-assembly
assembly {
if mload(proof) {
// Initialize `offset` to the offset of `proof` elements in memory.
let offset := add(proof, 0x20)
// Left shift by 5 is equivalent to multiplying by 0x20.
let end := add(offset, shl(5, mload(proof)))
// Iterate over proof elements to compute root hash.
for {} 1 {} {
// Slot of `leaf` in scratch space.
// If the condition is true: 0x20, otherwise: 0x00.
let scratch := shl(5, gt(leaf, mload(offset)))
// Store elements to hash contiguously in scratch space.
// Scratch space is 64 bytes (0x00 - 0x3f) and both elements are 32 bytes.
mstore(scratch, leaf)
mstore(xor(scratch, 0x20), mload(offset))
// Reuse `leaf` to store the hash to reduce stack operations.
leaf := keccak256(0x00, 0x40)
offset := add(offset, 0x20)
if iszero(lt(offset, end)) { break }
}
}
isValid := eq(leaf, root)
}
}
/// @dev Returns whether `leaf` exists in the Merkle tree with `root`, given `proof`.
function verifyCalldata(bytes32[] calldata proof, bytes32 root, bytes32 leaf)
internal
pure
returns (bool isValid)
{
/// @solidity memory-safe-assembly
assembly {
if proof.length {
// Left shift by 5 is equivalent to multiplying by 0x20.
let end := add(proof.offset, shl(5, proof.length))
// Initialize `offset` to the offset of `proof` in the calldata.
let offset := proof.offset
// Iterate over proof elements to compute root hash.
for {} 1 {} {
// Slot of `leaf` in scratch space.
// If the condition is true: 0x20, otherwise: 0x00.
let scratch := shl(5, gt(leaf, calldataload(offset)))
// Store elements to hash contiguously in scratch space.
// Scratch space is 64 bytes (0x00 - 0x3f) and both elements are 32 bytes.
mstore(scratch, leaf)
mstore(xor(scratch, 0x20), calldataload(offset))
// Reuse `leaf` to store the hash to reduce stack operations.
leaf := keccak256(0x00, 0x40)
offset := add(offset, 0x20)
if iszero(lt(offset, end)) { break }
}
}
isValid := eq(leaf, root)
}
}
/// @dev Returns whether all `leaves` exist in the Merkle tree with `root`,
/// given `proof` and `flags`.
///
/// Note:
/// - Breaking the invariant `flags.length == (leaves.length - 1) + proof.length`
/// will always return false.
/// - The sum of the lengths of `proof` and `leaves` must never overflow.
/// - Any non-zero word in the `flags` array is treated as true.
/// - The memory offset of `proof` must be non-zero
/// (i.e. `proof` is not pointing to the scratch space).
function verifyMultiProof(
bytes32[] memory proof,
bytes32 root,
bytes32[] memory leaves,
bool[] memory flags
) internal pure returns (bool isValid) {
// Rebuilds the root by consuming and producing values on a queue.
// The queue starts with the `leaves` array, and goes into a `hashes` array.
// After the process, the last element on the queue is verified
// to be equal to the `root`.
//
// The `flags` array denotes whether the sibling
// should be popped from the queue (`flag == true`), or
// should be popped from the `proof` (`flag == false`).
/// @solidity memory-safe-assembly
assembly {
// Cache the lengths of the arrays.
let leavesLength := mload(leaves)
let proofLength := mload(proof)
let flagsLength := mload(flags)
// Advance the pointers of the arrays to point to the data.
leaves := add(0x20, leaves)
proof := add(0x20, proof)
flags := add(0x20, flags)
// If the number of flags is correct.
for {} eq(add(leavesLength, proofLength), add(flagsLength, 1)) {} {
// For the case where `proof.length + leaves.length == 1`.
if iszero(flagsLength) {
// `isValid = (proof.length == 1 ? proof[0] : leaves[0]) == root`.
isValid := eq(mload(xor(leaves, mul(xor(proof, leaves), proofLength))), root)
break
}
// The required final proof offset if `flagsLength` is not zero, otherwise zero.
let proofEnd := add(proof, shl(5, proofLength))
// We can use the free memory space for the queue.
// We don't need to allocate, since the queue is temporary.
let hashesFront := mload(0x40)
// Copy the leaves into the hashes.
// Sometimes, a little memory expansion costs less than branching.
// Should cost less, even with a high free memory offset of 0x7d00.
leavesLength := shl(5, leavesLength)
for { let i := 0 } iszero(eq(i, leavesLength)) { i := add(i, 0x20) } {
mstore(add(hashesFront, i), mload(add(leaves, i)))
}
// Compute the back of the hashes.
let hashesBack := add(hashesFront, leavesLength)
// This is the end of the memory for the queue.
// We recycle `flagsLength` to save on stack variables (sometimes save gas).
flagsLength := add(hashesBack, shl(5, flagsLength))
for {} 1 {} {
// Pop from `hashes`.
let a := mload(hashesFront)
// Pop from `hashes`.
let b := mload(add(hashesFront, 0x20))
hashesFront := add(hashesFront, 0x40)
// If the flag is false, load the next proof,
// else, pops from the queue.
if iszero(mload(flags)) {
// Loads the next proof.
b := mload(proof)
proof := add(proof, 0x20)
// Unpop from `hashes`.
hashesFront := sub(hashesFront, 0x20)
}
// Advance to the next flag.
flags := add(flags, 0x20)
// Slot of `a` in scratch space.
// If the condition is true: 0x20, otherwise: 0x00.
let scratch := shl(5, gt(a, b))
// Hash the scratch space and push the result onto the queue.
mstore(scratch, a)
mstore(xor(scratch, 0x20), b)
mstore(hashesBack, keccak256(0x00, 0x40))
hashesBack := add(hashesBack, 0x20)
if iszero(lt(hashesBack, flagsLength)) { break }
}
isValid := and(
// Checks if the last value in the queue is same as the root.
eq(mload(sub(hashesBack, 0x20)), root),
// And whether all the proofs are used, if required.
eq(proofEnd, proof)
)
break
}
}
}
/// @dev Returns whether all `leaves` exist in the Merkle tree with `root`,
/// given `proof` and `flags`.
///
/// Note:
/// - Breaking the invariant `flags.length == (leaves.length - 1) + proof.length`
/// will always return false.
/// - Any non-zero word in the `flags` array is treated as true.
/// - The calldata offset of `proof` must be non-zero
/// (i.e. `proof` is from a regular Solidity function with a 4-byte selector).
function verifyMultiProofCalldata(
bytes32[] calldata proof,
bytes32 root,
bytes32[] calldata leaves,
bool[] calldata flags
) internal pure returns (bool isValid) {
// Rebuilds the root by consuming and producing values on a queue.
// The queue starts with the `leaves` array, and goes into a `hashes` array.
// After the process, the last element on the queue is verified
// to be equal to the `root`.
//
// The `flags` array denotes whether the sibling
// should be popped from the queue (`flag == true`), or
// should be popped from the `proof` (`flag == false`).
/// @solidity memory-safe-assembly
assembly {
// If the number of flags is correct.
for {} eq(add(leaves.length, proof.length), add(flags.length, 1)) {} {
// For the case where `proof.length + leaves.length == 1`.
if iszero(
flags.length
) {
// `isValid = (proof.length == 1 ? proof[0] : leaves[0]) == root`.
// forgefmt: disable-next-item
isValid := eq(
calldataload(
xor(leaves.offset, mul(xor(proof.offset, leaves.offset), proof.length))
),
root
)
break
}
// The required final proof offset if `flagsLength` is not zero, otherwise zero.
let proofEnd := add(proof.offset, shl(5, proof.length))
// We can use the free memory space for the queue.
// We don't need to allocate, since the queue is temporary.
let hashesFront := mload(0x40)
// Copy the leaves into the hashes.
// Sometimes, a little memory expansion costs less than branching.
// Should cost less, even with a high free memory offset of 0x7d00.
calldatacopy(hashesFront, leaves.offset, shl(5, leaves.length))
// Compute the back of the hashes.
let hashesBack := add(hashesFront, shl(5, leaves.length))
// This is the end of the memory for the queue.
// We recycle `flagsLength` to save on stack variables (sometimes save gas).
flags.length := add(hashesBack, shl(5, flags.length))
// We don't need to make a copy of `proof.offset` or `flags.offset`,
// as they are pass-by-value (this trick may not always save gas).
for {} 1 {} {
// Pop from `hashes`.
let a := mload(hashesFront)
// Pop from `hashes`.
let b := mload(add(hashesFront, 0x20))
hashesFront := add(hashesFront, 0x40)
// If the flag is false, load the next proof,
// else, pops from the queue.
if iszero(calldataload(flags.offset)) {
// Loads the next proof.
b := calldataload(proof.offset)
proof.offset := add(proof.offset, 0x20)
// Unpop from `hashes`.
hashesFront := sub(hashesFront, 0x20)
}
// Advance to the next flag offset.
flags.offset := add(flags.offset, 0x20)
// Slot of `a` in scratch space.
// If the condition is true: 0x20, otherwise: 0x00.
let scratch := shl(5, gt(a, b))
// Hash the scratch space and push the result onto the queue.
mstore(scratch, a)
mstore(xor(scratch, 0x20), b)
mstore(hashesBack, keccak256(0x00, 0x40))
hashesBack := add(hashesBack, 0x20)
if iszero(lt(hashesBack, flags.length)) { break }
}
isValid := and(
// Checks if the last value in the queue is same as the root.
eq(mload(sub(hashesBack, 0x20)), root),
// And whether all the proofs are used, if required.
eq(proofEnd, proof.offset)
)
break
}
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* EMPTY CALLDATA HELPERS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns an empty calldata bytes32 array.
function emptyProof() internal pure returns (bytes32[] calldata proof) {
/// @solidity memory-safe-assembly
assembly {
proof.length := 0
}
}
/// @dev Returns an empty calldata bytes32 array.
function emptyLeaves() internal pure returns (bytes32[] calldata leaves) {
/// @solidity memory-safe-assembly
assembly {
leaves.length := 0
}
}
/// @dev Returns an empty calldata bool array.
function emptyFlags() internal pure returns (bool[] calldata flags) {
/// @solidity memory-safe-assembly
assembly {
flags.length := 0
}
}
}// SPDX-License-Identifier: Unlicense
/*
* @title MEE UserOp Hash Lib
*
* @dev Calculates userOp hash for the new type of transaction - SuperTransaction (as a part of MEE stack)
*/
pragma solidity ^0.8.27;
import { EfficientHashLib } from "solady/utils/EfficientHashLib.sol";
// keccak256("MEEUserOp(bytes32 userOpHash,uint256 lowerBoundTimestamp,uint256 upperBoundTimestamp)");
bytes32 constant MEE_USER_OP_TYPEHASH = 0xa893e832cd40f0161a05fdeee70845d347394fb92e8ffc59e56e6b2d37605454;
library MEEUserOpHashLib {
/**
* Calculates blind userOp hash. Almost works like a regular 4337 userOp hash with few fields added.
*
* @param userOpHash userOp hash to calculate the hash for
* @param lowerBoundTimestamp lower bound timestamp set when constructing userOp
* @param upperBoundTimestamp upper bound timestamp set when constructing userOp
* Timestamps are used by the MEE node to schedule the execution of the userOps within the superTx
*/
function getMEEUserOpHash(
bytes32 userOpHash,
uint256 lowerBoundTimestamp,
uint256 upperBoundTimestamp
)
internal
pure
returns (bytes32 meeUserOpHash)
{
// using double hashing to avoid second preimage attack:
// https://flawed.net.nz/2018/02/21/attacking-merkle-trees-with-a-second-preimage-attack/
// https://www.npmjs.com/package/@openzeppelin/merkle-tree#fn-1
meeUserOpHash =
EfficientHashLib.hash(EfficientHashLib.hash(uint256(userOpHash), lowerBoundTimestamp, upperBoundTimestamp));
// but since we are moving away from Merkle trees in future commits, we can just hash the userOpHash directly
// return EfficientHashLib.hash(uint256(userOpHash), lowerBoundTimestamp, upperBoundTimestamp);
}
/**
* @notice Calculates EIP-712 hash of the following data struct:
* struct MEEUserOp {
* bytes32 userOpHash;
* uint256 lowerBoundTimestamp;
* uint256 upperBoundTimestamp;
* }
* Hash as per EIP-712: hashStruct(s : 𝕊) = keccak256(typeHash ‖ encodeData(s))
* using the efficient hash library for gas optimization
*
* @dev Both timestamps here are used bybeing encoded into the validation data in the validateUserOp function.
* @dev Attention!: If we are to add more fields from the userOp to the struct for better user transparency,
* we need to make sure they are actually used and not just signed within the MeeUserOp hash.
* At least they should be compared to the actual userOp fields.
* Otherwise nothing prevents protocol from showing a user random param values to sign,
* while in the userOp they are different.
*
*
* @param userOpHash userOp hash to calculate the hash for
* @param lowerBoundTimestamp lower bound timestamp
* @param upperBoundTimestamp upper bound timestamp
* Timestamps are used by the MEE node to schedule the execution of the userOps within the superTx
*
* @return meeUserOpEip712Hash the hash of the MEEUserOp struct
*/
function getMeeUserOpEip712Hash(
bytes32 userOpHash,
uint256 lowerBoundTimestamp,
uint256 upperBoundTimestamp
)
internal
pure
returns (bytes32 meeUserOpEip712Hash)
{
meeUserOpEip712Hash = EfficientHashLib.hash(
MEE_USER_OP_TYPEHASH, userOpHash, bytes32(lowerBoundTimestamp), bytes32(upperBoundTimestamp)
);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
/// @notice Simple ERC20 + EIP-2612 implementation.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/tokens/ERC20.sol)
/// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC20.sol)
/// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/ERC20.sol)
///
/// @dev Note:
/// - The ERC20 standard allows minting and transferring to and from the zero address,
/// minting and transferring zero tokens, as well as self-approvals.
/// For performance, this implementation WILL NOT revert for such actions.
/// Please add any checks with overrides if desired.
/// - The `permit` function uses the ecrecover precompile (0x1).
///
/// If you are overriding:
/// - NEVER violate the ERC20 invariant:
/// the total sum of all balances must be equal to `totalSupply()`.
/// - Check that the overridden function is actually used in the function you want to
/// change the behavior of. Much of the code has been manually inlined for performance.
abstract contract ERC20 {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CUSTOM ERRORS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The total supply has overflowed.
error TotalSupplyOverflow();
/// @dev The allowance has overflowed.
error AllowanceOverflow();
/// @dev The allowance has underflowed.
error AllowanceUnderflow();
/// @dev Insufficient balance.
error InsufficientBalance();
/// @dev Insufficient allowance.
error InsufficientAllowance();
/// @dev The permit is invalid.
error InvalidPermit();
/// @dev The permit has expired.
error PermitExpired();
/// @dev The allowance of Permit2 is fixed at infinity.
error Permit2AllowanceIsFixedAtInfinity();
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* EVENTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Emitted when `amount` tokens is transferred from `from` to `to`.
event Transfer(address indexed from, address indexed to, uint256 amount);
/// @dev Emitted when `amount` tokens is approved by `owner` to be used by `spender`.
event Approval(address indexed owner, address indexed spender, uint256 amount);
/// @dev `keccak256(bytes("Transfer(address,address,uint256)"))`.
uint256 private constant _TRANSFER_EVENT_SIGNATURE =
0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef;
/// @dev `keccak256(bytes("Approval(address,address,uint256)"))`.
uint256 private constant _APPROVAL_EVENT_SIGNATURE =
0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* STORAGE */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The storage slot for the total supply.
uint256 private constant _TOTAL_SUPPLY_SLOT = 0x05345cdf77eb68f44c;
/// @dev The balance slot of `owner` is given by:
/// ```
/// mstore(0x0c, _BALANCE_SLOT_SEED)
/// mstore(0x00, owner)
/// let balanceSlot := keccak256(0x0c, 0x20)
/// ```
uint256 private constant _BALANCE_SLOT_SEED = 0x87a211a2;
/// @dev The allowance slot of (`owner`, `spender`) is given by:
/// ```
/// mstore(0x20, spender)
/// mstore(0x0c, _ALLOWANCE_SLOT_SEED)
/// mstore(0x00, owner)
/// let allowanceSlot := keccak256(0x0c, 0x34)
/// ```
uint256 private constant _ALLOWANCE_SLOT_SEED = 0x7f5e9f20;
/// @dev The nonce slot of `owner` is given by:
/// ```
/// mstore(0x0c, _NONCES_SLOT_SEED)
/// mstore(0x00, owner)
/// let nonceSlot := keccak256(0x0c, 0x20)
/// ```
uint256 private constant _NONCES_SLOT_SEED = 0x38377508;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CONSTANTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev `(_NONCES_SLOT_SEED << 16) | 0x1901`.
uint256 private constant _NONCES_SLOT_SEED_WITH_SIGNATURE_PREFIX = 0x383775081901;
/// @dev `keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)")`.
bytes32 private constant _DOMAIN_TYPEHASH =
0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f;
/// @dev `keccak256("1")`.
/// If you need to use a different version, override `_versionHash`.
bytes32 private constant _DEFAULT_VERSION_HASH =
0xc89efdaa54c0f20c7adf612882df0950f5a951637e0307cdcb4c672f298b8bc6;
/// @dev `keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)")`.
bytes32 private constant _PERMIT_TYPEHASH =
0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
/// @dev The canonical Permit2 address.
/// For signature-based allowance granting for single transaction ERC20 `transferFrom`.
/// Enabled by default. To disable, override `_givePermit2InfiniteAllowance()`.
/// [Github](https://github.com/Uniswap/permit2)
/// [Etherscan](https://etherscan.io/address/0x000000000022D473030F116dDEE9F6B43aC78BA3)
address internal constant _PERMIT2 = 0x000000000022D473030F116dDEE9F6B43aC78BA3;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* ERC20 METADATA */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns the name of the token.
function name() public view virtual returns (string memory);
/// @dev Returns the symbol of the token.
function symbol() public view virtual returns (string memory);
/// @dev Returns the decimals places of the token.
function decimals() public view virtual returns (uint8) {
return 18;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* ERC20 */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns the amount of tokens in existence.
function totalSupply() public view virtual returns (uint256 result) {
/// @solidity memory-safe-assembly
assembly {
result := sload(_TOTAL_SUPPLY_SLOT)
}
}
/// @dev Returns the amount of tokens owned by `owner`.
function balanceOf(address owner) public view virtual returns (uint256 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x0c, _BALANCE_SLOT_SEED)
mstore(0x00, owner)
result := sload(keccak256(0x0c, 0x20))
}
}
/// @dev Returns the amount of tokens that `spender` can spend on behalf of `owner`.
function allowance(address owner, address spender)
public
view
virtual
returns (uint256 result)
{
if (_givePermit2InfiniteAllowance()) {
if (spender == _PERMIT2) return type(uint256).max;
}
/// @solidity memory-safe-assembly
assembly {
mstore(0x20, spender)
mstore(0x0c, _ALLOWANCE_SLOT_SEED)
mstore(0x00, owner)
result := sload(keccak256(0x0c, 0x34))
}
}
/// @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
///
/// Emits a {Approval} event.
function approve(address spender, uint256 amount) public virtual returns (bool) {
if (_givePermit2InfiniteAllowance()) {
/// @solidity memory-safe-assembly
assembly {
// If `spender == _PERMIT2 && amount != type(uint256).max`.
if iszero(or(xor(shr(96, shl(96, spender)), _PERMIT2), iszero(not(amount)))) {
mstore(0x00, 0x3f68539a) // `Permit2AllowanceIsFixedAtInfinity()`.
revert(0x1c, 0x04)
}
}
}
/// @solidity memory-safe-assembly
assembly {
// Compute the allowance slot and store the amount.
mstore(0x20, spender)
mstore(0x0c, _ALLOWANCE_SLOT_SEED)
mstore(0x00, caller())
sstore(keccak256(0x0c, 0x34), amount)
// Emit the {Approval} event.
mstore(0x00, amount)
log3(0x00, 0x20, _APPROVAL_EVENT_SIGNATURE, caller(), shr(96, mload(0x2c)))
}
return true;
}
/// @dev Transfer `amount` tokens from the caller to `to`.
///
/// Requirements:
/// - `from` must at least have `amount`.
///
/// Emits a {Transfer} event.
function transfer(address to, uint256 amount) public virtual returns (bool) {
_beforeTokenTransfer(msg.sender, to, amount);
/// @solidity memory-safe-assembly
assembly {
// Compute the balance slot and load its value.
mstore(0x0c, _BALANCE_SLOT_SEED)
mstore(0x00, caller())
let fromBalanceSlot := keccak256(0x0c, 0x20)
let fromBalance := sload(fromBalanceSlot)
// Revert if insufficient balance.
if gt(amount, fromBalance) {
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated balance.
sstore(fromBalanceSlot, sub(fromBalance, amount))
// Compute the balance slot of `to`.
mstore(0x00, to)
let toBalanceSlot := keccak256(0x0c, 0x20)
// Add and store the updated balance of `to`.
