From b7573ff0b086a8444bfb33461ea836953d95d343 Mon Sep 17 00:00:00 2001 From: Oladele Seyi Date: Sun, 22 Dec 2024 16:14:20 +0100 Subject: [PATCH 1/2] Explainer for Erc-1271 and erc6492 --- docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx b/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx index a6b839c..c6067a6 100644 --- a/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx +++ b/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx @@ -16,7 +16,17 @@ If you are impatient, head straight to [the API](#api). Otherwise, read on to l ## Understanding ERC-1271 and ERC-6492 -TODO + [ERC-1271](https://eips.ethereum.org/EIPS/eip-1271), which more popular, defines a standard function `isValidSignature`, which a verifier can call to validate a signature. However, ERC-1271 is limited to verifying signatures of deployed smart accounts. + ERC-4337 implements counterfactual deployment, an optimization that allows the computation of the address of the smart account before the account is deployed. As a result, in practice a pre-deployed smart account might generate a signature which cannot be properly verified by ERC-1271. + + [ERC-6492](https://eips.ethereum.org/EIPS/eip-6492) uses a `[UniversalSigValidator contract](https://eips.ethereum.org/EIPS/eip-6492#reference-implementation)` that validates the signature as described; + + - Check if the signature ends with a sequence of bytes that indicates that the signature is by a predeployed smart account; + - If yes, the deployment of the contract is simulated using `[eth-call](https://docs.alchemy.com/reference/eth-call)` and then `isValidSignature` is called to validate the signature. + - If the signature does not indicate that it is a predeployed smart account; + - `ERC-1271` is called if a smart account is found at the address provided. + - Otherwise, it is assumed that the signature is from an EOA and the signature is verified by `ecrecover` + ## API From 2357e7119aaf09edf9cb8bf0da8c78008cc3b780 Mon Sep 17 00:00:00 2001 From: Oladele Seyi Date: Sun, 22 Dec 2024 16:39:03 +0100 Subject: [PATCH 2/2] reference relevant blog post --- docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx b/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx index c6067a6..dd3dc83 100644 --- a/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx +++ b/docs/pages/sdk/v5_3_x/core-api/sign-and-verify.mdx @@ -27,6 +27,7 @@ If you are impatient, head straight to [the API](#api). Otherwise, read on to l - `ERC-1271` is called if a smart account is found at the address provided. - Otherwise, it is assumed that the signature is from an EOA and the signature is verified by `ecrecover` + [This blog post](https://docs.zerodev.app/blog/erc-6492-and-why-its-important-for-aa) provides a deep dive on both standards. ## API