Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add webauthn module #189

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

feat: add webauthn module #189

wants to merge 1 commit into from
+401 −73

Conversation

howydev
Copy link
Collaborator

@howydev howydev commented Sep 24, 2024

  1. Add webauthn module
  2. Rename "SingleSigner" naming -> ECDSA

@octane-security-app-dev Octane Security App Dev
Copy link

octane-security-app-dev bot commented Sep 24, 2024
edited
Loading

Summary by Octane

New Contracts

  • IWebauthnValidationModule.sol: This Solidity contract facilitates signer validation and updates for accounts, utilizing key coordinates and event logging for signer changes.
  • WebauthnValidationModule.sol: Smart contract enabling WebAuthn signature validation for ERC-1271 compatibility, with support for signer management and validation module integration.

Updated Contracts

  • ModularAccountBenchmarkBase.sol: Replaced SingleSignerValidationModule with ECDSAValidationModule for enhanced validation.
  • AccountFactory.sol: Switched SINGLE_SIGNER_VALIDATION_MODULE to ECDSAValidationModule for improved security.
  • AccountTestBase.sol: Switched from SingleSignerValidationModule to ECDSAValidationModule for validation functions in the smart contract.
  • OptimizedTest.sol: Replaced SingleSignerValidationModule with ECDSAValidationModule for enhanced validation mechanisms.

🔗 Commit Hash: 532bb8a

@octane-security-app-dev Octane Security App Dev
Copy link

Overview

Vulnerabilities found: 1                                                                                
Severity breakdown: 1 Low

Detailed findings

src/factory/AccountFactory.sol

  • Review potential Missing/Improper Check on the Admin Address issue that is exposed in the constructor function

🔗 Commit Hash: 8a19552
🛡️ Octane Dashboard: All vulnerabilities

@github-actions GitHub Actions
Copy link

Contract sizes:

-| Contract                     | Size (B) | Margin (B) |
-|------------------------------|----------|------------|
-| AccountFactory               |    4,763 |     19,813 |
-| ERC1967Proxy                 |      104 |     24,472 |
-| ModularAccount               |   26,483 |     -1,907 |
-| SemiModularAccount           |   27,540 |     -2,964 |
-| SingleSignerValidationModule |    3,444 |     21,132 |
-| TokenReceiverModule          |    2,189 |     22,387 |
+| Contract                 | Size (B) | Margin (B) |
+|--------------------------|----------|------------|
+| AccountFactory           |    4,763 |     19,813 |
+| ECDSAValidationModule    |    3,444 |     21,132 |
+| ERC1967Proxy             |      104 |     24,472 |
+| ModularAccount           |   26,483 |     -1,907 |
+| SemiModularAccount       |   27,540 |     -2,964 |
+| TokenReceiverModule      |    2,189 |     22,387 |
+| WebauthnValidationModule |    7,854 |     16,722 |

Code coverage:

File % Lines % Statements % Branches % Funcs
src/account/AccountExecutor.sol 75.00% (3/4) 75.00% (3/4) 0.00% (0/1) 100.00% (1/1)
src/account/AccountStorageInitializable.sol 84.21% (16/19) 84.62% (22/26) 60.00% (3/5) 100.00% (2/2)
src/account/ModularAccount.sol 90.46% (218/241) 90.99% (293/322) 78.05% (32/41) 97.44% (38/39)
src/account/ModularAccountView.sol 96.55% (28/29) 95.24% (40/42) 100.00% (2/2) 100.00% (2/2)
src/account/ModuleManagerInternals.sol 84.92% (107/126) 84.62% (143/169) 42.86% (6/14) 100.00% (11/11)
src/account/SemiModularAccount.sol 0.00% (0/50) 0.00% (0/66) 0.00% (0/9) 0.00% (0/17)
src/factory/AccountFactory.sol 33.33% (10/30) 35.71% (15/42) 50.00% (1/2) 18.18% (2/11)
src/libraries/HookConfigLib.sol 47.06% (8/17) 65.62% (21/32) 100.00% (0/0) 66.67% (8/12)
src/libraries/KnownSelectorsLib.sol 100.00% (27/27) 100.00% (60/60) 100.00% (0/0) 100.00% (3/3)
src/libraries/ModuleEntityLib.sol 62.50% (5/8) 45.00% (9/20) 100.00% (0/0) 50.00% (3/6)
src/libraries/SparseCalldataSegmentLib.sol 100.00% (23/23) 100.00% (29/29) 100.00% (5/5) 100.00% (6/6)
src/libraries/ValidationConfigLib.sol 44.44% (8/18) 52.63% (20/38) 100.00% (0/0) 61.54% (8/13)
src/modules/BaseModule.sol 9.09% (1/11) 26.67% (4/15) 0.00% (0/1) 50.00% (1/2)
src/modules/ModuleEIP712.sol 100.00% (1/1) 100.00% (2/2) 100.00% (0/0) 100.00% (1/1)
src/modules/ReplaySafeWrapper.sol 100.00% (6/6) 100.00% (7/7) 100.00% (0/0) 100.00% (2/2)
src/modules/TokenReceiverModule.sol 69.23% (9/13) 69.23% (9/13) 100.00% (0/0) 28.57% (2/7)
src/modules/validation/ECDSAValidationModule.sol 90.48% (19/21) 91.30% (21/23) 100.00% (3/3) 88.89% (8/9)
src/modules/validation/WebauthnValidationModule.sol 78.26% (18/23) 77.78% (21/27) 100.00% (3/3) 60.00% (6/10)
Total 76.01% (507/667) 76.73% (719/937) 63.95% (55/86) 67.53% (104/154)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@howydev