// Will not overflow because the sum of all user balances
// cannot exceed the maximum uint256 value.
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount))
// Emit the {Transfer} event.
mstore(0x20, amount)
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, caller(), shr(96, mload(0x0c)))
}
_afterTokenTransfer(msg.sender, to, amount);
return true;
}
/// @dev Transfers `amount` tokens from `from` to `to`.
///
/// Note: Does not update the allowance if it is the maximum uint256 value.
///
/// Requirements:
/// - `from` must at least have `amount`.
/// - The caller must have at least `amount` of allowance to transfer the tokens of `from`.
///
/// Emits a {Transfer} event.
function transferFrom(address from, address to, uint256 amount) public virtual returns (bool) {
_beforeTokenTransfer(from, to, amount);
// Code duplication is for zero-cost abstraction if possible.
if (_givePermit2InfiniteAllowance()) {
/// @solidity memory-safe-assembly
assembly {
let from_ := shl(96, from)
if iszero(eq(caller(), _PERMIT2)) {
// Compute the allowance slot and load its value.
mstore(0x20, caller())
mstore(0x0c, or(from_, _ALLOWANCE_SLOT_SEED))
let allowanceSlot := keccak256(0x0c, 0x34)
let allowance_ := sload(allowanceSlot)
// If the allowance is not the maximum uint256 value.
if not(allowance_) {
// Revert if the amount to be transferred exceeds the allowance.
if gt(amount, allowance_) {
mstore(0x00, 0x13be252b) // `InsufficientAllowance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated allowance.
sstore(allowanceSlot, sub(allowance_, amount))
}
}
// Compute the balance slot and load its value.
mstore(0x0c, or(from_, _BALANCE_SLOT_SEED))
let fromBalanceSlot := keccak256(0x0c, 0x20)
let fromBalance := sload(fromBalanceSlot)
// Revert if insufficient balance.
if gt(amount, fromBalance) {
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated balance.
sstore(fromBalanceSlot, sub(fromBalance, amount))
// Compute the balance slot of `to`.
mstore(0x00, to)
let toBalanceSlot := keccak256(0x0c, 0x20)
// Add and store the updated balance of `to`.
// Will not overflow because the sum of all user balances
// cannot exceed the maximum uint256 value.
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount))
// Emit the {Transfer} event.
mstore(0x20, amount)
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, from_), shr(96, mload(0x0c)))
}
} else {
/// @solidity memory-safe-assembly
assembly {
let from_ := shl(96, from)
// Compute the allowance slot and load its value.
mstore(0x20, caller())
mstore(0x0c, or(from_, _ALLOWANCE_SLOT_SEED))
let allowanceSlot := keccak256(0x0c, 0x34)
let allowance_ := sload(allowanceSlot)
// If the allowance is not the maximum uint256 value.
if not(allowance_) {
// Revert if the amount to be transferred exceeds the allowance.
if gt(amount, allowance_) {
mstore(0x00, 0x13be252b) // `InsufficientAllowance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated allowance.
sstore(allowanceSlot, sub(allowance_, amount))
}
// Compute the balance slot and load its value.
mstore(0x0c, or(from_, _BALANCE_SLOT_SEED))
let fromBalanceSlot := keccak256(0x0c, 0x20)
let fromBalance := sload(fromBalanceSlot)
// Revert if insufficient balance.
if gt(amount, fromBalance) {
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated balance.
sstore(fromBalanceSlot, sub(fromBalance, amount))
// Compute the balance slot of `to`.
mstore(0x00, to)
let toBalanceSlot := keccak256(0x0c, 0x20)
// Add and store the updated balance of `to`.
// Will not overflow because the sum of all user balances
// cannot exceed the maximum uint256 value.
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount))
// Emit the {Transfer} event.
mstore(0x20, amount)
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, from_), shr(96, mload(0x0c)))
}
}
_afterTokenTransfer(from, to, amount);
return true;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* EIP-2612 */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev For more performance, override to return the constant value
/// of `keccak256(bytes(name()))` if `name()` will never change.
function _constantNameHash() internal view virtual returns (bytes32 result) {}
/// @dev If you need a different value, override this function.
function _versionHash() internal view virtual returns (bytes32 result) {
result = _DEFAULT_VERSION_HASH;
}
/// @dev For inheriting contracts to increment the nonce.
function _incrementNonce(address owner) internal virtual {
/// @solidity memory-safe-assembly
assembly {
mstore(0x0c, _NONCES_SLOT_SEED)
mstore(0x00, owner)
let nonceSlot := keccak256(0x0c, 0x20)
sstore(nonceSlot, add(1, sload(nonceSlot)))
}
}
/// @dev Returns the current nonce for `owner`.
/// This value is used to compute the signature for EIP-2612 permit.
function nonces(address owner) public view virtual returns (uint256 result) {
/// @solidity memory-safe-assembly
assembly {
// Compute the nonce slot and load its value.
mstore(0x0c, _NONCES_SLOT_SEED)
mstore(0x00, owner)
result := sload(keccak256(0x0c, 0x20))
}
}
/// @dev Sets `value` as the allowance of `spender` over the tokens of `owner`,
/// authorized by a signed approval by `owner`.
///
/// Emits a {Approval} event.
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) public virtual {
if (_givePermit2InfiniteAllowance()) {
/// @solidity memory-safe-assembly
assembly {
// If `spender == _PERMIT2 && value != type(uint256).max`.
if iszero(or(xor(shr(96, shl(96, spender)), _PERMIT2), iszero(not(value)))) {
mstore(0x00, 0x3f68539a) // `Permit2AllowanceIsFixedAtInfinity()`.
revert(0x1c, 0x04)
}
}
}
bytes32 nameHash = _constantNameHash();
// We simply calculate it on-the-fly to allow for cases where the `name` may change.
if (nameHash == bytes32(0)) nameHash = keccak256(bytes(name()));
bytes32 versionHash = _versionHash();
/// @solidity memory-safe-assembly
assembly {
// Revert if the block timestamp is greater than `deadline`.
if gt(timestamp(), deadline) {
mstore(0x00, 0x1a15a3cc) // `PermitExpired()`.
revert(0x1c, 0x04)
}
let m := mload(0x40) // Grab the free memory pointer.
// Clean the upper 96 bits.
owner := shr(96, shl(96, owner))
spender := shr(96, shl(96, spender))
// Compute the nonce slot and load its value.
mstore(0x0e, _NONCES_SLOT_SEED_WITH_SIGNATURE_PREFIX)
mstore(0x00, owner)
let nonceSlot := keccak256(0x0c, 0x20)
let nonceValue := sload(nonceSlot)
// Prepare the domain separator.
mstore(m, _DOMAIN_TYPEHASH)
mstore(add(m, 0x20), nameHash)
mstore(add(m, 0x40), versionHash)
mstore(add(m, 0x60), chainid())
mstore(add(m, 0x80), address())
mstore(0x2e, keccak256(m, 0xa0))
// Prepare the struct hash.
mstore(m, _PERMIT_TYPEHASH)
mstore(add(m, 0x20), owner)
mstore(add(m, 0x40), spender)
mstore(add(m, 0x60), value)
mstore(add(m, 0x80), nonceValue)
mstore(add(m, 0xa0), deadline)
mstore(0x4e, keccak256(m, 0xc0))
// Prepare the ecrecover calldata.
mstore(0x00, keccak256(0x2c, 0x42))
mstore(0x20, and(0xff, v))
mstore(0x40, r)
mstore(0x60, s)
let t := staticcall(gas(), 1, 0x00, 0x80, 0x20, 0x20)
// If the ecrecover fails, the returndatasize will be 0x00,
// `owner` will be checked if it equals the hash at 0x00,
// which evaluates to false (i.e. 0), and we will revert.
// If the ecrecover succeeds, the returndatasize will be 0x20,
// `owner` will be compared against the returned address at 0x20.
if iszero(eq(mload(returndatasize()), owner)) {
mstore(0x00, 0xddafbaef) // `InvalidPermit()`.
revert(0x1c, 0x04)
}
// Increment and store the updated nonce.
sstore(nonceSlot, add(nonceValue, t)) // `t` is 1 if ecrecover succeeds.
// Compute the allowance slot and store the value.
// The `owner` is already at slot 0x20.
mstore(0x40, or(shl(160, _ALLOWANCE_SLOT_SEED), spender))
sstore(keccak256(0x2c, 0x34), value)
// Emit the {Approval} event.
log3(add(m, 0x60), 0x20, _APPROVAL_EVENT_SIGNATURE, owner, spender)
mstore(0x40, m) // Restore the free memory pointer.
mstore(0x60, 0) // Restore the zero pointer.
}
}
/// @dev Returns the EIP-712 domain separator for the EIP-2612 permit.
function DOMAIN_SEPARATOR() public view virtual returns (bytes32 result) {
bytes32 nameHash = _constantNameHash();
// We simply calculate it on-the-fly to allow for cases where the `name` may change.
if (nameHash == bytes32(0)) nameHash = keccak256(bytes(name()));
bytes32 versionHash = _versionHash();
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Grab the free memory pointer.
mstore(m, _DOMAIN_TYPEHASH)
mstore(add(m, 0x20), nameHash)
mstore(add(m, 0x40), versionHash)
mstore(add(m, 0x60), chainid())
mstore(add(m, 0x80), address())
result := keccak256(m, 0xa0)
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* INTERNAL MINT FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Mints `amount` tokens to `to`, increasing the total supply.
///
/// Emits a {Transfer} event.
function _mint(address to, uint256 amount) internal virtual {
_beforeTokenTransfer(address(0), to, amount);
/// @solidity memory-safe-assembly
assembly {
let totalSupplyBefore := sload(_TOTAL_SUPPLY_SLOT)
let totalSupplyAfter := add(totalSupplyBefore, amount)
// Revert if the total supply overflows.
if lt(totalSupplyAfter, totalSupplyBefore) {
mstore(0x00, 0xe5cfe957) // `TotalSupplyOverflow()`.
revert(0x1c, 0x04)
}
// Store the updated total supply.
sstore(_TOTAL_SUPPLY_SLOT, totalSupplyAfter)
// Compute the balance slot and load its value.
mstore(0x0c, _BALANCE_SLOT_SEED)
mstore(0x00, to)
let toBalanceSlot := keccak256(0x0c, 0x20)
// Add and store the updated balance.
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount))
// Emit the {Transfer} event.
mstore(0x20, amount)
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, mload(0x0c)))
}
_afterTokenTransfer(address(0), to, amount);
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* INTERNAL BURN FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Burns `amount` tokens from `from`, reducing the total supply.
///
/// Emits a {Transfer} event.
function _burn(address from, uint256 amount) internal virtual {
_beforeTokenTransfer(from, address(0), amount);
/// @solidity memory-safe-assembly
assembly {
// Compute the balance slot and load its value.
mstore(0x0c, _BALANCE_SLOT_SEED)
mstore(0x00, from)
let fromBalanceSlot := keccak256(0x0c, 0x20)
let fromBalance := sload(fromBalanceSlot)
// Revert if insufficient balance.
if gt(amount, fromBalance) {
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated balance.
sstore(fromBalanceSlot, sub(fromBalance, amount))
// Subtract and store the updated total supply.
sstore(_TOTAL_SUPPLY_SLOT, sub(sload(_TOTAL_SUPPLY_SLOT), amount))
// Emit the {Transfer} event.
mstore(0x00, amount)
log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), 0)
}
_afterTokenTransfer(from, address(0), amount);
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* INTERNAL TRANSFER FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Moves `amount` of tokens from `from` to `to`.
function _transfer(address from, address to, uint256 amount) internal virtual {
_beforeTokenTransfer(from, to, amount);
/// @solidity memory-safe-assembly
assembly {
let from_ := shl(96, from)
// Compute the balance slot and load its value.
mstore(0x0c, or(from_, _BALANCE_SLOT_SEED))
let fromBalanceSlot := keccak256(0x0c, 0x20)
let fromBalance := sload(fromBalanceSlot)
// Revert if insufficient balance.
if gt(amount, fromBalance) {
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated balance.
sstore(fromBalanceSlot, sub(fromBalance, amount))
// Compute the balance slot of `to`.
mstore(0x00, to)
let toBalanceSlot := keccak256(0x0c, 0x20)
// Add and store the updated balance of `to`.
// Will not overflow because the sum of all user balances
// cannot exceed the maximum uint256 value.
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount))
// Emit the {Transfer} event.
mstore(0x20, amount)
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, from_), shr(96, mload(0x0c)))
}
_afterTokenTransfer(from, to, amount);
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* INTERNAL ALLOWANCE FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Updates the allowance of `owner` for `spender` based on spent `amount`.
function _spendAllowance(address owner, address spender, uint256 amount) internal virtual {
if (_givePermit2InfiniteAllowance()) {
if (spender == _PERMIT2) return; // Do nothing, as allowance is infinite.
}
/// @solidity memory-safe-assembly
assembly {
// Compute the allowance slot and load its value.
mstore(0x20, spender)
mstore(0x0c, _ALLOWANCE_SLOT_SEED)
mstore(0x00, owner)
let allowanceSlot := keccak256(0x0c, 0x34)
let allowance_ := sload(allowanceSlot)
// If the allowance is not the maximum uint256 value.
if not(allowance_) {
// Revert if the amount to be transferred exceeds the allowance.
if gt(amount, allowance_) {
mstore(0x00, 0x13be252b) // `InsufficientAllowance()`.
revert(0x1c, 0x04)
}
// Subtract and store the updated allowance.
sstore(allowanceSlot, sub(allowance_, amount))
}
}
}
/// @dev Sets `amount` as the allowance of `spender` over the tokens of `owner`.
///
/// Emits a {Approval} event.
function _approve(address owner, address spender, uint256 amount) internal virtual {
if (_givePermit2InfiniteAllowance()) {
/// @solidity memory-safe-assembly
assembly {
// If `spender == _PERMIT2 && amount != type(uint256).max`.
if iszero(or(xor(shr(96, shl(96, spender)), _PERMIT2), iszero(not(amount)))) {
mstore(0x00, 0x3f68539a) // `Permit2AllowanceIsFixedAtInfinity()`.
revert(0x1c, 0x04)
}
}
}
/// @solidity memory-safe-assembly
assembly {
let owner_ := shl(96, owner)
// Compute the allowance slot and store the amount.
mstore(0x20, spender)
mstore(0x0c, or(owner_, _ALLOWANCE_SLOT_SEED))
sstore(keccak256(0x0c, 0x34), amount)
// Emit the {Approval} event.
mstore(0x00, amount)
log3(0x00, 0x20, _APPROVAL_EVENT_SIGNATURE, shr(96, owner_), shr(96, mload(0x2c)))
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* HOOKS TO OVERRIDE */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Hook that is called before any transfer of tokens.
/// This includes minting and burning.
function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual {}
/// @dev Hook that is called after any transfer of tokens.
/// This includes minting and burning.
function _afterTokenTransfer(address from, address to, uint256 amount) internal virtual {}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* PERMIT2 */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns whether to fix the Permit2 contract's allowance at infinity.
///
/// This value should be kept constant after contract initialization,
/// or else the actual allowance values may not match with the {Approval} events.
/// For best performance, return a compile-time constant for zero-cost abstraction.
function _givePermit2InfiniteAllowance() internal view virtual returns (bool) {
return true;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
/// @notice Library for efficiently performing keccak256 hashes.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/EfficientHashLib.sol)
/// @dev To avoid stack-too-deep, you can use:
/// ```
/// bytes32[] memory buffer = EfficientHashLib.malloc(10);
/// EfficientHashLib.set(buffer, 0, value0);
/// ..
/// EfficientHashLib.set(buffer, 9, value9);
/// bytes32 finalHash = EfficientHashLib.hash(buffer);
/// ```
library EfficientHashLib {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* MALLOC-LESS HASHING OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns `keccak256(abi.encode(v0))`.
function hash(bytes32 v0) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, v0)
result := keccak256(0x00, 0x20)
}
}
/// @dev Returns `keccak256(abi.encode(v0))`.
function hash(uint256 v0) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, v0)
result := keccak256(0x00, 0x20)
}
}
/// @dev Returns `keccak256(abi.encode(v0, v1))`.
function hash(bytes32 v0, bytes32 v1) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, v0)
mstore(0x20, v1)
result := keccak256(0x00, 0x40)
}
}
/// @dev Returns `keccak256(abi.encode(v0, v1))`.
function hash(uint256 v0, uint256 v1) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, v0)
mstore(0x20, v1)
result := keccak256(0x00, 0x40)
}
}
/// @dev Returns `keccak256(abi.encode(v0, v1, v2))`.
function hash(bytes32 v0, bytes32 v1, bytes32 v2) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
result := keccak256(m, 0x60)
}
}
/// @dev Returns `keccak256(abi.encode(v0, v1, v2))`.
function hash(uint256 v0, uint256 v1, uint256 v2) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
result := keccak256(m, 0x60)
}
}
/// @dev Returns `keccak256(abi.encode(v0, v1, v2, v3))`.
function hash(bytes32 v0, bytes32 v1, bytes32 v2, bytes32 v3)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
result := keccak256(m, 0x80)
}
}
/// @dev Returns `keccak256(abi.encode(v0, v1, v2, v3))`.
function hash(uint256 v0, uint256 v1, uint256 v2, uint256 v3)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
result := keccak256(m, 0x80)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v4))`.
function hash(bytes32 v0, bytes32 v1, bytes32 v2, bytes32 v3, bytes32 v4)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
result := keccak256(m, 0xa0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v4))`.
function hash(uint256 v0, uint256 v1, uint256 v2, uint256 v3, uint256 v4)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
result := keccak256(m, 0xa0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v5))`.
function hash(bytes32 v0, bytes32 v1, bytes32 v2, bytes32 v3, bytes32 v4, bytes32 v5)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
result := keccak256(m, 0xc0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v5))`.
function hash(uint256 v0, uint256 v1, uint256 v2, uint256 v3, uint256 v4, uint256 v5)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
result := keccak256(m, 0xc0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v6))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
result := keccak256(m, 0xe0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v6))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
result := keccak256(m, 0xe0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v7))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6,
bytes32 v7
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
result := keccak256(m, 0x100)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v7))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6,
uint256 v7
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
result := keccak256(m, 0x100)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v8))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6,
bytes32 v7,
bytes32 v8
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
result := keccak256(m, 0x120)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v8))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6,
uint256 v7,
uint256 v8
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
result := keccak256(m, 0x120)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v9))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6,
bytes32 v7,
bytes32 v8,
bytes32 v9
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
result := keccak256(m, 0x140)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v9))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6,
uint256 v7,
uint256 v8,
uint256 v9
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
result := keccak256(m, 0x140)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v10))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6,
bytes32 v7,
bytes32 v8,
bytes32 v9,
bytes32 v10
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
result := keccak256(m, 0x160)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v10))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6,
uint256 v7,
uint256 v8,
uint256 v9,
uint256 v10
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
result := keccak256(m, 0x160)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v11))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6,
bytes32 v7,
bytes32 v8,
bytes32 v9,
bytes32 v10,
bytes32 v11
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
mstore(add(m, 0x160), v11)
result := keccak256(m, 0x180)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v11))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6,
uint256 v7,
uint256 v8,
uint256 v9,
uint256 v10,
uint256 v11
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
mstore(add(m, 0x160), v11)
result := keccak256(m, 0x180)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v12))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6,
bytes32 v7,
bytes32 v8,
bytes32 v9,
bytes32 v10,
bytes32 v11,
bytes32 v12
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
mstore(add(m, 0x160), v11)
mstore(add(m, 0x180), v12)
result := keccak256(m, 0x1a0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v12))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6,
uint256 v7,
uint256 v8,
uint256 v9,
uint256 v10,
uint256 v11,
uint256 v12
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
mstore(add(m, 0x160), v11)
mstore(add(m, 0x180), v12)
result := keccak256(m, 0x1a0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v13))`.
function hash(
bytes32 v0,
bytes32 v1,
bytes32 v2,
bytes32 v3,
bytes32 v4,
bytes32 v5,
bytes32 v6,
bytes32 v7,
bytes32 v8,
bytes32 v9,
bytes32 v10,
bytes32 v11,
bytes32 v12,
bytes32 v13
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
mstore(add(m, 0x160), v11)
mstore(add(m, 0x180), v12)
mstore(add(m, 0x1a0), v13)
result := keccak256(m, 0x1c0)
}
}
/// @dev Returns `keccak256(abi.encode(v0, .., v13))`.
function hash(
uint256 v0,
uint256 v1,
uint256 v2,
uint256 v3,
uint256 v4,
uint256 v5,
uint256 v6,
uint256 v7,
uint256 v8,
uint256 v9,
uint256 v10,
uint256 v11,
uint256 v12,
uint256 v13
) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, v0)
mstore(add(m, 0x20), v1)
mstore(add(m, 0x40), v2)
mstore(add(m, 0x60), v3)
mstore(add(m, 0x80), v4)
mstore(add(m, 0xa0), v5)
mstore(add(m, 0xc0), v6)
mstore(add(m, 0xe0), v7)
mstore(add(m, 0x100), v8)
mstore(add(m, 0x120), v9)
mstore(add(m, 0x140), v10)
mstore(add(m, 0x160), v11)
mstore(add(m, 0x180), v12)
mstore(add(m, 0x1a0), v13)
result := keccak256(m, 0x1c0)
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* BYTES32 BUFFER HASHING OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns `keccak256(abi.encode(buffer[0], .., buffer[buffer.length - 1]))`.
function hash(bytes32[] memory buffer) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
result := keccak256(add(buffer, 0x20), shl(5, mload(buffer)))
}
}
/// @dev Sets `buffer[i]` to `value`, without a bounds check.
