Structural Error

In this page, we explore vulnerabilities caused by incorrect structural error.

Version Mismatch of Reference Implementation

Time to upgrade.

There are cases where the Paymaster implements the v0.6 interface but references an EntryPoint from v0.7.

In the eth-infinitism project, when the account-abstraction was upgraded from version 0.6 to 0.7, there were some changes.

// https://github.com/eth-infinitism/account-abstraction/blob/releases/v0.6/contracts/core/EntryPoint.sol

// Entrypoint v0.6
function _validatePaymasterPrepayment(
    uint256 opIndex, 
    UserOperation calldata op, 
    UserOpInfo memory opInfo, 
    uint256 requiredPreFund, 
    uint256 gasUsedByValidateAccountPrepayment
    )
    internal returns (bytes memory context, uint256 validationData) {
    
    ...
    ...
    
        try IPaymaster(paymaster).validatePaymasterUserOp{gas : gas}(
                op, 
                opInfo.userOpHash, 
                requiredPreFund
            ) returns (bytes memory _context, uint256 _validationData)
    ...

// https://github.com/eth-infinitism/account-abstraction/blob/releases/v0.7/contracts/core/EntryPoint.sol

// Entrypoint v0.7
function _validatePaymasterPrepayment(
        uint256 opIndex,
        PackedUserOperation calldata op,
        UserOpInfo memory opInfo,
        uint256 requiredPreFund
    ) internal returns (bytes memory context, uint256 validationData) {
    
    ...
    ...
    
        try
            IPaymaster(paymaster).validatePaymasterUserOp{gas: pmVerificationGasLimit}(
                op,
                opInfo.userOpHash,
                requiredPreFund
            ) returns (bytes memory _context, uint256 _validationData) {

The code above shows where validatePaymasterUserOp is called to validate the paymaster for a UserOp in Entrypoint versions 0.6 and 0.7.

Looking at the parameters in each code snippet shows that the parameter on line 6 is different. Version 0.6 uses the UserOperation struct, while version 0.7 uses the PackedUserOperation struct.

// UserOperation.sol v0.6
struct UserOperation {
        address sender;
        uint256 nonce;
        bytes initCode;
        bytes callData;
        uint256 callGasLimit;
        uint256 verificationGasLimit;
        uint256 preVerificationGas;
        uint256 maxFeePerGas;
        uint256 maxPriorityFeePerGas;
        bytes paymasterAndData;
        bytes signature;
}

// PackedUserOperation.sol v0.7
struct PackedUserOperation {
    address sender;
    uint256 nonce;
    bytes initCode;
    bytes callData;
    bytes32 accountGasLimits;
    uint256 preVerificationGas;
    bytes32 gasFees;
    bytes paymasterAndData;
    bytes signature;
}

The code above shows the UserOperation struct used in account-abstraction version 0.6 and the PackedUserOperation struct used in version 0.7. Although there are only small structural changes between them, using the wrong struct type as a parameter can lead to a revert.

Mitigation: Implement the paymaster according to version 0.7, or reference Entrypoint version 0.6 to maintain version consistency.

Improper Handling of Invalid paymasterAndData Format During Validation

If a UserOperation.paymasterAndData that does not follow the paymaster’s format is submitted, it must be recognized as invalid and properly reverted

If a UserOp with an improperly formatted UserOperation.paymasterAndData is submitted and the paymaster's validation function fails to correctly identify and revert the invalid format, it could lead to unexpected results.

Mitigation : During the validation process, parse paymasterAndData and revert if the format is incorrect

PreviousIncorrect Calculation Logic NextThreats in v0.6

Last updated 6 months ago

Structural Error

In this page, we explore vulnerabilities caused by incorrect structural error.

Version Mismatch of Reference Implementation

Time to upgrade.

There are cases where the Paymaster implements the v0.6 interface but references an EntryPoint from v0.7.

In the eth-infinitism project, when the account-abstraction was upgraded from version 0.6 to 0.7, there were some changes.

// https://github.com/eth-infinitism/account-abstraction/blob/releases/v0.6/contracts/core/EntryPoint.sol

// Entrypoint v0.6
function _validatePaymasterPrepayment(
    uint256 opIndex, 
    UserOperation calldata op, 
    UserOpInfo memory opInfo, 
    uint256 requiredPreFund, 
    uint256 gasUsedByValidateAccountPrepayment
    )
    internal returns (bytes memory context, uint256 validationData) {
    
    ...
    ...
    
        try IPaymaster(paymaster).validatePaymasterUserOp{gas : gas}(
                op, 
                opInfo.userOpHash, 
                requiredPreFund
            ) returns (bytes memory _context, uint256 _validationData)
    ...

// https://github.com/eth-infinitism/account-abstraction/blob/releases/v0.7/contracts/core/EntryPoint.sol

// Entrypoint v0.7
function _validatePaymasterPrepayment(
        uint256 opIndex,
        PackedUserOperation calldata op,
        UserOpInfo memory opInfo,
        uint256 requiredPreFund
    ) internal returns (bytes memory context, uint256 validationData) {
    
    ...
    ...
    
        try
            IPaymaster(paymaster).validatePaymasterUserOp{gas: pmVerificationGasLimit}(
                op,
                opInfo.userOpHash,
                requiredPreFund
            ) returns (bytes memory _context, uint256 _validationData) {

The code above shows where validatePaymasterUserOp is called to validate the paymaster for a UserOp in Entrypoint versions 0.6 and 0.7.

Looking at the parameters in each code snippet shows that the parameter on line 6 is different. Version 0.6 uses the UserOperation struct, while version 0.7 uses the PackedUserOperation struct.

// UserOperation.sol v0.6
struct UserOperation {
        address sender;
        uint256 nonce;
        bytes initCode;
        bytes callData;
        uint256 callGasLimit;
        uint256 verificationGasLimit;
        uint256 preVerificationGas;
        uint256 maxFeePerGas;
        uint256 maxPriorityFeePerGas;
        bytes paymasterAndData;
        bytes signature;
}

// PackedUserOperation.sol v0.7
struct PackedUserOperation {
    address sender;
    uint256 nonce;
    bytes initCode;
    bytes callData;
    bytes32 accountGasLimits;
    uint256 preVerificationGas;
    bytes32 gasFees;
    bytes paymasterAndData;
    bytes signature;
}

Mitigation: Implement the paymaster according to version 0.7, or reference Entrypoint version 0.6 to maintain version consistency.

Improper Handling of Invalid paymasterAndData Format During Validation

If a UserOperation.paymasterAndData that does not follow the paymaster’s format is submitted, it must be recognized as invalid and properly reverted

Mitigation : During the validation process, parse paymasterAndData and revert if the format is incorrect

PreviousIncorrect Calculation Logic NextThreats in v0.6

Last updated 6 months ago