Skip to content

Legion 02#40

Merged
Dargon789 merged 10 commits into
Legionfrom
legion-02
Apr 10, 2026
Merged

Legion 02#40
Dargon789 merged 10 commits into
Legionfrom
legion-02

Conversation

@Dargon789

@Dargon789 Dargon789 commented Mar 14, 2026

Copy link
Copy Markdown
Owner

Summary by Sourcery

Add Merkle tree–based signature support to IthacaAccount and update wrapped signature format and tests accordingly.

Enhancements:

  • Introduce Merkle tree signature verification path in IthacaAccount using MerkleProofLib and a new merkle flag in the wrapped signature format.
  • Bump the IthacaAccount EIP-712 version string to 0.5.11.

Tests:

  • Add fuzz-style tests for Merkle-based signatures, including valid proofs, invalid digests, tampered proofs, and wrong roots.
  • Update existing signature construction helpers and test call sites to include the new merkle flag byte in wrapped signatures.

@vercel

This comment was marked as resolved.

@sourcery-ai

sourcery-ai Bot commented Mar 14, 2026

Copy link
Copy Markdown

Reviewer's Guide

Adds Merkle tree–based signature support to IthacaAccount and updates tests and helpers to handle the extended wrapped-signature format with a merkle flag, including a new fuzz test to validate Merkle-based signatures and refactors around EIP712 domain usage.

Sequence diagram for unwrapAndValidateSignature with Merkle support

sequenceDiagram
    actor Caller
    participant IthacaAccount
    participant MerkleProofLib
    participant ECDSA
    participant EfficientHashLib
    participant LibBytes

    Caller->>IthacaAccount: unwrapAndValidateSignature(digest, signature)
    alt signature.length == 65
        IthacaAccount->>ECDSA: recoverCalldata(digest, signature)
        ECDSA-->>IthacaAccount: signer
        IthacaAccount-->>Caller: isValid, keyHash(0)
    else wrapped signature
        IthacaAccount->>LibBytes: loadCalldata(signature, n)
        LibBytes-->>IthacaAccount: keyHash
        IthacaAccount->>LibBytes: truncatedCalldata(signature, n)
        LibBytes-->>IthacaAccount: innerSignature
        IthacaAccount->>LibBytes: loadCalldata(innerSignature, n+1)
        LibBytes-->>IthacaAccount: prehashFlag
        alt prehashFlag != 0
            IthacaAccount->>EfficientHashLib: sha2(digest)
            EfficientHashLib-->>IthacaAccount: digestSha2
        end
        IthacaAccount->>LibBytes: loadCalldata(innerSignature, n+2)
        LibBytes-->>IthacaAccount: merkleFlag
        alt merkleFlag != 0
            IthacaAccount->>IthacaAccount: _verifyMerkleSig(digest, innerSignature)
            activate IthacaAccount
            IthacaAccount->>MerkleProofLib: verifyCalldata(proof, root, digest)
            MerkleProofLib-->>IthacaAccount: proofIsValid
            alt proofIsValid
                IthacaAccount->>IthacaAccount: unwrapAndValidateSignature(root, rootSig)
                IthacaAccount-->>IthacaAccount: isValidRoot, keyHash
                IthacaAccount-->>Caller: isValidRoot, keyHash
            else proof invalid
                IthacaAccount-->>Caller: false, keyHash(0)
            end
            deactivate IthacaAccount
        else non Merkle wrapped signature
            IthacaAccount->>IthacaAccount: getKey(keyHash)
            IthacaAccount-->>Caller: isValid, keyHash
        end
    end
Loading

Class diagram for IthacaAccount Merkle signature support

classDiagram
    class IthacaAccount {
        <<contract>>
        +unwrapAndValidateSignature(digest bytes32, signature bytes) bool, bytes32
        -_verifyMerkleSig(digest bytes32, signature bytes) bool, bytes32
        +getKey(keyHash bytes32) Key
        +eip712Domain() string, string
    }

    class MerkleProofLib {
        <<library>>
        +verifyCalldata(proof bytes32[], root bytes32, leaf bytes32) bool
    }

    class ECDSA {
        <<library>>
        +recoverCalldata(hash bytes32, signature bytes) address
    }

    class EfficientHashLib {
        <<library>>
        +sha2(input bytes32) bytes32
    }

    class LibBytes {
        <<library>>
        +loadCalldata(data bytes, index uint256) uint256
        +truncatedCalldata(data bytes, newLength uint256) bytes
    }

    class Key {
        <<struct>>
        +addr address
        +weight uint256
        +validAfter uint48
        +validUntil uint48
    }

    IthacaAccount ..|> EIP712
    IthacaAccount ..|> GuardedExecutor
    IthacaAccount ..|> IIthacaAccount

    IthacaAccount ..> MerkleProofLib : uses
    IthacaAccount ..> ECDSA : uses
    IthacaAccount ..> EfficientHashLib : uses
    IthacaAccount ..> LibBytes : uses
    IthacaAccount o--> Key : returns
Loading

File-Level Changes

Change Details Files
Introduce Merkle tree signature verification path in IthacaAccount and extend wrapped-signature encoding to include a merkle flag.
  • Import MerkleProofLib and add internal _verifyMerkleSig that decodes proof/root/rootSig from calldata using inline assembly and verifies the leaf digest against the root with MerkleProofLib.verifyCalldata, then validates the root signature via unwrapAndValidateSignature
  • Change unwrapAndValidateSignature encoding from abi.encodePacked(bytes(innerSignature), bytes32(keyHash), bool(prehash)) to abi.encode(bytes(innerSignature), bytes32(keyHash), bool(prehash), bool(merkle)), adjust footer parsing (length and offsets), and route to _verifyMerkleSig when the merkle flag is set
  • Bump EIP712 version string from 0.5.10 to 0.5.11
src/IthacaAccount.sol
Add comprehensive Merkle-signature fuzz test and adapt existing tests/helpers to the new wrapped-signature layout with an explicit merkle flag byte.
  • Import Merkle from murky and add testMerkleSignature fuzz test that builds a random Merkle tree of digests, constructs a Merkle-based wrapped signature, and asserts correctness for valid leaves, non-member digests, tampered proofs, and tampered roots
  • Simplify eip712Domain usage in Account tests to ignore unused name/version fields after version bump
  • Update helper signature constructors (_p256Sig, _secp256k1Sig, _multiSig) and various test signatures (Account, Orchestrator, SimulateExecute, gas-estimation helpers) to append an extra uint8(0) merkle flag to match the new unwrapAndValidateSignature format
test/Account.t.sol
test/Base.t.sol
test/Orchestrator.t.sol
test/SimulateExecute.t.sol

Possibly linked issues

  • Fix tests account #30: The PR implements IthacaAccount Merkle-backed wrapped signature verification, merkle flag handling, and test updates exactly as described.
  • Fix tests account #30: PR introduces MerkleProofLib-based wrapped signature verification, new Merkle flag handling, tests, and version bump exactly as the issue specifies.

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@snyk-io

snyk-io Bot commented Mar 14, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@gemini-code-assist

Copy link
Copy Markdown

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly extends the IthacaAccount contract's signature verification capabilities by integrating Merkle tree-based signatures. This enhancement provides a flexible and secure way to verify a digest against a set of pre-approved digests, potentially optimizing gas usage for certain authorization patterns. The changes involve updating the core signature validation logic and introducing a dedicated function for Merkle proof verification, supported by a new version bump and thorough testing.

Highlights

  • Merkle Signature Verification: Introduced the capability to verify Merkle tree-based signatures within the IthacaAccount contract, enabling a new method for authorization.
  • Signature Encoding Update: Modified the signature encoding scheme to include a new boolean flag indicating whether a signature is a Merkle signature, allowing the unwrapAndValidateSignature function to handle both traditional and Merkle-based signatures.
  • Comprehensive Testing: Added extensive test cases for Merkle signature verification, covering valid proofs, invalid digests, tampered proofs, and incorrect roots to ensure robustness.
Changelog
  • src/IthacaAccount.sol
    • Imported MerkleProofLib for Merkle tree operations.
    • Added a new internal function _verifyMerkleSig to handle Merkle proof and root signature verification.
    • Modified the unwrapAndValidateSignature function to parse a new merkle flag from the signature and conditionally call _verifyMerkleSig.
    • Updated the contract version from "0.5.10" to "0.5.11".
  • test/Account.t.sol
    • Imported the Merkle library for Merkle tree generation in tests.
    • Added a new test function testMerkleSignature to validate the Merkle signature verification logic under various conditions.
    • Adjusted the destructuring of eip712Domain in a test helper function.
  • test/Base.t.sol
    • Modified the signature encoding in _p256Sig, _sig, _multiSig, _estimateGasForEOAKey, and _estimateGasForSecp256r1Key to include a new merkle flag set to false.
    • Updated the abi.encodePacked calls to append an additional uint8(0) for the new merkle flag.
  • test/Orchestrator.t.sol
    • Modified the signature encoding in an _estimateGas helper function to include a new merkle flag set to false.
    • Updated the abi.encodePacked call to append an additional uint8(0) for the new merkle flag.
  • test/SimulateExecute.t.sol
    • Modified the signature encoding in a test helper function to include a new merkle flag set to false.
    • Updated the abi.encodePacked call to append an additional uint8(0) for the new merkle flag.
Activity
  • Dargon789 created this pull request.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've found 1 issue, and left some high level feedback:

  • The wrapped signature format is now innerSig || keyHash || prehashFlag || merkleFlag but this is still described as abi.encode(bytes(innerSignature), bytes32(keyHash), bool(prehash), bool(merkle)) in the comment; consider updating the docstring (and/or introducing a small helper/struct) so the documented encoding exactly matches the unwrapAndValidateSignature implementation and the test helpers.
  • The unwrapAndValidateSignature parsing logic now relies on several magic constants (0x22, n + 1, n + 2) combined with LibBytes.truncatedCalldata; consider refactoring this into a small helper with named constants or interim variables for the flag positions to make the layout easier to reason about and less error-prone to extend.
  • The inline assembly in _verifyMerkleSig that decodes (bytes32[] proof, bytes32 root, bytes rootSig) from calldata is non-trivial; adding minimal internal documentation (e.g., which slot corresponds to which ABI head/tail and why the offsets are added to signature.offset) would make future maintenance and audits of this critical path safer.
Prompt for AI Agents
Please address the comments from this code review:

## Overall Comments
- The wrapped signature format is now `innerSig || keyHash || prehashFlag || merkleFlag` but this is still described as `abi.encode(bytes(innerSignature), bytes32(keyHash), bool(prehash), bool(merkle))` in the comment; consider updating the docstring (and/or introducing a small helper/struct) so the documented encoding exactly matches the `unwrapAndValidateSignature` implementation and the test helpers.
- The `unwrapAndValidateSignature` parsing logic now relies on several magic constants (`0x22`, `n + 1`, `n + 2`) combined with `LibBytes.truncatedCalldata`; consider refactoring this into a small helper with named constants or interim variables for the flag positions to make the layout easier to reason about and less error-prone to extend.
- The inline assembly in `_verifyMerkleSig` that decodes `(bytes32[] proof, bytes32 root, bytes rootSig)` from calldata is non-trivial; adding minimal internal documentation (e.g., which slot corresponds to which ABI head/tail and why the offsets are added to `signature.offset`) would make future maintenance and audits of this critical path safer.

## Individual Comments

### Comment 1
<location path="src/IthacaAccount.sol" line_range="525-528" />
<code_context>
     /// @dev Returns if the signature is valid, along with its `keyHash`.
     /// The `signature` is a wrapped signature, given by
-    /// `abi.encodePacked(bytes(innerSignature), bytes32(keyHash), bool(prehash))`.
+    /// `abi.encode(bytes(innerSignature), bytes32(keyHash), bool(prehash), bool(merkle))`.
     function unwrapAndValidateSignature(bytes32 digest, bytes calldata signature)
         public
</code_context>
<issue_to_address>
**issue (bug_risk):** Wrapped signature decoding still assumes a packed layout, which conflicts with the documented `abi.encode` format.

The docstring now specifies `abi.encode(bytes(innerSignature), bytes32(keyHash), bool(prehash), bool(merkle))`, but the decoder still treats the data as tightly packed: it derives `keyHash` from `length - 0x22` and reads two 1‑byte flags at `n + 1`/`n + 2`. Under `abi.encode`, `keyHash`, `prehash`, and `merkle` would each live in separate 32‑byte ABI slots, so this decoding will read the wrong values if callers follow the new format. Please either keep `abi.encodePacked` and update the docs, or change the decoding logic to consume the proper ABI‑encoded words for all three fields.
</issue_to_address>

Fix all in Cursor


Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Comment thread src/IthacaAccount.sol Outdated

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces Merkle tree-based signature support, which is a significant enhancement. The overall implementation is well-structured, and the addition of fuzz-style tests for the new signature scheme is commendable. However, I've identified a critical issue in the signature unwrapping logic that affects both the existing and new code paths. This bug needs to be addressed to ensure the correctness of signature validations.

Comment thread src/IthacaAccount.sol Outdated
@Dargon789

Copy link
Copy Markdown
Owner Author

@Mergifyio refresh

@mergify

mergify Bot commented Mar 14, 2026

Copy link
Copy Markdown

refresh

✅ Pull request refreshed

@Dargon789 Dargon789 enabled auto-merge (squash) March 14, 2026 10:12
@Dargon789 Dargon789 linked an issue Apr 7, 2026 that may be closed by this pull request
* feat: add ERC20 transfer benchmark for Porto with passkey

Add testERC20TransferViaPortoOrchestratorWithPasskey() benchmark to isolate
passkey authentication costs from spend limit enforcement costs.

- Uses secp256k1 passkey for transaction signing
- Sets execution permissions for ERC20 transfers
- Requires spend limits (set to max) for passkey operations
- Gas cost: 116,094 (vs 97,030 without passkey, 117,083 with restrictive limits)
- Provides clean measurement of passkey overhead (~19k gas)

Resolves ithacaxyz#272

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Tanishk Goyal <legion2002@users.noreply.github.com>

* feat: allow early refunds by recipient in escrow

* feat: add callSansTo support to ERC7821 execute

* chore: improvements and fixes to ERC7821Ithaca

* chore: add address(0) replacement to new compute digest

* fix: sanitize upper bits before checking replacement + tests

* feat: do not add replay safe wrapper if sig is eoa

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* chore: use `auto-assign-pr.yml` org action

* fix: combine improvements from PRs ithacaxyz#357, ithacaxyz#314, and ithacaxyz#379

Combines the following fixes:
- PR ithacaxyz#357: Replace SuperAdminCanSpendAnything with SuperAdminCanExecuteEverything in setCallChecker
- PR ithacaxyz#314: Fix typos across codebase (overriden→overridden, Calcualated→Calculated, etc.)
- PR ithacaxyz#379: Correct inline comment about approval amount (20-byte all-ones, not type(uint256).max)

Co-Authored-By: GarmashAlex <noreply@github.com>
Co-Authored-By: sukrucildirr <noreply@github.com>
Co-Authored-By: Forostovec <noreply@github.com>

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: subaccount design using spend function

* test: complete subaccount flow with unit test

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: fix and simplify multichain design (ithacaxyz#327)

* feat: simplify multichain nonce design

* chore: readd merkle verification prefix

* chore: undo blank line addns

* chore: lint

* chore: redundant multichain bool

* fix: lint

* .

* feat: remove intent struct (ithacaxyz#365)

* feat: simplify multichain nonce design

* chore: readd merkle verification prefix

* chore: undo blank line addns

* chore: lint

* .

* ~50 failing tests down to 5

* down to 1 failing test

* fixed failing test

* chore: remove console logs and bench

* .

* Update test/Base.t.sol

* Update src/Orchestrator.sol

* Update test/utils/mocks/MockPayerWithSignatureOptimized.sol

* chore: final cleanup, rebench

* Update src/Orchestrator.sol

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount,Orchestrator,SimpleFunder,Simulator

* chore: cleanup

* rebase

* fix

---------

Co-authored-by: GitHub Action <action@github.com>

* feat: native merkle sig verification in Account

* chore: fmt

* chore: unify merkle sig flow for orchestrator multi chain intents

* chore: bump contract versions due to bytecode changes - Contracts updated: Orchestrator,SimpleFunder,Simulator

* Add .circleci/config.yml (#1)

Add CircleCI configuration file to set up a basic pipeline with a say-hello job and workflow

CI:

Add .circleci/config.yml to define a say-hello job that checks out the code and prints a greeting using the cimg/base Docker image
Add a workflow to orchestrate the say-hello job under the CircleCI 2.1 engine

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* save local changes before merge

* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create CNAME

* Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing
changes made to a317ddb.

* Create CNAME (#9)

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create CNAME

* Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing
changes made to a317ddb.

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#10)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Potential fix for code scanning alert no. 3: Workflow does not contain permissions (#15)

https://github.com/Dargon789/account/security/code-scanning/3
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update ci.yaml (#16)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Delete CNAME

* Update Brutalizer.sol

* Potential fix for code scanning alert no. 2: Workflow does not contain permissions (#17)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Refactor deployment scripts and update configs

Migrates deployment scripts to use fork-based configuration loading, removes legacy CircleCI and GitHub workflow files, and introduces a registry-based contract deployment record. Updates .env.example, README, and foundry configuration. Removes LayerZero vendor and test files, adds devtools submodule, and improves LayerZeroSettler configuration logic for multi-chain deployments.

* Fix commit user email format in CI workflow (#18)

30a2096

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Potential fix for code scanning alert no. 4: Workflow does not contain permissions (#19)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Potential fix for code scanning alert no. 1: Workflow does not contain permissions (#20)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update ci.yaml (#21)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Master (#22)

* Merge branch 'master' (#8)

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create CNAME

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Revert "fix vm block accoount (#11)" (#13)

Reverts #11

Summary by Sourcery
CI:

Update the Forge test command in the CI workflow to enable reruns and increase verbosity.
This reverts commit 942017f.

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Refactor function signatures and formatting for consistency

Updated function signatures in IFunder and SimpleFunder for single-line style, and improved code formatting in IthacaAccount, test/Account.t.sol, test/Benchmark.t.sol, and test/LayerZeroSettler.t.sol for readability and consistency. No logic changes were made.

* Add Multicall3 simulation support to Simulator

Introduces Multicall3 simulation methods in Simulator.sol, enabling simulation of orchestrator calls with pre-execution calls via Multicall3. Adds IMulticall3 interface, updates related tests to cover multicall simulation flows, and includes minor formatting and interface signature changes for consistency.

* feat: add multicall to simulator (ithacaxyz#402)  (#24)

* feat: add multicall to simulator (ithacaxyz#402)

* feat: add multicall to simulator

* chore: add gas test

* chore: review fixes

* chore: fmt contracts and update gas snapshots

* test: add tests for getContextKeyHash in Account.t.sol (ithacaxyz#412)

---------

Co-authored-by: howy <132113803+howydev@users.noreply.github.com>
Co-authored-by: Roberto Delgado Ferrezuelo <108575058+robertodf99@users.noreply.github.com>

* Fix commit user email formatting in CI workflow

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Revert "feat: add multicall to simulator (ithacaxyz#402)  (#24)" (#26)

This reverts commit 1aef318.

