UNPKG

aa-schnorr-multisig-sdk

Version:

Account Abstraction Schnorr Multi-Signatures SDK

github.com/RunOnFlux/account-abstraction

RunOnFlux/account-abstraction

268 lines (226 loc) 10.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
# Account Abstraction Schnorr Signatures A typescript library for creating ERC-4337 Account Abstraction which utilizes Schnorr Signatures for multi signatures. ## About * ERC-4337 Account Abstraction * `MultiSigAccountAbstraction` class extends [Alchemys's](https://github.com/alchemyplatform/aa-sdk/tree/main/packages/core) `BaseSmartContractAccount`. It allows to interact with the Smart Contract Account. * `MultiSigAccountSigner` class extends [Alchemys's](https://github.com/alchemyplatform/aa-sdk/tree/main/packages/ethers) `AccountSigner` and is designed to build and send multi-sig user operations. * Schnorr Signatures * `Schnorkell` is the key element of the package. It manages signature's nonces and has methods for signing messages, like: `sign()` and `multiSigSign()`. * `SchnorrSigner` extends `Schnorkell` and manages key pairs (private and public) to generate Schnorr Signatures. * `MultiSigUserOpWithSigners` class has to be used to create a single multi-signature transaction. Signers, User Operation Hash and User Operation Request data have to be known upfront to initialize the transaction signing process. ## Requirements: * Node: >=18.0.0, <20.0.0 * npm (Node.js package manager): v9.x.x ## Installation ``` git clone https://github.com/RunOnFlux/aa-schnorr-multisig-sdk.git cd aa-schnorr-multisig-sdk npm i ``` ## Important notice ***Before signing any multi-sig transaction signers have to exchange their `publicKey` and `publicNonces`. Nonces are one-time generated random numbers used to create and validate the signature. It's absolutely crucial to delete the nonces once a signature has been crafted with them. Nonce reuse will lead to private key leakage!*** ## Example usage ### 0. Deploy MultiSigSmartAccountFactory and create Account Abstraction `MultiSigSmartAccountFactory` should be deployed first from [aa-schnorr-multisig package](https://www.npmjs.com/package/aa-schnorr-multisig). If already deployed, the address can be found in the `deployments` folder. ``` const smartAccountFactory = MultiSigSmartAccountFactory__factory.connect( <MUSIG_ACCOUNT_FACTORY_ADDRESS>, signer ) ``` `accountAddress` is Account Abstraction Address deployed with `MultiSigSmartAccountFactory` contract's method `createAccount`. ``` const saltHash = saltToHex(salt) const createAccountTxHash = await smartAccountFactory.createAccount(combinedAddress, saltHash) ``` **Notice!** `combinedAddress` can be generated with `getAllCombinedAddrFromSigners()` function from schnorr-helpers. ``` const x = 2 // nr of signers needed for valid signature, here 2/3 combinedAddress: string[] = getAllCombinedAddrFromSigners([signer1, signer2, signer3], x) ``` It is also possible to generate with signers' public keys with `getAllCombinedAddrFromKeys()` ``` combinedAddress: string[] = getAllCombinedAddrFromKeys([pubKey1, pubKey2, pubKey3], x) ``` #### Smart Account Address prediction If `MultiSigSmartAccountFactory` was deployed then the deterministic Account address can be predict with helpers in preffered way: **1. Onchain prediction** ``` const predictedAddress = await predictAccountAddrOnchain(smartAccountFactory combinedAddress, salt, ethersSignerOrProvider) ``` `accountImplementationAddress` can be taken from `MultiSigSmartAccountFactory` contract by calling `accountImplementation()`. This is done also by the helper function which can be used as below: ``` const implementationAddress = await getAccountImplementationAddress(factoryAddress, ethersSignerOrProvider) ``` **2. Fully offchain prediction!** ``` const predictedAddress = await predictAccountAddrOffchain(factoryAddress, accountImplementationAddress, combinedAddress, salt) ``` `factoryAddress` as well as `accountImplementationAddress` can be also predicted fully offchain with: * `predictFactoryAddrOffchain()` * `predictAccountImplementationAddrOffchain`. ``` // predict Smart Account Factory address using salt const saltFactory = saltToHex("aafactorysalttest") const predictedFactory = predictFactoryAddrOffchain(saltFactory, ENTRYPOINT_ADDRESS) // predict Smart Account Implementation address const predictedImplementation = predictAccountImplementationAddrOffchain( saltFactory, predictedFactory, ENTRYPOINT_ADDRESS ) ``` ### 1. Create Schnorr Signers out of private keys The private key has to be hex value, so e.g. `0x123456...`. **Warning! Never disclose your private key!