WIP:: Custom method selector SVM (ABI SVM)

[filmakarov]

Summary

Introduces the new Session Validation Module, which can validate an action, performed by userOp, based on:

• Destination contract
• Method selector
• Rules for arguments of the method (==, !=, <, <=, >, >=). Every argument is a 32bytes word.

It allows a dApp to validate calls from a SmartAccount to any method of any contract.
This SVM can be a useful building block for custom flows via the Batched Session Router.

Detailed Document:
ABI SVM the universal Session Validation Module 2716292a4efe4b6b96d4910927ea3cca.pdf

Related Issue: #SMA-363

Change Type

• New Feature

Checklist

• My code follows this project's style guidelines
• I've reviewed my own code
• I've added comments for any hard-to-understand areas
• I've updated the documentation if necessary
• My changes generate no new warnings
• I've added tests that prove my fix is effective or my feature works
• All unit tests pass locally with my changes
• Any dependent changes have been merged and published

[linear]

SMA-363 ABI Session Validation Module

https://github.com/zerodevapp/kernel/blob/main/src/validator/SessionKeyValidator.sol

[livingrockrises]

If the argument is address then how does rules like <= >= apply and be relevant

[livingrockrises]

can you document more about how to add rules. I think we will hand hold people a lot understanding offset especially. and generating session key data accordingly cause this heavily depends on contract and method

[livingrockrises]

can you add more comments on solidity assembly blocks about what it achieves.
also would be great is constant numbers can be defined as constants or some offset constant then x:x+4 (depending on bytes)

[filmakarov]

added

[filmakarov]

added couple of constants, in other places just added comments not have constant+constant (which would add gas) instead of just hardcoded value

[livingrockrises]

can sessionKeyData just be concat of

sessionKey,
permission.destContract,
permission.functionSelector,

and not providing anything else at all?

[livingrockrises]

review ii

[filmakarov]

can you document more about how to add rules. I think we will hand hold people a lot understanding offset especially. and generating session key data accordingly cause this heavily depends on contract and method

Yeah, it is explained here I think
https://www.notion.so/biconomy/ABI-SVM-the-universal-Session-Validation-Module-for-basic-use-cases-2716292a4efe4b6b96d4910927ea3cca
Looking forward to getting your feedback on this doc

[filmakarov]

If the argument is address then how does rules like <= >= apply and be relevant

technically any address is a uint as well. so technically it can be applied, but logically it rarely makes sense
but since we consider everything as bytes32 not address or uint, all the conditions can be applied to any arg

[filmakarov]

can sessionKeyData just be concat of

sessionKey,
permission.destContract,
permission.functionSelector,

and not providing anything else at all?

yes, added according test case

[livingrockrises]

can you document more about how to add rules. I think we will hand hold people a lot understanding offset especially. and generating session key data accordingly cause this heavily depends on contract and method

Yeah, it is explained here I think https://www.notion.so/biconomy/ABI-SVM-the-universal-Session-Validation-Module-for-basic-use-cases-2716292a4efe4b6b96d4910927ea3cca Looking forward to getting your feedback on this doc

will provide feedback this week

[livingrockrises]

can sessionKeyData just be concat of

sessionKey,
permission.destContract,
permission.functionSelector,

and not providing anything else at all?

yes, added according test case

can you link it here or on dm. sorry for trouble again

[filmakarov]

==== SELF-REVIEW AND INTERNAL REVIEWS ARE DONE ====

[filmakarov]

Linking the documentation in the PR Description

[filmakarov]

Passing to Security Auditors