Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rework Safe Signer Launchpad #377

Merged
merged 4 commits into from
May 10, 2024
Merged

Rework Safe Signer Launchpad #377

merged 4 commits into from
May 10, 2024

Conversation

nlordell
Copy link
Collaborator

@nlordell nlordell commented Apr 10, 2024
edited
Loading

This PR does a rework of some of the implementation details of the SafeSignerLaunchpad contract in light of some observations from the previous PR #376.

Namely, this changes the initialization process to work in a slightly different way:

  1. Set the target singleton to a special slot when the entry point executes the initCode for the account. Safe setup also happens at this point, meaning that any DELEGATECALL to the Safe singleton should work and be valid.
  2. Signature verification checks that the account is an owner. This has the side-effect that you can initialize an account with multiple custom ECDSA owners and use any of them to sign the first user operation.
  3. Promote the Safe to the singleton that was previously in storage.

The main difference with the previous flow is that we no longer have two separate setup initializers that we DELEGATECALL to. Additionally, we added checks that prevent double initialization as well as reentrency issues in the execution function.

In addition, this also opens up a pretty clear path for supporting multiple owners with the launchpad as the account has already undergone "regular" Safe setup. This is relevant for #372.

Unit tests in order to reach 100% coverage will be introduced in a follow up.

@nlordell nlordell requested a review from a team as a code owner April 10, 2024 13:50
@nlordell nlordell requested review from akshay-ap, mmv08 and remedcu and removed request for a team April 10, 2024 13:50
@nlordell nlordell changed the title Reword Safe Signer Launchpad Rework Safe Signer Launchpad Apr 12, 2024
@nlordell nlordell mentioned this pull request Apr 12, 2024
Closed
@nlordell nlordell self-assigned this Apr 12, 2024
Base automatically changed from 308/add-nat-spec to main April 12, 2024 11:10
@akshay-ap akshay-ap mentioned this pull request Apr 23, 2024
Closed
This was referenced Apr 26, 2024
Closed
Closed
@nlordell nlordell requested a review from mmv08 May 5, 2024 19:48
@nlordell
Copy link
Collaborator Author

nlordell commented May 5, 2024

@remedcu and @akshay-ap - this is ready for review.

@coveralls
Copy link

coveralls commented May 5, 2024
edited
Loading

Pull Request Test Coverage Report for Build 9031302657

Details

  • 29 of 40 (72.5%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-1.9%) to 86.264%
Changes Missing Coverage Covered Lines Changed/Added Lines %
modules/passkey/contracts/4337/SafeSignerLaunchpad.sol 29 40 72.5%
Totals Coverage Status
Change from base Build 9031211580: -1.9%
Covered Lines: 121
Relevant Lines: 132
💛 - Coveralls

@akshay-ap
Copy link
Member

Approved. The documentation needs to be updated as per new implementation which will be handled in a separate PR.

@nlordell
Copy link
Collaborator Author

The documentation needs to be updated as per new implementation which will be handled in a separate PR.

Documentation updated in #415

@nlordell
Rework Safe Signer Launchpad
dac33f1 
This PR does a rework of some of the implementation details of the
`SafeECDSASignerLaunchpad` contract in light of some observations from
the previous PR #376.

Namely, this changes the initialization process to work in a slightly
different way:
1. Set the target singleton to a special slot when the entry point
   executes the `initCode` for the account
2. Signature verification checks that the account is an owner. This has
   the side-effect that you can initialize an account with multiple
   ECDSA owners and use any of them to sign the first user operation.
3. Promote the Safe to the singleton that was previously in storage.

The main difference with the previous flow is that we no longer have two
separate `setup` initializers that we `DELEGATECALL` to. Additionally,
we added checks that prevent double initialization as well as reentrency
issues in the execution function.

In addition, this also opens up a pretty clear path for supporting
multiple owners with the launchpad as the account has already undergone
"regular" Safe setup. This is relevant for #372.
@nlordell
Fix Tests
3c6670c
@nlordell
comments
628da93
@nlordell
Fix Passkey Example for new Launchpad
1bb7037
@nlordell nlordell merged commit b143b6f into main May 10, 2024
10 checks passed
@nlordell nlordell deleted the 308/single-setup branch May 10, 2024 11:09
@github-actions github-actions bot locked and limited conversation to collaborators May 10, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@akshay-ap akshay-ap akshay-ap approved these changes

@remedcu remedcu Awaiting requested review from remedcu remedcu is a code owner automatically assigned from safe-global/safe-protocol

@mmv08 mmv08 Awaiting requested review from mmv08

Assignees

@nlordell nlordell

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nlordell @coveralls @akshay-ap @mmv08