You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: ERCS/erc-4337.md
+21Lines changed: 21 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -141,6 +141,8 @@ The Smart Contract Account:
141
141
*`aggregator`/`authorizer` - 0 for valid signature, 1 to mark signature failure. Otherwise, an address of an `aggregator`/`authorizer` contract.
142
142
*`validUntil` is 6-byte timestamp value, or zero for "infinite". The `UserOperation` is valid only up to this time.
143
143
*`validAfter` is 6-byte timestamp. The `UserOperation` is valid only after this time.
144
+
* In order to specify a validity range using block numbers, both the `validUntil` and `validAfter` need to set their highest bit to 1.
145
+
***Note:** The validity range can be expressed by two block timestamps or two block numbers, but one timestamp and one block number cannot be mixed in the same UserOperation's validity range.
144
146
145
147
The Smart Contract Account MAY implement the interface `IAccountExecute`
146
148
@@ -230,6 +232,7 @@ In the verification loop, the `handleOps` call must perform the following steps
230
232
***Create the `sender` Smart Contract Account if it does not yet exist**, using the `initcode` provided in the `UserOperation`.
231
233
* If the `factory` address is "0x7702", then the sender MUST be an EOA with an [EIP-7702](./eip-7702.md) authorization designation. The `EntryPoint` validates the authorized address matches the one specified in the `UserOperation` signature (see [Support for [EIP-7702] authorizations](#support-for-eip-7702-authorizations)).
232
234
* If the `sender` does not exist, _and_ the `initcode` is empty, or does not deploy a contract at the "sender" address, the call must fail.
235
+
***WARNING**: If the `sender` does exist, _and_ the `initcode` is _not_ empty, then the `initcode` is ignored.
233
236
* calculate the maximum possible fee the `sender` needs to pay based on validation and call gas limits, and current gas values.
234
237
* calculate the fee the `sender` must add to its "deposit" in the `EntryPoint`
235
238
***Call `validateUserOp` on the `sender` contract**, passing in the `UserOperation`, its hash and the required fee.
@@ -311,6 +314,21 @@ Maliciously crafted paymasters could pose a risk of a DoS attack against the sys
311
314
As a mitigation, bundlers should use a reputation system for contracts they serve, and the paymaster must either limit its storage usage, or deposit a stake in a reputation system.
312
315
Full specification of a reputation system is outside the scope of this proposal.
313
316
317
+
#### The `paymasterAndData` field encoding and `paymasterSignature`
318
+
319
+
The `paymasterAndData` field is a byte array that contains a non-standard encoding of the following fields:
320
+
*`paymasterAddress` - 20 bytes — the address of the paymaster contract
321
+
*`paymasterVerificationGasLimit` - 16 bytes - the gas limit for the verification function
322
+
*`postOpGasLimit` - 16 bytes - the gas limit for the postOp function
323
+
*`paymasterData` - the data that the paymaster contract will receive in the `validatePaymasterUserOp` call
324
+
325
+
The following data can optionally be appended to the `paymasterAndData` field:
326
+
*`paymasterSignature` - the "signature" value byte array to be checked by the paymaster contract; this value can be provided **without affecting the UserOperation hash**
327
+
*`paymasterSignatureLength` - 2 bytes - the exact length of the `paymasterSignature` parameter byte array
328
+
*`PAYMASTER_SIG_MAGIC` (`0x22e325a297439656`) - the magic value that is appended to indicate the use of the `paymasterSignature` feature by the UserOperation
329
+
330
+
Note that as both the `signature` and the `paymasterSignature` fields do not affect the UserOperation hash, the signing by the Sender and the Paymaster can be performed in parallel.
331
+
314
332
The paymaster interface is as follows:
315
333
316
334
```solidity
@@ -358,6 +376,9 @@ receive() external payable;
358
376
359
377
// withdraw from the deposit of the current account
360
378
function withdrawTo(address payable withdrawAddress, uint256 withdrawAmount) external;
379
+
380
+
// get the currently executing UserOperation hash, or 0 if not called during the execution
381
+
function getCurrentUserOpHash() public view returns (bytes32);
361
382
```
362
383
363
384
### Bundler behavior upon receiving a UserOperation
0 commit comments