forked from ithacaxyz/account
-
Notifications
You must be signed in to change notification settings - Fork 1
Sequence diagram for merkle-based signature verification in IthacaAccount #49
Copy link
Copy link
Open
0 / 10 of 1 issue completedLabels
bugSomething isn't workingSomething isn't workingdocumentationImprovements or additions to documentationImprovements or additions to documentationduplicateThis issue or pull request already existsThis issue or pull request already existsenhancementNew feature or requestNew feature or requestgood first issueGood for newcomersGood for newcomersinvalidThis doesn't seem rightThis doesn't seem rightquestionFurther information is requestedFurther information is requested
Description
Metadata
Metadata
Assignees
Labels
bugSomething isn't workingSomething isn't workingdocumentationImprovements or additions to documentationImprovements or additions to documentationduplicateThis issue or pull request already existsThis issue or pull request already existsenhancementNew feature or requestNew feature or requestgood first issueGood for newcomersGood for newcomersinvalidThis doesn't seem rightThis doesn't seem rightquestionFurther information is requestedFurther information is requested
Projects
StatusShow more project fields
Backlog
StatusShow more project fields
Todo
Reviewer's Guide
Adds Merkle tree–based signature verification support to IthacaAccount, including a new wrapped-signature format, corresponding tests, and CI workflow tweaks to limit test scope, plus a version bump.
Sequence diagram for merkle-based signature verification in IthacaAccount
sequenceDiagram actor ExternalCaller participant IthacaAccount participant MerkleProofLib participant EfficientHashLib participant ECDSA ExternalCaller->>IthacaAccount: unwrapAndValidateSignature(digest, signature) activate IthacaAccount IthacaAccount->>IthacaAccount: check signature.length alt signature.length == 65 IthacaAccount->>ECDSA: recoverCalldata(digest, signature) ECDSA-->>IthacaAccount: signer IthacaAccount-->>ExternalCaller: (signer == IthacaAccount, 0) else wrapped signature IthacaAccount->>IthacaAccount: parse keyHash, prehash, merkle flags via LibBytes alt prehash flag set IthacaAccount->>EfficientHashLib: sha2(digest) EfficientHashLib-->>IthacaAccount: newDigest IthacaAccount->>IthacaAccount: digest = newDigest end alt merkle flag set IthacaAccount->>IthacaAccount: _verifyMerkleSig(digest, innerSignature) activate IthacaAccount IthacaAccount->>IthacaAccount: decode proof, root, rootSig from calldata IthacaAccount->>MerkleProofLib: verifyCalldata(proof, root, digest) MerkleProofLib-->>IthacaAccount: isLeafInTree alt isLeafInTree IthacaAccount->>IthacaAccount: unwrapAndValidateSignature(root, rootSig) IthacaAccount-->>IthacaAccount: (isValid, keyHash) IthacaAccount-->>ExternalCaller: (isValid, keyHash) else IthacaAccount-->>ExternalCaller: (false, 0) end else standard wrapped signature flow IthacaAccount->>IthacaAccount: key = getKey(keyHash) IthacaAccount->>IthacaAccount: validate innerSignature with key IthacaAccount-->>ExternalCaller: (isValid, keyHash) end end deactivate IthacaAccountUpdated class diagram for IthacaAccount merkle signature support
classDiagram class IthacaAccount { +unwrapAndValidateSignature(bytes32 digest, bytes signature) bool isValid +unwrapAndValidateSignature(bytes32 digest, bytes signature) bytes32 keyHash -_verifyMerkleSig(bytes32 digest, bytes signature) bool isValid -_verifyMerkleSig(bytes32 digest, bytes signature) bytes32 keyHash +getKey(bytes32 keyHash) Key +_hashTypedData(bytes32 structHash) bytes32 +_hashTypedDataSansChainId(bytes32 structHash) bytes32 +getEIP712NameAndVersion() string name +getEIP712NameAndVersion() string version <<EIP712>> <<GuardedExecutor>> } class MerkleProofLib { +verifyCalldata(bytes32[] proof, bytes32 root, bytes32 leaf) bool } class LibBytes { +loadCalldata(bytes data, uint256 index) bytes32 +truncatedCalldata(bytes data, uint256 newLength) bytes } class EfficientHashLib { +sha2(bytes32 input) bytes32 } class ECDSA { +recoverCalldata(bytes32 digest, bytes signature) address } class Key { +address signer +bool isValid } IthacaAccount --> MerkleProofLib : uses IthacaAccount --> LibBytes : parses wrappedSignature IthacaAccount --> EfficientHashLib : optionalPrehash IthacaAccount --> ECDSA : eip191Recover IthacaAccount --> Key : authorizationDataFile-Level Changes
src/IthacaAccount.soltest/Base.t.soltest/Account.t.soltest/Orchestrator.t.soltest/SimulateExecute.t.sol.github/workflows/ci.yamlCNAMETips and commands
Interacting with Sourcery
@sourcery-ai reviewon the pull request.issue from a review comment by replying to it. You can also reply to a
review comment with
@sourcery-ai issueto create an issue from it.@sourcery-aianywhere in the pullrequest title to generate a title at any time. You can also comment
@sourcery-ai titleon the pull request to (re-)generate the title at any time.@sourcery-ai summaryanywhere inthe pull request body to generate a PR summary at any time exactly where you
want it. You can also comment
@sourcery-ai summaryon the pull request to(re-)generate the summary at any time.
@sourcery-ai guideon the pullrequest to (re-)generate the reviewer's guide at any time.
@sourcery-ai resolveon thepull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
@sourcery-ai dismisson the pullrequest to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai reviewto trigger a new review!Customizing Your Experience
Access your dashboard to:
summary, the reviewer's guide, and others.
Getting Help
Originally posted by @sourcery-ai[bot] in #41 (comment)