/// Returns the `buffer` for function chaining.
function set(bytes32[] memory buffer, uint256 i, bytes32 value)
internal
pure
returns (bytes32[] memory)
{
/// @solidity memory-safe-assembly
assembly {
mstore(add(buffer, shl(5, add(1, i))), value)
}
return buffer;
}
/// @dev Sets `buffer[i]` to `value`, without a bounds check.
/// Returns the `buffer` for function chaining.
function set(bytes32[] memory buffer, uint256 i, uint256 value)
internal
pure
returns (bytes32[] memory)
{
/// @solidity memory-safe-assembly
assembly {
mstore(add(buffer, shl(5, add(1, i))), value)
}
return buffer;
}
/// @dev Returns `new bytes32[](n)`, without zeroing out the memory.
function malloc(uint256 n) internal pure returns (bytes32[] memory buffer) {
/// @solidity memory-safe-assembly
assembly {
buffer := mload(0x40)
mstore(buffer, n)
mstore(0x40, add(shl(5, add(1, n)), buffer))
}
}
/// @dev Frees memory that has been allocated for `buffer`.
/// No-op if `buffer.length` is zero, or if new memory has been allocated after `buffer`.
function free(bytes32[] memory buffer) internal pure {
/// @solidity memory-safe-assembly
assembly {
let n := mload(buffer)
mstore(shl(6, lt(iszero(n), eq(add(shl(5, add(1, n)), buffer), mload(0x40)))), buffer)
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* EQUALITY CHECKS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns `a == abi.decode(b, (bytes32))`.
function eq(bytes32 a, bytes memory b) internal pure returns (bool result) {
/// @solidity memory-safe-assembly
assembly {
result := and(eq(0x20, mload(b)), eq(a, mload(add(b, 0x20))))
}
}
/// @dev Returns `abi.decode(a, (bytes32)) == b`.
function eq(bytes memory a, bytes32 b) internal pure returns (bool result) {
/// @solidity memory-safe-assembly
assembly {
result := and(eq(0x20, mload(a)), eq(b, mload(add(a, 0x20))))
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* BYTE SLICE HASHING OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns the keccak256 of the slice from `start` to `end` (exclusive).
/// `start` and `end` are byte offsets.
function hash(bytes memory b, uint256 start, uint256 end)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let n := mload(b)
end := xor(end, mul(xor(end, n), lt(n, end)))
start := xor(start, mul(xor(start, n), lt(n, start)))
result := keccak256(add(add(b, 0x20), start), mul(gt(end, start), sub(end, start)))
}
}
/// @dev Returns the keccak256 of the slice from `start` to the end of the bytes.
function hash(bytes memory b, uint256 start) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let n := mload(b)
start := xor(start, mul(xor(start, n), lt(n, start)))
result := keccak256(add(add(b, 0x20), start), mul(gt(n, start), sub(n, start)))
}
}
/// @dev Returns the keccak256 of the bytes.
function hash(bytes memory b) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
result := keccak256(add(b, 0x20), mload(b))
}
}
/// @dev Returns the keccak256 of the slice from `start` to `end` (exclusive).
/// `start` and `end` are byte offsets.
function hashCalldata(bytes calldata b, uint256 start, uint256 end)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
end := xor(end, mul(xor(end, b.length), lt(b.length, end)))
start := xor(start, mul(xor(start, b.length), lt(b.length, start)))
let n := mul(gt(end, start), sub(end, start))
calldatacopy(mload(0x40), add(b.offset, start), n)
result := keccak256(mload(0x40), n)
}
}
/// @dev Returns the keccak256 of the slice from `start` to the end of the bytes.
function hashCalldata(bytes calldata b, uint256 start) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
start := xor(start, mul(xor(start, b.length), lt(b.length, start)))
let n := mul(gt(b.length, start), sub(b.length, start))
calldatacopy(mload(0x40), add(b.offset, start), n)
result := keccak256(mload(0x40), n)
}
}
/// @dev Returns the keccak256 of the bytes.
function hashCalldata(bytes calldata b) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
calldatacopy(mload(0x40), b.offset, b.length)
result := keccak256(mload(0x40), b.length)
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* SHA2-256 HELPERS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns `sha256(abi.encode(b))`. Yes, it's more efficient.
function sha2(bytes32 b) internal view returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, b)
result := mload(staticcall(gas(), 2, 0x00, 0x20, 0x01, 0x20))
if iszero(returndatasize()) { invalid() }
}
}
/// @dev Returns the sha256 of the slice from `start` to `end` (exclusive).
/// `start` and `end` are byte offsets.
function sha2(bytes memory b, uint256 start, uint256 end)
internal
view
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
let n := mload(b)
end := xor(end, mul(xor(end, n), lt(n, end)))
start := xor(start, mul(xor(start, n), lt(n, start)))
// forgefmt: disable-next-item
result := mload(staticcall(gas(), 2, add(add(b, 0x20), start),
mul(gt(end, start), sub(end, start)), 0x01, 0x20))
if iszero(returndatasize()) { invalid() }
}
}
/// @dev Returns the sha256 of the slice from `start` to the end of the bytes.
function sha2(bytes memory b, uint256 start) internal view returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let n := mload(b)
start := xor(start, mul(xor(start, n), lt(n, start)))
// forgefmt: disable-next-item
result := mload(staticcall(gas(), 2, add(add(b, 0x20), start),
mul(gt(n, start), sub(n, start)), 0x01, 0x20))
if iszero(returndatasize()) { invalid() }
}
}
/// @dev Returns the sha256 of the bytes.
function sha2(bytes memory b) internal view returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
result := mload(staticcall(gas(), 2, add(b, 0x20), mload(b), 0x01, 0x20))
if iszero(returndatasize()) { invalid() }
}
}
/// @dev Returns the sha256 of the slice from `start` to `end` (exclusive).
/// `start` and `end` are byte offsets.
function sha2Calldata(bytes calldata b, uint256 start, uint256 end)
internal
view
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
end := xor(end, mul(xor(end, b.length), lt(b.length, end)))
start := xor(start, mul(xor(start, b.length), lt(b.length, start)))
let n := mul(gt(end, start), sub(end, start))
calldatacopy(mload(0x40), add(b.offset, start), n)
result := mload(staticcall(gas(), 2, mload(0x40), n, 0x01, 0x20))
if iszero(returndatasize()) { invalid() }
}
}
/// @dev Returns the sha256 of the slice from `start` to the end of the bytes.
function sha2Calldata(bytes calldata b, uint256 start) internal view returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
start := xor(start, mul(xor(start, b.length), lt(b.length, start)))
let n := mul(gt(b.length, start), sub(b.length, start))
calldatacopy(mload(0x40), add(b.offset, start), n)
result := mload(staticcall(gas(), 2, mload(0x40), n, 0x01, 0x20))
if iszero(returndatasize()) { invalid() }
}
}
/// @dev Returns the sha256 of the bytes.
function sha2Calldata(bytes calldata b) internal view returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
calldatacopy(mload(0x40), b.offset, b.length)
result := mload(staticcall(gas(), 2, mload(0x40), b.length, 0x01, 0x20))
if iszero(returndatasize()) { invalid() }
}
}
}// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.23;
/* solhint-disable no-inline-assembly */
/*
* For simulation purposes, validateUserOp (and validatePaymasterUserOp)
* must return this value in case of signature failure, instead of revert.
*/
uint256 constant SIG_VALIDATION_FAILED = 1;
/*
* For simulation purposes, validateUserOp (and validatePaymasterUserOp)
* return this value on success.
*/
uint256 constant SIG_VALIDATION_SUCCESS = 0;
/**
* Returned data from validateUserOp.
* validateUserOp returns a uint256, which is created by `_packedValidationData` and
* parsed by `_parseValidationData`.
* @param aggregator - address(0) - The account validated the signature by itself.
* address(1) - The account failed to validate the signature.
* otherwise - This is an address of a signature aggregator that must
* be used to validate the signature.
* @param validAfter - This UserOp is valid only after this timestamp.
* @param validaUntil - This UserOp is valid only up to this timestamp.
*/
struct ValidationData {
address aggregator;
uint48 validAfter;
uint48 validUntil;
}
/**
* Extract sigFailed, validAfter, validUntil.
* Also convert zero validUntil to type(uint48).max.
* @param validationData - The packed validation data.
*/
function _parseValidationData(
uint256 validationData
) pure returns (ValidationData memory data) {
address aggregator = address(uint160(validationData));
uint48 validUntil = uint48(validationData >> 160);
if (validUntil == 0) {
validUntil = type(uint48).max;
}
uint48 validAfter = uint48(validationData >> (48 + 160));
return ValidationData(aggregator, validAfter, validUntil);
}
/**
* Helper to pack the return value for validateUserOp.
* @param data - The ValidationData to pack.
*/
function _packValidationData(
ValidationData memory data
) pure returns (uint256) {
return
uint160(data.aggregator) |
(uint256(data.validUntil) << 160) |
(uint256(data.validAfter) << (160 + 48));
}
/**
* Helper to pack the return value for validateUserOp, when not using an aggregator.
* @param sigFailed - True for signature failure, false for success.
* @param validUntil - Last timestamp this UserOperation is valid (or zero for infinite).
* @param validAfter - First timestamp this UserOperation is valid.
*/
function _packValidationData(
bool sigFailed,
uint48 validUntil,
uint48 validAfter
) pure returns (uint256) {
return
(sigFailed ? 1 : 0) |
(uint256(validUntil) << 160) |
(uint256(validAfter) << (160 + 48));
}
/**
* keccak function over calldata.
* @dev copy calldata into memory, do keccak and drop allocated memory. Strangely, this is more efficient than letting solidity do it.
*/
function calldataKeccak(bytes calldata data) pure returns (bytes32 ret) {
assembly ("memory-safe") {
let mem := mload(0x40)
let len := data.length
calldatacopy(mem, data.offset, len)
ret := keccak256(mem, len)
}
}
/**
* The minimum of two numbers.
* @param a - First number.
* @param b - Second number.
*/
function min(uint256 a, uint256 b) pure returns (uint256) {
return a < b ? a : b;
}// SPDX-License-Identifier: Apache-2.0 /* * @author Hamdi Allam [email protected] * Please reach out with any questions or concerns */ pragma solidity >=0.5.10 <0.9.0; library RLPReader { uint8 constant STRING_SHORT_START = 0x80; uint8 constant STRING_LONG_START = 0xb8; uint8 constant LIST_SHORT_START = 0xc0; uint8 constant LIST_LONG_START = 0xf8; uint8 constant WORD_SIZE = 32; struct RLPItem { uint256 len; uint256 memPtr; } struct Iterator { RLPItem item; // Item that's being iterated over. uint256 nextPtr; // Position of the next item in the list. } /* * @dev Returns the next element in the iteration. Reverts if it has not next element. * @param self The iterator. * @return The next element in the iteration. */ function next(Iterator memory self) internal pure returns (RLPItem memory) { require(hasNext(self)); uint256 ptr = self.nextPtr; uint256 itemLength = _itemLength(ptr); self.nextPtr = ptr + itemLength; return RLPItem(itemLength, ptr); } /* * @dev Returns true if the iteration has more elements. * @param self The iterator. * @return true if the iteration has more elements. */ function hasNext(Iterator memory self) internal pure returns (bool) { RLPItem memory item = self.item; return self.nextPtr < item.memPtr + item.len; } /* * @param item RLP encoded bytes */ function toRlpItem(bytes memory item) internal pure returns (RLPItem memory) { uint256 memPtr; assembly { memPtr := add(item, 0x20) } return RLPItem(item.length, memPtr); } /* * @dev Create an iterator. Reverts if item is not a list. * @param self The RLP item. * @return An 'Iterator' over the item. */ function iterator(RLPItem memory self) internal pure returns (Iterator memory) { require(isList(self)); uint256 ptr = self.memPtr + _payloadOffset(self.memPtr); return Iterator(self, ptr); } /* * @param the RLP item. */ function rlpLen(RLPItem memory item) internal pure returns (uint256) { return item.len; } /* * @param the RLP item. * @return (memPtr, len) pair: location of the item's payload in memory. */ function payloadLocation(RLPItem memory item) internal pure returns (uint256, uint256) { uint256 offset = _payloadOffset(item.memPtr); uint256 memPtr = item.memPtr + offset; uint256 len = item.len - offset; // data length return (memPtr, len); } /* * @param the RLP item. */ function payloadLen(RLPItem memory item) internal pure returns (uint256) { (, uint256 len) = payloadLocation(item); return len; } /* * @param the RLP item containing the encoded list. */ function toList(RLPItem memory item) internal pure returns (RLPItem[] memory) { require(isList(item)); uint256 items = numItems(item); RLPItem[] memory result = new RLPItem[](items); uint256 memPtr = item.memPtr + _payloadOffset(item.memPtr); uint256 dataLen; for (uint256 i = 0; i < items; i++) { dataLen = _itemLength(memPtr); result[i] = RLPItem(dataLen, memPtr); memPtr = memPtr + dataLen; } return result; } // @return indicator whether encoded payload is a list. negate this function call for isData. function isList(RLPItem memory item) internal pure returns (bool) { if (item.len == 0) return false; uint8 byte0; uint256 memPtr = item.memPtr; assembly { byte0 := byte(0, mload(memPtr)) } if (byte0 < LIST_SHORT_START) return false; return true; } /* * @dev A cheaper version of keccak256(toRlpBytes(item)) that avoids copying memory. * @return keccak256 hash of RLP encoded bytes. */ function rlpBytesKeccak256(RLPItem memory item) internal pure returns (bytes32) { uint256 ptr = item.memPtr; uint256 len = item.len; bytes32 result; assembly { result := keccak256(ptr, len) } return result; } /* * @dev A cheaper version of keccak256(toBytes(item)) that avoids copying memory. * @return keccak256 hash of the item payload. */ function payloadKeccak256(RLPItem memory item) internal pure returns (bytes32) { (uint256 memPtr, uint256 len) = payloadLocation(item); bytes32 result; assembly { result := keccak256(memPtr, len) } return result; } /** RLPItem conversions into data types **/ // @returns raw rlp encoding in bytes function toRlpBytes(RLPItem memory item) internal pure returns (bytes memory) { bytes memory result = new bytes(item.len); if (result.length == 0) return result; uint256 ptr; assembly { ptr := add(0x20, result) } copy(item.memPtr, ptr, item.len); return result; } // any non-zero byte except "0x80" is considered true function toBoolean(RLPItem memory item) internal pure returns (bool) { require(item.len == 1); uint256 result; uint256 memPtr = item.memPtr; assembly { result := byte(0, mload(memPtr)) } // SEE Github Issue #5. // Summary: Most commonly used RLP libraries (i.e Geth) will encode // "0" as "0x80" instead of as "0". We handle this edge case explicitly // here. if (result == 0 || result == STRING_SHORT_START) { return false; } else { return true; } } function toAddress(RLPItem memory item) internal pure returns (address) { // 1 byte for the length prefix require(item.len == 21); return address(uint160(toUint(item))); } function toUint(RLPItem memory item) internal pure returns (uint256) { require(item.len > 0 && item.len <= 33); (uint256 memPtr, uint256 len) = payloadLocation(item); uint256 result; assembly { result := mload(memPtr) // shift to the correct location if neccesary if lt(len, 32) { result := div(result, exp(256, sub(32, len))) } } return result; } // enforces 32 byte length function toUintStrict(RLPItem memory item) internal pure returns (uint256) { // one byte prefix require(item.len == 33); uint256 result; uint256 memPtr = item.memPtr + 1; assembly { result := mload(memPtr) } return result; } function toBytes(RLPItem memory item) internal pure returns (bytes memory) { require(item.len > 0); (uint256 memPtr, uint256 len) = payloadLocation(item); bytes memory result = new bytes(len); uint256 destPtr; assembly { destPtr := add(0x20, result) } copy(memPtr, destPtr, len); return result; } /* * Private Helpers */ // @return number of payload items inside an encoded list. function numItems(RLPItem memory item) private pure returns (uint256) { if (item.len == 0) return 0; uint256 count = 0; uint256 currPtr = item.memPtr + _payloadOffset(item.memPtr); uint256 endPtr = item.memPtr + item.len; while (currPtr < endPtr) { currPtr = currPtr + _itemLength(currPtr); // skip over an item count++; } return count; } // @return entire rlp item byte length function _itemLength(uint256 memPtr) private pure returns (uint256) { uint256 itemLen; uint256 byte0; assembly { byte0 := byte(0, mload(memPtr)) } if (byte0 < STRING_SHORT_START) { itemLen = 1; } else if (byte0 < STRING_LONG_START) { itemLen = byte0 - STRING_SHORT_START + 1; } else if (byte0 < LIST_SHORT_START) { assembly { let byteLen := sub(byte0, 0xb7) // # of bytes the actual length is memPtr := add(memPtr, 1) // skip over the first byte /* 32 byte word size */ let dataLen := div(mload(memPtr), exp(256, sub(32, byteLen))) // right shifting to get the len itemLen := add(dataLen, add(byteLen, 1)) } } else if (byte0 < LIST_LONG_START) { itemLen = byte0 - LIST_SHORT_START + 1; } else { assembly { let byteLen := sub(byte0, 0xf7) memPtr := add(memPtr, 1) let dataLen := div(mload(memPtr), exp(256, sub(32, byteLen))) // right shifting to the correct length itemLen := add(dataLen, add(byteLen, 1)) } } return itemLen; } // @return number of bytes until the data function _payloadOffset(uint256 memPtr) private pure returns (uint256) { uint256 byte0; assembly { byte0 := byte(0, mload(memPtr)) } if (byte0 < STRING_SHORT_START) { return 0; } else if (byte0 < STRING_LONG_START || (byte0 >= LIST_SHORT_START && byte0 < LIST_LONG_START)) { return 1; } else if (byte0 < LIST_SHORT_START) { // being explicit return byte0 - (STRING_LONG_START - 1) + 1; } else { return byte0 - (LIST_LONG_START - 1) + 1; } } /* * @param src Pointer to source * @param dest Pointer to destination * @param len Amount of memory to copy from the source */ function copy(uint256 src, uint256 dest, uint256 len) private pure { if (len == 0) return; // copy as many word sizes as possible for (; len >= WORD_SIZE; len -= WORD_SIZE) { assembly { mstore(dest, mload(src)) } src += WORD_SIZE; dest += WORD_SIZE; } if (len > 0) { // left over bytes. Mask is used to remove unwanted bytes from the word uint256 mask = 256**(WORD_SIZE - len) - 1; assembly { let srcpart := and(mload(src), not(mask)) // zero out src let destpart := and(mload(dest), mask) // retrieve the bytes mstore(dest, or(destpart, srcpart)) } } } }
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity ^0.8.27;
// Had to keep it copypasted as the og lib https://github.com/bakaoh/solidity-rlp-encode has incompatible solc version
import { BytesLib } from "byteslib/BytesLib.sol";
/**
* @title RLPEncoder
* @dev A simple RLP encoding library.
* @author Bakaoh
*/
library RLPEncoder {
using BytesLib for bytes;
/*
* Internal functions
*/
/**
* @dev RLP encodes a byte string.
* @param self The byte string to encode.
* @return The RLP encoded string in bytes.
*/
function encodeBytes(bytes memory self) internal pure returns (bytes memory) {
bytes memory encoded;
if (self.length == 1 && uint8(self[0]) < 128) {
encoded = self;
} else {
encoded = encodeLength(self.length, 128).concat(self);
}
return encoded;
}
/**
* @dev RLP encodes a uint.
* @param self The uint to encode.
* @return The RLP encoded uint in bytes.
*/
function encodeUint(uint256 self) internal pure returns (bytes memory) {
return encodeBytes(toBinary(self));
}
/**
* @dev Encode the first byte, followed by the `len` in binary form if `length` is more than 55.
* @param self The length of the string or the payload.
* @param offset 128 if item is string, 192 if item is list.
* @return RLP encoded bytes.
*/
function encodeLength(uint256 self, uint256 offset) internal pure returns (bytes memory) {
bytes memory encoded;
if (self < 56) {
encoded = new bytes(1);
encoded[0] = bytes32(self + offset)[31];
} else {
uint256 lenLen;
uint256 i = 1;
while (self / i != 0) {
lenLen++;
i *= 256;
}
encoded = new bytes(lenLen + 1);
encoded[0] = bytes32(lenLen + offset + 55)[31];
for (i = 1; i <= lenLen; i++) {
encoded[i] = bytes32((self / (256 ** (lenLen - i))) % 256)[31];
}
}
return encoded;
}
/*
* Private functions
*/
/**
* @dev Encode integer in big endian binary form with no leading zeroes.
