Official mirror.xyz account for ERC-4337 Account Abstraction. Twitter: @erc4337
erc4337Empowering Innovation: ERC-4337 Account Abstraction Grant Round Recipients
The Ethereum Foundation is pleased to announce the successful conclusion of the ERC-4337 Account Abstraction grant round. This grant initiative will support 18 teams in their efforts to build diverse projects centered around ERC-4337, also known as Account Abstraction. Each team's project uniquely aligns with the goals of the ERC-4337 AA grant, and we believe that the outcomes of these endeavors will ripple through the ecosystem, inspiring new ideas and opportunities for collaboration. T...
erc4337ERC-4337 Mempool Stages: A Framework to Assess Bundlers Maturity
ERC-4337 aims to bring Account Abstraction to Ethereum while maintaining strong decentralization and censorship-resistance, aligning closely with the block production security of the underlying chain. Launching a truly public and decentralized mempool for ERC-4337 is a complex process, and development will progress with “training wheels” — a controlled setup that allows for system updates and bug fixes in a safer environment. While necessary in the early stages, these training wheels will be ...
erc4337EntryPoint v0.8 Released
The upcoming Pectra upgrade will introduce EIP-7702, which will allow Externally Owned Accounts (EOAs) to function like smart contracts, upgrading them with AA features such as gas sponsorship, transaction batching and custom permissions. Therefore, we have made sure that EntryPoint v0.8 will offer native support for EIP-7702 authorizations. This will allow any EOA that utilizes EIP-7702 to also make use of the pre-existing and comprehensive ERC-4337 ecosystem of bundlers and paymasters. In a...
erc4337Empowering Innovation: ERC-4337 Account Abstraction Grant Round Recipients
The Ethereum Foundation is pleased to announce the successful conclusion of the ERC-4337 Account Abstraction grant round. This grant initiative will support 18 teams in their efforts to build diverse projects centered around ERC-4337, also known as Account Abstraction. Each team's project uniquely aligns with the goals of the ERC-4337 AA grant, and we believe that the outcomes of these endeavors will ripple through the ecosystem, inspiring new ideas and opportunities for collaboration. T...
erc4337ERC-4337 Mempool Stages: A Framework to Assess Bundlers Maturity
ERC-4337 aims to bring Account Abstraction to Ethereum while maintaining strong decentralization and censorship-resistance, aligning closely with the block production security of the underlying chain. Launching a truly public and decentralized mempool for ERC-4337 is a complex process, and development will progress with “training wheels” — a controlled setup that allows for system updates and bug fixes in a safer environment. While necessary in the early stages, these training wheels will be ...
erc4337EntryPoint v0.8 Released
The upcoming Pectra upgrade will introduce EIP-7702, which will allow Externally Owned Accounts (EOAs) to function like smart contracts, upgrading them with AA features such as gas sponsorship, transaction batching and custom permissions. Therefore, we have made sure that EntryPoint v0.8 will offer native support for EIP-7702 authorizations. This will allow any EOA that utilizes EIP-7702 to also make use of the pre-existing and comprehensive ERC-4337 ecosystem of bundlers and paymasters. In a...
Official mirror.xyz account for ERC-4337 Account Abstraction. Twitter: @erc4337
Subscribe to erc4337
Subscribe to erc4337
Share Dialog
Share Dialog
>300 subscribers
>300 subscribers
Following feedback from the community, we have pushed and deployed a new version of the EntryPoint contract, with a few modifications. The latest address is 0x5FF137D4b0FDCD49DcA30c7CF57E578a026d2789
The changes are:
Align on-chain and off-chain UserOperation hash - PR#245
Nonce managed by EntryPoint - PR#247
Prevent recursion of handleOps - PR#257
Together, they guarantee that now there is a consistent view of the UserOperation :
The UserOperation hash is always unique
Events emitted by the execution of a UserOperation are now uniquely mapped to a UserOperation
This is primarily relevant to external entities (block explorers, wallets, and anyone processing events).
Note that we did not introduce these changes because we found a security breach in the contracts or those external tools - but in order to prevent future bugs in such tools. For example, since userOpHash couldn't be trusted to be unique, paymasters had to provide their own uniqueness check (which we added to the VerifyingPaymaster)
If a bundler has an "off-chain" calculation of the hash, it should be updated to the new implementation of the getUserOpHash() helper method in the EntryPoint.
Existing account contracts can use the new EntryPoint as is, but they can improve their performance by REMOVING the nonce check, as EntryPoint already verifies the nonce uniqueness.
BaseAccount was updated, so accounts should be recompiled against it.
the nonce() method was renamed to getNonce(). This is in part for reflecting the new mechanism (it references EntryPoint to read the nonce), but also since in a "[Gnosis] Safe" account we can no longer use the nonce method, as Safe uses nonce for non-AA transactions, and getNonce (and EntryPoint) for AA-based transactions. There is no conflict between the two.
In order to verify the account is working with a new EntryPoint, it can actively call the entryPoint.getNonce() method (this method is already called from the BaseAccount.
Wallets should read the next nonce to use in a UserOperation using the getNonce() method, instead of nonce.
Wallets should also decide if they want to use the "two-dimensional"
Block explorers are not affected directly. They can now safely assume that userOpHash has a unique value.
Even though these changes were not critical, as there were no security implications, we felt that it is better to push such changes now, before wallets get widespread adoption.
We would also like to thank everyone in the developer community who helped us identify, research, and resolve these issues.
Following feedback from the community, we have pushed and deployed a new version of the EntryPoint contract, with a few modifications. The latest address is 0x5FF137D4b0FDCD49DcA30c7CF57E578a026d2789
The changes are:
Align on-chain and off-chain UserOperation hash - PR#245
Nonce managed by EntryPoint - PR#247
Prevent recursion of handleOps - PR#257
Together, they guarantee that now there is a consistent view of the UserOperation :
The UserOperation hash is always unique
Events emitted by the execution of a UserOperation are now uniquely mapped to a UserOperation
This is primarily relevant to external entities (block explorers, wallets, and anyone processing events).
Note that we did not introduce these changes because we found a security breach in the contracts or those external tools - but in order to prevent future bugs in such tools. For example, since userOpHash couldn't be trusted to be unique, paymasters had to provide their own uniqueness check (which we added to the VerifyingPaymaster)
If a bundler has an "off-chain" calculation of the hash, it should be updated to the new implementation of the getUserOpHash() helper method in the EntryPoint.
Existing account contracts can use the new EntryPoint as is, but they can improve their performance by REMOVING the nonce check, as EntryPoint already verifies the nonce uniqueness.
BaseAccount was updated, so accounts should be recompiled against it.
the nonce() method was renamed to getNonce(). This is in part for reflecting the new mechanism (it references EntryPoint to read the nonce), but also since in a "[Gnosis] Safe" account we can no longer use the nonce method, as Safe uses nonce for non-AA transactions, and getNonce (and EntryPoint) for AA-based transactions. There is no conflict between the two.
In order to verify the account is working with a new EntryPoint, it can actively call the entryPoint.getNonce() method (this method is already called from the BaseAccount.
Wallets should read the next nonce to use in a UserOperation using the getNonce() method, instead of nonce.
Wallets should also decide if they want to use the "two-dimensional"
Block explorers are not affected directly. They can now safely assume that userOpHash has a unique value.
Even though these changes were not critical, as there were no security implications, we felt that it is better to push such changes now, before wallets get widespread adoption.
We would also like to thank everyone in the developer community who helped us identify, research, and resolve these issues.
keykey
No activity yet