Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: [Quantstamp-ALC-14] fix execution data view for native functions #290

Merged
merged 2 commits into from
Nov 15, 2024

Conversation

fangting-alchemy
Copy link
Collaborator

@fangting-alchemy fangting-alchemy commented Nov 15, 2024

Motivation

Execution data view method is not returning the correct fields for native functions.

Solution

Return correct fields for the following two types of native functions. Needed to create an interface to avoid circular dependency. It also helps the MA readability now that all external funcs have interfaces.

  • Native view functions
  • Other native functions

Also refactored NativeFunctionDelegate to import interfaces when available.

Copy link

octane-security-app bot commented Nov 15, 2024

Summary by Octane

New Contracts

  • IModularAccountBase.sol: The smart contract is an interface enabling contract creation with customizable parameters and nonce invalidation for deferred actions.

Updated Contracts

  • ModularAccountBase.sol: Enhanced contract modularity with the addition of IModularAccountBase, global validation tweaks, and streamlined function documentation updates.
  • ModularAccountView.sol: Enhanced smart contract to support global validation for certain functions and added runtime validation skipping for native view functions.
  • NativeFunctionDelegate.sol: Interfaces updated, new imports added, and function selectors transitioned from base to modular account interfaces.

🔗 Commit Hash: 927e9f2

Copy link

github-actions bot commented Nov 15, 2024

Contract sizes:

 | Contract                      | Runtime Size (B) | Initcode Size (B) | Runtime Margin (B) | Initcode Margin (B) |
 |-------------------------------|------------------|-------------------|--------------------|---------------------|
 | AccountFactory                |            5,921 |             6,386 |             18,655 |              42,766 |
 | AllowlistModule               |            9,553 |             9,580 |             15,023 |              39,572 |
 | ExecutionInstallDelegate      |            5,714 |             5,760 |             18,862 |              43,392 |
-| ModularAccount                |           22,254 |            29,083 |              2,322 |              20,069 |
+| ModularAccount                |           22,413 |            29,242 |              2,163 |              19,910 |
 | NativeFunctionDelegate        |              560 |               587 |             24,016 |              48,565 |
 | NativeTokenLimitModule        |            4,449 |             4,476 |             20,127 |              44,676 |
 | PaymasterGuardModule          |            1,845 |             1,872 |             22,731 |              47,280 |
-| SemiModularAccount7702        |           23,157 |            29,979 |              1,419 |              19,173 |
-| SemiModularAccountBytecode    |           23,639 |            30,468 |                937 |              18,684 |
-| SemiModularAccountStorageOnly |           24,133 |            30,962 |                443 |              18,190 |
+| SemiModularAccount7702        |           23,315 |            30,137 |              1,261 |              19,015 |
+| SemiModularAccountBytecode    |           23,797 |            30,626 |                779 |              18,526 |
+| SemiModularAccountStorageOnly |           24,291 |            31,120 |                285 |              18,032 |
 | SingleSignerValidationModule  |            3,646 |             3,673 |             20,930 |              45,479 |
 | TimeRangeModule               |            2,003 |             2,030 |             22,573 |              47,122 |
 | WebAuthnValidationModule      |            7,854 |             7,881 |             16,722 |              41,271 |

Code coverage:

