Account

Revert if the caller is not the entry point or the account itself.

Revert if the caller is not the entry point.

Canonical entry point for the account that forwards and validates user operations.

Return the account nonce for the canonical sequence.

Return the account nonce for a given sequence (key).

Validates a user operation.

• MUST validate the caller is a trusted EntryPoint
• MUST validate that the signature is a valid signature of the userOpHash, and SHOULD return SIG_VALIDATION_FAILED (and not revert) on signature mismatch. Any other error MUST revert.
• MUST pay the entryPoint (caller) at least the “missingAccountFunds” (which might be zero, in case the current account’s deposit is high enough)

Returns an encoded packed validation data that is composed of the following elements:

• authorizer (address): 0 for success, 1 for failure, otherwise the address of an authorizer contract
• validUntil (uint48): The UserOp is valid only up to this time. Zero for “infinite”.
• validAfter (uint48): The UserOp is valid only after this time.

Returns the validationData for a given user operation. By default, this checks the signature of the signable hash (produced by Account._signableUserOpHash) using the abstract signer (AbstractSigner._rawSignatureValidation).

NOTE: The userOpHash is assumed to be correct. Calling this function with a userOpHash that does not match the userOp will result in undefined behavior.

Virtual function that returns the signable hash for a user operations. Since v0.8.0 of the entrypoint, userOpHash is an EIP-712 hash that can be signed directly.

Sends the missing funds for executing the user operation to the entrypoint. The missingAccountFunds must be defined by the entrypoint when calling Account.validateUserOp.

Ensures the caller is the entrypoint.

Ensures the caller is the entrypoint or the account itself.

Receive Ether.

Unauthorized call to the account.

Modifier that checks if the caller is an installed module of the given type.

See AccountERC7579._fallback.

Returns the account id of the smart account

Supported call types:

• Single (0x00): A single transaction execution.
• Batch (0x01): A batch of transactions execution.
• Delegate (0xff): A delegate call execution.

Supported exec types:

• Default (0x00): Default execution type (revert on failure).
• Try (0x01): Try execution type (emits ERC7579TryExecuteFail on failure).

Supported module types:

• Validator: A module used during the validation phase to determine if a transaction is valid and should be executed on the account.
• Executor: A module that can execute transactions on behalf of the smart account via a callback.
• Fallback Handler: A module that can extend the fallback functionality of a smart account.

Installs a Module of a certain type on the smart account

Uninstalls a Module of a certain type on the smart account

Returns whether a module is installed on the smart account

Executes a transaction on behalf of the account.

Executes a transaction on behalf of the account. This function is intended to be called by Executor Modules

Implement ERC-1271 through IERC7579Validator modules. If module based validation fails, fallback to "native" validation by the abstract signer.

NOTE: when combined with ERC7739, resolution ordering may have an impact (ERC7739 does not call super). Manual resolution might be necessary.

Validates a user operation with Account._signableUserOpHash and returns the validation data if the module specified by the first 20 bytes of the nonce key is installed. Falls back to Account._validateUserOp otherwise.

See AccountERC7579._extractUserOpValidator for the module extraction logic.

ERC-7579 execution logic. See AccountERC7579.supportsExecutionMode for supported modes.

Reverts if the call type is not supported.

Installs a module of the given type with the given initialization data.

For the fallback module type, the initData is expected to be the (packed) concatenation of a 4-byte selector and the rest of the data to be sent to the handler when calling IERC7579Module.onInstall.

Requirements:

• Module type must be supported. See AccountERC7579.supportsModule. Reverts with ERC7579Utils.ERC7579UnsupportedModuleType.
• Module must be of the given type. Reverts with ERC7579Utils.ERC7579MismatchedModuleTypeId.
• Module must not be already installed. Reverts with ERC7579Utils.ERC7579AlreadyInstalledModule.

Emits a IERC7579ModuleConfig.ModuleInstalled event.

Uninstalls a module of the given type with the given de-initialization data.

For the fallback module type, the deInitData is expected to be the (packed) concatenation of a 4-byte selector and the rest of the data to be sent to the handler when calling IERC7579Module.onUninstall.

Requirements:

• Module must be already installed. Reverts with ERC7579Utils.ERC7579UninstalledModule otherwise.

Fallback function that delegates the call to the installed handler for the given selector.

Reverts with AccountERC7579.ERC7579MissingFallbackHandler if the handler is not installed.

Calls the handler with the original msg.sender appended at the end of the calldata following the ERC-2771 format.

Returns the fallback handler for the given selector. Returns address(0) if not installed.

Checks if the module is installed. Reverts if the module is not installed.

Extracts the nonce validator from the user operation.

To construct a nonce key, set nonce as follows:

<module address (20 bytes)> | <key (4 bytes)> | <nonce (8 bytes)>

NOTE: The default behavior of this function replicates the behavior of Safe adapter, Etherspot's Prime Account, and ERC7579 reference implementation.

This is not standardized in ERC-7579 (or in any follow-up ERC). Some accounts may want to override these internal functions.

For example, Biconomy's Nexus uses a similar yet incompatible approach (the validator address is also part of the nonce, but not at the same location)

Extracts the signature validator from the signature.

To construct a signature, set the first 20 bytes as the module address and the remaining bytes as the signature data:

<module address (20 bytes)> | <signature data>

NOTE: The default behavior of this function replicates the behavior of Safe adapter, Biconomy's Nexus, Etherspot's Prime Account, and ERC7579 reference implementation.

This is not standardized in ERC-7579 (or in any follow-up ERC). Some accounts may want to override these internal functions.

Extract the function selector from initData/deInitData for MODULE_TYPE_FALLBACK

NOTE: If we had calldata here, we could use calldata slice which are cheaper to manipulate and don't require actual copy. However, this would require _installModule to get a calldata bytes object instead of a memory bytes object. This would prevent calling _installModule from a contract constructor and would force the use of external initializers. That may change in the future, as most accounts will probably be deployed as clones/proxy/ERC-7702 delegates and therefore rely on initializers anyway.

By default, only use the modules for validation of userOp and signature. Disable raw signatures.

The account's AccountERC7579.fallback was called with a selector that doesn't have an installed handler.

Calls IERC7579Hook.preCheck before executing the modified function and IERC7579Hook.postCheck thereafter.

Returns the account id of the smart account

Returns the hook module address if installed, or address(0) otherwise.

Supports hook modules. See AccountERC7579.supportsModule

Returns whether a module is installed on the smart account

Installs a module with support for hook modules. See AccountERC7579._installModule

Uninstalls a module with support for hook modules. See AccountERC7579._uninstallModule

Hooked version of AccountERC7579._execute.

Hooked version of AccountERC7579._fallback.

A hook module is already present. This contract only supports one hook module.

Executes the calls in executionData with no optional opData support.

NOTE: Access to this function is controlled by ERC7821._erc7821AuthorizedExecutor. Changing access permissions, for example to approve calls by the ERC-4337 entrypoint, should be implemented by overriding it.

Reverts and bubbles up error if any call fails.

This function is provided for frontends to detect support. Only returns true for:

• bytes32(0x01000000000000000000...): does not support optional opData.
• bytes32(0x01000000000078210001...): supports optional opData.

Access control mechanism for the AccessManager.execute function. By default, only the contract itself is allowed to execute.

Override this function to implement custom access control, for example to allow the ERC-4337 entrypoint to execute.

function _erc7821AuthorizedExecutor(
  address caller,
  bytes32 mode,
  bytes calldata executionData
) internal view virtual override returns (bool) {
  return caller == address(entryPoint()) || super._erc7821AuthorizedExecutor(caller, mode, executionData);
}

Returns the address of the delegate if account as an EIP-7702 delegation setup, or address(0) otherwise.

Parses the validation data into its components. See ERC4337Utils.packValidationData.

Packs the validation data into a single uint256. See ERC4337Utils.parseValidationData.

Same as ERC4337Utils.packValidationData, but with a boolean signature success flag.

Combines two validation data into a single one.

The aggregator is set to ERC4337Utils.SIG_VALIDATION_SUCCESS if both are successful, while the validAfter is the maximum and the validUntil is the minimum of both.

Returns the aggregator of the validationData and whether it is out of time range.

Get the hash of a user operation for a given entrypoint

Returns factory from the PackedUserOperation, or address(0) if the initCode is empty or not properly formatted.

Returns factoryData from the PackedUserOperation, or empty bytes if the initCode is empty or not properly formatted.

Returns verificationGasLimit from the PackedUserOperation.

Returns callGasLimit from the PackedUserOperation.

Returns the first section of gasFees from the PackedUserOperation.

Returns the second section of gasFees from the PackedUserOperation.

Returns the total gas price for the PackedUserOperation (ie. maxFeePerGas or maxPriorityFeePerGas + basefee).

Returns the first section of paymasterAndData from the PackedUserOperation.

Returns the second section of paymasterAndData from the PackedUserOperation.

Returns the third section of paymasterAndData from the PackedUserOperation.

Returns the fourth section of paymasterAndData from the PackedUserOperation.

Executes a single call.

Executes a batch of calls.

Executes a delegate call.

Encodes the mode with the provided parameters. See ERC7579Utils.decodeMode.

Decodes the mode into its parameters. See ERC7579Utils.encodeMode.

Encodes a single call execution. See ERC7579Utils.decodeSingle.

Decodes a single call execution. See ERC7579Utils.encodeSingle.

Encodes a delegate call execution. See ERC7579Utils.decodeDelegate.

Decodes a delegate call execution. See ERC7579Utils.encodeDelegate.

Encodes a batch of executions. See ERC7579Utils.decodeBatch.

Decodes a batch of executions. See ERC7579Utils.encodeBatch.

NOTE: This function runs some checks and will throw a ERC7579Utils.ERC7579DecodingError if the input is not properly formatted.

Emits when an ERC7579Utils.EXECTYPE_TRY execution fails.

The provided CallType is not supported.

The provided ExecType is not supported.

The provided module doesn't match the provided module type.

The module is not installed.

The module is already installed.

The module type is not supported.

Input calldata not properly formatted and possibly malicious.

Compares two CallType values for equality.

Compares two ExecType values for equality.

Compares two ModeSelector values for equality.

Compares two ModePayload values for equality.