** ``` const signer1 = createSchnorrSigner(<PRIVATE_KEY_HEX_1>) const signer2 = createSchnorrSigner(<PRIVATE_KEY_HEX_2>) ``` ### 2. Create Account Signer - Create Provider. It can be e.g. AlchemyProvider. ``` const alchemy = new Alchemy({ apiKey: <ALCHEMY_API_KEY>, network: <network>, }) const alchemyProvider = await alchemy.config.getProvider() ``` - Connect the Provider to the MultiSig Account Abstraction ``` const accountProvider = EthersProviderAdapter.fromEthersProvider(alchemyProvider) const accountSigner = accountProvider.connectToAccount((rpcClient) => { const smartAccount = new MultiSigAccountAbstraction({ chain: <CHAIN>, accountAddress: <SMART_ACCOUNT_ADDRESS>, factoryAddress: <MUSIG_ACCOUNT_FACTORY_ADDRESS>, rpcClient, combinedAddress: combinedAddress[], salt: utils.formatBytes32String(<SALT_STRING>), }) smartAccount.getDeploymentState().then((result: unknown) => { console.log("===> [useAccountSigner] deployment state", result) }) smartAccount.isAccountDeployed().then((deployed: unknown) => { console.log("===> [useAccountSigner] deployed", deployed) }) return smartAccount }) ``` * `chain` can be get from Alchemy SDK ``` const chain = getChain(chainId) ``` * `accountAddress` is Account Abstraction Address deployed with `MultiSigSmartAccountFactory` contract method `createAccount` ``` const saltBytes = stringToBytes(<SALT_STRING>, { size: 32 }) const _createTx = await smartAccountFactory.createAccount(combinedAddress, saltBytes) ``` * `factoryAddress` is the address of `MultiSigSmartAccountFactory`. If already deployed, can be found in `deployments` folder of `aa-schnorr-multisig` package * `combinedAddress` can be generated with `getAllCombinedAddrFromSigners()` function from schnorr-helpers. **Signers have to be the same as used for signing transactions.** ``` const x = 2 // nr of signers needed for valid signature, here 2/3 combinedAddress: string[] = getAllCombinedAddrFromSigners([signer1, signer2, signer3], x) ``` * `salt` is a string used to specify the deterministic address of the Account Abstraction ``` const saltBytes = stringToBytes(<SALT_STRING>, { size: 32 }) ``` where [stringToBytes](https://viem.sh/docs/utilities/toBytes#stringtobytes) imported from [viem](https://www.npmjs.com/package/viem) encodes a UTF-8 string into a 32-byte array * optional parameter `EntryPoint` by default is Alchemy's deterministic address and is the same for every chain. It can be get from Alchemy SDK: ``` // default: "0x5FF137D4b0FDCD49DcA30c7CF57E578a026d2789" const entryPointAddress = getDefaultEntryPointAddress(chain) ``` ### 3. Create MultiSig Account Signer out of Account Signer Use `multiSigAccountSigner` to extend accountSigner with multi-signature methods. ``` const multiSigAccountSigner = createMultiSigAccountSigner(accountSigner) ``` ### 4. Construct User Operation CallData [User Operation CallData](https://accountkit.alchemy.com/using-smart-accounts/send-user-operations.html#_2-construct-the-call-data) is just wrapped standard transaction calldata. - [encodeFunctionData](https://viem.sh/docs/contract/encodeFunctionData.html#encodefunctiondata) imported from [viem](https://www.npmjs.com/package/viem) encodes the function name and parameters into an ABI encoded value - smart contract's ABI, like `ERC20_abi`, can be imported from [aa-schnorr-multisig](https://www.npmjs.com/package/aa-schnorr-multisig) or defined within the function, e.g. ``` const AlchemyTokenAbi = [ { inputs: [{ internalType: "address", name: "recipient", type: "address" }], name: "mint", outputs: [], stateMutability: "nonpayable", type: "function", }, ]; ``` ### CallData construction examples #### ERC20 Transfer ``` const uoCallData: UserOperationCallData = encodeFunctionData({ abi: ERC20_abi, args: [toAddress, amount], functionName: "transfer", }) ``` #### Transfer ETH ``` const uoCallData: UserOperationCallData = { data: "0x", target: <toAddress> as Hex, value: <amount>, } ``` #### Upgrade MultiSigSmartAccount contract ``` const newImplementation = <newImplementationAddress> as string const data = "" const uoCallData: UserOperationCallData = encodeFunctionData({ abi: MultiSigSmartAccount_abi, args: [newImplementation, ""], functionName: "upgradeToAndCall", }) ``` #### Withdraw MultiSigSmartAccount deposit ``` const uoCallData: UserOperationCallData = encodeFunctionData({ abi: MultiSigSmartAccount_abi, args: [toAddress, amount], functionName: "withdrawDepositTo", }) ``` ### 5. Build User Operation Use `MultiSigAccountSigner`'s method with gas estimator `buildUserOpWithGasEstimator()`. ``` const { opHash, request } = await multiSigAccountSigner.buildUserOpWithGasEstimator( { data: uoCallData, target: targetAddress as Hex, }, { preVerificationGas: 2000000, } ) ``` `targetAddress` can be ERC20 Token address (e.g. for token transfer) or MultiSigSmartAccount address for upgrade call. ### 6. Initialize Multi-Sig Schnorr Transaction Use signers (or signers' public keys and public nonces), opHash and request generated above. Every instance of `MultiSigUserOpWithSigners` is created once for single transaction (and designed signers combination, like 2/3) and uses **one-time nonces**, so transactions can't be re-signed or reused! ``` const msUserOp = new MultiSigUserOpWithSigners([signer1, signer2], opHash, request) ``` If Signers can not be entirely passed as arguments it is possible to build User Operation out of signers' `publicKeys` and `publicNonces`. ``` const msUserOp = new MultiSigUserOp(publicKeys, publicNonces, opHash, userOpRequest) ``` ### 7. Sign the transaction with every defined signer ``` msUserOp.signMultiSigHash(signer) ``` ### 8. Send the transaction To do so use `MultiSigAccountSigner`'s method `sendMultiSigTransaction()`. In this step signatures (signed before by each signer) are collected and combined within the `MultiSigUserOpWithSigners` instance. This "summed-signature" is then sent and validated on-chain. If it's ok - transaction can be finished. ``` const txHash = await multiSigAccountSigner.sendMultiSigTransaction(msUserOp) ``` ## Associated package * [MultiSig Smart Account - ERC-4337 Smart Contracts](https://www.npmjs.com/package/aa-schnorr-multisig)