File % Lines % Statements % Branches % Funcs
src/account/AccountBase.sol 100.00% (8/8) 100.00% (7/7) 100.00% (2/2) 100.00% (4/4)
src/account/AccountStorageInitializable.sol 100.00% (19/19) 100.00% (26/26) 100.00% (5/5) 100.00% (2/2)
src/account/ModularAccount.sol 100.00% (2/2) 100.00% (2/2) 100.00% (0/0) 100.00% (2/2)
src/account/ModularAccountBase.sol 99.02% (302/305) 96.30% (364/378) 78.33% (47/60) 97.30% (36/37)
src/account/ModularAccountView.sol 95.00% (38/40) 96.30% (52/54) 80.00% (4/5) 100.00% (5/5)
src/account/ModuleManagerInternals.sol 95.08% (58/61) 96.20% (76/79) 62.50% (5/8) 100.00% (3/3)
src/account/SemiModularAccount7702.sol 0.00% (0/6) 0.00% (0/6) 0.00% (0/1) 0.00% (0/3)
src/account/SemiModularAccountBase.sol 89.06% (57/64) 92.31% (84/91) 68.75% (11/16) 100.00% (15/15)
src/account/SemiModularAccountBytecode.sol 100.00% (6/6) 100.00% (7/7) 100.00% (1/1) 100.00% (2/2)
src/account/SemiModularAccountStorageOnly.sol 80.00% (4/5) 83.33% (5/6) 100.00% (0/0) 50.00% (1/2)
src/account/TokenReceiver.sol 33.33% (1/3) 33.33% (1/3) 100.00% (0/0) 33.33% (1/3)
src/factory/AccountFactory.sol 75.56% (34/45) 80.33% (49/61) 50.00% (3/6) 60.00% (9/15)
src/helpers/ExecutionInstallDelegate.sol 92.59% (50/54) 92.96% (66/71) 40.00% (2/5) 100.00% (7/7)
src/helpers/NativeFunctionDelegate.sol 100.00% (22/22) 100.00% (42/42) 100.00% (0/0) 100.00% (1/1)
src/libraries/ExecutionLib.sol 99.64% (276/277) 98.89% (268/271) 90.91% (30/33) 100.00% (24/24)
src/libraries/KnownSelectorsLib.sol 100.00% (16/16) 100.00% (34/34) 100.00% (0/0) 100.00% (2/2)
src/libraries/LinkedListSetLib.sol 94.00% (47/50) 96.25% (77/80) 66.67% (4/6) 100.00% (8/8)
src/libraries/MemManagementLib.sol 100.00% (54/54) 100.00% (70/70) 100.00% (0/0) 100.00% (12/12)
src/libraries/ModuleInstallCommonsLib.sol 57.14% (8/14) 42.11% (8/19) 75.00% (3/4) 100.00% (3/3)
src/modules/ModuleBase.sol 100.00% (13/13) 94.12% (16/17) 100.00% (2/2) 100.00% (3/3)
src/modules/permissions/AllowlistModule.sol 86.05% (74/86) 85.71% (96/112) 78.26% (18/23) 50.00% (9/18)
src/modules/permissions/NativeTokenLimitModule.sol 90.91% (40/44) 93.22% (55/59) 100.00% (13/13) 66.67% (8/12)
src/modules/permissions/PaymasterGuardModule.sol 83.33% (10/12) 82.35% (14/17) 66.67% (2/3) 71.43% (5/7)
src/modules/permissions/TimeRangeModule.sol 85.71% (12/14) 81.82% (18/22) 100.00% (2/2) 87.50% (7/8)
src/modules/validation/SingleSignerValidationModule.sol 92.00% (23/25) 81.58% (31/38) 62.50% (5/8) 90.00% (9/10)
src/modules/validation/WebAuthnValidationModule.sol 61.11% (11/18) 66.67% (18/27) 100.00% (3/3) 60.00% (6/10)
Total 93.82% (1185/1263) 92.93% (1486/1599) 78.64% (162/206) 84.40% (184/218)

Copy link

octane-security-app bot commented Nov 15, 2024

Overview

Vulnerabilities found: 3                                                                                

Detailed findings

src/account/ModularAccountBase.sol


🔗 Commit Hash: 927e9f2
🛡️ Octane Dashboard: All vulnerabilities

@fangting-alchemy fangting-alchemy merged commit 5384fa9 into develop Nov 15, 2024
6 checks passed
@fangting-alchemy fangting-alchemy deleted the alc14 branch November 15, 2024 23:34
@fangting-alchemy fangting-alchemy restored the alc14 branch November 21, 2024 03:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants