1271 isValidSignature

[livingrockrises]

Problem (found by curiousapple and alchemy) link
EIP-1271 signatures where the wallet keys sign an application message directly may be vulnerable to replay on other EIP-1271 wallets with the same set of owners

Solution/s

To implement replay protection the signature must be bound to the smart contract wallet by including its address somewhere in the signed message.

^ above was done by us with
isValidSignature -> isValidSignatureForAddress
isValidSignatureUnsafe -> isValidSignatureForAddressUnsafe

bcnmy/scw-contracts#162

Further,
solution was to wrap the incoming digest in a EIP712 wrapper

Further,
https://github.com/frangio/eip712-wrapper-for-eip1271
above repository proposes a solution to protect EIP-1271 wallets against replay attacks, while allowing full auditability of the signed message contents, by wrapping the message in an envelope that binds it to a specific EIP-1271 wallet.

with current solday implementation here

[livingrockrises]

Another problem raised is
https://x.com/howydev/status/1780353761686262022

solution for this is work in progress here : Vectorized/solady#907

[livingrockrises]

In case of modular account, this job is passed on to the validators and it is a question what should be responsible verifying contract (domain separator)

if we choose to make ERC1271 EIP712 as base then,

we could use custom implementation in validators + account
"Once this implementation is finalized, module authors can copypaste relevant portions to create a 1271 module that implement the same behavior"

if we don't care about 712 signing and stick to passing the sender on as part of the hash then below works,
https://github.com/rhinestonewtf/modulekit/blob/main/examples/src/OwnableValidator/OwnableValidator.sol#L57

[livingrockrises]

in this pull request, I have created some intermediate contracts and modified mock validator/s to showcase several possibilities

[github-actions]

Changes to gas cost

Generated at commit: 1a4322447ef82c62b6dc9b00e13eae3a7e84214c, compared to commit: c78f7612267fcb7235f6d3a621ed5e92d2874cd1

🧾 Summary (10% most significant diffs)

Contract	Method	Avg (+/-)	%
SmartAccount	nonce supportsExecutionMode	-45 ✅ -44 ✅	-1.34% -6.45%

---

Full diff report 👇

Contract	Deployment Cost (+/-)	Method	Min (+/-)	%	Avg (+/-)	%	Median (+/-)	%	Max (+/-)	%	# Calls (+/-)
SmartAccount	3,668,824 (+195,559)	execute executeFromExecutor getExecutorsPaginated initialize installModule nonce supportsExecutionMode validateUserOp	5,042 (+44) 2,885 (+22) 2,500 (+22) 2,831 (+22) 939 (+22) 1,513 (-45) 561 (-44) 7,423 (0)	+0.88% +0.77% +0.89% +0.78% +2.40% -2.89% -7.27% 0.00%	29,525 (+34) 30,931 (+22) 2,500 (+22) 94,613 (+24) 27,421 (+22) 3,313 (-45) 638 (-44) 8,818 (-7)	+0.12% +0.07% +0.89% +0.03% +0.08% -1.34% -6.45% -0.08%	32,541 (+44) 33,746 (+22) 2,500 (+22) 94,922 (+22) 29,743 (+22) 1,513 (-45) 643 (-44) 7,423 (0)	+0.14% +0.07% +0.89% +0.02% +0.07% -2.89% -6.40% 0.00%	97,911 (+22) 66,302 (+22) 2,500 (+22) 94,922 (+22) 39,894 (+22) 6,013 (-45) 711 (-44) 20,706 (0)	+0.02% +0.03% +0.89% +0.02% +0.06% -0.74% -5.83% 0.00%	108 (0) 10 (0) 2 (0) 450 (+3) 55 (0) 5 (0) 3 (0) 559 (+3)
MockExecutor	684,527 (0)	executeBatchViaAccount executeViaAccount	36,711 (+22) 73,556 (+22)	+0.06% +0.03%	63,994 (+22) 73,740 (+22)	+0.03% +0.03%	62,243 (+22) 73,556 (+22)	+0.04% +0.03%	107,484 (+22) 74,108 (+22)	+0.02% +0.03%	6 (0) 3 (0)
AccountFactory	1,200,638 (0)	createAccount	0 (0)	+∞%	141,982 (+17)	+0.01%	193,208 (+22)	+0.01%	193,220 (+22)	+0.01%	8 (0)
MockValidator	523,534 (+83,655)