Feat/v3.2

README.md

@@ -42,10 +42,10 @@ MIT
 
 | Name                 | Address                                    |
 | -------------------- | ------------------------------------------ |
-| Meta Factory         | 0xd703aaE79538628d27099B8c4f621bE4CCd142d5 |
-| Factory              | 0xaac5D4240AF87249B3f71BC8E4A2cae074A3E419 |
-| Kernel               | 0xBAC849bB641841b44E965fB01A4Bf5F074f84b4D |
-| ECDSA Validator      | 0x845ADb2C711129d4f3966735eD98a9F09fC4cE57 |
+| Meta Factory         | [0xd703aaE79538628d27099B8c4f621bE4CCd142d5](https://contractscan.xyz/contract/0xd703aae79538628d27099b8c4f621be4ccd142d5) |
+| Factory              | [0xaac5D4240AF87249B3f71BC8E4A2cae074A3E419](https://contractscan.xyz/contract/0xaac5d4240af87249b3f71bc8e4a2cae074a3e419) |
+| Kernel               | [0xBAC849bB641841b44E965fB01A4Bf5F074f84b4D](https://contractscan.xyz/contract/0xbac849bb641841b44e965fb01a4bf5f074f84b4d) |
+| ECDSA Validator      | [0x845ADb2C711129d4f3966735eD98a9F09fC4cE57](https://contractscan.xyz/contract/0x845adb2c711129d4f3966735ed98a9f09fc4ce57) |
 
 </details>
 
@@ -54,10 +54,10 @@ MIT
 
 | Name                 | Address                                    |
 | -------------------- | ------------------------------------------ |
-| Meta Factory         | 0xd703aaE79538628d27099B8c4f621bE4CCd142d5 |
-| Factory              | 0x6723b44Abeec4E71eBE3232BD5B455805baDD22f |
-| Kernel               | 0x94F097E1ebEB4ecA3AAE54cabb08905B239A7D27 |
-| ECDSA Validator      | 0x8104e3Ad430EA6d354d013A6789fDFc71E671c43 |
+| Meta Factory         | [0xd703aaE79538628d27099B8c4f621bE4CCd142d5](https://contractscan.xyz/contract/0xd703aae79538628d27099b8c4f621be4ccd142d5) |
+| Factory              | [0x6723b44Abeec4E71eBE3232BD5B455805baDD22f](https://contractscan.xyz/contract/0x6723b44abeec4e71ebe3232bd5b455805badd22f) |
+| Kernel               | [0x94F097E1ebEB4ecA3AAE54cabb08905B239A7D27](https://contractscan.xyz/contract/0x94f097e1ebeb4eca3aae54cabb08905b239a7d27) |
+| ECDSA Validator      | [0x8104e3Ad430EA6d354d013A6789fDFc71E671c43](https://contractscan.xyz/contract/0x8104e3ad430ea6d354d013a6789fdfc71e671c43) |
 
 </details>
 
@@ -66,34 +66,34 @@ MIT
 
 | Name                 | Address                                    |
 | -------------------- | ------------------------------------------ |
-| Kernel               | 0xd3082872F8B06073A021b4602e022d5A070d7cfC |
-| KernelFactory        | 0x5de4839a76cf55d0c90e2061ef4386d962E15ae3 |
-| SessionKeyValidator  | 0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5 |
-| ECDSA Validator      | 0xd9AB5096a832b9ce79914329DAEE236f8Eea0390 |
+| Kernel               | [0xd3082872F8B06073A021b4602e022d5A070d7cfC](https://contractscan.xyz/contract/0xd3082872f8b06073a021b4602e022d5a070d7cfc) |
+| KernelFactory        | [0x5de4839a76cf55d0c90e2061ef4386d962E15ae3](https://contractscan.xyz/contract/0x5de4839a76cf55d0c90e2061ef4386d962e15ae3) |
+| SessionKeyValidator  | [0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5](https://contractscan.xyz/contract/0x5c06ce2b673fd5e6e56076e40dd46ab67f5a72a5) |
+| ECDSA Validator      | [0xd9AB5096a832b9ce79914329DAEE236f8Eea0390](https://contractscan.xyz/contract/0xd9ab5096a832b9ce79914329daee236f8eea0390) |
 </details>
 
