A baseline checklist for auditing account abstraction wallets implemented based on the EIP4337 standard
Last updated
This guide provides auditors with a fundamental checklist for reviewing account abstraction wallets based on the EIP4337 standard, along with targeted auditing guidelines. It assumes auditors are familiar with the EIP4337 Account Abstraction Standard and the EIP7562 Account Abstraction Validation Scope Rules Standard. We'll briefly cover the EIP4337 architecture and wallet transaction execution flow.
In EIP4337, an EOA signs UserOperation data and submits it to a separate Alt Mempool via RPC. This mempool, distinct from Ethereum's, aggregates user-submitted UserOp data. The Bundler extracts and simulates UserOps locally before execution, discarding failed simulations. All UserOp executions occur through the Bundler calling the EntryPoint contract. After verification, EntryPoint calls the user's AA wallet to execute the user's calldata. Users pay the Bundler for on-chain execution fees or specify a Paymaster to cover costs.
Auditors should understand the process of the Bundler calling the user's wallet via EntryPoint:
Detailed flow chart: 4337 Execution Details
The following checklist items ensure each 4337 wallet passes crucial security checks:
Verify Compatibility with All EVM-Compatible Chains
AA wallets may deploy on various chains. Post-Shanghai Ethereum mainnet introduced PUSH0 bytecode, affecting Solidity versions 0.8.20+. Auditors should check the Solidity version or compiled files for PUSH0 bytecode. For multi-chain deployment, use a compiler version below 0.8.20 or specify the paris compilation version.
Ensure Interface Implementation and Return Values Comply with EIP4337
Wallets must implement core interfaces with specific return value structures. Paymasters must also implement required interfaces. Signature validation should return appropriate values or revert as specified.
Verify Trusted Wallet Callers
EIP4337 interfaces should only allow trusted EntryPoint calls to prevent unauthorized wallet use.
Example Code:
Check Fee Payment Implementation
Wallets should implement logic to transfer missingAccountFunds to the EntryPoint contract when necessary.
Example Code:
Verify Wallet Creation Method
Factories must use CREATE2 for deterministic wallet creation addresses.
Example Code:
Check Return Value for Repeated Wallet Creation
Ensure consistent address returns for already-created wallets.
Example Code:
Prevent Wallet Takeover During Creation
Verify that wallet creation cannot be front-run and that ownership is correctly set.
Example of Incorrect Code: (entryPoint not involved in address calculation, can be takeover and modified to a malicious entryPoint)
Validate Signature Verification
Ensure rigorous signature validation in validateUserOp/validatePaymasterUserOp.
Example Code:
Verify Correct ERC1271 Implementation
Check ERC1271 standard compliance and signature verification logic security.
Example Code:
Prevent Permanent Locking of Staked Tokens
Ensure staking logic doesn't allow permanent token locking.
Example Code:
Restrict Non-EntryPoint Transaction Execution
Verify that wallets implement proper permission checks for non-EntryPoint executions.
Example Code:
Limit Wallet Storage Access
Ensure wallets only access storage fields associated with the sender.
Verify Paymaster's Failure Handling Logic
Check that Paymasters correctly handle fees in case of execution failures.
Ensure Secure Implementation of Modular Wallets
Verify safe management of wallet modules and secure data storage when using DELEGATECALL.
This checklist provides a foundation for auditing account abstraction wallets based on the current EIP4337 standard. Given the early stages of EIP4337 implementation and varying wallet designs, auditors should conduct thorough checks based on specific wallet implementations.
