Add signature argument to internal _validateUserOp in Account.sol (#5976)

Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>

Author: ernestognw

CHANGELOG.md

@@ -11,7 +11,8 @@
 - `SignerERC7702` is renamed as `SignerEIP7702`. Imports and inheritance must be updated to that new name and path. Behavior is unmodified.
 - `ERC721Holder`, `ERC1155Holder`, `ReentrancyGuard` and `ReentrancyGuardTransient` are flagged as stateless and are no longer transpiled. Developers using their upgradeable variants from `@openzeppelin/contracts-upgradeable` must update their imports to use the equivalent version available in `@openzeppelin/contracts`.
 - Update minimum pragma to 0.8.24 in `Votes`, `VotesExtended`, `ERC20Votes`, `Strings`, `ERC1155URIStorage`, `MessageHashUtils`, `ERC721URIStorage`, `ERC721Votes`, `ERC721Wrapper`, `ERC721Burnable`, `ERC721Consecutive`, `ERC721Enumerable`, `ERC721Pausable`, `ERC721Royalty`, `ERC721Wrapper`, `EIP712`, `ERC4626` and `ERC7739`. ([#5726](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5726))
-- `AccountERC7579`: Installing and uninstalling fallback modules now require the corresponding `initData` and `deInitData` arguments to be at least 4 bytes long (matching the selector to which the fallback module is registered). It now reverts with `ERC7579CannotDecodeFallbackData` instead of treating the missing bytes as `0x00`.
+- `Account`: Add `signature` argument to the internal `_validateUserOp` function for custom signature handling logic. Developers overriding it must now provide the signature from the user operation (i.e. `userOp.signature`) to keep compatibility. ([#5976](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5976))
+- `AccountERC7579`: Installing and uninstalling fallback modules now require the corresponding `initData` and `deInitData` arguments to be at least 4 bytes long (matching the selector to which the fallback module is registered). It now reverts with `ERC7579CannotDecodeFallbackData` instead of treating the missing bytes as `0x00`. ([#5974](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5974))
 
 ### Deprecation
 

contracts/account/Account.sol

@@ -75,7 +75,7 @@ abstract contract Account is AbstractSigner, IAccount {
         bytes32 userOpHash,
         uint256 missingAccountFunds
     ) public virtual onlyEntryPoint returns (uint256) {
-        uint256 validationData = _validateUserOp(userOp, userOpHash);
+        uint256 validationData = _validateUserOp(userOp, userOpHash, userOp.signature);
         _payPrefund(missingAccountFunds);
         return validationData;
     }
@@ -84,15 +84,21 @@ abstract contract Account is AbstractSigner, IAccount {
      * @dev Returns the validationData for a given user operation. By default, this checks the signature of the
      * signable hash (produced by {_signableUserOpHash}) using the abstract signer ({AbstractSigner-_rawSignatureValidation}).
      *
+     * The `signature` parameter is taken directly from the user operation's `signature` field.
+     * This design enables derived contracts to implement custom signature handling logic,
+     * such as embedding additional data within the signature and processing it by overriding this function
+     * and optionally invoking `super`.
+     *
      * NOTE: The userOpHash is assumed to be correct. Calling this function with a userOpHash that does not match the
      * userOp will result in undefined behavior.
      */
     function _validateUserOp(
         PackedUserOperation calldata userOp,
-        bytes32 userOpHash
+        bytes32 userOpHash,
+        bytes calldata signature
     ) internal virtual returns (uint256) {
         return
-            _rawSignatureValidation(_signableUserOpHash(userOp, userOpHash), userOp.signature)
+            _rawSignatureValidation(_signableUserOpHash(userOp, userOpHash), signature)
                 ? ERC4337Utils.SIG_VALIDATION_SUCCESS
                 : ERC4337Utils.SIG_VALIDATION_FAILED;
     }

contracts/account/extensions/draft-AccountERC7579.sol

@@ -210,13 +210,14 @@ abstract contract AccountERC7579 is Account, IERC1271, IERC7579Execution, IERC75
      */
     function _validateUserOp(
         PackedUserOperation calldata userOp,
-        bytes32 userOpHash
+        bytes32 userOpHash,
+        bytes calldata signature
     ) internal virtual override returns (uint256) {
         address module = _extractUserOpValidator(userOp);
         return
             isModuleInstalled(MODULE_TYPE_VALIDATOR, module, Calldata.emptyBytes())
                 ? IERC7579Validator(module).validateUserOp(userOp, _signableUserOpHash(userOp, userOpHash))
-                : super._validateUserOp(userOp, userOpHash);
+                : super._validateUserOp(userOp, userOpHash, signature);
     }
 
     /**

contracts/mocks/account/AccountMock.sol

@@ -102,9 +102,10 @@ abstract contract AccountERC7702WithModulesMock is
 {
     function _validateUserOp(
         PackedUserOperation calldata userOp,
-        bytes32 userOpHash
+        bytes32 userOpHash,
+        bytes calldata signature
     ) internal virtual override(Account, AccountERC7579) returns (uint256) {
-        return super._validateUserOp(userOp, userOpHash);
+        return super._validateUserOp(userOp, userOpHash, signature);
     }
 
     /// @dev Resolve implementation of ERC-1271 by both ERC7739 and AccountERC7579 to support both schemes.