Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add time range module #180

Merged
merged 1 commit into from
Sep 26, 2024
Merged

feat: add time range module #180

merged 1 commit into from
Sep 26, 2024

Conversation

adamegyed
Copy link
Contributor

Motivation

We want the ability to limit validations by time range, for use in session keys and other modules.

Solution

Add a time range enforcing module. When used as a user op validation, this returns the time range in the 4337 validationData value. When used as a runtime validation, this checks block.timestamp and enforces that the validation is only used within this context.

Also adds additional commands to package.json for viewing coverage and generating an lcov report.

Note: this currently doesn't enforce anything for signature validation. It is not clear to me whether or not it is safe to use block.timestamp in the signature checking logic, because if may be used within another account's 4337 validation phase. However, that entire workflow is not common due to the likely violation for associated storage.

To discuss: should this hook check block.timestamp in the pre signature validation hook? Or should we just recommend users to disable signature validation from validation functions with this hook using the flag?

@adamegyed adamegyed requested a review from a team September 18, 2024 20:46
jaypaik
jaypaik reviewed Sep 23, 2024
View reviewed changes
src/modules/permissions/TimeRangeModule.sol

import {BaseModule} from "../../modules/BaseModule.sol";

contract TimeRangeModule is IValidationHookModule, BaseModule {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mind adding NatSpec documentation to our contracts?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added here: 5aeff4d

Lmk if anything's missing!

jaypaik
jaypaik reviewed Sep 23, 2024
View reviewed changes
src/modules/permissions/TimeRangeModule.sol

error TimeRangeNotValid();

function onInstall(bytes calldata data) external override {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also @dev comments in functions like these to describe how data should be encoded.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added!

Though I wonder if it would be preferable to put this info in an @param instead?

@adamegyed adamegyed force-pushed the adam/time-range-rule branch 2 times, most recently from c278831 to 4265d1f Compare September 25, 2024 20:56
@adamegyed adamegyed force-pushed the adam/add-allowlist branch 2 times, most recently from e54e9a1 to 4afc628 Compare September 26, 2024 17:16
Base automatically changed from adam/add-allowlist to develop September 26, 2024 17:42
@octane-security-app-dev Octane Security App Dev
Copy link

Summary by Octane

New Contracts

  • TimeRangeModule.sol: The TimeRangeModule smart contract enforces validation within specific time ranges for user operations and runtime checks, using configurable timestamps for accounts and entities.

Updated Contracts

No contracts were updated in this PR.

🔗 Commit Hash: 51d7377

@octane-security-app-dev Octane Security App Dev
Copy link

Overview

Octane AI analysis has finished. No vulnerabilities were found. Cheers! 🎉🎉🎉

🔗 Commit Hash: 51d7377

@github-actions GitHub Actions
Copy link

Contract sizes:

 | Contract                     | Size (B) | Margin (B) |
 |------------------------------|----------|------------|
 | AccountFactory               |    4,169 |     20,407 |
 | AllowlistModule              |    5,817 |     18,759 |
 | ERC20TokenLimitModule        |    4,138 |     20,438 |
 | ModularAccount               |   25,983 |     -1,407 |
 | SemiModularAccount           |   26,487 |     -1,911 |
 | SingleSignerValidationModule |    3,444 |     21,132 |
+| TimeRangeModule              |    1,870 |     22,706 |
 | TokenReceiverModule          |    2,189 |     22,387 |

Code coverage:

File % Lines % Statements % Branches % Funcs
src/account/AccountExecutor.sol 100.00% (4/4) 100.00% (4/4) 100.00% (1/1) 100.00% (1/1)
src/account/AccountStorageInitializable.sol 84.21% (16/19) 84.62% (22/26) 60.00% (3/5) 100.00% (2/2)
src/account/BaseAccount.sol 83.33% (5/6) 80.00% (4/5) 50.00% (1/2) 100.00% (2/2)
src/account/ModularAccount.sol 92.92% (223/240) 93.46% (300/321) 82.50% (33/40) 97.44% (38/39)
src/account/ModularAccountView.sol 96.55% (28/29) 95.24% (40/42) 100.00% (2/2) 100.00% (2/2)
src/account/ModuleManagerInternals.sol 88.10% (111/126) 88.17% (149/169) 42.86% (6/14) 100.00% (11/11)
src/account/SemiModularAccount.sol 0.00% (0/50) 0.00% (0/66) 0.00% (0/9) 0.00% (0/17)
src/factory/AccountFactory.sol 34.48% (10/29) 35.00% (14/40) 50.00% (1/2) 18.18% (2/11)
src/libraries/HookConfigLib.sol 47.06% (8/17) 65.62% (21/32) 100.00% (0/0) 66.67% (8/12)
src/libraries/KnownSelectorsLib.sol 100.00% (27/27) 100.00% (60/60) 100.00% (0/0) 100.00% (3/3)
src/libraries/ModuleEntityLib.sol 62.50% (5/8) 45.00% (9/20) 100.00% (0/0) 50.00% (3/6)
src/libraries/SparseCalldataSegmentLib.sol 100.00% (23/23) 100.00% (29/29) 100.00% (5/5) 100.00% (6/6)
src/libraries/ValidationConfigLib.sol 44.44% (8/18) 52.63% (20/38) 100.00% (0/0) 61.54% (8/13)
src/modules/BaseModule.sol 100.00% (11/11) 100.00% (15/15) 100.00% (1/1) 100.00% (2/2)
src/modules/ERC20TokenLimitModule.sol 70.27% (26/37) 76.92% (40/52) 70.00% (7/10) 55.56% (5/9)
src/modules/ModuleEIP712.sol 100.00% (1/1) 100.00% (2/2) 100.00% (0/0) 100.00% (1/1)
src/modules/ReplaySafeWrapper.sol 100.00% (6/6) 100.00% (7/7) 100.00% (0/0) 100.00% (2/2)
src/modules/TokenReceiverModule.sol 70.00% (7/10) 69.23% (9/13) 100.00% (0/0) 28.57% (2/7)
src/modules/permissions/AllowlistModule.sol 76.19% (32/42) 75.00% (42/56) 77.78% (7/9) 41.67% (5/12)
src/modules/permissions/TimeRangeModule.sol 100.00% (12/12) 100.00% (20/20) 100.00% (1/1) 75.00% (6/8)
src/modules/validation/SingleSignerValidationModule.sol 88.89% (16/18) 91.30% (21/23) 100.00% (3/3) 88.89% (8/9)
Total 78.99% (579/733) 79.62% (828/1040) 68.27% (71/104) 66.86% (117/175)

@adamegyed adamegyed merged commit 14f38bd into develop Sep 26, 2024
6 checks passed
@adamegyed adamegyed deleted the adam/time-range-rule branch September 26, 2024 17:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaypaik jaypaik jaypaik left review comments

@fangting-alchemy fangting-alchemy fangting-alchemy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adamegyed @jaypaik @fangting-alchemy