 <details>
 <summary>v2.3</summary>
 
 | Name                 | Address                                    |
 | -------------------- | ------------------------------------------ |
-| Kernel               | 0xD3F582F6B4814E989Ee8E96bc3175320B5A540ab |
-| KernelFactory        | 0x5de4839a76cf55d0c90e2061ef4386d962E15ae3 |
-| KernelLite           | 0x482EC42E88a781485E1B6A4f07a0C5479d183291 |
-| SessionKeyValidator  | 0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5 |
-| ECDSA Validator      | 0xd9AB5096a832b9ce79914329DAEE236f8Eea0390 |
+| Kernel               | [0xD3F582F6B4814E989Ee8E96bc3175320B5A540ab](https://contractscan.xyz/contract/0xd3f582f6b4814e989ee8e96bc3175320b5a540ab) |
+| KernelFactory        | [0x5de4839a76cf55d0c90e2061ef4386d962E15ae3](https://contractscan.xyz/contract/0x5de4839a76cf55d0c90e2061ef4386d962e15ae3) |
+| KernelLite           | [0x482EC42E88a781485E1B6A4f07a0C5479d183291](https://contractscan.xyz/contract/0x482ec42e88a781485e1b6a4f07a0c5479d183291) |
+| SessionKeyValidator  | [0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5](https://contractscan.xyz/contract/0x5c06ce2b673fd5e6e56076e40dd46ab67f5a72a5) |
+| ECDSA Validator      | [0xd9AB5096a832b9ce79914329DAEE236f8Eea0390](https://contractscan.xyz/contract/0xd9ab5096a832b9ce79914329daee236f8eea0390) |
 </details>
 
 <details>
 <summary>v2.2</summary>
 
 | Name                 | Address                                    |
 | -------------------- | ------------------------------------------ |
-| Kernel               | 0x0DA6a956B9488eD4dd761E59f52FDc6c8068E6B5 |
-| KernelFactory        | 0x5de4839a76cf55d0c90e2061ef4386d962E15ae3 |
-| KernelLite           | 0xbEdb61Be086F3f15eE911Cc9AB3EEa945DEbFa96 |
-| SessionKeyValidator  | 0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5 |
-| ECDSA Validator      | 0xd9AB5096a832b9ce79914329DAEE236f8Eea0390 |
+| Kernel               | [0x0DA6a956B9488eD4dd761E59f52FDc6c8068E6B5](https://contractscan.xyz/contract/0x0da6a956b9488ed4dd761e59f52fdc6c8068e6b5) |
+| KernelFactory        | [0x5de4839a76cf55d0c90e2061ef4386d962E15ae3](https://contractscan.xyz/contract/0x5de4839a76cf55d0c90e2061ef4386d962e15ae3) |
+| KernelLite           | [0xbEdb61Be086F3f15eE911Cc9AB3EEa945DEbFa96](https://contractscan.xyz/contract/0xbedb61be086f3f15ee911cc9ab3eea945debfa96) |
+| SessionKeyValidator  | [0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5](https://contractscan.xyz/contract/0x5c06ce2b673fd5e6e56076e40dd46ab67f5a72a5) |
+| ECDSA Validator      | [0xd9AB5096a832b9ce79914329DAEE236f8Eea0390](https://contractscan.xyz/contract/0xd9ab5096a832b9ce79914329daee236f8eea0390) |
 
 </details>
 
@@ -102,20 +102,20 @@ MIT
 
 | Name                 | Address                                    |
 | -------------------- | ------------------------------------------ |
-| Kernel               | 0xf048AD83CB2dfd6037A43902a2A5Be04e53cd2Eb |
-| KernelFactory        | 0x5de4839a76cf55d0c90e2061ef4386d962E15ae3 |
-| SessionKeyValidator  | 0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5 |
-| ECDSA Validator      | 0xd9AB5096a832b9ce79914329DAEE236f8Eea0390 |
+| Kernel               | [0xf048AD83CB2dfd6037A43902a2A5Be04e53cd2Eb](https://contractscan.xyz/contract/0xf048ad83cb2dfd6037a43902a2a5be04e53cd2eb) |
+| KernelFactory        | [0x5de4839a76cf55d0c90e2061ef4386d962E15ae3](https://contractscan.xyz/contract/0x5de4839a76cf55d0c90e2061ef4386d962e15ae3) |
+| SessionKeyValidator  | [0x5C06CE2b673fD5E6e56076e40DD46aB67f5a72A5](https://contractscan.xyz/contract/0x5c06ce2b673fd5e6e56076e40dd46ab67f5a72a5) |
+| ECDSA Validator      | [0xd9AB5096a832b9ce79914329DAEE236f8Eea0390](https://contractscan.xyz/contract/0xd9ab5096a832b9ce79914329daee236f8eea0390) |
 </details>
 
 <details>
 <summary>v2.0</summary>
 
 | Name            | Address                                    |
 | --------------- | ------------------------------------------ |
-| Kernel          | 0xeB8206E02f6AB1884cfEa58CC7BabdA7d55aC957 |
-| TempKernel      | 0x727A10897e70cd3Ab1a6e43d59A12ab0895A4995 |
-| KernelFactory   | 0x12358cA00141D09cB90253F05a1DD16bE93A8EE6 |
-| ECDSA Validator | 0x180D6465F921C7E0DEA0040107D342c87455fFF5 |
-| ECDSA Factory   | 0xAf299A1f51560F51A1F3ADC0a5991Ac74b61b0BE |
+| Kernel          | [0xeB8206E02f6AB1884cfEa58CC7BabdA7d55aC957](https://contractscan.xyz/contract/0xeb8206e02f6ab1884cfea58cc7babda7d55ac957) |
+| TempKernel      | [0x727A10897e70cd3Ab1a6e43d59A12ab0895A4995](https://contractscan.xyz/contract/0x727a10897e70cd3ab1a6e43d59a12ab0895a4995) |
+| KernelFactory   | [0x12358cA00141D09cB90253F05a1DD16bE93A8EE6](https://contractscan.xyz/contract/0x12358ca00141d09cb90253f05a1dd16be93a8ee6) |
+| ECDSA Validator | [0x180D6465F921C7E0DEA0040107D342c87455fFF5](https://contractscan.xyz/contract/0x180d6465f921c7e0dea0040107d342c87455fff5) |
+| ECDSA Factory   | [0xAf299A1f51560F51A1F3ADC0a5991Ac74b61b0BE](https://contractscan.xyz/contract/0xaf299a1f51560f51a1f3adc0a5991ac74b61b0be) |
 </details>

src/Kernel.sol

@@ -17,9 +17,6 @@ import {
     PassFlag,
     SKIP_SIGNATURE
 } from "./core/ValidationManager.sol";
-import {HookManager} from "./core/HookManager.sol";
-import {ExecutorManager} from "./core/ExecutorManager.sol";
-import {SelectorManager} from "./core/SelectorManager.sol";
 import {IModule, IValidator, IHook, IExecutor, IFallback, IPolicy, ISigner} from "./interfaces/IERC7579Modules.sol";
 import {EIP712} from "solady/utils/EIP712.sol";
 import {ExecLib, ExecMode, CallType, ExecType, ExecModeSelector, ExecModePayload} from "./utils/ExecLib.sol";
@@ -42,7 +39,8 @@ import {
     CALLTYPE_DELEGATECALL,
     CALLTYPE_SINGLE,
     CALLTYPE_BATCH,
-    CALLTYPE_STATIC
+    CALLTYPE_STATIC,
+    MAGIC_VALUE_SIG_REPLAYABLE
 } from "./types/Constants.sol";
 
 contract Kernel is IAccount, IAccountExecute, IERC7579Account, ValidationManager {
@@ -321,19 +319,23 @@ contract Kernel is IAccount, IAccountExecute, IERC7579Account, ValidationManager
         if (ValidatorLib.getType(vId) == VALIDATION_TYPE_ROOT) {
             vId = vs.rootValidator;
         }
+        bool isReplayable = sig.length >= 32 && bytes32(sig[0:32]) == MAGIC_VALUE_SIG_REPLAYABLE;
+        if (isReplayable) {
+            sig = sig[32:];
+        }
         if (address(vs.validationConfig[vId].hook) == address(0)) {
             revert InvalidValidator();
         }
         if (ValidatorLib.getType(vId) == VALIDATION_TYPE_VALIDATOR) {
             IValidator validator = ValidatorLib.getValidator(vId);
-            return validator.isValidSignatureWithSender(msg.sender, _toWrappedHash(hash), sig);
+            return validator.isValidSignatureWithSender(msg.sender, _toWrappedHash(hash, isReplayable), sig);
         } else {
             PermissionId pId = ValidatorLib.getPermissionId(vId);
             PassFlag permissionFlag = vs.permissionConfig[pId].permissionFlag;
             if (PassFlag.unwrap(permissionFlag) & PassFlag.unwrap(SKIP_SIGNATURE) != 0) {
                 revert PermissionNotAlllowedForSignature();
             }
-            return _checkPermissionSignature(pId, msg.sender, hash, sig);
+            return _checkPermissionSignature(pId, msg.sender, hash, sig, isReplayable);
         }
     }
 

src/core/ExecutorManager.sol

@@ -2,7 +2,7 @@
 
 pragma solidity ^0.8.0;
 
-import {IHook, IExecutor} from "../interfaces/IERC7579Modules.sol";
+import {IHook, IExecutor, IModule} from "../interfaces/IERC7579Modules.sol";
 import {IERC7579Account} from "../interfaces/IERC7579Account.sol";
 import {ModuleLib} from "../utils/ModuleLib.sol";
 import {EXECUTOR_MANAGER_STORAGE_SLOT, MODULE_TYPE_EXECUTOR} from "../types/Constants.sol";
@@ -31,7 +31,11 @@ abstract contract ExecutorManager {
 
     function _installExecutor(IExecutor executor, bytes calldata executorData, IHook hook) internal {
         _installExecutorWithoutInit(executor, hook);
-        executor.onInstall(executorData);
+        if (executorData.length == 0) {
+            (bool success,) = address(executor).call(abi.encodeWithSelector(IModule.onInstall.selector, hex""));
+        } else {
+            executor.onInstall(executorData);
+        }
     }
 
     function _installExecutorWithoutInit(IExecutor executor, IHook hook) internal {

src/core/ValidationManager.sol

@@ -37,7 +37,8 @@ import {
     VALIDATION_MANAGER_STORAGE_SLOT,
     MAX_NONCE_INCREMENT_SIZE,
     ENABLE_TYPE_HASH,
-    KERNEL_WRAPPER_TYPE_HASH
+    KERNEL_WRAPPER_TYPE_HASH,
+    MAGIC_VALUE_SIG_REPLAYABLE
 } from "../types/Constants.sol";
 
 abstract contract ValidationManager is EIP712, SelectorManager, HookManager, ExecutorManager {
@@ -301,8 +302,13 @@ abstract contract ValidationManager is EIP712, SelectorManager, HookManager, Exe
         PackedUserOperation memory userOp = op;
         bytes calldata userOpSig = op.signature;
         unchecked {
+            if (userOpSig.length >= 32 && bytes32(userOpSig[0:32]) == MAGIC_VALUE_SIG_REPLAYABLE) {
+                // when replayable
+                userOpSig = op.signature[32:];
+                userOpHash = replayableUserOpHash(op, msg.sender); // NOTE : msg.sender will be entrypoint
+            }
             if (vMode == VALIDATION_MODE_ENABLE) {
-                (validationData, userOpSig) = _enableMode(vId, op.signature);
+                (validationData, userOpSig) = _enableMode(vId, userOpSig);
                 userOp.signature = userOpSig;
             }
 
@@ -329,6 +335,58 @@ abstract contract ValidationManager is EIP712, SelectorManager, HookManager, Exe
         }
     }
 
+    function replayableUserOpHash(PackedUserOperation calldata userOp, address entryPoint)
+        public
+        pure
+        returns (bytes32)
+    {
+        address sender = getSender(userOp);
+        uint256 nonce = userOp.nonce;
+        bytes32 hashInitCode = calldataKeccak(userOp.initCode);
+        bytes32 hashCallData = calldataKeccak(userOp.callData);
+        bytes32 accountGasLimits = userOp.accountGasLimits;
+        uint256 preVerificationGas = userOp.preVerificationGas;
+        bytes32 gasFees = userOp.gasFees;
+        bytes32 hashPaymasterAndData = calldataKeccak(userOp.paymasterAndData);
+
+        return keccak256(
+            abi.encode(
+                keccak256(
+                    abi.encode(
+                        sender,
+                        nonce,
+                        hashInitCode,
+                        hashCallData,
+                        accountGasLimits,
+                        preVerificationGas,
+                        gasFees,
+                        hashPaymasterAndData
+                    )
+                ),
+                entryPoint,
+                uint256(0)
+            )
+        );
+    }
+
+    function calldataKeccak(bytes calldata data) internal pure returns (bytes32 ret) {
+        assembly ("memory-safe") {
+            let mem := mload(0x40)
+            let len := data.length
+            calldatacopy(mem, data.offset, len)
+            ret := keccak256(mem, len)
+        }
+    }
+
+    function getSender(PackedUserOperation calldata userOp) internal pure returns (address) {
+        address data;
+        //read sender from userOp, which is first userOp member (saves 800 gas...)
+        assembly {
+            data := calldataload(userOp)
+        }
+        return address(uint160(data));
+    }
+
     function _enableMode(ValidationId vId, bytes calldata packedData)
         internal
         returns (ValidationData validationData, bytes calldata userOpSig)
@@ -574,21 +632,60 @@ abstract contract ValidationManager is EIP712, SelectorManager, HookManager, Exe
         }
     }
 
-    function _checkPermissionSignature(PermissionId pId, address caller, bytes32 hash, bytes calldata sig)
-        internal
-        view
-        returns (bytes4)
-    {
+    function _checkPermissionSignature(
+        PermissionId pId,
+        address caller,
+        bytes32 hash,
+        bytes calldata sig,
+        bool isReplayable
+    ) internal view returns (bytes4) {
         (ISigner signer, ValidationData valdiationData, bytes calldata validatorSig) =
             _checkSignaturePolicy(pId, caller, hash, sig);
         (ValidAfter validAfter, ValidUntil validUntil,) = parseValidationData(ValidationData.unwrap(valdiationData));
         if (block.timestamp < ValidAfter.unwrap(validAfter) || block.timestamp > ValidUntil.unwrap(validUntil)) {
             return 0xffffffff;
         }
-        return signer.checkSignature(bytes32(PermissionId.unwrap(pId)), caller, _toWrappedHash(hash), validatorSig);
+        return signer.checkSignature(
+            bytes32(PermissionId.unwrap(pId)), caller, _toWrappedHash(hash, isReplayable), validatorSig
+        );
+    }
+
+    function _toWrappedHash(bytes32 hash, bool isReplayable) internal view returns (bytes32) {
+        bytes32 structHash = keccak256(abi.encode(KERNEL_WRAPPER_TYPE_HASH, hash));
+        return isReplayable ? _chainAgnosticHashTypedData(structHash) : _hashTypedData(structHash);
     }
 
-    function _toWrappedHash(bytes32 hash) internal view returns (bytes32) {
-        return _hashTypedData(keccak256(abi.encode(KERNEL_WRAPPER_TYPE_HASH, hash)));
+    /// @dev Returns the EIP-712 domain separator.
+    function _buildChainAgnosticDomainSeparator() private view returns (bytes32 separator) {
+        // We will use `separator` to store the name hash to save a bit of gas.
+        bytes32 versionHash;
+        (string memory name, string memory version) = _domainNameAndVersion();
+        separator = keccak256(bytes(name));
+        versionHash = keccak256(bytes(version));
+        /// @solidity memory-safe-assembly
+        assembly {
+            let m := mload(0x40) // Load the free memory pointer.
+            mstore(m, _DOMAIN_TYPEHASH)
+            mstore(add(m, 0x20), separator) // Name hash.
+            mstore(add(m, 0x40), versionHash)
+            mstore(add(m, 0x60), 0x00) //  NOTE : user chainId == 0 as eip 7702 did
+            mstore(add(m, 0x80), address())
+            separator := keccak256(m, 0xa0)
+        }
+    }
+
+    function _chainAgnosticHashTypedData(bytes32 structHash) internal view virtual returns (bytes32 digest) {
+        // we don't do cache stuff here
+        digest = _buildChainAgnosticDomainSeparator();
+        /// @solidity memory-safe-assembly
+        assembly {
+            // Compute the digest.
+            mstore(0x00, 0x1901000000000000) // Store "\x19\x01".
+            mstore(0x1a, digest) // Store the domain separator.
+            mstore(0x3a, structHash) // Store the struct hash.
+            digest := keccak256(0x18, 0x42)
+            // Restore the part of the free memory slot that was overwritten.
+            mstore(0x3a, 0)
+        }
     }
 }

src/types/Constants.sol

@@ -52,6 +52,8 @@ bytes32 constant HOOK_MANAGER_STORAGE_SLOT = 0x4605d5f70bb605094b2e761eccdc27bed
 bytes32 constant VALIDATION_MANAGER_STORAGE_SLOT = 0x7bcaa2ced2a71450ed5a9a1b4848e8e5206dbc3f06011e595f7f55428cc6f84f;
 bytes32 constant ERC1967_IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
 
+bytes32 constant MAGIC_VALUE_SIG_REPLAYABLE = keccak256("kernel.replayable.signature");
+
 // --- Kernel validation nonce incremental size limit ---
 uint32 constant MAX_NONCE_INCREMENT_SIZE = 10;