* @notice TODO: This should be optimized with assembly to save gas costs.
* @param _x The integer to encode.
* @return RLP encoded bytes.
*/
function toBinary(uint256 _x) private pure returns (bytes memory) {
bytes memory b = new bytes(32);
assembly {
mstore(add(b, 32), _x)
}
uint256 i;
for (i = 0; i < 32; i++) {
if (b[i] != 0) {
break;
}
}
bytes memory res = new bytes(32 - i);
for (uint256 j = 0; j < res.length; j++) {
res[j] = b[i++];
}
return res;
}
}// SPDX-License-Identifier: Unlicense /* * @title Solidity Bytes Arrays Utils * @author Gonçalo Sá <[email protected]> * * @dev Bytes tightly packed arrays utility library for ethereum contracts written in Solidity. * The library lets you concatenate, slice and type cast bytes arrays both in memory and storage. */ pragma solidity >=0.8.0 <0.9.0; library BytesLib { function concat( bytes memory _preBytes, bytes memory _postBytes ) internal pure returns (bytes memory) { bytes memory tempBytes; assembly { // Get a location of some free memory and store it in tempBytes as // Solidity does for memory variables. tempBytes := mload(0x40) // Store the length of the first bytes array at the beginning of // the memory for tempBytes. let length := mload(_preBytes) mstore(tempBytes, length) // Maintain a memory counter for the current write location in the // temp bytes array by adding the 32 bytes for the array length to // the starting location. let mc := add(tempBytes, 0x20) // Stop copying when the memory counter reaches the length of the // first bytes array. let end := add(mc, length) for { // Initialize a copy counter to the start of the _preBytes data, // 32 bytes into its memory. let cc := add(_preBytes, 0x20) } lt(mc, end) { // Increase both counters by 32 bytes each iteration. mc := add(mc, 0x20) cc := add(cc, 0x20) } { // Write the _preBytes data into the tempBytes memory 32 bytes // at a time. mstore(mc, mload(cc)) } // Add the length of _postBytes to the current length of tempBytes // and store it as the new length in the first 32 bytes of the // tempBytes memory. length := mload(_postBytes) mstore(tempBytes, add(length, mload(tempBytes))) // Move the memory counter back from a multiple of 0x20 to the // actual end of the _preBytes data. mc := end // Stop copying when the memory counter reaches the new combined // length of the arrays. end := add(mc, length) for { let cc := add(_postBytes, 0x20) } lt(mc, end) { mc := add(mc, 0x20) cc := add(cc, 0x20) } { mstore(mc, mload(cc)) } // Update the free-memory pointer by padding our last write location // to 32 bytes: add 31 bytes to the end of tempBytes to move to the // next 32 byte block, then round down to the nearest multiple of // 32. If the sum of the length of the two arrays is zero then add // one before rounding down to leave a blank 32 bytes (the length block with 0). mstore(0x40, and( add(add(end, iszero(add(length, mload(_preBytes)))), 31), not(31) // Round down to the nearest 32 bytes. )) } return tempBytes; } function concatStorage(bytes storage _preBytes, bytes memory _postBytes) internal { assembly { // Read the first 32 bytes of _preBytes storage, which is the length // of the array. (We don't need to use the offset into the slot // because arrays use the entire slot.) let fslot := sload(_preBytes.slot) // Arrays of 31 bytes or less have an even value in their slot, // while longer arrays have an odd value. The actual length is // the slot divided by two for odd values, and the lowest order // byte divided by two for even values. // If the slot is even, bitwise and the slot with 255 and divide by // two to get the length. If the slot is odd, bitwise and the slot // with -1 and divide by two. let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2) let mlength := mload(_postBytes) let newlength := add(slength, mlength) // slength can contain both the length and contents of the array // if length < 32 bytes so let's prepare for that // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage switch add(lt(slength, 32), lt(newlength, 32)) case 2 { // Since the new array still fits in the slot, we just need to // update the contents of the slot. // uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length sstore( _preBytes.slot, // all the modifications to the slot are inside this // next block add( // we can just add to the slot contents because the // bytes we want to change are the LSBs fslot, add( mul( div( // load the bytes from memory mload(add(_postBytes, 0x20)), // zero all bytes to the right exp(0x100, sub(32, mlength)) ), // and now shift left the number of bytes to // leave space for the length in the slot exp(0x100, sub(32, newlength)) ), // increase length by the double of the memory // bytes length mul(mlength, 2) ) ) ) } case 1 { // The stored value fits in the slot, but the combined value // will exceed it. // get the keccak hash to get the contents of the array mstore(0x0, _preBytes.slot) let sc := add(keccak256(0x0, 0x20), div(slength, 32)) // save new length sstore(_preBytes.slot, add(mul(newlength, 2), 1)) // The contents of the _postBytes array start 32 bytes into // the structure. Our first read should obtain the `submod` // bytes that can fit into the unused space in the last word // of the stored array. To get this, we read 32 bytes starting // from `submod`, so the data we read overlaps with the array // contents by `submod` bytes. Masking the lowest-order // `submod` bytes allows us to add that value directly to the // stored value. let submod := sub(32, slength) let mc := add(_postBytes, submod) let end := add(_postBytes, mlength) let mask := sub(exp(0x100, submod), 1) sstore( sc, add( and( fslot, 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00 ), and(mload(mc), mask) ) ) for { mc := add(mc, 0x20) sc := add(sc, 1) } lt(mc, end) { sc := add(sc, 1) mc := add(mc, 0x20) } { sstore(sc, mload(mc)) } mask := exp(0x100, sub(mc, end)) sstore(sc, mul(div(mload(mc), mask), mask)) } default { // get the keccak hash to get the contents of the array mstore(0x0, _preBytes.slot) // Start copying to the last used word of the stored array. let sc := add(keccak256(0x0, 0x20), div(slength, 32)) // save new length sstore(_preBytes.slot, add(mul(newlength, 2), 1)) // Copy over the first `submod` bytes of the new data as in // case 1 above. let slengthmod := mod(slength, 32) let mlengthmod := mod(mlength, 32) let submod := sub(32, slengthmod) let mc := add(_postBytes, submod) let end := add(_postBytes, mlength) let mask := sub(exp(0x100, submod), 1) sstore(sc, add(sload(sc), and(mload(mc), mask))) for { sc := add(sc, 1) mc := add(mc, 0x20) } lt(mc, end) { sc := add(sc, 1) mc := add(mc, 0x20) } { sstore(sc, mload(mc)) } mask := exp(0x100, sub(mc, end)) sstore(sc, mul(div(mload(mc), mask), mask)) } } } function slice( bytes memory _bytes, uint256 _start, uint256 _length ) internal pure returns (bytes memory) { // We're using the unchecked block below because otherwise execution ends // with the native overflow error code. unchecked { require(_length + 31 >= _length, "slice_overflow"); } require(_bytes.length >= _start + _length, "slice_outOfBounds"); bytes memory tempBytes; assembly { switch iszero(_length) case 0 { // Get a location of some free memory and store it in tempBytes as // Solidity does for memory variables. tempBytes := mload(0x40) // The first word of the slice result is potentially a partial // word read from the original array. To read it, we calculate // the length of that partial word and start copying that many // bytes into the array. The first word we copy will start with // data we don't care about, but the last `lengthmod` bytes will // land at the beginning of the contents of the new array. When // we're done copying, we overwrite the full first word with // the actual length of the slice. let lengthmod := and(_length, 31) // The multiplication in the next line is necessary // because when slicing multiples of 32 bytes (lengthmod == 0) // the following copy loop was copying the origin's length // and then ending prematurely not copying everything it should. let mc := add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod))) let end := add(mc, _length) for { // The multiplication in the next line has the same exact purpose // as the one above. let cc := add(add(add(_bytes, lengthmod), mul(0x20, iszero(lengthmod))), _start) } lt(mc, end) { mc := add(mc, 0x20) cc := add(cc, 0x20) } { mstore(mc, mload(cc)) } mstore(tempBytes, _length) //update free-memory pointer //allocating the array padded to 32 bytes like the compiler does now mstore(0x40, and(add(mc, 31), not(31))) } //if we want a zero-length slice let's just return a zero-length array default { tempBytes := mload(0x40) //zero out the 32 bytes slice we are about to return //we need to do it because Solidity does not garbage collect mstore(tempBytes, 0) mstore(0x40, add(tempBytes, 0x20)) } } return tempBytes; } function toAddress(bytes memory _bytes, uint256 _start) internal pure returns (address) { require(_bytes.length >= _start + 20, "toAddress_outOfBounds"); address tempAddress; assembly { tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000) } return tempAddress; } function toUint8(bytes memory _bytes, uint256 _start) internal pure returns (uint8) { require(_bytes.length >= _start + 1 , "toUint8_outOfBounds"); uint8 tempUint; assembly { tempUint := mload(add(add(_bytes, 0x1), _start)) } return tempUint; } function toUint16(bytes memory _bytes, uint256 _start) internal pure returns (uint16) { require(_bytes.length >= _start + 2, "toUint16_outOfBounds"); uint16 tempUint; assembly { tempUint := mload(add(add(_bytes, 0x2), _start)) } return tempUint; } function toUint32(bytes memory _bytes, uint256 _start) internal pure returns (uint32) { require(_bytes.length >= _start + 4, "toUint32_outOfBounds"); uint32 tempUint; assembly { tempUint := mload(add(add(_bytes, 0x4), _start)) } return tempUint; } function toUint64(bytes memory _bytes, uint256 _start) internal pure returns (uint64) { require(_bytes.length >= _start + 8, "toUint64_outOfBounds"); uint64 tempUint; assembly { tempUint := mload(add(add(_bytes, 0x8), _start)) } return tempUint; } function toUint96(bytes memory _bytes, uint256 _start) internal pure returns (uint96) { require(_bytes.length >= _start + 12, "toUint96_outOfBounds"); uint96 tempUint; assembly { tempUint := mload(add(add(_bytes, 0xc), _start)) } return tempUint; } function toUint128(bytes memory _bytes, uint256 _start) internal pure returns (uint128) { require(_bytes.length >= _start + 16, "toUint128_outOfBounds"); uint128 tempUint; assembly { tempUint := mload(add(add(_bytes, 0x10), _start)) } return tempUint; } function toUint256(bytes memory _bytes, uint256 _start) internal pure returns (uint256) { require(_bytes.length >= _start + 32, "toUint256_outOfBounds"); uint256 tempUint; assembly { tempUint := mload(add(add(_bytes, 0x20), _start)) } return tempUint; } function toBytes32(bytes memory _bytes, uint256 _start) internal pure returns (bytes32) { require(_bytes.length >= _start + 32, "toBytes32_outOfBounds"); bytes32 tempBytes32; assembly { tempBytes32 := mload(add(add(_bytes, 0x20), _start)) } return tempBytes32; } function equal(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bool) { bool success = true; assembly { let length := mload(_preBytes) // if lengths don't match the arrays are not equal switch eq(length, mload(_postBytes)) case 1 { // cb is a circuit breaker in the for loop since there's // no said feature for inline assembly loops // cb = 1 - don't breaker // cb = 0 - break let cb := 1 let mc := add(_preBytes, 0x20) let end := add(mc, length) for { let cc := add(_postBytes, 0x20) // the next line is the loop condition: // while(uint256(mc < end) + cb == 2) } eq(add(lt(mc, end), cb), 2) { mc := add(mc, 0x20) cc := add(cc, 0x20) } { // if any of these checks fails then arrays are not equal if iszero(eq(mload(mc), mload(cc))) { // unsuccess: success := 0 cb := 0 } } } default { // unsuccess: success := 0 } } return success; } function equalStorage( bytes storage _preBytes, bytes memory _postBytes ) internal view returns (bool) { bool success = true; assembly { // we know _preBytes_offset is 0 let fslot := sload(_preBytes.slot) // Decode the length of the stored array like in concatStorage(). let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2) let mlength := mload(_postBytes) // if lengths don't match the arrays are not equal switch eq(slength, mlength) case 1 { // slength can contain both the length and contents of the array // if length < 32 bytes so let's prepare for that // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage if iszero(iszero(slength)) { switch lt(slength, 32) case 1 { // blank the last byte which is the length fslot := mul(div(fslot, 0x100), 0x100) if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) { // unsuccess: success := 0 } } default { // cb is a circuit breaker in the for loop since there's // no said feature for inline assembly loops // cb = 1 - don't breaker // cb = 0 - break let cb := 1 // get the keccak hash to get the contents of the array mstore(0x0, _preBytes.slot) let sc := keccak256(0x0, 0x20) let mc := add(_postBytes, 0x20) let end := add(mc, mlength) // the next line is the loop condition: // while(uint256(mc < end) + cb == 2) for {} eq(add(lt(mc, end), cb), 2) { sc := add(sc, 1) mc := add(mc, 0x20) } { if iszero(eq(sload(sc), mload(mc))) { // unsuccess: success := 0 cb := 0 } } } } } default { // unsuccess: success := 0 } } return success; } }
// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.23;
/* solhint-disable no-inline-assembly */
import "../interfaces/PackedUserOperation.sol";
import {calldataKeccak, min} from "./Helpers.sol";
/**
* Utility functions helpful when working with UserOperation structs.
*/
library UserOperationLib {
uint256 public constant PAYMASTER_VALIDATION_GAS_OFFSET = 20;
uint256 public constant PAYMASTER_POSTOP_GAS_OFFSET = 36;
uint256 public constant PAYMASTER_DATA_OFFSET = 52;
/**
* Get sender from user operation data.
* @param userOp - The user operation data.
*/
function getSender(
PackedUserOperation calldata userOp
) internal pure returns (address) {
address data;
//read sender from userOp, which is first userOp member (saves 800 gas...)
assembly {
data := calldataload(userOp)
}
return address(uint160(data));
}
/**
* Relayer/block builder might submit the TX with higher priorityFee,
* but the user should not pay above what he signed for.
* @param userOp - The user operation data.
*/
function gasPrice(
PackedUserOperation calldata userOp
) internal view returns (uint256) {
unchecked {
(uint256 maxPriorityFeePerGas, uint256 maxFeePerGas) = unpackUints(userOp.gasFees);
if (maxFeePerGas == maxPriorityFeePerGas) {
//legacy mode (for networks that don't support basefee opcode)
return maxFeePerGas;
}
return min(maxFeePerGas, maxPriorityFeePerGas + block.basefee);
}
}
/**
* Pack the user operation data into bytes for hashing.
* @param userOp - The user operation data.
*/
function encode(
PackedUserOperation calldata userOp
) internal pure returns (bytes memory ret) {
address sender = getSender(userOp);
uint256 nonce = userOp.nonce;
bytes32 hashInitCode = calldataKeccak(userOp.initCode);
bytes32 hashCallData = calldataKeccak(userOp.callData);
bytes32 accountGasLimits = userOp.accountGasLimits;
uint256 preVerificationGas = userOp.preVerificationGas;
bytes32 gasFees = userOp.gasFees;
bytes32 hashPaymasterAndData = calldataKeccak(userOp.paymasterAndData);
return abi.encode(
sender, nonce,
hashInitCode, hashCallData,
accountGasLimits, preVerificationGas, gasFees,
hashPaymasterAndData
);
}
function unpackUints(
bytes32 packed
) internal pure returns (uint256 high128, uint256 low128) {
return (uint128(bytes16(packed)), uint128(uint256(packed)));
}
//unpack just the high 128-bits from a packed value
function unpackHigh128(bytes32 packed) internal pure returns (uint256) {
return uint256(packed) >> 128;
}
// unpack just the low 128-bits from a packed value
function unpackLow128(bytes32 packed) internal pure returns (uint256) {
return uint128(uint256(packed));
}
function unpackMaxPriorityFeePerGas(PackedUserOperation calldata userOp)
internal pure returns (uint256) {
return unpackHigh128(userOp.gasFees);
}
function unpackMaxFeePerGas(PackedUserOperation calldata userOp)
internal pure returns (uint256) {
return unpackLow128(userOp.gasFees);
}
function unpackVerificationGasLimit(PackedUserOperation calldata userOp)
internal pure returns (uint256) {
return unpackHigh128(userOp.accountGasLimits);
}
function unpackCallGasLimit(PackedUserOperation calldata userOp)
internal pure returns (uint256) {
return unpackLow128(userOp.accountGasLimits);
}
function unpackPaymasterVerificationGasLimit(PackedUserOperation calldata userOp)
internal pure returns (uint256) {
return uint128(bytes16(userOp.paymasterAndData[PAYMASTER_VALIDATION_GAS_OFFSET : PAYMASTER_POSTOP_GAS_OFFSET]));
}
function unpackPostOpGasLimit(PackedUserOperation calldata userOp)
internal pure returns (uint256) {
return uint128(bytes16(userOp.paymasterAndData[PAYMASTER_POSTOP_GAS_OFFSET : PAYMASTER_DATA_OFFSET]));
}
function unpackPaymasterStaticFields(
bytes calldata paymasterAndData
) internal pure returns (address paymaster, uint256 validationGasLimit, uint256 postOpGasLimit) {
return (
address(bytes20(paymasterAndData[: PAYMASTER_VALIDATION_GAS_OFFSET])),
uint128(bytes16(paymasterAndData[PAYMASTER_VALIDATION_GAS_OFFSET : PAYMASTER_POSTOP_GAS_OFFSET])),
uint128(bytes16(paymasterAndData[PAYMASTER_POSTOP_GAS_OFFSET : PAYMASTER_DATA_OFFSET]))
);
}
/**
* Hash the user operation data.
* @param userOp - The user operation data.
*/
function hash(
PackedUserOperation calldata userOp
) internal pure returns (bytes32) {
return keccak256(encode(userOp));
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
import { EfficientHashLib } from "solady/utils/EfficientHashLib.sol";
interface IERC5267 {
function eip712Domain()
external
view
returns (
bytes1 fields,
string memory name,
string memory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
);
}
// keccak256("SuperTx(MeeUserOp[] meeUserOps)");
bytes32 constant SUPER_TX_MEE_USER_OP_ARRAY_TYPEHASH =
0x07bdf0267970db0d5b9acc9d9fa8ef0cbb5b543fb897017542bfb306f5e46ad0;
// keccak256("EIP712Domain(string name");
bytes32 constant _DOMAIN_TYPEHASH = 0x95e78ac088fa46a576911187c70ccdc0642491fdb90b2ed8674182c4aabca91d;
uint256 constant STATIC_HEAD_LENGTH = 0x80; // introduced to re-use it in the contracts that use this library
library HashLib {
using EfficientHashLib for *;
function parsePackedSigDataHead(bytes calldata packedSignatureData)
internal
pure
returns (bytes32 outerTypeHash, uint256 itemIndex, bytes32[] calldata itemHashes, bytes calldata signature)
{
/*
* packedSignatureData layout :
* ======== static head part : 0x80 (128) bytes========
* 32 bytes : outerTypeHash
* 32 bytes : itemIndex
* 32 bytes : itemHashes offset
* 32 bytes : signature offset
* ======== static tail for fusion modes =====
* ....
* ======== dynamic tail ==========
* 32 bytes : itemHashes length
* ..... : itemHashes content
* 32 bytes : signature length
* ..... : signature content
*/
assembly {
outerTypeHash := calldataload(packedSignatureData.offset)
itemIndex := calldataload(add(packedSignatureData.offset, 0x20))
let u := calldataload(add(packedSignatureData.offset, 0x40)) // local offset of the array of hashes
let s := add(packedSignatureData.offset, u) // global offset of the array of hashes
itemHashes.offset := add(s, 0x20) // account for 20 bytes length
itemHashes.length := calldataload(s) // get the length
u := calldataload(add(packedSignatureData.offset, sub(STATIC_HEAD_LENGTH, 0x20))) // load local offset of
// the
// signature
s := add(packedSignatureData.offset, u) // global offset of the signature
signature.offset := add(s, 0x20) // account for 20 bytes length
signature.length := calldataload(s) // get the length
}
}
function compareAndGetFinalHash(
bytes32 outerTypeHash,
bytes32 currentItemHash,
uint256 itemIndex,
bytes32[] calldata itemHashes
)
internal
view
returns (bytes32 finalHash)
{
// Compare
if (currentItemHash != itemHashes[itemIndex]) {
// should be treated as invalid in the caller code
finalHash = bytes32(0);
} else {
// SuperTx is a dynamic struct { EntryType1 entryA, EntryType2 entryB, ... EntryTypeN entryX }
// It's typehash is provided from the sdk, and the items are considered to be already
// hashed as properly encoded structs as per eip-712 and provided as bytes32 hashes.
// hashStruct(s : 𝕊) = keccak256(typeHash ‖ encodeData(s))
// The encoding of a struct instance is enc(value₁) ‖ enc(value₂) ‖ … ‖ enc(valueₙ)
// Since all our values are bytes32, we need to just concat all of them
// There is one case which deserves a dedicated flow in terms of optimizations -
// it is when all the superTxn entries are MeeUserOps structs. Then it makes sense
// to treat them as an array of MeeUserOps structs and use the dedicated typehash.
bytes32 structHash;
if (outerTypeHash == SUPER_TX_MEE_USER_OP_ARRAY_TYPEHASH) {
// if SuperTx is an array of MeeUserOps structs, then encoded data is a
// "keccak256 hash of the concatenated encodeData of their contents" as per eip-712
uint256 length = itemHashes.length;
bytes32[] memory a = EfficientHashLib.malloc(length);
for (uint256 i; i < length; ++i) {
a.set(i, itemHashes[i]);
}
bytes32 encodedData = a.hash();
structHash = EfficientHashLib.hash(outerTypeHash, encodedData);
} else {
// if SuperTx is a struct, then encoded data is just the concat of all the itemHashes
/// forge-lint:disable-next-line(asm-keccak256)
structHash = keccak256(abi.encodePacked(outerTypeHash, itemHashes));
}
finalHash = hashTypedDataForAccount(msg.sender, structHash);
}
}
/// @notice Hashes typed data according to eip-712
/// Uses account's domain separator
/// @param account the smart account, who's domain separator will be used
/// @param structHash the typed data struct hash
function hashTypedDataForAccount(address account, bytes32 structHash) internal view returns (bytes32 digest) {
(
/*bytes1 fields*/
,
string memory name,
/*string memory version*/,
/*uint256 chainId*/,
/*address verifyingContract*/,
/*bytes32 salt*/
,
/*uint256[] memory extensions*/
) = IERC5267(account).eip712Domain();
/// @solidity memory-safe-assembly
assembly {
//Rebuild domain separator out of 712 domain
let m := mload(0x40) // Load the free memory pointer.
mstore(m, _DOMAIN_TYPEHASH)
mstore(add(m, 0x20), keccak256(add(name, 0x20), mload(name))) // Name hash.
digest := keccak256(m, 0x40) //domain separator
// Hash typed data
mstore(0x00, 0x1901000000000000) // Store "\x19\x01".
mstore(0x1a, digest) // Store the domain separator.
mstore(0x3a, structHash) // Store the struct hash.
digest := keccak256(0x18, 0x42)
// Restore the part of the free memory slot that was overwritten.
mstore(0x3a, 0)
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
/// @notice Gas optimized ECDSA wrapper.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/ECDSA.sol)
/// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/ECDSA.sol)
/// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol)
///
/// @dev Note:
/// - The recovery functions use the ecrecover precompile (0x1).
/// - As of Solady version 0.0.68, the `recover` variants will revert upon recovery failure.
/// This is for more safety by default.
/// Use the `tryRecover` variants if you need to get the zero address back
/// upon recovery failure instead.
/// - As of Solady version 0.0.134, all `bytes signature` variants accept both
/// regular 65-byte `(r, s, v)` and EIP-2098 `(r, vs)` short form signatures.
/// See: https://eips.ethereum.org/EIPS/eip-2098
/// This is for calldata efficiency on smart accounts prevalent on L2s.
///
/// WARNING! Do NOT directly use signatures as unique identifiers:
/// - The recovery operations do NOT check if a signature is non-malleable.
/// - Use a nonce in the digest to prevent replay attacks on the same contract.
/// - Use EIP-712 for the digest to prevent replay attacks across different chains and contracts.
/// EIP-712 also enables readable signing of typed data for better user safety.
/// - If you need a unique hash from a signature, please use the `canonicalHash` functions.
library ECDSA {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CONSTANTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The order of the secp256k1 elliptic curve.
uint256 internal constant N =
0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141;
/// @dev `N/2 + 1`. Used for checking the malleability of the signature.
uint256 private constant _HALF_N_PLUS_1 =
0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a1;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CUSTOM ERRORS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The signature is invalid.
error InvalidSignature();
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* RECOVERY OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Recovers the signer's address from a message digest `hash`, and the `signature`.
function recover(bytes32 hash, bytes memory signature) internal view returns (address result) {
/// @solidity memory-safe-assembly
assembly {
for { let m := mload(0x40) } 1 {
mstore(0x00, 0x8baa579f) // `InvalidSignature()`.
revert(0x1c, 0x04)
} {
switch mload(signature)
case 64 {
let vs := mload(add(signature, 0x40))
mstore(0x20, add(shr(255, vs), 27)) // `v`.
mstore(0x60, shr(1, shl(1, vs))) // `s`.
}
case 65 {
mstore(0x20, byte(0, mload(add(signature, 0x60)))) // `v`.
mstore(0x60, mload(add(signature, 0x40))) // `s`.
}
default { continue }
mstore(0x00, hash)
mstore(0x40, mload(add(signature, 0x20))) // `r`.
result := mload(staticcall(gas(), 1, 0x00, 0x80, 0x01, 0x20))
mstore(0x60, 0) // Restore the zero slot.
mstore(0x40, m) // Restore the free memory pointer.
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
if returndatasize() { break }
}
}
}
/// @dev Recovers the signer's address from a message digest `hash`, and the `signature`.
function recoverCalldata(bytes32 hash, bytes calldata signature)
internal
view
returns (address result)
{
/// @solidity memory-safe-assembly
assembly {
for { let m := mload(0x40) } 1 {
mstore(0x00, 0x8baa579f) // `InvalidSignature()`.
revert(0x1c, 0x04)
} {
switch signature.length
case 64 {
let vs := calldataload(add(signature.offset, 0x20))
mstore(0x20, add(shr(255, vs), 27)) // `v`.
mstore(0x40, calldataload(signature.offset)) // `r`.
mstore(0x60, shr(1, shl(1, vs))) // `s`.
}
case 65 {
mstore(0x20, byte(0, calldataload(add(signature.offset, 0x40)))) // `v`.
calldatacopy(0x40, signature.offset, 0x40) // Copy `r` and `s`.
}
default { continue }
mstore(0x00, hash)
result := mload(staticcall(gas(), 1, 0x00, 0x80, 0x01, 0x20))
mstore(0x60, 0) // Restore the zero slot.
mstore(0x40, m) // Restore the free memory pointer.
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
if returndatasize() { break }
}
}
}
/// @dev Recovers the signer's address from a message digest `hash`,
/// and the EIP-2098 short form signature defined by `r` and `vs`.
function recover(bytes32 hash, bytes32 r, bytes32 vs) internal view returns (address result) {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
mstore(0x00, hash)
mstore(0x20, add(shr(255, vs), 27)) // `v`.
mstore(0x40, r)
mstore(0x60, shr(1, shl(1, vs))) // `s`.
result := mload(staticcall(gas(), 1, 0x00, 0x80, 0x01, 0x20))
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
if iszero(returndatasize()) {
mstore(0x00, 0x8baa579f) // `InvalidSignature()`.
revert(0x1c, 0x04)
}
mstore(0x60, 0) // Restore the zero slot.
mstore(0x40, m) // Restore the free memory pointer.
}
}
/// @dev Recovers the signer's address from a message digest `hash`,
/// and the signature defined by `v`, `r`, `s`.
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s)
internal
view
returns (address result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
mstore(0x00, hash)
mstore(0x20, and(v, 0xff))
mstore(0x40, r)
mstore(0x60, s)
result := mload(staticcall(gas(), 1, 0x00, 0x80, 0x01, 0x20))
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
if iszero(returndatasize()) {
mstore(0x00, 0x8baa579f) // `InvalidSignature()`.
revert(0x1c, 0x04)
}
mstore(0x60, 0) // Restore the zero slot.
mstore(0x40, m) // Restore the free memory pointer.
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* TRY-RECOVER OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
// WARNING!
// These functions will NOT revert upon recovery failure.
// Instead, they will return the zero address upon recovery failure.
// It is critical that the returned address is NEVER compared against
// a zero address (e.g. an uninitialized address variable).
/// @dev Recovers the signer's address from a message digest `hash`, and the `signature`.
function tryRecover(bytes32 hash, bytes memory signature)
internal
view
returns (address result)
{
/// @solidity memory-safe-assembly
assembly {
for { let m := mload(0x40) } 1 {} {
switch mload(signature)
case 64 {
let vs := mload(add(signature, 0x40))
mstore(0x20, add(shr(255, vs), 27)) // `v`.
mstore(0x60, shr(1, shl(1, vs))) // `s`.
}
case 65 {
mstore(0x20, byte(0, mload(add(signature, 0x60)))) // `v`.
mstore(0x60, mload(add(signature, 0x40))) // `s`.
}
default { break }
mstore(0x00, hash)
mstore(0x40, mload(add(signature, 0x20))) // `r`.
pop(staticcall(gas(), 1, 0x00, 0x80, 0x40, 0x20))
mstore(0x60, 0) // Restore the zero slot.
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
result := mload(xor(0x60, returndatasize()))
mstore(0x40, m) // Restore the free memory pointer.
break
}
}
}
/// @dev Recovers the signer's address from a message digest `hash`, and the `signature`.
function tryRecoverCalldata(bytes32 hash, bytes calldata signature)
internal
view
returns (address result)
{
/// @solidity memory-safe-assembly
assembly {
for { let m := mload(0x40) } 1 {} {
switch signature.length
case 64 {
let vs := calldataload(add(signature.offset, 0x20))
mstore(0x20, add(shr(255, vs), 27)) // `v`.
mstore(0x40, calldataload(signature.offset)) // `r`.
mstore(0x60, shr(1, shl(1, vs))) // `s`.
}
case 65 {
mstore(0x20, byte(0, calldataload(add(signature.offset, 0x40)))) // `v`.
calldatacopy(0x40, signature.offset, 0x40) // Copy `r` and `s`.
}
default { break }
mstore(0x00, hash)
pop(staticcall(gas(), 1, 0x00, 0x80, 0x40, 0x20))
mstore(0x60, 0) // Restore the zero slot.
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
result := mload(xor(0x60, returndatasize()))
mstore(0x40, m) // Restore the free memory pointer.
break
}
}
}
/// @dev Recovers the signer's address from a message digest `hash`,
/// and the EIP-2098 short form signature defined by `r` and `vs`.
function tryRecover(bytes32 hash, bytes32 r, bytes32 vs)
internal
view
returns (address result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
mstore(0x00, hash)
mstore(0x20, add(shr(255, vs), 27)) // `v`.
mstore(0x40, r)
mstore(0x60, shr(1, shl(1, vs))) // `s`.
pop(staticcall(gas(), 1, 0x00, 0x80, 0x40, 0x20))
mstore(0x60, 0) // Restore the zero slot.
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
result := mload(xor(0x60, returndatasize()))
mstore(0x40, m) // Restore the free memory pointer.
}
}
/// @dev Recovers the signer's address from a message digest `hash`,
/// and the signature defined by `v`, `r`, `s`.
function tryRecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s)
internal
view
returns (address result)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
mstore(0x00, hash)
mstore(0x20, and(v, 0xff))
mstore(0x40, r)
mstore(0x60, s)
pop(staticcall(gas(), 1, 0x00, 0x80, 0x40, 0x20))
mstore(0x60, 0) // Restore the zero slot.
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.
result := mload(xor(0x60, returndatasize()))
mstore(0x40, m) // Restore the free memory pointer.
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* HASHING OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns an Ethereum Signed Message, created from a `hash`.
/// This produces a hash corresponding to the one signed with the
/// [`eth_sign`](https://ethereum.org/en/developers/docs/apis/json-rpc/#eth_sign)
/// JSON-RPC method as part of EIP-191.
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x20, hash) // Store into scratch space for keccak256.
mstore(0x00, "\x00\x00\x00\x00\x19Ethereum Signed Message:\n32") // 28 bytes.
result := keccak256(0x04, 0x3c) // `32 * 2 - (32 - 28) = 60 = 0x3c`.
}
}
/// @dev Returns an Ethereum Signed Message, created from `s`.
/// This produces a hash corresponding to the one signed with the
/// [`eth_sign`](https://ethereum.org/en/developers/docs/apis/json-rpc/#eth_sign)
/// JSON-RPC method as part of EIP-191.
/// Note: Supports lengths of `s` up to 999999 bytes.
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let sLength := mload(s)
let o := 0x20
mstore(o, "\x19Ethereum Signed Message:\n") // 26 bytes, zero-right-padded.
mstore(0x00, 0x00)
// Convert the `s.length` to ASCII decimal representation: `base10(s.length)`.
for { let temp := sLength } 1 {} {
o := sub(o, 1)
mstore8(o, add(48, mod(temp, 10)))
temp := div(temp, 10)
if iszero(temp) { break }
}
let n := sub(0x3a, o) // Header length: `26 + 32 - o`.
// Throw an out-of-offset error (consumes all gas) if the header exceeds 32 bytes.
returndatacopy(returndatasize(), returndatasize(), gt(n, 0x20))
mstore(s, or(mload(0x00), mload(n))) // Temporarily store the header.
result := keccak256(add(s, sub(0x20, n)), add(n, sLength))
mstore(s, sLength) // Restore the length.
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CANONICAL HASH FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
// The following functions return the hash of the signature in its canonicalized format,
// which is the 65-byte `abi.encodePacked(r, s, uint8(v))`, where `v` is either 27 or 28.
// If `s` is greater than `N / 2` then it will be converted to `N - s`
// and the `v` value will be flipped.
// If the signature has an invalid length, or if `v` is invalid,
// a uniquely corrupt hash will be returned.
// These functions are useful for "poor-mans-VRF".
/// @dev Returns the canonical hash of `signature`.
function canonicalHash(bytes memory signature) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
let l := mload(signature)
for {} 1 {} {
mstore(0x00, mload(add(signature, 0x20))) // `r`.
let s := mload(add(signature, 0x40))
let v := mload(add(signature, 0x41))
if eq(l, 64) {
v := add(shr(255, s), 27)
s := shr(1, shl(1, s))
}
if iszero(lt(s, _HALF_N_PLUS_1)) {
v := xor(v, 7)
s := sub(N, s)
}
mstore(0x21, v)
mstore(0x20, s)
result := keccak256(0x00, 0x41)
mstore(0x21, 0) // Restore the overwritten part of the free memory pointer.
break
}
// If the length is neither 64 nor 65, return a uniquely corrupted hash.
if iszero(lt(sub(l, 64), 2)) {
// `bytes4(keccak256("InvalidSignatureLength"))`.
result := xor(keccak256(add(signature, 0x20), l), 0xd62f1ab2)
}
}
}
/// @dev Returns the canonical hash of `signature`.
function canonicalHashCalldata(bytes calldata signature)
internal
pure
returns (bytes32 result)
{
/// @solidity memory-safe-assembly
assembly {
for {} 1 {} {
mstore(0x00, calldataload(signature.offset)) // `r`.
let s := calldataload(add(signature.offset, 0x20))
let v := calldataload(add(signature.offset, 0x21))
if eq(signature.length, 64) {
v := add(shr(255, s), 27)
s := shr(1, shl(1, s))
}
if iszero(lt(s, _HALF_N_PLUS_1)) {
v := xor(v, 7)
s := sub(N, s)
}
mstore(0x21, v)
mstore(0x20, s)
result := keccak256(0x00, 0x41)
mstore(0x21, 0) // Restore the overwritten part of the free memory pointer.
break
}
// If the length is neither 64 nor 65, return a uniquely corrupted hash.
if iszero(lt(sub(signature.length, 64), 2)) {
calldatacopy(mload(0x40), signature.offset, signature.length)
// `bytes4(keccak256("InvalidSignatureLength"))`.
result := xor(keccak256(mload(0x40), signature.length), 0xd62f1ab2)
}
}
}
/// @dev Returns the canonical hash of `signature`.
function canonicalHash(bytes32 r, bytes32 vs) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, r) // `r`.
let v := add(shr(255, vs), 27)
let s := shr(1, shl(1, vs))
mstore(0x21, v)
mstore(0x20, s)
result := keccak256(0x00, 0x41)
mstore(0x21, 0) // Restore the overwritten part of the free memory pointer.
}
}
/// @dev Returns the canonical hash of `signature`.
function canonicalHash(uint8 v, bytes32 r, bytes32 s) internal pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, r) // `r`.
if iszero(lt(s, _HALF_N_PLUS_1)) {
v := xor(v, 7)
s := sub(N, s)
}
mstore(0x21, v)
mstore(0x20, s)
result := keccak256(0x00, 0x41)
mstore(0x21, 0) // Restore the overwritten part of the free memory pointer.
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* EMPTY CALLDATA HELPERS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns an empty calldata bytes.
function emptySignature() internal pure returns (bytes calldata signature) {
/// @solidity memory-safe-assembly
assembly {
signature.length := 0
}
}
}{
"remappings": [
"forge-std/=node_modules/forge-std/src/",
"account-abstraction/=node_modules/account-abstraction/contracts/",
"solady/=node_modules/solady/src/",
"sentinellist/=node_modules/@rhinestone/sentinellist/src/",
"module-bases/=node_modules/@rhinestone/module-bases/src/",
"erc7739Validator/=node_modules/@erc7579/erc7739-validator-base/src/",
"EnumerableSet4337/=node_modules/@erc7579/enumerablemap4337/src/",
"erc7579/=node_modules/@erc7579/implementation/src/",
"byteslib/=node_modules/solidity-bytes-utils/contracts/",
"rlp-reader/=node_modules/solidity-rlp/contracts/",
"murky-trees/=node_modules/murky/src/",
"solarray/=node_modules/solarray/src/",
"excessively-safe-call/=node_modules/excessively-safe-call/src/",
"@ERC4337/=node_modules/@ERC4337/",
"@erc7579/=node_modules/@erc7579/",
"@gnosis.pm/=node_modules/@gnosis.pm/",
"@openzeppelin/=node_modules/@openzeppelin/",
"@prb/=node_modules/@prb/",
"@rhinestone/=node_modules/@rhinestone/",
"@safe-global/=node_modules/@safe-global/",
"@zerodev/=node_modules/@zerodev/",
"account-abstraction-v0.6/=node_modules/account-abstraction-v0.6/",
"ds-test/=node_modules/ds-test/",
"hardhat-deploy/=node_modules/hardhat-deploy/",
"hardhat/=node_modules/hardhat/",
"solidity-bytes-utils/=node_modules/solidity-bytes-utils/",
"solidity-rlp/=node_modules/solidity-rlp/"
],
"optimizer": {
"enabled": true,
"runs": 999
},
"metadata": {
"useLiteralContent": false,
"bytecodeHash": "none",
"appendCBOR": true
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"evmVersion": "cancun",
"viaIR": true
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
Contract ABI
API[{"inputs":[{"internalType":"address","name":"smartAccount","type":"address"}],"name":"AlreadyInitialized","type":"error"},{"inputs":[],"name":"InvalidDataLength","type":"error"},{"inputs":[],"name":"InvalidSignature","type":"error"},{"inputs":[{"internalType":"address","name":"target","type":"address"}],"name":"InvalidTargetAddress","type":"error"},{"inputs":[],"name":"ModuleAlreadyInitialized","type":"error"},{"inputs":[],"name":"NewOwnerIsNotEoa","type":"error"},{"inputs":[],"name":"NoOwnerProvided","type":"error"},{"inputs":[{"internalType":"address","name":"smartAccount","type":"address"}],"name":"NotInitialized","type":"error"},{"inputs":[],"name":"OwnerCannotBeZeroAddress","type":"error"},{"inputs":[],"name":"PermitFailed","type":"error"},{"inputs":[],"name":"SafeSendersLengthInvalid","type":"error"},{"inputs":[],"name":"TxDecoder_CallDataLengthTooShort","type":"error"},{"inputs":[],"name":"TxValidatorLib_UnsupportedTxType","type":"error"},{"inputs":[],"name":"ZeroAddressNotAllowed","type":"error"},{"inputs":[{"internalType":"address","name":"sender","type":"address"}],"name":"addSafeSender","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"smartAccount","type":"address"}],"name":"getOwner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"smartAccount","type":"address"}],"name":"isInitialized","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"typeId","type":"uint256"}],"name":"isModuleType","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"pure","type":"function"},{"inputs":[{"internalType":"address","name":"sender","type":"address"},{"internalType":"address","name":"smartAccount","type":"address"}],"name":"isSafeSender","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"sender","type":"address"},{"internalType":"bytes32","name":"dataHash","type":"bytes32"},{"internalType":"bytes","name":"signature","type":"bytes"}],"name":"isValidSignatureWithSender","outputs":[{"internalType":"bytes4","name":"sigValidationResult","type":"bytes4"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"name","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"pure","type":"function"},{"inputs":[{"internalType":"bytes","name":"data","type":"bytes"}],"name":"onInstall","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes","name":"","type":"bytes"}],"name":"onUninstall","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"sender","type":"address"}],"name":"removeSafeSender","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"smartAccountOwners","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"supportsNestedTypedDataSign","outputs":[{"internalType":"bytes32","name":"result","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes32","name":"hash","type":"bytes32"},{"internalType":"bytes","name":"sig","type":"bytes"},{"internalType":"bytes","name":"data","type":"bytes"}],"name":"validateSignatureWithData","outputs":[{"internalType":"bool","name":"isValidSig","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"address","name":"sender","type":"address"},{"internalType":"uint256","name":"nonce","type":"uint256"},{"internalType":"bytes","name":"initCode","type":"bytes"},{"internalType":"bytes","name":"callData","type":"bytes"},{"internalType":"bytes32","name":"accountGasLimits","type":"bytes32"},{"internalType":"uint256","name":"preVerificationGas","type":"uint256"},{"internalType":"bytes32","name":"gasFees","type":"bytes32"},{"internalType":"bytes","name":"paymasterAndData","type":"bytes"},{"internalType":"bytes","name":"signature","type":"bytes"}],"internalType":"struct PackedUserOperation","name":"userOp","type":"tuple"},{"internalType":"bytes32","name":"userOpHash","type":"bytes32"}],"name":"validateUserOp","outputs":[{"internalType":"uint256","name":"vd","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"version","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"pure","type":"function"}]Contract Creation Code
60808060405234601557613926908161001a8239f35b5f80fdfe60806040526004361015610011575f80fd5b5f3560e01c806306fdde03146101145780630807dbc11461010f5780632e5b63a61461010a57806354fd4d50146101055780635c81ca68146101005780636d61fe70146100fb5780638a91b0e3146100f6578063940d3840146100f157806397003203146100ec578063d60b347f146100e7578063d620c85a146100e2578063e824b568146100dd578063ecd05961146100d8578063f2fde38b146100d3578063f551e2ee146100ce5763fa544161146100c9575f80fd5b610949565b6108e9565b610851565b610819565b6107ea565b6107b0565b610762565b610609565b610558565b6104ae565b610356565b6102c8565b610271565b61022d565b6101ca565b610151565b5f91031261012357565b5f80fd5b602060409281835280519182918282860152018484015e5f828201840152601f01601f1916010190565b34610123575f366003190112610123576101a86040516101726040826109b1565b600e81527f4b314d656556616c696461746f72000000000000000000000000000000000000602082015260405191829182610127565b0390f35b6001600160a01b0381160361012357565b35906101c8826101ac565b565b346101235760403660031901126101235760206102226004356101ec816101ac565b6001600160a01b0360243591610201836101ac565b165f526002835260405f20906001600160a01b03165f5260205260405f2090565b541515604051908152f35b34610123576020366003190112610123576001600160a01b03600435610252816101ac565b165f525f60205260206001600160a01b0360405f205416604051908152f35b34610123575f366003190112610123576101a86040516102926040826109b1565b600581527f312e312e30000000000000000000000000000000000000000000000000000000602082015260405191829182610127565b34610123576020366003190112610123576102f76001600160a01b036004356102f0816101ac565b1633611847565b005b9181601f840112156101235782359167ffffffffffffffff8311610123576020838186019501011161012357565b6020600319820112610123576004359067ffffffffffffffff821161012357610352916004016102f9565b9091565b346101235761036436610327565b90811561048657610391336001600160a01b03165f525f6020526001600160a01b0360405f205416151590565b61045e576103b16103ab6103a58484610a50565b90610ae8565b60601c90565b6103c56001600160a01b0382161515610b28565b6103ce81610dc6565b61043657610418906103f0336001600160a01b03165f525f60205260405f2090565b906001600160a01b031673ffffffffffffffffffffffffffffffffffffffff19825416179055565b6014821161042257005b816102f79261043092610a5e565b90610e73565b7fa0b6c8e9000000000000000000000000000000000000000000000000000000005f5260045ffd5b7fe72ce85e000000000000000000000000000000000000000000000000000000005f5260045ffd5b7f1f2a381c000000000000000000000000000000000000000000000000000000005f5260045ffd5b34610123576104bc36610327565b5050335f525f60205260405f2073ffffffffffffffffffffffffffffffffffffffff198154169055335f52600160205260405f20546001905b808211156104ff57005b8181039181831161055357335f52600160205260405f2080548410156105425761053690600161053c94950160051b0154336121f2565b5061192e565b906104f5565b83638277484f5f526020526024601cfd5b610ddd565b346101235760603660031901126101235760043560243567ffffffffffffffff81116101235761058c9036906004016102f9565b60443567ffffffffffffffff8111610123576105ac9036906004016102f9565b601481949294106105e157601411610123576101a8936105cf933560601c610eff565b60405190151581529081906020820190565b7fdfe93090000000000000000000000000000000000000000000000000000000005f5260045ffd5b346101235760403660031901126101235760043567ffffffffffffffff811161012357806004016101206003198336030112610123576101a89160243561010461065a61065585610b57565b610d82565b92019260046106698583610b64565b9050105f1461069f5761068261068f9461068992610b64565b3691610bcd565b90610f9f565b6040519081529081906020820190565b6001600160e01b03196106c46106be6106b88785610b64565b90610a7b565b90610b97565b16620bbf7760e91b81036106f557506106e36106f0946106ea92610b64565b8091610a89565b916115a8565b61068f565b63177eee0160e01b810361072f575080846107216107196106f09761072995610b64565b929093610b64565b929050610a89565b916114eb565b630bbf770160e11b03610752576106e36106f09461074c92610b64565b91611168565b6106826106f09461068992610b64565b346101235760203660031901126101235760206107a6600435610784816101ac565b6001600160a01b03165f525f6020526001600160a01b0360405f205416151590565b6040519015158152f35b34610123575f3660031901126101235760206040517fd620c85a000000000000000000000000000000000000000000000000000000008152f35b34610123576020366003190112610123576102f76001600160a01b03600435610812816101ac565b16336121f2565b3461012357602036600319011261012357602060043560018114908115610846575b506040519015158152f35b60079150145f61083b565b346101235760203660031901126101235760043561086e816101ac565b6001600160a01b038116156108c15761088681610dc6565b610436576102f790335f525f60205260405f20906001600160a01b031673ffffffffffffffffffffffffffffffffffffffff19825416179055565b7f8579befe000000000000000000000000000000000000000000000000000000005f5260045ffd5b3461012357606036600319011261012357600435610906816101ac565b60443560243567ffffffffffffffff82116101235760209261092f6109379336906004016102f9565b929091610c69565b6001600160e01b031960405191168152f35b3461012357602036600319011261012357602061096b600435610655816101ac565b6001600160a01b0360405191168152f35b634e487b7160e01b5f52604160045260245ffd5b6040810190811067ffffffffffffffff8211176109ac57604052565b61097c565b90601f8019910116810190811067ffffffffffffffff8211176109ac57604052565b604051906101c86101a0836109b1565b604051906101c8610120836109b1565b604051906101c860e0836109b1565b604051906101c86040836109b1565b604051906101c86080836109b1565b67ffffffffffffffff81116109ac57601f01601f191660200190565b60405190610a4b6020836109b1565b5f8252565b906014116101235790601490565b909291928360141161012357831161012357601401916013190190565b906004116101235790600490565b909291928360041161012357831161012357600401916003190190565b906003116101235790600390565b909291928360011161012357831161012357600101915f190190565b90939293848311610123578411610123578101920390565b356bffffffffffffffffffffffff19811692919060148210610b08575050565b6bffffffffffffffffffffffff1960149290920360031b82901b16169150565b15610b2f57565b7fc81abf60000000000000000000000000000000000000000000000000000000005f5260045ffd5b35610b61816101ac565b90565b903590601e1981360301821215610123570180359067ffffffffffffffff82116101235760200191813603831361012357565b919091356001600160e01b031981169260048110610bb3575050565b6001600160e01b0319929350829060040360031b1b161690565b929192610bd982610a20565b91610be760405193846109b1565b829481845281830111610123578281602093845f960137010152565b919091357fffffff000000000000000000000000000000000000000000000000000000000081169260038110610c37575050565b7fffffff0000000000000000000000000000000000000000000000000000000000929350829060030360031b1b161690565b909183158015610d3e575b15610c8e57610b6193610c8691611683565b9290916116b5565b9050826001600160e01b0319610caa6106be610cde9685610a7b565b16630bbf770160e11b8114908115610d2d575b50610d13575b610cd690610cd033610d82565b92611683565b929091610eff565b15610d07577f1626ba7e0000000000000000000000000000000000000000000000000000000090565b6001600160e01b031990565b6040519283523360601b6020840152603490922091610cc3565b63177eee0160e01b9150145f610cbd565b50620bbf7760e91b7fffffff0000000000000000000000000000000000000000000000000000000000610d7a610d748785610aa6565b90610c03565b161415610c74565b6001600160a01b0381165f525f6020526001600160a01b0360405f20541680155f14610dac575090565b905090565b6001600160a01b03610b6192169060016118ce565b3b8015159081610dd4575090565b60179150141590565b634e487b7160e01b5f52601160045260245ffd5b8115610dfb570490565b634e487b7160e01b5f52601260045260245ffd5b908160051b918083046020149015171561055357565b908160081b91808304610100149015171561055357565b906001820180921161055357565b90601b820180921161055357565b906037820180921161055357565b9190820180921161055357565b9060148106610ed7575f5b601482048110610e8d57505050565b806014029060148204810361055357610ea581610e3c565b8060140290601482040361055357610eca6103ab6103a5610ed093600196888a610ad0565b33610db1565b5001610e7e565b7f1c6b73d6000000000000000000000000000000000000000000000000000000005f5260045ffd5b91929092816004116101235780356001600160e01b031916620bbf7760e91b8103610f3d575081610b61949392610f3592610a89565b929091611cb2565b63177eee0160e01b8103610f64575081610b61949392610f5c92610a89565b929091611b43565b630bbf770160e11b03610f895781610b61949392610f8192610a89565b929091611a86565b610f9990610b6194923691610bcd565b91611d00565b610fa892611d00565b15610fb1575f90565b600190565b3590811515820361012357565b359065ffffffffffff8216820361012357565b60ff81160361012357565b35906101c882610fd6565b67ffffffffffffffff81116109ac5760051b60200190565b92919061101081610fec565b9361101e60405195866109b1565b602085838152019160051b810192831161012357905b82821061104057505050565b8135815260209182019101611034565b9080601f8301121561012357816020610b6193359101611004565b6101a0813603126101235761107e6109d3565b90611088816101bd565b8252611096602082016101bd565b60208301526040810135604083015260608101356060830152608081013560808301526110c560a08201610fb6565b60a083015260c081013560c08301526110e060e08201610fc3565b60e08301526110f26101008201610fc3565b6101008301526111056101208201610fe1565b6101208301526101408101356101408301526101608101356101608301526101808101359067ffffffffffffffff82116101235761114591369101611050565b61018082015290565b6040513d5f823e3d90fd5b90816020910312610123575190565b9291506111779060200161106b565b60e08101916111d46111cb611192855165ffffffffffff1690565b61010085019665ffffffffffff806111b08a5165ffffffffffff1690565b16921691606092604051928352602083015260408201522090565b5f5260205f2090565b6111de8383611d6b565b92610140810180519061125261124e61016085019788519061124861012088019661123a61120d895160ff1690565b6040519586936020850191926041936001600160f81b0319928452602084015260f81b1660408201520190565b03601f1981018452836109b1565b88611d00565b1590565b6114de5761127061124e6101808501519560c0860196875190611e22565b6114de5760a08301516112c8575b5050505050506112a761129a610b61935165ffffffffffff1690565b915165ffffffffffff1690565b6001600160d01b031965ffffffffffff60a01b9160d01b169160a01b161790565b6112e86112dc84516001600160a01b031690565b6001600160a01b031690565b9360208401946112ff86516001600160a01b031690565b60608601986113138a519451965160ff1690565b9451905190833b15610123576113965f96928b9288946040519a8b998a9889977fd505accf000000000000000000000000000000000000000000000000000000008952600489019360c09591989796936001600160a01b0360ff948160e089019c1688521660208701526040860152606085015216608083015260a08201520152565b03925af190816114c4575b506114b157916020916113d96113cb6112dc6112dc6112dc6114269998516001600160a01b031690565b91516001600160a01b031690565b6040517fdd62ed3e0000000000000000000000000000000000000000000000000000000081526001600160a01b039384166004820152921660248301529093849190829081906044820190565b03915afa9182156114ac575f9261147b575b505111611453576112a761129a610b61935b935f808061127e565b7fb78cb0dd000000000000000000000000000000000000000000000000000000005f5260045ffd5b61149e91925060203d6020116114a5575b61149681836109b1565b810190611159565b905f611438565b503d61148c565b61114e565b505050506112a761129a610b619361144a565b806114d25f6114d8936109b1565b80610119565b5f6113a1565b5050505050505050600190565b92916114f691611f27565b9060e082019161156261124e6115366111cb611518875165ffffffffffff1690565b61010086019865ffffffffffff806111b08c5165ffffffffffff1690565b9360408401519061155760608601519261123a61120d602089015160ff1690565b608085015190611d00565b61159f5761157e918160a060c061124e94015191015190611e22565b611598576112a761129a610b61935165ffffffffffff1690565b5050600190565b50505050600190565b929091506040820135820161163460608401358401916080850135948560801c966020833593019161162d6020820135928a6fffffffffffffffffffffffffffffffff8b16919091608092604051927fa893e832cd40f0161a05fdeee70845d347394fb92e8ffc59e56e6b2d3760545484526020840152604083015260608201522090565b9035612105565b9182156116795761165392610f9961124e933690602081359101610bcd565b6115985760a01b65ffffffffffff60a01b1660d09190911b6001600160d01b0319161790565b5050505050600190565b9182828101601f19013561649261ffff30801c190402146116a15750565b604091935080925001350160208135910191565b92919082156117e2575b7f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a06020830135116117ba576001600160a01b035f94166dd9ecebf3c23529de49815dac1c4c81149081156117b0575b8115611780575b50611760575b831561174d575b831561173b575b505050155f03631626ba7e1760e01b90565b61174593506126cf565b5f8080611729565b925061175a8282856123fe565b92611722565b925061177a61176e33610d82565b84610f99368686610bcd565b9261171b565b90505f5260026020526117a73360405f20906001600160a01b03165f5260205260405f2090565b5415155f611715565b338114915061170e565b7f8baa579f000000000000000000000000000000000000000000000000000000005f5260045ffd5b61773961ffff8419040281036116bf57505050507f773900010000000000000000000000000000000000000000000000000000000090565b600190611841935f520160205260405f20906001600160a01b03165f5260205260405f2090565b54151590565b815f526001800160205261186f8160405f20906001600160a01b03165f5260205260405f2090565b546118c857806118c2915f52600160205260405f20600181540190848260051b82015555805f52600160205260405f2054925f52600260205260405f20906001600160a01b03165f5260205260405f2090565b55600190565b50505f90565b906118da83828461181a565b611927575f81815260208390526040902080546001908101600581901b8301869055918290556118c2939091945f520160205260405f20906001600160a01b03165f5260205260405f2090565b5050505f90565b5f1981146105535760010190565b5f1981019190821161055357565b60051981019190821161055357565b60221981019190821161055357565b601f1981019190821161055357565b60bf1981019190821161055357565b607f1981019190821161055357565b602003906020821161055357565b9190820391821161055357565b91909161012081840312610123576119c66109e3565b926119d0826101bd565b845260208201356020850152604082013560408501526060820135606085015260808201356080850152611a0660a08301610fe1565b60a085015260c082013560c085015260e082013560e085015261010082013567ffffffffffffffff811161012357611a3e9201611050565b610100830152565b35610b6181610fd6565b903590601e1981360301821215610123570180359067ffffffffffffffff821161012357602001918160051b3603831361012357565b919250611b0561124e6020850193611aa7611aa136876119b0565b82612782565b61010087013591611b0060e0890135611af2611ac560c08c01611a46565b6040519687936020850191926041936001600160f81b0319928452602084015260f81b1660408201520190565b03601f1981018552846109b1565b611d00565b6119275760a0611b3184611b2461124e95610120611b36980190611a50565b9390910135923691611004565b611e22565b611b3f57600190565b5f90565b611b4b6127fd565b50611b568484611ed7565b3560f81c92611b648561193c565b611b6f908683611ee5565b3560f81c611b7c81610e0f565b611b8590610e3c565b611b8f90876119a3565b611b9a908784610ab4565b909290611ba8368286610bcd565b611bb1906128f2565b91611bbb8361292c565b611bc59089612a2c565b93888551611bd290612b0d565b9360208701978851986040890191825198611bec906132a5565b9190508a5192519351943690611c0192610bcd565b611c0a95612bb7565b9460600151611c1890612cd5565b99611c2292612fe5565b96611c2b6109f3565b60ff918216815291166020820181905260408201859052606082018390526080820193845260a0820198895260c090910196875260408051602081019590955284019190915260f81b6001600160f81b031916606083015260418252611c926061836109b1565b51611c9c92611d00565b1561192757611b369261124e9251905190611e22565b919250611cdc90604084013584019060608501358501946020833593019160208201359135612105565b801561192757610f99611cf6933690602081359101610bcd565b15611b3f57600190565b906001600160a01b03929183611d168484612844565b911693168314611d63576001600160a01b0391611d59916020527b19457468657265756d205369676e6564204d6573736167653a0a33325f52603c600420612844565b1614610fb1575f90565b505050600190565b906040611de96042936001600160a01b03602085015116606085015160808601519160c0870151939290916001600160a01b0360c0959381604051967f6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c988521660208701521660408501526060840152608083015260a08201522090565b91015190604051917f19010000000000000000000000000000000000000000000000000000000000008352600283015260228201522090565b909181519182611e34575b5090501490565b8060208092019360051b0101905b8251811160051b90815260208351911852602060405f20920191818310611e4257915050805f611e2d565b60405190610120820182811067ffffffffffffffff8211176109ac576040525f610100838281528260208201528260408201528260608201528260808201528260a0820152606060c08201528260e08201520152565b634