feat(6900/v0.8) add address book module

Alpay Aldemir · Alpay Aldemir · commit c0139815e94f · 2025-09-09T16:34:51.000-07:00
- The existing 6900 v0.8 module `ColdStorageAddressBookModule.sol` requires that an account only executes calls to transfer asset. If a call does have selector that matches the checked token (ERC-20, ERC-721, ERC-1155) selectors the function `_getTargetOrRecipient()` returns `address(0)` and therefore execution reverts.
- Motivation for this module is to allow an account to make calls that are not intended to transfer assets (native or token) while asserting calls that do transfer assets (based on the selectors this module will check) transfer to white listed recipients.
- This hook module can be installed alongside another hook that enforces which targets and selectors can be called.
- Implements `IValidationHookModule`, `IExecutionModule`.

The module being added in this change will first check if any of the checked selectors is found in any of the execution's calls - if not then the hook allows execution to proceed (assumes no assets are being transferred by the calls in the execution).

See `AddressBookModule.t.sol`
diff --git a/.gitignore b/.gitignore
@@ -24,6 +24,7 @@ build
 /cache_forge
 /out
 .gas-snapshot
+foundry.lock
 
 # Python environment file
 /venv
diff --git a/src/libs/RecipientAddressLib.sol b/src/libs/RecipientAddressLib.sol
@@ -74,6 +74,17 @@ library RecipientAddressLib {
         return address(0);
     }
 
+    function containsERC20Methods(bytes memory data) internal pure returns (bool) {
+        bytes4 selector = bytes4(data);
+        if (selector == IERC20.transfer.selector || selector == IERC20.approve.selector
+            || selector == ERC20_INCREASE_ALLOWANCE || selector == ERC20_DECREASE_ALLOWANCE) {
+            return data.length >= TRANSFER_OR_APPROVE_MIN_LEN;
+        } else if (selector == IERC20.transferFrom.selector) {
+            return data.length >= TRANSFER_FROM_MIN_LEN;
+        }
+        return false;
+    }
+
     /// @notice Decode the recipient of a token.
     /// @dev This only supports the following **standard** ERC1155 functions:
     /// - setApprovalForAll(address,bool)
@@ -113,6 +124,18 @@ library RecipientAddressLib {
         return address(0);
     }
 
+    function containsERC1155Methods(bytes memory data) internal pure returns (bool) {
+        bytes4 selector = bytes4(data);
+        if (selector == IERC1155.setApprovalForAll.selector) {
+            return data.length >= TRANSFER_OR_APPROVE_MIN_LEN;
+        } else if (selector == IERC1155.safeTransferFrom.selector) {
+            return data.length >= TRANSFER_FROM_WITH_BYTES_MIN_LEN;
+        } else if (selector == IERC1155.safeBatchTransferFrom.selector) {
+            return data.length >= BATCH_TRANSFER_FROM_WITH_BYTES_MIN_LEN;
+        }
+        return false;
+    }
+
     /// @notice Decode the recipient of a token.
     /// @dev This only supports the following **standard** ERC721 functions:
     /// - safeTransferFrom(address,address,uint256)
@@ -151,6 +174,18 @@ library RecipientAddressLib {
         return address(0);
     }
 
+    function containsERC721Methods(bytes memory data) internal pure returns (bool) {
+        bytes4 selector = bytes4(data);
+        if (selector == IERC721.setApprovalForAll.selector || selector == IERC721.approve.selector) {
+            return data.length >= TRANSFER_OR_APPROVE_MIN_LEN;
+        } else if (selector == ERC721_SAFE_TRANSFER_FROM || selector == IERC721.transferFrom.selector) {
+            return data.length >= TRANSFER_FROM_MIN_LEN;
+        } else if (selector == ERC721_SAFE_TRANSFER_FROM_WITH_BYTES) {
+            return data.length >= TRANSFER_FROM_WITHOUT_AMOUNT_WITH_BYTES_MIN_LEN;
+        }
+        return false;
+    }
+
     /// @dev The caller must skip over the initial length prefix.
     function getRecipient(bytes memory data, uint256 recipientIndex) private pure returns (address) {
         address recipient;
diff --git a/src/msca/6900/shared/common/Errors.sol b/src/msca/6900/shared/common/Errors.sol
@@ -52,3 +52,5 @@ error InvalidItem();
 error NotImplementedFunction(bytes4 selector, uint32 entityId);
 
 error SignatureInflation();
+
+error UnexpectedDataPassed();
diff --git a/src/msca/6900/v0.8/modules/BaseModule.sol b/src/msca/6900/v0.8/modules/BaseModule.sol
@@ -21,12 +21,21 @@ pragma solidity 0.8.24;
 import {IModule} from "@erc6900/reference-implementation/interfaces/IModule.sol";
 import {IERC165} from "@openzeppelin/contracts/interfaces/IERC165.sol";
 import {ERC165} from "@openzeppelin/contracts/utils/introspection/ERC165.sol";
+import {IAccountExecute} from "@eth-infinitism/account-abstraction/interfaces/IAccountExecute.sol";
+import {UnexpectedDataPassed} from "../../shared/common/Errors.sol";
 
 /**
  * @dev Default implementation of https://eips.ethereum.org/EIPS/eip-6900. MSCAs must implement this interface to
  * support open-ended execution.
  */
 abstract contract BaseModule is IModule, ERC165 {
+    modifier assertNoData(bytes calldata data) {
+        if (data.length > 0) {
+            revert UnexpectedDataPassed();
+        }
+        _;
+    }
+
     /// @dev Returns true if this contract implements the interface defined by
     /// `interfaceId`. See the corresponding
     /// https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
@@ -41,4 +50,36 @@ abstract contract BaseModule is IModule, ERC165 {
     function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
         return interfaceId == type(IModule).interfaceId || super.supportsInterface(interfaceId);
     }
+
+    /// @dev help method that returns extracted selector and calldata. If selector is executeUserOp, return the
+    /// selector and calldata of the inner call. This is unique for both validation and execution phases.
+    /// During validation phase, the `data` parameter is the uo's calldata.
+    function _validationPhaseGetSelectorAndCalldata(bytes calldata data)
+        internal
+        pure
+        returns (bytes4, bytes memory)
+    {
+        bytes4 selector = bytes4(data[:4]);
+        if (selector == IAccountExecute.executeUserOp.selector) {
+            // Copy the data to memory
+            bytes memory finalCalldata = data;
+
+            // Bytes arr representation: [bytes32(len), bytes4(executeUserOp.selector), bytes4(actualSelector),
+            // bytes(actualCallData)]
+            assembly ("memory-safe") {
+                // Copy actualSelector into a new var
+                selector := shl(224, mload(add(finalCalldata, 8)))
+
+                let len := mload(finalCalldata)
+
+                // Move the finalCalldata pointer by 8
+                finalCalldata := add(finalCalldata, 8)
+
+                // Shorten bytes array by 8 by: store length - 8 into the new pointer location
+                mstore(finalCalldata, sub(len, 8))
+            }
+            return (selector, finalCalldata);
+        }
+        return (selector, data[4:]);
+    }
 }
diff --git a/src/msca/6900/v0.8/modules/addressbook/AddressBookModule.sol b/src/msca/6900/v0.8/modules/addressbook/AddressBookModule.sol
diff --git a/test/msca/6900/v0.8/modules/AddressBookModule.t.sol b/test/msca/6900/v0.8/modules/AddressBookModule.t.sol
