✨ Add webauthn authenticator id in the enable event

README.md

@@ -36,6 +36,19 @@ MIT
 
 ## Addresses
 
+<details>
+<summary>v TBD</summary>
+
+| Name                 | Address                                    |
+| -------------------- | ------------------------------------------ |
+| Kernel               | 0xd3082872F8B06073A021b4602e022d5A070d7cfC |
+| KernelFactory        | 0x5de4839a76cf55d0c90e2061ef4386d962E15ae3 |
+| SessionKeyValidator  | 0xB8E3c4bEaACAd06f6092793012DA4a8cB23D6123 |
+| ECDSA Validator      | 0xd9AB5096a832b9ce79914329DAEE236f8Eea0390 |
+| FclWebAuthnValidator | 0x42085b533b27B9AfDAF3864a38c72eF853943DAB |
+| P256VerifierWrapper  | 0x738e3257EE928637fE62c37F91D3e722C45Dcc7C |
+</details>
+
 <details>
 <summary>v2.4</summary>
 

script/DeployDeterministic.s.sol

@@ -8,6 +8,7 @@ import "./deterministic/Factory.s.sol";
 import "./deterministic/SessionKey.s.sol";
 import "./deterministic/Kernel2_2.s.sol";
 import "./deterministic/Kernel2_3.s.sol";
+import "./deterministic/FclWebAuthNValidator.s.sol";
 
 contract DeployDeterministic is Script {
     address constant DEPLOYER = 0x9775137314fE595c943712B0b336327dfa80aE8A;
@@ -35,6 +36,10 @@ contract DeployDeterministic is Script {
         if (!factory.isAllowedImplementation(k23lite)) {
             factory.setImplementation(k23lite, true);
         }
+
+        // Deploy the webauthn fcl validators
+        FclWebAuthnValidatorDeploy.deployWebAuthnFclVerifier();
+
         vm.stopBroadcast();
     }
 }

script/deterministic/FclWebAuthNValidator.s.sol

@@ -0,0 +1,51 @@
+pragma solidity ^0.8.0;
+
+import "src/utils/P256VerifierWrapper.sol";
+import "src/validator/webauthn//WebAuthnFclValidator.sol";
+import "./DeterministicDeploy.s.sol";
+import "forge-std/console.sol";
+
+/// @dev Deterministic deployment of FclWebAuthNValidator
+library FclWebAuthnValidatorDeploy {
+    address constant EXPECTED_P256_VERIFIER_VALIDATOR_ADDRESS = 0x738e3257EE928637fE62c37F91D3e722C45Dcc7C;
+
+    address constant EXPECTED_WEBAUTHN_VALIDATOR_ADDRESS = 0x42085b533b27B9AfDAF3864a38c72eF853943DAB;
+
+    bytes32 constant DEPLOYMENT_SALT = keccak256("WebAuthNValidator by Frak");
+
+    /// @dev Deploy the P256VerifierWrapper and WebAuthnFclValidator
+    function deployWebAuthnFclVerifier() internal {
+        // Check if the contract of the p256 verifier is already deployed
+        if (EXPECTED_P256_VERIFIER_VALIDATOR_ADDRESS.code.length == 0) {
+            _deployOnChainP256();
+        } else {
+            console.log("P256VerifierWrapper: already deployed");
+        }
+
+        // Deploy the WebAuthnFclValidator
+        if (EXPECTED_WEBAUTHN_VALIDATOR_ADDRESS.code.length == 0) {
+            _deployValidator();
+        } else {
+            console.log("WebAuthnFclValidator: already deployed");
+        }
+    }
+
+    /// @dev Deploy the P256VerifierWrapper contract
+    function _deployOnChainP256() private {
+        P256VerifierWrapper p256Wrapper = new P256VerifierWrapper{salt: DEPLOYMENT_SALT}();
+        require(
+            address(p256Wrapper) == EXPECTED_P256_VERIFIER_VALIDATOR_ADDRESS,
+            "FclWebAuthnValidatorDeploy: p256 wrapper address mismatch"
+        );
+    }
+
+    /// @dev Deploy the P256VerifierWrapper contract
+    function _deployValidator() private {
+        WebAuthnFclValidator validator =
+            new WebAuthnFclValidator{salt: DEPLOYMENT_SALT}(EXPECTED_P256_VERIFIER_VALIDATOR_ADDRESS);
+        require(
+            address(validator) == EXPECTED_WEBAUTHN_VALIDATOR_ADDRESS,
+            "FclWebAuthnValidatorDeploy: validator address mismatch"
+        );
+    }
+}

src/validator/webauthn/WebAuthnFclValidator.sol

@@ -23,7 +23,8 @@ struct WebAuthnFclValidatorStorage {
 /// @notice Inspired by the cometh Gnosis Safe signer: https://github.com/cometh-game/p256-signer
 contract WebAuthnFclValidator is IKernelValidator {
     /// @dev Event emitted when the public key signing the WebAuthN user operation is changed for a given `kernel`.
-    event WebAuthnPublicKeyChanged(address indexed kernel, uint256 x, uint256 y);
+    /// @dev The `b64AuthenticatorId` param represent the webauthn authenticator id used to create this public key
+    event WebAuthnPublicKeyChanged(address indexed kernel, string indexed b64AuthenticatorId, uint256 x, uint256 y);
 
     /// @dev Mapping of kernel address to each webAuthn specific storage
     mapping(address kernel => WebAuthnFclValidatorStorage webAuthnStorage) private webAuthnValidatorStorage;
@@ -44,13 +45,13 @@ contract WebAuthnFclValidator is IKernelValidator {
     /// @dev Enable this validator for a given `kernel` (msg.sender)
     function enable(bytes calldata _data) external payable override {
         // Extract the x & y coordinates of the public key from the `_data` bytes
-        (uint256 x, uint256 y) = abi.decode(_data, (uint256, uint256));
+        (string memory authenticatorId, uint256 x, uint256 y) = abi.decode(_data, (string, uint256, uint256));
         // Update the pub key data
         WebAuthnFclValidatorStorage storage kernelValidatorStorage = webAuthnValidatorStorage[msg.sender];
         kernelValidatorStorage.x = x;
         kernelValidatorStorage.y = y;
         // Emit the update event
-        emit WebAuthnPublicKeyChanged(msg.sender, x, y);
+        emit WebAuthnPublicKeyChanged(msg.sender, authenticatorId, x, y);
     }
 
     /// @dev Validate a `_userOp` using a WebAuthn Signature for the kernel account who is the `_userOp` sender

test/foundry/validator/WebAuthnFclValidator.t.sol

@@ -67,7 +67,9 @@ contract WebAuthnFclValidatorTest is KernelTestBase {
     }
 
     function getInitializeData() internal view override returns (bytes memory) {
-        return abi.encodeWithSelector(KernelStorage.initialize.selector, webAuthNValidator, abi.encode(x, y));
+        return abi.encodeWithSelector(
+            KernelStorage.initialize.selector, webAuthNValidator, abi.encode("authenticator-id", x, y)
+        );
     }
 
     function test_default_validator_enable() external override {
@@ -76,7 +78,7 @@ contract WebAuthnFclValidatorTest is KernelTestBase {
                 IKernel.execute.selector,
                 address(webAuthNValidator),
                 0,
-                abi.encodeWithSelector(webAuthNValidator.enable.selector, abi.encode(x, y)),
+                abi.encodeWithSelector(webAuthNValidator.enable.selector, abi.encode("authenticator-id", x, y)),
                 Operation.Call
             )
         );