* Delete .circleci directory (#27)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* # Default ignored files

* Potential fix for code scanning alert no. 3: Workflow does not contain permissions (#32)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* .snapshot_worktree

* Delete .idea directory (#35)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* pre-commit

* Update check-bytecode-changes.js

* pre-commit

* chore: bump contract versions due to bytecode changes

* chore: bump contract versions due to bytecode changes

* chore: bump contract versions due to bytecode changes

contracts update

* v0.5.11

* chore: unify merkle sig flow for orchestrator multi chain intents

* test: add tests for getContextKeyHash in Account.t.sol (ithacaxyz#412)

* Refactor function signatures and formatting for consistency

* Legion (#38)

* feat: add ERC20 transfer benchmark for Porto with passkey

Add testERC20TransferViaPortoOrchestratorWithPasskey() benchmark to isolate
passkey authentication costs from spend limit enforcement costs.

- Uses secp256k1 passkey for transaction signing
- Sets execution permissions for ERC20 transfers
- Requires spend limits (set to max) for passkey operations
- Gas cost: 116,094 (vs 97,030 without passkey, 117,083 with restrictive limits)
- Provides clean measurement of passkey overhead (~19k gas)

Resolves ithacaxyz#272

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Tanishk Goyal <legion2002@users.noreply.github.com>

* feat: allow early refunds by recipient in escrow

* feat: add callSansTo support to ERC7821 execute

* chore: improvements and fixes to ERC7821Ithaca

* chore: add address(0) replacement to new compute digest

* fix: sanitize upper bits before checking replacement + tests

* feat: do not add replay safe wrapper if sig is eoa

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* chore: use `auto-assign-pr.yml` org action

* fix: combine improvements from PRs ithacaxyz#357, ithacaxyz#314, and ithacaxyz#379

Combines the following fixes:
- PR ithacaxyz#357: Replace SuperAdminCanSpendAnything with SuperAdminCanExecuteEverything in setCallChecker
- PR ithacaxyz#314: Fix typos across codebase (overriden→overridden, Calcualated→Calculated, etc.)
- PR ithacaxyz#379: Correct inline comment about approval amount (20-byte all-ones, not type(uint256).max)

Co-Authored-By: GarmashAlex <noreply@github.com>
Co-Authored-By: sukrucildirr <noreply@github.com>
Co-Authored-By: Forostovec <noreply@github.com>

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: subaccount design using spend function

* test: complete subaccount flow with unit test

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: add merkle sigs natively into the account

* fix: tests

* test: add more sophisticated fuzz test

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: fix and simplify multichain design (ithacaxyz#327)

* feat: simplify multichain nonce design

* chore: readd merkle verification prefix

* chore: undo blank line addns

* chore: lint

* chore: redundant multichain bool

* fix: lint

* .

* feat: remove intent struct (ithacaxyz#365)

* feat: simplify multichain nonce design

* chore: readd merkle verification prefix

* chore: undo blank line addns

* chore: lint

* .

* ~50 failing tests down to 5

* down to 1 failing test

* fixed failing test

* chore: remove console logs and bench

* .

* Update test/Base.t.sol

* Update src/Orchestrator.sol

* Update test/utils/mocks/MockPayerWithSignatureOptimized.sol

* chore: final cleanup, rebench

* Update src/Orchestrator.sol

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount,Orchestrator,SimpleFunder,Simulator

* chore: cleanup

* rebase

* fix

---------

Co-authored-by: GitHub Action <action@github.com>

* feat: native merkle sig verification in Account

* chore: fmt

* chore: unify merkle sig flow for orchestrator multi chain intents

* chore: bump contract versions due to bytecode changes - Contracts updated: Orchestrator,SimpleFunder,Simulator

* Add .circleci/config.yml (#1)

Add CircleCI configuration file to set up a basic pipeline with a say-hello job and workflow

CI:

Add .circleci/config.yml to define a say-hello job that checks out the code and prints a greeting using the cimg/base Docker image
Add a workflow to orchestrate the say-hello job under the CircleCI 2.1 engine

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create CNAME

* Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing
changes made to a317ddb.

* Create CNAME (#9)

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create CNAME

* Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing
changes made to a317ddb.

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#10)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Potential fix for code scanning alert no. 3: Workflow does not contain permissions (#15)

https://github.com/Dargon789/account/security/code-scanning/3
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update ci.yaml (#16)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Delete CNAME

* Update Brutalizer.sol

* Potential fix for code scanning alert no. 2: Workflow does not contain permissions (#17)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Refactor deployment scripts and update configs

Migrates deployment scripts to use fork-based configuration loading, removes legacy CircleCI and GitHub workflow files, and introduces a registry-based contract deployment record. Updates .env.example, README, and foundry configuration. Removes LayerZero vendor and test files, adds devtools submodule, and improves LayerZeroSettler configuration logic for multi-chain deployments.

* Fix commit user email format in CI workflow (#18)

30a2096

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Potential fix for code scanning alert no. 4: Workflow does not contain permissions (#19)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Potential fix for code scanning alert no. 1: Workflow does not contain permissions (#20)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update ci.yaml (#21)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Master (#22)

* Merge branch 'master' (#8)

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create CNAME

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Revert "fix vm block accoount (#11)" (#13)

Reverts #11

Summary by Sourcery
CI:

Update the Forge test command in the CI workflow to enable reruns and increase verbosity.
This reverts commit 942017f.

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update ci.yaml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Refactor function signatures and formatting for consistency

Updated function signatures in IFunder and SimpleFunder for single-line style, and improved code formatting in IthacaAccount, test/Account.t.sol, test/Benchmark.t.sol, and test/LayerZeroSettler.t.sol for readability and consistency. No logic changes were made.

* Delete .circleci directory (#27)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* # Default ignored files

* .snapshot_worktree

* Delete .idea directory (#35)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* pre-commit

* pre-commit

* deploy execute_config.sh

* Update forge-std

* Update check-bytecode-changes.js

* pre-commit

* chore: bump contract versions due to bytecode changes

* chore: bump contract versions due to bytecode changes

* chore: bump contract versions due to bytecode changes

contracts update

* v0.5.11

* chore: unify merkle sig flow for orchestrator multi chain intents

* test: add tests for getContextKeyHash in Account.t.sol (ithacaxyz#412)

* Refactor function signatures and formatting for consistency

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Tanishk Goyal <legion2002@users.noreply.github.com>
Co-authored-by: Tanishk Goyal <goyaltanishk02@gmail.com>
Co-authored-by: howy <132113803+howydev@users.noreply.github.com>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: o-az <omaraziz.dev@proton.me>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Tanishk Goyal <legion2002@users.noreply.github.com>
Co-authored-by: Tanishk Goyal <goyaltanishk02@gmail.com>
Co-authored-by: howy <132113803+howydev@users.noreply.github.com>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: o-az <omaraziz.dev@proton.me>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: John Doe <jdoe@email.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Roberto Delgado Ferrezuelo <108575058+robertodf99@users.noreply.github.com>
Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com>
@vercel

vercel Bot commented Apr 7, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
legion Ready Ready Preview, Comment Apr 7, 2026 3:40pm

@Dargon789

Copy link
Copy Markdown
Owner Author

@Mergifyio refresh

@Dargon789 Dargon789 disabled auto-merge April 10, 2026 01:24
@Dargon789 Dargon789 disabled auto-merge April 10, 2026 01:24
@mergify

mergify Bot commented Apr 10, 2026

Copy link
Copy Markdown

refresh

✅ Pull request refreshed

@Dargon789 Dargon789 merged commit 4b94c1c into Legion Apr 10, 2026
9 of 14 checks passed
@Dargon789

Copy link
Copy Markdown
Owner Author

@Mergifyio refresh

@mergify

mergify Bot commented Apr 10, 2026

Copy link
Copy Markdown

refresh

✅ Pull request refreshed

@Dargon789 Dargon789 linked an issue Apr 11, 2026 that may be closed by this pull request
@Dargon789

Copy link
Copy Markdown
Owner Author

@Mergifyio refresh

@mergify

mergify Bot commented Apr 16, 2026

Copy link
Copy Markdown

refresh

✅ Pull request refreshed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Updated class diagram for IthacaAccount Merkle signature support Sequence diagram for wrapped and Merkle signature validation

4 participants