e487b7160e01b5f52603260045260245ffd5b9015611ee05790565b611ec3565b90821015611ee0570190565b919091356001600160d01b031981169260068110611f0d575050565b6001600160d01b0319929350829060060360031b1b161690565b611f2f611e6d565b50611f3a8282611ed7565b3560f81c91600c91611f4c83836119a3565b611f558361194a565b611f60918484610ad0565b611f6991611ef1565b60d01c9180611f778161194a565b90611f83918185610ad0565b611f8c91611ef1565b60d01c93611f9a81836119a3565b611fa39061193c565b611fae908385611ee5565b3560f81c90611fbc82610e0f565b611fc590610e3c565b90611fcf91610e66565b611fd990836119a3565b611fe4908385610ab4565b9390611ff1368683610bcd565b611ffa906128f2565b916120048361292c565b61200e908a612a2c565b9389855161201b90612b0d565b9760208701948551956040890191825198612035906132a5565b9190508a519251935194369061204a92610bcd565b61205395612bb7565b946060015161206190612cd5565b9561206b92612df2565b946120746109e3565b60ff909916895260ff16602089015260408801526060870152608086015260a085015260c084015265ffffffffffff1660e083015265ffffffffffff1661010082015290565b9190811015611ee05760051b0190565b9081527f07ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff83116101235760209260051b809284830137010190565b9392916121139084846120ba565b3514612120575050505f90565b7f07bdf0267970db0d5b9acc9d9fa8ef0cbb5b543fb897017542bfb306f5e46ad083036121bf576121608290604051828193825260010160051b01604052565b915f5b81811061219857505050610b6191612185612192926020815160051b91012090565b905f5260205260405f2090565b33612e6f565b806121b86121a960019385876120ba565b356001830160051b8701528590565b5001612163565b906121ea610b6193926121dc6040519384926020840196876120ca565b03601f1981018352826109b1565b519020612192565b90805f5260026020526122198260405f20906001600160a01b03165f5260205260405f2090565b54918215611927575f19830191838311610553575f828152600160205260409020545f19810191908211610553575f94848484612278956118c2980361228e575b50905061226991506001613583565b6002905f5260205260405f2090565b906001600160a01b03165f5260205260405f2090565b6122ae926122696122a461227893856001613536565b8092856001613565565b555f80848161225a565b81601f82011215610123578051906122cf82610a20565b926122dd60405194856109b1565b8284526020838301011161012357815f9260208093018386015e8301015290565b51906101c8826101ac565b9080601f8301121561012357815161232081610fec565b9261232e60405194856109b1565b81845260208085019260051b82010192831161012357602001905b8282106123565750505090565b8151815260209182019101612349565b9060e0828203126101235781516001600160f81b0319811681036101235792602083015167ffffffffffffffff811161012357826123a59185016122b8565b92604081015167ffffffffffffffff811161012357836123c69183016122b8565b926060820151926123d9608084016122fe565b9260a08101519260c082015167ffffffffffffffff811161012357610b619201612309565b9092309330612627575b60405190600119858201013560f01c94600e830196869187810384016041198101976119015f5260408960203789158a604201841017816042601e2018176125e757507f5479706564446174615369676e2800000000000000000000000000000000000086526001198101999889818c82378188016028600e8201526029600d8201515f1a03612591575b506f07fffffe000000000000010000000000919250999899515f1a1c5b88515f1a602881146124d15790651201000000016001921c179801976124b0565b50929496999086986040610b619b83605c96989a957f20636f6e74656e74732c737472696e67206e616d652c737472696e670000000085527f2076657273696f6e2c75696e7432353620636861696e49642c61646472657373601c8601527f20766572696679696e67436f6e74726163742c627974657333322073616c7429603c8601528785013788370103018620835260e08320604052600116604201601e2092604119910301935b604052612f115761258c9033612f22565b612f11565b60015f5b016029600d82840301515f1a1484821011156125b357600190612595565b6028915080806040600e936f07fffffe000000000000010000000000970397886041199101010185378a0101538291612493565b949699505095505050610b6194505f907f983e65e5148e570cd828ead231ee759a8d7958721a768f93bc4483ba005c32de5f5260205260405f209161257b565b6040516342580cb760e11b815294505f85600481335afa80156114ac575f955f5f905f925f94612696575b50906001600160a01b039291604051996020815191012060408b01526020815191012060608a015260808901521660a087015260c086015260e08501604052612408565b925050506001600160a01b0396506126c091503d805f833e6126b881836109b1565b810190612366565b50939993945092909190612652565b92915f933a156126de57505050565b90919293503a3a5260203a3a386d378edcd5b5b0a24f5342d8c1048561fffffa503a511561271f575b610f99610b619361271733610d82565b933691610bcd565b60405192631626ba7e3a526d378edcd5b5b0a24f5342d8c1048560205260408052454561ffff011790815a106d378edcd5b5b0a24f5342d8c1048584141761278057610b6194610f99923a906064601c3a923090fa50604052935050612707565bfe5b906020611de96042936001600160a01b0384511660408501516060860151916080870151939290916001600160a01b0360c0959381604051967f6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c988521660208701521660408501526060840152608083015260a08201522090565b6040519060e0820182811067ffffffffffffffff8211176109ac57604052606060c0835f81525f60208201525f60408201525f838201525f60808201525f60a08201520152565b9190915f926040519181518060401461289c5760411461286357505050565b602092945060608201515f1a835260408201516060525b5f5201516040526020604060805f60015afa505f6060523d6060185191604052565b5060209294507f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff6040830151601b8160ff1c0185521660605261287a565b604051906128e782610990565b5f6020838281520152565b6128fa6128da565b5060208151916040519261290d84610990565b835201602082015290565b8051821015611ee05760209160051b010190565b6129358161304e565b15610123576129438161306e565b61294c81610fec565b9161295a60405193846109b1565b818352601f1961296983610fec565b015f5b8181106129e0575050602061298c910151612986816130cf565b90610e66565b5f905b82821061299c5750505090565b6129d8816129ab60019361313a565b906129b4610a02565b8281528160208201526129c78689612918565b526129d28588612918565b50610e66565b91019061298f565b6020906129eb6128da565b8282880101520161296c565b604051906080820182811067ffffffffffffffff8211176109ac57604052606080835f81525f60208201525f60408201520152565b60ff90612a376129f7565b501680612ab157506005600690612a93612a8d60079460ff612a85612a6f82612a7d612a6f82612a75612a6f8260089e5b168a612918565b516131b8565b9c1687612918565b981684612918565b941690612918565b51613269565b91612a9c610a11565b93845260208401526040830152606082015290565b600203612ae5576007600990612a93612a8d600a9460ff612a85612a6f82612a7d612a6f82612a75612a6f82600b9e612a68565b7f9d311602000000000000000000000000000000000000000000000000000000005f5260045ffd5b60258110612b6e57612b1e81613293565b7f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8116810361055357612b63612b5e610b6193612b689360011b906119a3565b611959565b610e4a565b60ff1690565b60018111612b6857601b81018091116105535760ff1690565b805191908290602001825e015f815290565b6001906001600160f81b0319610b61949360f81b1681520190612b87565b93612c119192612c07612bff612bf3612c1c9799612bec612be0612be5612be0612c1699613710565b61378c565b5192613710565b5190610e66565b612bec612be08b613710565b9185516119a3565b92839185516119a3565b6119a3565b91613373565b9160ff821660028103612c60575050612c56612c43610b6193612c3d610a3c565b906133f2565b916121dc60405193849260208401612b99565b6020815191012090565b909150612ae55760258110612cc557612cba610b6192612cc0612c8d612c88612c5695613293565b6132d1565b61123a612c9b612be061366b565b612cba612ca9612be061366b565b916040519788956020870190612b87565b90612b87565b6133f2565b50612c56610b6191612c3d610a3c565b6020815110612d69578051601f19810181811161055357612d0e90612cfa60016132dd565b612d076020855192610e66565b1115613328565b6040805160208101939092849291019083015b808310612d5657505060208252601f80199101166040525190519060208110612d48575090565b5f199060200360031b1b1690565b9091602080918451815201920190612d21565b7f6a0e9cd5000000000000000000000000000000000000000000000000000000005f5260045ffd5b90612d9b82610fec565b612da860405191826109b1565b8281528092612db9601f1991610fec565b0190602036910137565b60ff168015610553575f190190565b359060208110612d48575090565b60ff5f199116019060ff821161055357565b929190612e0160ff8316612d91565b93600b198201828111610553575f198101908111610553579291925b60ff8316612e2b5750505050565b612e6381612e4f612e4982612e42612e6996611968565b8988610ad0565b90612dd2565b612e5d60ff612a6888612de0565b52611968565b92612dc3565b91612e1d565b5f6001600160a01b03916004604051809481936342580cb760e11b8352165afa80156114ac576040915f91612ef0575b508151907f95e78ac088fa46a576911187c70ccdc0642491fdb90b2ed8674182c4aabca91d8252602081519101206020820152206719010000000000005f52601a52603a526042601820905f603a52565b612f0491503d805f833e6126b881836109b1565b505050505090505f612e9f565b610f99610b61939261271733610d82565b5f6001600160a01b03916004604051809481936342580cb760e11b8352165afa9081156114ac5760a0915f915f5f915f93612fc0575b50604051937f8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f855260208151910120602085015260208151910120604084015260608301526080820152206719010000000000005f52601a52603a526042601820905f603a52565b92505050612fd891503d805f833e6126b881836109b1565b509394509250905f612f58565b9291612ff360ff8216612d91565b935f198301838111610553575b60ff831661300e5750505050565b601f1981018181116105535761302c612e4961304893838887610ad0565b61304160ff61303a87612de0565b1689612918565b5292612dc3565b91613000565b80511561306957602060c0910151515f1a10611b3f57600190565b505f90565b805115613069575f9060208101908151613087816130cf565b8101809111610553579151905181018091116105535791905b8281106130ad5750905090565b6130b68161313a565b8101809111610553576130c9909161192e565b906130a0565b515f1a60808110156130e057505f90565b60b881108015613124575b156130f65750600190565b60c081101561311557610b61906131109060b75b906119a3565b610e3c565b610b61906131109060f761310a565b5060c081101580156130eb575060f881106130eb565b80515f1a90608082101561314f575050600190565b60b88210156131655750613110610b6191611986565b60c08210156131885760010151602082900360b7016101000a90040160b5190190565b60f882101561319e5750613110610b6191611977565b60010151602082900360f7016101000a90040160f5190190565b805180151590816131ee575b5015610123576131d3906132a5565b905190602081106131e2575090565b6020036101000a900490565b6021915011155f6131c4565b6040805190919061320b83826109b1565b60208152918290601f190190369060200137565b6040805190919061323083826109b1565b6001815291601f1901366020840137565b9061324b82610a20565b61325860405191826109b1565b8281528092612db9601f1991610a20565b8051156101235761327c610b61916132a5565b61328881939293613241565b9283602001906135da565b60221981019081116105535760011c90565b9060208201916132b583516130cf565b9251908382018092116105535751928303928311610553579190565b612be0610b6191613710565b156132e457565b606460405162461bcd60e51b815260206004820152600e60248201527f736c6963655f6f766572666c6f770000000000000000000000000000000000006044820152fd5b1561332f57565b606460405162461bcd60e51b815260206004820152601160248201527f736c6963655f6f75744f66426f756e64730000000000000000000000000000006044820152fd5b9161338381601f810110156132dd565b6133928351612d078385610e66565b806133aa575050506040515f81526020810160405290565b60405192601f821692831560051b80858701019484860193010101905b8084106133df5750508252601f01601f191660405290565b90926020809185518152019301906133c7565b61340d906121dc612cba936040519485936020850190612b87565b805190603882101561346157612cba916121dc610b61926001600160f81b031961344060c061343a61321f565b95610e66565b60f81b165f1a61344f8461364d565b535b6040519485936020850190612b87565b916001915f5b6134718483610df1565b1561348e576134826134889161192e565b93610e25565b92613467565b9092509290926134a56134a082610e3c565b613241565b926001600160f81b03196134c26134bd60c085610e66565b610e58565b60f81b165f1a6134d18561364d565b5360015b828111156134f057505050612cba916121dc610b6192613451565b806001600160f81b031961351b612b6861351561351061353196896119a3565b6135cb565b86610df1565b60f81b165f1a61352b828861365a565b5361192e565b6134d5565b905f5260205260405f209081548110156135555760010160051b015490565b638277484f5f526020526024601cfd5b905f5260205260405f209081548110156135555760010160051b0155565b905f5260205260405f2080549081156135c7575f198201918083116105535781548310156135b6575f9060051b82015555565b82638277484f5f526020526024601cfd5b5050565b601f8111610553576101000a90565b90918015613648575b602081101561361857806135f657505050565b61360561351061360a92611995565b61193c565b905182518216911916179052565b919080518252602081018091116105535790602081018091116105535791601f198101908111156135e357610ddd565b505050565b805115611ee05760200190565b908151811015611ee0570160200190565b6136736131fa565b905f60208301525f915b602083106136df575b6136926134a084611995565b905f5b82518110156136d8576001906136c56136b76136b08861192e565b978561365a565b516001600160f81b03191690565b5f1a6136d1828661365a565b5301613695565b5090925050565b916136fd6136f06136b7838661365a565b6001600160f81b03191690565b61370a576001019161367d565b91613686565b906137196131fa565b9160208301525f915b60208310613768575b6137376134a084611995565b905f5b82518110156136d8576001906137556136b76136b08861192e565b5f1a613761828661365a565b530161373a565b916137796136f06136b7838661365a565b6137865760010191613722565b9161372b565b8051600181149081613826575b50156137a25790565b6137ac815161383e565b6040519181518084526020840190840191602083019160208501905b8381106138165750508051809286518201875293019260208085019201905b8281106138065750509251603f91011590910101601f19166040525090565b81518152602091820191016137e7565b81518152602091820191016137c8565b905015611ee0576080602082015160f81c105f613799565b6038811015613876576001600160f81b0319613863608061385d61321f565b93610e66565b60f81b165f1a6138728261364d565b5390565b6001915f5b6138858484610df1565b1561389c576134826138969161192e565b9261387b565b9092506138ab6134a082610e3c565b916001600160f81b03196138c36134bd608085610e66565b60f81b165f1a6138d28461364d565b5360015b828111156138e45750505090565b806001600160f81b0319613904612b6861351561351061391496896119a3565b60f81b165f1a61352b828761365a565b6138d656fea164736f6c634300081b000a
Deployed Bytecode
0x60806040526004361015610011575f80fd5b5f3560e01c806306fdde03146101145780630807dbc11461010f5780632e5b63a61461010a57806354fd4d50146101055780635c81ca68146101005780636d61fe70146100fb5780638a91b0e3146100f6578063940d3840146100f157806397003203146100ec578063d60b347f146100e7578063d620c85a146100e2578063e824b568146100dd578063ecd05961146100d8578063f2fde38b146100d3578063f551e2ee146100ce5763fa544161146100c9575f80fd5b610949565b6108e9565b610851565b610819565b6107ea565b6107b0565b610762565b610609565b610558565b6104ae565b610356565b6102c8565b610271565b61022d565b6101ca565b610151565b5f91031261012357565b5f80fd5b602060409281835280519182918282860152018484015e5f828201840152601f01601f1916010190565b34610123575f366003190112610123576101a86040516101726040826109b1565b600e81527f4b314d656556616c696461746f72000000000000000000000000000000000000602082015260405191829182610127565b0390f35b6001600160a01b0381160361012357565b35906101c8826101ac565b565b346101235760403660031901126101235760206102226004356101ec816101ac565b6001600160a01b0360243591610201836101ac565b165f526002835260405f20906001600160a01b03165f5260205260405f2090565b541515604051908152f35b34610123576020366003190112610123576001600160a01b03600435610252816101ac565b165f525f60205260206001600160a01b0360405f205416604051908152f35b34610123575f366003190112610123576101a86040516102926040826109b1565b600581527f312e312e30000000000000000000000000000000000000000000000000000000602082015260405191829182610127565b34610123576020366003190112610123576102f76001600160a01b036004356102f0816101ac565b1633611847565b005b9181601f840112156101235782359167ffffffffffffffff8311610123576020838186019501011161012357565b6020600319820112610123576004359067ffffffffffffffff821161012357610352916004016102f9565b9091565b346101235761036436610327565b90811561048657610391336001600160a01b03165f525f6020526001600160a01b0360405f205416151590565b61045e576103b16103ab6103a58484610a50565b90610ae8565b60601c90565b6103c56001600160a01b0382161515610b28565b6103ce81610dc6565b61043657610418906103f0336001600160a01b03165f525f60205260405f2090565b906001600160a01b031673ffffffffffffffffffffffffffffffffffffffff19825416179055565b6014821161042257005b816102f79261043092610a5e565b90610e73565b7fa0b6c8e9000000000000000000000000000000000000000000000000000000005f5260045ffd5b7fe72ce85e000000000000000000000000000000000000000000000000000000005f5260045ffd5b7f1f2a381c000000000000000000000000000000000000000000000000000000005f5260045ffd5b34610123576104bc36610327565b5050335f525f60205260405f2073ffffffffffffffffffffffffffffffffffffffff198154169055335f52600160205260405f20546001905b808211156104ff57005b8181039181831161055357335f52600160205260405f2080548410156105425761053690600161053c94950160051b0154336121f2565b5061192e565b906104f5565b83638277484f5f526020526024601cfd5b610ddd565b346101235760603660031901126101235760043560243567ffffffffffffffff81116101235761058c9036906004016102f9565b60443567ffffffffffffffff8111610123576105ac9036906004016102f9565b601481949294106105e157601411610123576101a8936105cf933560601c610eff565b60405190151581529081906020820190565b7fdfe93090000000000000000000000000000000000000000000000000000000005f5260045ffd5b346101235760403660031901126101235760043567ffffffffffffffff811161012357806004016101206003198336030112610123576101a89160243561010461065a61065585610b57565b610d82565b92019260046106698583610b64565b9050105f1461069f5761068261068f9461068992610b64565b3691610bcd565b90610f9f565b6040519081529081906020820190565b6001600160e01b03196106c46106be6106b88785610b64565b90610a7b565b90610b97565b16620bbf7760e91b81036106f557506106e36106f0946106ea92610b64565b8091610a89565b916115a8565b61068f565b63177eee0160e01b810361072f575080846107216107196106f09761072995610b64565b929093610b64565b929050610a89565b916114eb565b630bbf770160e11b03610752576106e36106f09461074c92610b64565b91611168565b6106826106f09461068992610b64565b346101235760203660031901126101235760206107a6600435610784816101ac565b6001600160a01b03165f525f6020526001600160a01b0360405f205416151590565b6040519015158152f35b34610123575f3660031901126101235760206040517fd620c85a000000000000000000000000000000000000000000000000000000008152f35b34610123576020366003190112610123576102f76001600160a01b03600435610812816101ac565b16336121f2565b3461012357602036600319011261012357602060043560018114908115610846575b506040519015158152f35b60079150145f61083b565b346101235760203660031901126101235760043561086e816101ac565b6001600160a01b038116156108c15761088681610dc6565b610436576102f790335f525f60205260405f20906001600160a01b031673ffffffffffffffffffffffffffffffffffffffff19825416179055565b7f8579befe000000000000000000000000000000000000000000000000000000005f5260045ffd5b3461012357606036600319011261012357600435610906816101ac565b60443560243567ffffffffffffffff82116101235760209261092f6109379336906004016102f9565b929091610c69565b6001600160e01b031960405191168152f35b3461012357602036600319011261012357602061096b600435610655816101ac565b6001600160a01b0360405191168152f35b634e487b7160e01b5f52604160045260245ffd5b6040810190811067ffffffffffffffff8211176109ac57604052565b61097c565b90601f8019910116810190811067ffffffffffffffff8211176109ac57604052565b604051906101c86101a0836109b1565b604051906101c8610120836109b1565b604051906101c860e0836109b1565b604051906101c86040836109b1565b604051906101c86080836109b1565b67ffffffffffffffff81116109ac57601f01601f191660200190565b60405190610a4b6020836109b1565b5f8252565b906014116101235790601490565b909291928360141161012357831161012357601401916013190190565b906004116101235790600490565b909291928360041161012357831161012357600401916003190190565b906003116101235790600390565b909291928360011161012357831161012357600101915f190190565b90939293848311610123578411610123578101920390565b356bffffffffffffffffffffffff19811692919060148210610b08575050565b6bffffffffffffffffffffffff1960149290920360031b82901b16169150565b15610b2f57565b7fc81abf60000000000000000000000000000000000000000000000000000000005f5260045ffd5b35610b61816101ac565b90565b903590601e1981360301821215610123570180359067ffffffffffffffff82116101235760200191813603831361012357565b919091356001600160e01b031981169260048110610bb3575050565b6001600160e01b0319929350829060040360031b1b161690565b929192610bd982610a20565b91610be760405193846109b1565b829481845281830111610123578281602093845f960137010152565b919091357fffffff000000000000000000000000000000000000000000000000000000000081169260038110610c37575050565b7fffffff0000000000000000000000000000000000000000000000000000000000929350829060030360031b1b161690565b909183158015610d3e575b15610c8e57610b6193610c8691611683565b9290916116b5565b9050826001600160e01b0319610caa6106be610cde9685610a7b565b16630bbf770160e11b8114908115610d2d575b50610d13575b610cd690610cd033610d82565b92611683565b929091610eff565b15610d07577f1626ba7e0000000000000000000000000000000000000000000000000000000090565b6001600160e01b031990565b6040519283523360601b6020840152603490922091610cc3565b63177eee0160e01b9150145f610cbd565b50620bbf7760e91b7fffffff0000000000000000000000000000000000000000000000000000000000610d7a610d748785610aa6565b90610c03565b161415610c74565b6001600160a01b0381165f525f6020526001600160a01b0360405f20541680155f14610dac575090565b905090565b6001600160a01b03610b6192169060016118ce565b3b8015159081610dd4575090565b60179150141590565b634e487b7160e01b5f52601160045260245ffd5b8115610dfb570490565b634e487b7160e01b5f52601260045260245ffd5b908160051b918083046020149015171561055357565b908160081b91808304610100149015171561055357565b906001820180921161055357565b90601b820180921161055357565b906037820180921161055357565b9190820180921161055357565b9060148106610ed7575f5b601482048110610e8d57505050565b806014029060148204810361055357610ea581610e3c565b8060140290601482040361055357610eca6103ab6103a5610ed093600196888a610ad0565b33610db1565b5001610e7e565b7f1c6b73d6000000000000000000000000000000000000000000000000000000005f5260045ffd5b91929092816004116101235780356001600160e01b031916620bbf7760e91b8103610f3d575081610b61949392610f3592610a89565b929091611cb2565b63177eee0160e01b8103610f64575081610b61949392610f5c92610a89565b929091611b43565b630bbf770160e11b03610f895781610b61949392610f8192610a89565b929091611a86565b610f9990610b6194923691610bcd565b91611d00