4337: pimlico verifying paymaster logic implemented incorrectly

[alexhooketh]

Description

Safe4337Kit seems to implement Pimlico's verifying paymaster support incorrectly. According to docs, pm_sponsorUserOperation must be called to estimate the gas usage and fetch paymaster data that needs to be put into the user operation for further signing and sending onchain.

When I'm trying to use the verifying paymaster to send a transaction, the flow fails on createTransaction step. In DevTools, I see that Safe SDK calls pimlico_getUserOperationGasPrice (with no userop set) and eth_estimateUserOperationGas (with userop set and gas values used from the former call). The latter call fails with "AA21 didn't pay prefund" error. After a quick research with a Pimlico employee, we've noticed that paymasterAndData value, which should've been fetched from pm_sponsorUserOperation but was not, is empty. This value is critical for using the verifying paymaster, since it includes the authoritative signature. Therefore, I believe that Pimlico's verifying paymaster support is not fully implemented in the current version of Safe SDK.

Environment

• Safe Core SDK versions:
  • protocol-kit: 4.1.3
  • relay-kit: 3.4.0
• Safe contract version: I can't find how to get it, but I'm deploying a passkey 4337 account using those versions above, so must be the latest one
• Environment:
  • Google Chrome

Steps to reproduce

Code:

const paymasterOptions = {
        isSponsored: true,
        paymasterUrl: PAYMASTER_URL,
        sponsorshipPolicyId: 'sp_previous_ultimates'
      } as SponsoredPaymasterOption

      console.log(paymasterOptions)

      const taviKit = await Safe4337Pack.init({
        provider: RPC_URL,
        signer: passkey,
        bundlerUrl: BUNDLER_URL,
        paymasterOptions,
        options: {
          owners: [],
          threshold: 1,
        },
      })

...

  const data = encodeFunctionData({
    abi: ERC20_ABI,
    functionName: 'transfer',
    args: [to as `0x${string}`, amountInBaseUnits],
  })

  const sendTx = { to: USDT_ADDRESS as `0x${string}`, data, value: '0' }

  const safeTx = await taviKit.createTransaction({ transactions: [sendTx] })
  // doesn't get to this step below
  const signedTx = await taviKit.signSafeOperation(safeTx)

Expected result

Everything fetched and estimated properly so that the user can sign the user operation with their passkey and have it sent onchain

Additional context

[yagopv]

Hey @alexhooketh , thanks for sharing.

We are calling pm_sponsorUserOperation later, after eth_estimateUserOperationGas. This could be the issue, but it worked for me previously because Pimlico was not failing with AA21's in the gas estimation step.

But i notice a banner today like this

So not sure if related because in this case, yes it will fail. Are you using this upgraded version of the API?

[alexhooketh]

@yagopv I'm probably using this new version because I've created my very first pimlico key several days ago. I haven't seen this banner before either, so it's likely that I'm already on the upgraded version of the API.

[yagopv]

We are reworking the relay-kit to add support to entrypoint v0.7. I'm testing with the playgrounds in our repo and couldn't reproduce the issue both with the "legacy" api and the upgraded one so there are chances the issue went away with the new code.

We are using 2 new endpoints now pm_getPaymasterStubData and pm_getPaymasterData in the PimlicoFeeEstimator

You ca try it yourself in that branch using the playground for the sponsored operations to check if this is resolved for you.

1. Add the env variables
2. Execute yarn play userop-verifying-paymaster-counterfactual