Skip to content

Sequence diagram for merkle-based wrapped signature verification #87

Description

@Dargon789

Reviewer's Guide

Adds Merkle tree–based signature support to IthacaAccount (including a merkle flag in wrapped signatures), updates tests and benchmarks to the new signature encoding, and introduces fuzz tests for Merkle signatures, along with minor EIP-712 domain and version updates plus some IDE config files.

Sequence diagram for merkle-based wrapped signature verification

sequenceDiagram
    actor ExternalCaller
    participant IthacaAccount
    participant MerkleProofLib

    ExternalCaller->>IthacaAccount: unwrapAndValidateSignature(digest, wrappedSig)
    alt signature_length == 65
        IthacaAccount-->>ExternalCaller: isValid = (ECDSA.recoverCalldata == this), keyHash = 0
    else wrapped_signature
        IthacaAccount->>IthacaAccount: parse keyHash, prehashFlag, merkleFlag from wrappedSig
        alt prehashFlag != 0
            IthacaAccount->>IthacaAccount: digest = EfficientHashLib.sha2(digest)
        end
        alt merkleFlag != 0
            IthacaAccount->>IthacaAccount: _verifyMerkleSig(digest, merkleSigPayload)
            IthacaAccount->>MerkleProofLib: verifyCalldata(proof, root, digest)
            alt MerkleProofLib returns true
                IthacaAccount->>IthacaAccount: unwrapAndValidateSignature(root, rootSig)
                IthacaAccount-->>ExternalCaller: isValid, keyHash (from rootSig validation)
            else MerkleProofLib returns false
                IthacaAccount-->>ExternalCaller: isValid = false, keyHash = 0
            end
        else merkleFlag == 0
            IthacaAccount->>IthacaAccount: getKey(keyHash) and validate
            IthacaAccount-->>ExternalCaller: isValid, keyHash
        end
    end
Loading

Class diagram for updated IthacaAccount merkle-aware signature validation

classDiagram
    class IthacaAccount {
        +unwrapAndValidateSignature(bytes32 digest, bytes signature) bool isValid, bytes32 keyHash
        -_verifyMerkleSig(bytes32 digest, bytes signature) bool isValid, bytes32 keyHash
        +eip712DomainDetails() string name, string version
    }

    class MerkleProofLib {
        +verifyCalldata(bytes32[] proof, bytes32 root, bytes32 leaf) bool
    }

    class LibBytes {
        +loadCalldata(bytes data, uint256 index) bytes32
        +truncatedCalldata(bytes data, uint256 newLength) bytes
    }

    class EfficientHashLib {
        +sha2(bytes32 digest) bytes32
    }

    class ECDSA {
        +recoverCalldata(bytes32 digest, bytes signature) address
    }

    IthacaAccount ..> MerkleProofLib : uses
    IthacaAccount ..> LibBytes : uses
    IthacaAccount ..> EfficientHashLib : uses
    IthacaAccount ..> ECDSA : uses
Loading

File-Level Changes

Change Details Files
Add Merkle-based wrapped signature verification path in IthacaAccount and extend wrapped signature encoding
  • Introduce _verifyMerkleSig that decodes proof/root/rootSig from calldata using inline assembly and verifies Merkle proofs via MerkleProofLib.verifyCalldata
  • Extend unwrapAndValidateSignature to handle an extra merkle flag byte, branch into Merkle verification path, and adjust offset math for keyHash/prehash extraction
  • Update wrapped signature format documentation to include prehash and merkle flags and bump EIP-712 version string from 0.5.10 to 0.5.11
src/IthacaAccount.sol
Update test helpers and tests to the new wrapped signature format and add fuzz coverage for Merkle signatures
  • Update _p256Sig, _secp256k1Sig, _multiSig, and various synthetic signatures in tests to append an extra merkle flag byte (currently 0) after the prehash flag
  • Add testMerkleSignature fuzz test that builds random Merkle trees, checks successful verification, and asserts failures for invalid digest, tampered proof, and wrong root using the new merkle flag path
  • Simplify eip712Domain destructuring in Account tests to ignore unused name/version fields and keep only verifyingContract
test/Base.t.sol
test/Account.t.sol
test/Orchestrator.t.sol
test/SimulateExecute.t.sol
Add benchmark case for passkey-based ERC20 transfer via Orchestrator
  • Create testERC20TransferViaPortoOrchestratorWithPasskey which configures a passkey on a DelegatedEOA, sets permissions and spend limits, signs an Intent with the passkey, and benchmarks Orchestrator execution
  • Aligns benchmark setup with existing ERC20 transfer benchmarks including gas metering pauses and balance assertions
test/Benchmark.t.sol
Add IDE project configuration files
  • Check in IntelliJ/IDEA project metadata including module file, VCS, markdown, code style, and cache configuration
  • Configure IDE-specific .gitignore within .idea
.idea/.gitignore
.idea/account.iml
.idea/caches/deviceStreaming.xml
.idea/codeStyles/Project.xml
.idea/codeStyles/codeStyleConfig.xml
.idea/copilot.data.migration.ask2agent.xml
.idea/markdown.xml
.idea/modules.xml
.idea/vcs.xml

Possibly linked issues


Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

Originally posted by @sourcery-ai[bot] in #86 (comment)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions