From cd14438178484e51b4637216d5e1dc5836ec1a61 Mon Sep 17 00:00:00 2001 From: Nicholas Rodrigues Lordello Date: Fri, 26 Jan 2024 15:36:56 +0100 Subject: [PATCH] [L-02] Fix Misleading Comments in Contract Code --- modules/4337/contracts/Safe4337Module.sol | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/4337/contracts/Safe4337Module.sol b/modules/4337/contracts/Safe4337Module.sol index 7ecc350a2..537be3054 100644 --- a/modules/4337/contracts/Safe4337Module.sol +++ b/modules/4337/contracts/Safe4337Module.sol @@ -69,7 +69,7 @@ contract Safe4337Module is IAccount, HandlerContext, CompatibilityFallbackHandle } /** - * @notice The EIP-712 type-hash for the domain separator used for verifying Safe operation signatures. + * @notice The address of the EntryPoint contract supported by this module. */ address public immutable SUPPORTED_ENTRYPOINT; @@ -96,9 +96,9 @@ contract Safe4337Module is IAccount, HandlerContext, CompatibilityFallbackHandle uint256 missingAccountFunds ) external onlySupportedEntryPoint returns (uint256 validationData) { address payable safeAddress = payable(userOp.sender); - // The entry point address is appended to the calldata in `HandlerContext` contract - // Because of this, the relayer may manipulate the entry point address, therefore we have to verify that - // the sender is the Safe specified in the userOperation + // The entry point address is appended to the calldata by the Safe in the `FallbackManager` contract, + // following ERC-2771. Because of this, the relayer may manipulate the entry point address, therefore + // we have to verify that the sender is the Safe specified in the userOperation. require(safeAddress == msg.sender, "Invalid caller"); // We check the execution function signature to make sure the entry point can't call any other function