Security Audit Checklist for Account Abstraction Wallets
A baseline checklist for auditing account abstraction wallets implemented based on the EIP4337 standard
Last updated
A baseline checklist for auditing account abstraction wallets implemented based on the EIP4337 standard
Last updated
This guide provides auditors with a fundamental checklist for reviewing account abstraction wallets based on the EIP4337 standard, along with targeted auditing guidelines. It assumes auditors are familiar with the and the We'll briefly cover the EIP4337 architecture and wallet transaction execution flow.
In EIP4337, an EOA signs data and submits it to a separate via RPC. This mempool, distinct from Ethereum's, aggregates user-submitted UserOp data. The Bundler extracts and simulates UserOps before execution, discarding failed simulations. All UserOp executions occur through the Bundler calling the EntryPoint contract. After verification, calls the user's AA wallet to execute the user's calldata. Users pay the Bundler for on-chain execution fees or specify a to cover costs.
Auditors should understand the process of the Bundler calling the user's wallet via EntryPoint:
The following checklist items ensure each 4337 wallet passes crucial security checks:
Verify Compatibility with All EVM-Compatible Chains
Ensure Interface Implementation and Return Values Comply with EIP4337
Wallets must implement core interfaces with specific return value structures. Paymasters must also implement required interfaces. Signature validation should return appropriate values or revert as specified.
Verify Trusted Wallet Callers
Example Code:
Check Fee Payment Implementation
Wallets should implement logic to transfer missingAccountFunds to the EntryPoint contract when necessary.
Example Code:
Verify Wallet Creation Method
Factories must use CREATE2 for deterministic wallet creation addresses.
Example Code:
Check Return Value for Repeated Wallet Creation
Ensure consistent address returns for already-created wallets.
Example Code:
Prevent Wallet Takeover During Creation
Verify that wallet creation cannot be front-run and that ownership is correctly set.
Validate Signature Verification
Ensure rigorous signature validation in validateUserOp/validatePaymasterUserOp.
Example Code:
Verify Correct ERC1271 Implementation
Check ERC1271 standard compliance and signature verification logic security.
Example Code:
Prevent Permanent Locking of Staked Tokens
Ensure staking logic doesn't allow permanent token locking.
Example Code:
Restrict Non-EntryPoint Transaction Execution
Verify that wallets implement proper permission checks for non-EntryPoint executions.
Example Code:
Limit Wallet Storage Access
Ensure wallets only access storage fields associated with the sender.
Verify Paymaster's Failure Handling Logic
Check that Paymasters correctly handle fees in case of execution failures.
Ensure Secure Implementation of Modular Wallets
Verify safe management of wallet modules and secure data storage when using DELEGATECALL.
This checklist provides a foundation for auditing account abstraction wallets based on the current EIP4337 standard. Given the early stages of EIP4337 implementation and varying wallet designs, auditors should conduct thorough checks based on specific wallet implementations.
Detailed flow chart:
AA wallets may deploy on various chains. Post-Shanghai Ethereum mainnet introduced PUSH0 bytecode, affecting Solidity versions . Auditors should check the Solidity version or compiled files for PUSH0 bytecode. For multi-chain deployment, use a compiler version below 0.8.20 or specify the paris compilation version.
interfaces should only allow trusted EntryPoint calls to prevent unauthorized wallet use.
(entryPoint not involved in address calculation, can be takeover and modified to a malicious entryPoint)