565b610fa892611d00565b15610fb1575f90565b600190565b3590811515820361012357565b359065ffffffffffff8216820361012357565b60ff81160361012357565b35906101c882610fd6565b67ffffffffffffffff81116109ac5760051b60200190565b92919061101081610fec565b9361101e60405195866109b1565b602085838152019160051b810192831161012357905b82821061104057505050565b8135815260209182019101611034565b9080601f8301121561012357816020610b6193359101611004565b6101a0813603126101235761107e6109d3565b90611088816101bd565b8252611096602082016101bd565b60208301526040810135604083015260608101356060830152608081013560808301526110c560a08201610fb6565b60a083015260c081013560c08301526110e060e08201610fc3565b60e08301526110f26101008201610fc3565b6101008301526111056101208201610fe1565b6101208301526101408101356101408301526101608101356101608301526101808101359067ffffffffffffffff82116101235761114591369101611050565b61018082015290565b6040513d5f823e3d90fd5b90816020910312610123575190565b9291506111779060200161106b565b60e08101916111d46111cb611192855165ffffffffffff1690565b61010085019665ffffffffffff806111b08a5165ffffffffffff1690565b16921691606092604051928352602083015260408201522090565b5f5260205f2090565b6111de8383611d6b565b92610140810180519061125261124e61016085019788519061124861012088019661123a61120d895160ff1690565b6040519586936020850191926041936001600160f81b0319928452602084015260f81b1660408201520190565b03601f1981018452836109b1565b88611d00565b1590565b6114de5761127061124e6101808501519560c0860196875190611e22565b6114de5760a08301516112c8575b5050505050506112a761129a610b61935165ffffffffffff1690565b915165ffffffffffff1690565b6001600160d01b031965ffffffffffff60a01b9160d01b169160a01b161790565b6112e86112dc84516001600160a01b031690565b6001600160a01b031690565b9360208401946112ff86516001600160a01b031690565b60608601986113138a519451965160ff1690565b9451905190833b15610123576113965f96928b9288946040519a8b998a9889977fd505accf000000000000000000000000000000000000000000000000000000008952600489019360c09591989796936001600160a01b0360ff948160e089019c1688521660208701526040860152606085015216608083015260a08201520152565b03925af190816114c4575b506114b157916020916113d96113cb6112dc6112dc6112dc6114269998516001600160a01b031690565b91516001600160a01b031690565b6040517fdd62ed3e0000000000000000000000000000000000000000000000000000000081526001600160a01b039384166004820152921660248301529093849190829081906044820190565b03915afa9182156114ac575f9261147b575b505111611453576112a761129a610b61935b935f808061127e565b7fb78cb0dd000000000000000000000000000000000000000000000000000000005f5260045ffd5b61149e91925060203d6020116114a5575b61149681836109b1565b810190611159565b905f611438565b503d61148c565b61114e565b505050506112a761129a610b619361144a565b806114d25f6114d8936109b1565b80610119565b5f6113a1565b5050505050505050600190565b92916114f691611f27565b9060e082019161156261124e6115366111cb611518875165ffffffffffff1690565b61010086019865ffffffffffff806111b08c5165ffffffffffff1690565b9360408401519061155760608601519261123a61120d602089015160ff1690565b608085015190611d00565b61159f5761157e918160a060c061124e94015191015190611e22565b611598576112a761129a610b61935165ffffffffffff1690565b5050600190565b50505050600190565b929091506040820135820161163460608401358401916080850135948560801c966020833593019161162d6020820135928a6fffffffffffffffffffffffffffffffff8b16919091608092604051927fa893e832cd40f0161a05fdeee70845d347394fb92e8ffc59e56e6b2d3760545484526020840152604083015260608201522090565b9035612105565b9182156116795761165392610f9961124e933690602081359101610bcd565b6115985760a01b65ffffffffffff60a01b1660d09190911b6001600160d01b0319161790565b5050505050600190565b9182828101601f19013561649261ffff30801c190402146116a15750565b604091935080925001350160208135910191565b92919082156117e2575b7f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a06020830135116117ba576001600160a01b035f94166dd9ecebf3c23529de49815dac1c4c81149081156117b0575b8115611780575b50611760575b831561174d575b831561173b575b505050155f03631626ba7e1760e01b90565b61174593506126cf565b5f8080611729565b925061175a8282856123fe565b92611722565b925061177a61176e33610d82565b84610f99368686610bcd565b9261171b565b90505f5260026020526117a73360405f20906001600160a01b03165f5260205260405f2090565b5415155f611715565b338114915061170e565b7f8baa579f000000000000000000000000000000000000000000000000000000005f5260045ffd5b61773961ffff8419040281036116bf57505050507f773900010000000000000000000000000000000000000000000000000000000090565b600190611841935f520160205260405f20906001600160a01b03165f5260205260405f2090565b54151590565b815f526001800160205261186f8160405f20906001600160a01b03165f5260205260405f2090565b546118c857806118c2915f52600160205260405f20600181540190848260051b82015555805f52600160205260405f2054925f52600260205260405f20906001600160a01b03165f5260205260405f2090565b55600190565b50505f90565b906118da83828461181a565b611927575f81815260208390526040902080546001908101600581901b8301869055918290556118c2939091945f520160205260405f20906001600160a01b03165f5260205260405f2090565b5050505f90565b5f1981146105535760010190565b5f1981019190821161055357565b60051981019190821161055357565b60221981019190821161055357565b601f1981019190821161055357565b60bf1981019190821161055357565b607f1981019190821161055357565b602003906020821161055357565b9190820391821161055357565b91909161012081840312610123576119c66109e3565b926119d0826101bd565b845260208201356020850152604082013560408501526060820135606085015260808201356080850152611a0660a08301610fe1565b60a085015260c082013560c085015260e082013560e085015261010082013567ffffffffffffffff811161012357611a3e9201611050565b610100830152565b35610b6181610fd6565b903590601e1981360301821215610123570180359067ffffffffffffffff821161012357602001918160051b3603831361012357565b919250611b0561124e6020850193611aa7611aa136876119b0565b82612782565b61010087013591611b0060e0890135611af2611ac560c08c01611a46565b6040519687936020850191926041936001600160f81b0319928452602084015260f81b1660408201520190565b03601f1981018552846109b1565b611d00565b6119275760a0611b3184611b2461124e95610120611b36980190611a50565b9390910135923691611004565b611e22565b611b3f57600190565b5f90565b611b4b6127fd565b50611b568484611ed7565b3560f81c92611b648561193c565b611b6f908683611ee5565b3560f81c611b7c81610e0f565b611b8590610e3c565b611b8f90876119a3565b611b9a908784610ab4565b909290611ba8368286610bcd565b611bb1906128f2565b91611bbb8361292c565b611bc59089612a2c565b93888551611bd290612b0d565b9360208701978851986040890191825198611bec906132a5565b9190508a5192519351943690611c0192610bcd565b611c0a95612bb7565b9460600151611c1890612cd5565b99611c2292612fe5565b96611c2b6109f3565b60ff918216815291166020820181905260408201859052606082018390526080820193845260a0820198895260c090910196875260408051602081019590955284019190915260f81b6001600160f81b031916606083015260418252611c926061836109b1565b51611c9c92611d00565b1561192757611b369261124e9251905190611e22565b919250611cdc90604084013584019060608501358501946020833593019160208201359135612105565b801561192757610f99611cf6933690602081359101610bcd565b15611b3f57600190565b906001600160a01b03929183611d168484612844565b911693168314611d63576001600160a01b0391611d59916020527b19457468657265756d205369676e6564204d6573736167653a0a33325f52603c600420612844565b1614610fb1575f90565b505050600190565b906040611de96042936001600160a01b03602085015116606085015160808601519160c0870151939290916001600160a01b0360c0959381604051967f6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c988521660208701521660408501526060840152608083015260a08201522090565b91015190604051917f19010000000000000000000000000000000000000000000000000000000000008352600283015260228201522090565b909181519182611e34575b5090501490565b8060208092019360051b0101905b8251811160051b90815260208351911852602060405f20920191818310611e4257915050805f611e2d565b60405190610120820182811067ffffffffffffffff8211176109ac576040525f610100838281528260208201528260408201528260608201528260808201528260a0820152606060c08201528260e08201520152565b634e487b7160e01b5f52603260045260245ffd5b9015611ee05790565b611ec3565b90821015611ee0570190565b919091356001600160d01b031981169260068110611f0d575050565b6001600160d01b0319929350829060060360031b1b161690565b611f2f611e6d565b50611f3a8282611ed7565b3560f81c91600c91611f4c83836119a3565b611f558361194a565b611f60918484610ad0565b611f6991611ef1565b60d01c9180611f778161194a565b90611f83918185610ad0565b611f8c91611ef1565b60d01c93611f9a81836119a3565b611fa39061193c565b611fae908385611ee5565b3560f81c90611fbc82610e0f565b611fc590610e3c565b90611fcf91610e66565b611fd990836119a3565b611fe4908385610ab4565b9390611ff1368683610bcd565b611ffa906128f2565b916120048361292c565b61200e908a612a2c565b9389855161201b90612b0d565b9760208701948551956040890191825198612035906132a5565b9190508a519251935194369061204a92610bcd565b61205395612bb7565b946060015161206190612cd5565b9561206b92612df2565b946120746109e3565b60ff909916895260ff16602089015260408801526060870152608086015260a085015260c084015265ffffffffffff1660e083015265ffffffffffff1661010082015290565b9190811015611ee05760051b0190565b9081527f07ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff83116101235760209260051b809284830137010190565b9392916121139084846120ba565b3514612120575050505f90565b7f07bdf0267970db0d5b9acc9d9fa8ef0cbb5b543fb897017542bfb306f5e46ad083036121bf576121608290604051828193825260010160051b01604052565b915f5b81811061219857505050610b6191612185612192926020815160051b91012090565b905f5260205260405f2090565b33612e6f565b806121b86121a960019385876120ba565b356001830160051b8701528590565b5001612163565b906121ea610b6193926121dc6040519384926020840196876120ca565b03601f1981018352826109b1565b519020612192565b90805f5260026020526122198260405f20906001600160a01b03165f5260205260405f2090565b54918215611927575f19830191838311610553575f828152600160205260409020545f19810191908211610553575f94848484612278956118c2980361228e575b50905061226991506001613583565b6002905f5260205260405f2090565b906001600160a01b03165f5260205260405f2090565b6122ae926122696122a461227893856001613536565b8092856001613565565b555f80848161225a565b81601f82011215610123578051906122cf82610a20565b926122dd60405194856109b1565b8284526020838301011161012357815f9260208093018386015e8301015290565b51906101c8826101ac565b9080601f8301121561012357815161232081610fec565b9261232e60405194856109b1565b81845260208085019260051b82010192831161012357602001905b8282106123565750505090565b8151815260209182019101612349565b9060e0828203126101235781516001600160f81b0319811681036101235792602083015167ffffffffffffffff811161012357826123a59185016122b8565b92604081015167ffffffffffffffff811161012357836123c69183016122b8565b926060820151926123d9608084016122fe565b9260a08101519260c082015167ffffffffffffffff811161012357610b619201612309565b9092309330612627575b60405190600119858201013560f01c94600e830196869187810384016041198101976119015f5260408960203789158a604201841017816042601e2018176125e757507f5479706564446174615369676e2800000000000000000000000000000000000086526001198101999889818c82378188016028600e8201526029600d8201515f1a03612591575b506f07fffffe000000000000010000000000919250999899515f1a1c5b88515f1a602881146124d15790651201000000016001921c179801976124b0565b50929496999086986040610b619b83605c96989a957f20636f6e74656e74732c737472696e67206e616d652c737472696e670000000085527f2076657273696f6e2c75696e7432353620636861696e49642c61646472657373601c8601527f20766572696679696e67436f6e74726163742c627974657333322073616c7429603c8601528785013788370103018620835260e08320604052600116604201601e2092604119910301935b604052612f115761258c9033612f22565b612f11565b60015f5b016029600d82840301515f1a1484821011156125b357600190612595565b6028915080806040600e936f07fffffe000000000000010000000000970397886041199101010185378a0101538291612493565b949699505095505050610b6194505f907f983e65e5148e570cd828ead231ee759a8d7958721a768f93bc4483ba005c32de5f5260205260405f209161257b565b6040516342580cb760e11b815294505f85600481335afa80156114ac575f955f5f905f925f94612696575b50906001600160a01b039291604051996020815191012060408b01526020815191012060608a015260808901521660a087015260c086015260e08501604052612408565b925050506001600160a01b0396506126c091503d805f833e6126b881836109b1565b810190612366565b50939993945092909190612652565b92915f933a156126de57505050565b90919293503a3a5260203a3a386d378edcd5b5b0a24f5342d8c1048561fffffa503a511561271f575b610f99610b619361271733610d82565b933691610bcd565b60405192631626ba7e3a526d378edcd5b5b0a24f5342d8c1048560205260408052454561ffff011790815a106d378edcd5b5b0a24f5342d8c1048584141761278057610b6194610f99923a906064601c3a923090fa50604052935050612707565bfe5b906020611de96042936001600160a01b0384511660408501516060860151916080870151939290916001600160a01b0360c0959381604051967f6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c988521660208701521660408501526060840152608083015260a08201522090565b6040519060e0820182811067ffffffffffffffff8211176109ac57604052606060c0835f81525f60208201525f60408201525f838201525f60808201525f60a08201520152565b9190915f926040519181518060401461289c5760411461286357505050565b602092945060608201515f1a835260408201516060525b5f5201516040526020604060805f60015afa505f6060523d6060185191604052565b5060209294507f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff6040830151601b8160ff1c0185521660605261287a565b604051906128e782610990565b5f6020838281520152565b6128fa6128da565b5060208151916040519261290d84610990565b835201602082015290565b8051821015611ee05760209160051b010190565b6129358161304e565b15610123576129438161306e565b61294c81610fec565b9161295a60405193846109b1565b818352601f1961296983610fec565b015f5b8181106129e0575050602061298c910151612986816130cf565b90610e66565b5f905b82821061299c5750505090565b6129d8816129ab60019361313a565b906129b4610a02565b8281528160208201526129c78689612918565b526129d28588612918565b50610e66565b91019061298f565b6020906129eb6128da565b8282880101520161296c565b604051906080820182811067ffffffffffffffff8211176109ac57604052606080835f81525f60208201525f60408201520152565b60ff90612a376129f7565b501680612ab157506005600690612a93612a8d60079460ff612a85612a6f82612a7d612a6f82612a75612a6f8260089e5b168a612918565b516131b8565b9c1687612918565b981684612918565b941690612918565b51613269565b91612a9c610a11565b93845260208401526040830152606082015290565b600203612ae5576007600990612a93612a8d600a9460ff612a85612a6f82612a7d612a6f82612a75612a6f82600b9e612a68565b7f9d311602000000000000000000000000000000000000000000000000000000005f5260045ffd5b60258110612b6e57612b1e81613293565b7f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8116810361055357612b63612b5e610b6193612b689360011b906119a3565b611959565b610e4a565b60ff1690565b60018111612b6857601b81018091116105535760ff1690565b805191908290602001825e015f815290565b6001906001600160f81b0319610b61949360f81b1681520190612b87565b93612c119192612c07612bff612bf3612c1c9799612bec612be0612be5612be0612c1699613710565b61378c565b5192613710565b5190610e66565b612bec612be08b613710565b9185516119a3565b92839185516119a3565b6119a3565b91613373565b9160ff821660028103612c60575050612c56612c43610b6193612c3d610a3c565b906133f2565b916121dc60405193849260208401612b99565b6020815191012090565b909150612ae55760258110612cc557612cba610b6192612cc0612c8d612c88612c5695613293565b6132d1565b61123a612c9b612be061366b565b612cba612ca9612be061366b565b916040519788956020870190612b87565b90612b87565b6133f2565b50612c56610b6191612c3d610a3c565b6020815110612d69578051601f19810181811161055357612d0e90612cfa60016132dd565b612d076020855192610e66565b1115613328565b6040805160208101939092849291019083015b808310612d5657505060208252601f80199101166040525190519060208110612d48575090565b5f199060200360031b1b1690565b9091602080918451815201920190612d21565b7f6a0e9cd5000000000000000000000000000000000000000000000000000000005f5260045ffd5b90612d9b82610fec565b612da860405191826109b1565b8281528092612db9601f1991610fec565b0190602036910137565b60ff168015610553575f190190565b359060208110612d48575090565b60ff5f199116019060ff821161055357565b929190612e0160ff8316612d91565b93600b198201828111610553575f198101908111610553579291925b60ff8316612e2b5750505050565b612e6381612e4f612e4982612e42612e6996611968565b8988610ad0565b90612dd2565b612e5d60ff612a6888612de0565b52611968565b92612dc3565b91612e1d565b5f6001600160a01b03916004604051809481936342580cb760e11b8352165afa80156114ac576040915f91612ef0575b508151907f95e78ac088fa46a576911187c70ccdc0642491fdb90b2ed8674182c4aabca91d8252602081519101206020820152206719010000000000005f52601a52603a526042601820905f603a52565b612f0491503d805f833e6126b881836109b1565b505050505090505f612e9f565b610f99610b61939261271733610d82565b5f6001600160a01b03916004604051809481936342580cb760e11b8352165afa9081156114ac5760a0915f915f5f915f93612fc0575b50604051937f8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f855260208151910120602085015260208151910120604084015260608301526080820152206719010000000000005f52601a52603a526042601820905f603a52565b92505050612fd891503d805f833e6126b881836109b1565b509394509250905f612f58565b9291612ff360ff8216612d91565b935f198301838111610553575b60ff831661300e5750505050565b601f1981018181116105535761302c612e4961304893838887610ad0565b61304160ff61303a87612de0565b1689612918565b5292612dc3565b91613000565b80511561306957602060c0910151515f1a10611b3f57600190565b505f90565b805115613069575f9060208101908151613087816130cf565b8101809111610553579151905181018091116105535791905b8281106130ad5750905090565b6130b68161313a565b8101809111610553576130c9909161192e565b906130a0565b515f1a60808110156130e057505f90565b60b881108015613124575b156130f65750600190565b60c081101561311557610b61906131109060b75b906119a3565b610e3c565b610b61906131109060f761310a565b5060c081101580156130eb575060f881106130eb565b80515f1a90608082101561314f575050600190565b60b88210156131655750613110610b6191611986565b60c08210156131885760010151602082900360b7016101000a90040160b5190190565b60f882101561319e5750613110610b6191611977565b60010151602082900360f7016101000a90040160f5190190565b805180151590816131ee575b5015610123576131d3906132a5565b905190602081106131e2575090565b6020036101000a900490565b6021915011155f6131c4565b6040805190919061320b83826109b1565b60208152918290601f190190369060200137565b6040805190919061323083826109b1565b6001815291601f1901366020840137565b9061324b82610a20565b61325860405191826109b1565b8281528092612db9601f1991610a20565b8051156101235761327c610b61916132a5565b61328881939293613241565b9283602001906135da565b60221981019081116105535760011c90565b9060208201916132b583516130cf565b9251908382018092116105535751928303928311610553579190565b612be0610b6191613710565b156132e457565b606460405162461bcd60e51b815260206004820152600e60248201527f736c6963655f6f766572666c6f770000000000000000000000000000000000006044820152fd5b1561332f57565b606460405162461bcd60e51b815260206004820152601160248201527f736c6963655f6f75744f66426f756e64730000000000000000000000000000006044820152fd5b9161338381601f810110156132dd565b6133928351612d078385610e66565b806133aa575050506040515f81526020810160405290565b60405192601f821692831560051b80858701019484860193010101905b8084106133df5750508252601f01601f191660405290565b90926020809185518152019301906133c7565b61340d906121dc612cba936040519485936020850190612b87565b805190603882101561346157612cba916121dc610b61926001600160f81b031961344060c061343a61321f565b95610e66565b60f81b165f1a61344f8461364d565b535b6040519485936020850190612b87565b916001915f5b6134718483610df1565b1561348e576134826134889161192e565b93610e25565b92613467565b9092509290926134a56134a082610e3c565b613241565b926001600160f81b03196134c26134bd60c085610e66565b610e58565b60f81b165f1a6134d18561364d565b5360015b828111156134f057505050612cba916121dc610b6192613451565b806001600160f81b031961351b612b6861351561351061353196896119a3565b6135cb565b86610df1565b60f81b165f1a61352b828861365a565b5361192e565b6134d5565b905f5260205260405f209081548110156135555760010160051b015490565b638277484f5f526020526024601cfd5b905f5260205260405f209081548110156135555760010160051b0155565b905f5260205260405f2080549081156135c7575f198201918083116105535781548310156135b6575f9060051b82015555565b82638277484f5f526020526024601cfd5b5050565b601f8111610553576101000a90565b90918015613648575b602081101561361857806135f657505050565b61360561351061360a92611995565b61193c565b905182518216911916179052565b919080518252602081018091116105535790602081018091116105535791601f198101908111156135e357610ddd565b505050565b805115611ee05760200190565b908151811015611ee0570160200190565b6136736131fa565b905f60208301525f915b602083106136df575b6136926134a084611995565b905f5b82518110156136d8576001906136c56136b76136b08861192e565b978561365a565b516001600160f81b03191690565b5f1a6136d1828661365a565b5301613695565b5090925050565b916136fd6136f06136b7838661365a565b6001600160f81b03191690565b61370a576001019161367d565b91613686565b906137196131fa565b9160208301525f915b60208310613768575b6137376134a084611995565b905f5b82518110156136d8576001906137556136b76136b08861192e565b5f1a613761828661365a565b530161373a565b916137796136f06136b7838661365a565b6137865760010191613722565b9161372b565b8051600181149081613826575b50156137a25790565b6137ac815161383e565b6040519181518084526020840190840191602083019160208501905b8381106138165750508051809286518201875293019260208085019201905b8281106138065750509251603f91011590910101601f19166040525090565b81518152602091820191016137e7565b81518152602091820191016137c8565b905015611ee0576080602082015160f81c105f613799565b6038811015613876576001600160f81b0319613863608061385d61321f565b93610e66565b60f81b165f1a6138728261364d565b5390565b6001915f5b6138858484610df1565b1561389c576134826138969161192e565b9261387b565b9092506138ab6134a082610e3c565b916001600160f81b03196138c36134bd608085610e66565b60f81b165f1a6138d28461364d565b5360015b828111156138e45750505090565b806001600160f81b0319613904612b6861351561351061391496896119a3565b60f81b165f1a61352b828761365a565b6138d656fea164736f6c634300081b000a
Loading...
Loading
Loading...
Loading
0x0000000055C766a7060797FBc7Be40c08B296b72
Multichain Portfolio | 34 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|
Loading...
Loading
Loading...
Loading
Loading...
Loading
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.