Validate entity storage access (#76)

Author: hazim-j

internal/config/values.go

@@ -23,6 +23,7 @@ type Values struct {
 	Beneficiary          string
 
 	// Undocumented variables.
+	DebugMode              bool
 	GinMode                string
 	BundlerCollectorTracer string
 }
@@ -45,6 +46,7 @@ func GetValues() *Values {
 	viper.SetDefault("erc4337_bundler_data_directory", "/tmp/stackup_bundler")
 	viper.SetDefault("erc4337_bundler_supported_entry_points", "0x1306b01bC3e4AD202612D3843387e94737673F53")
 	viper.SetDefault("erc4337_bundler_max_verification_gas", 1500000)
+	viper.SetDefault("erc4337_bundler_debug_mode", false)
 	viper.SetDefault("erc4337_bundler_gin_mode", gin.ReleaseMode)
 
 	// Read in from .env file if available
@@ -118,6 +120,7 @@ func GetValues() *Values {
 	supportedEntryPoints := envArrayToAddressSlice(viper.GetString("erc4337_bundler_supported_entry_points"))
 	beneficiary := viper.GetString("erc4337_bundler_beneficiary")
 	maxVerificationGas := big.NewInt(int64(viper.GetInt("erc4337_bundler_max_verification_gas")))
+	debugMode := viper.GetBool("erc4337_bundler_debug_mode")
 	ginMode := viper.GetString("erc4337_bundler_gin_mode")
 	return &Values{
 		PrivateKey:             privateKey,
@@ -127,6 +130,7 @@ func GetValues() *Values {
 		SupportedEntryPoints:   supportedEntryPoints,
 		Beneficiary:            beneficiary,
 		MaxVerificationGas:     maxVerificationGas,
+		DebugMode:              debugMode,
 		GinMode:                ginMode,
 		BundlerCollectorTracer: bct,
 	}

internal/start/private.go

@@ -91,6 +91,12 @@ func PrivateMode() {
 		paymaster.IncOpsSeen(),
 	)
 
+	// init Debug
+	var d *client.Debug
+	if conf.DebugMode {
+		d = client.NewDebug(eoa, eth, mem, chain, conf.SupportedEntryPoints[0], beneficiary)
+	}
+
 	// Init Bundler
 	b := bundler.New(mem, chain, conf.SupportedEntryPoints)
 	b.UseLogger(logr)
@@ -120,7 +126,7 @@ func PrivateMode() {
 	r.POST(
 		"/",
 		relayer.FilterByClientID(),
-		jsonrpc.Controller(client.NewRpcAdapter(c)),
+		jsonrpc.Controller(client.NewRpcAdapter(c, d)),
 		relayer.MapUserOpHashToClientID(),
 	)
 	if err := r.Run(fmt.Sprintf(":%d", conf.Port)); err != nil {

internal/utils/stack.go

@@ -0,0 +1,35 @@
+package utils
+
+type Stack[T any] struct {
+	keys []T
+}
+
+func NewStack[T any]() *Stack[T] {
+	return &Stack[T]{nil}
+}
+
+func (stack *Stack[T]) Push(key T) {
+	stack.keys = append(stack.keys, key)
+}
+
+func (stack *Stack[T]) Top() (T, bool) {
+	var x T
+	if len(stack.keys) > 0 {
+		x = stack.keys[len(stack.keys)-1]
+		return x, true
+	}
+	return x, false
+}
+
+func (stack *Stack[T]) Pop() (T, bool) {
+	var x T
+	if len(stack.keys) > 0 {
+		x, stack.keys = stack.keys[len(stack.keys)-1], stack.keys[:len(stack.keys)-1]
+		return x, true
+	}
+	return x, false
+}
+
+func (stack *Stack[T]) IsEmpty() bool {
+	return len(stack.keys) == 0
+}

pkg/client/client.go

@@ -6,6 +6,7 @@ import (
 	"math/big"
 
 	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/common/hexutil"
 	"github.com/go-logr/logr"
 	"github.com/stackup-wallet/stackup-bundler/internal/logger"
 	"github.com/stackup-wallet/stackup-bundler/pkg/mempool"
@@ -119,5 +120,5 @@ func (i *Client) SupportedEntryPoints() ([]string, error) {
 // ChainID implements the method call for eth_chainId. It returns the current chainID used by the client.
 // This method is used to validate that the client's chainID is in sync with the caller.
 func (i *Client) ChainID() (string, error) {
-	return i.chainID.String(), nil
+	return hexutil.EncodeBig(i.chainID), nil
 }

pkg/client/debug.go

@@ -0,0 +1,74 @@
+package client
+
+import (
+	"errors"
+	"math/big"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/ethclient"
+	"github.com/stackup-wallet/stackup-bundler/pkg/entrypoint"
+	"github.com/stackup-wallet/stackup-bundler/pkg/mempool"
+	"github.com/stackup-wallet/stackup-bundler/pkg/signer"
+)
+
+// Debug exposes methods used for testing the bundler. These should not be made available in production.
+type Debug struct {
+	eoa         *signer.EOA
+	eth         *ethclient.Client
+	mempool     *mempool.Mempool
+	chainID     *big.Int
+	entrypoint  common.Address
+	beneficiary common.Address
+}
+
+func NewDebug(
+	eoa *signer.EOA,
+	eth *ethclient.Client,
+	mempool *mempool.Mempool,
+	chainID *big.Int,
+	entrypoint common.Address,
+	beneficiary common.Address,
+) *Debug {
+	return &Debug{eoa, eth, mempool, chainID, entrypoint, beneficiary}
+}
+
+// SendBundleNow forces the bundler to build and execute a bundle from the mempool as handleOps() transaction.
+func (d *Debug) SendBundleNow() (string, error) {
+	batch, err := d.mempool.BundleOps(d.entrypoint)
+	if err != nil {
+		return "", err
+	}
+
+	est, revert, err := entrypoint.EstimateHandleOpsGas(
+		d.eoa,
+		d.eth,
+		d.chainID,
+		d.entrypoint,
+		batch,
+		d.beneficiary,
+	)
+	if err != nil {
+		return "", err
+	} else if revert != nil {
+		return "", errors.New("debug: bad batch during estimate")
+	}
+
+	txn, revert, err := entrypoint.HandleOps(
+		d.eoa,
+		d.eth,
+		d.chainID,
+		d.entrypoint,
+		batch,
+		d.beneficiary,
+		est,
+		big.NewInt((int64(est))),
+		big.NewInt((int64(est))),
+	)
+	if err != nil {
+		return "", err
+	} else if revert != nil {
+		return "", errors.New("debug: bad batch during call")
+	}
+
+	return txn.Hash().String(), nil
+}

pkg/client/rpc.go

@@ -1,13 +1,18 @@
 package client
 
+import (
+	"errors"
+)
+
 // RpcAdapter is an adapter for routing JSON-RPC method calls to the correct client functions.
 type RpcAdapter struct {
 	client *Client
+	debug  *Debug
 }
 
 // NewRpcAdapter initializes a new RpcAdapter which can be used with a JSON-RPC server.
-func NewRpcAdapter(client *Client) *RpcAdapter {
-	return &RpcAdapter{client}
+func NewRpcAdapter(client *Client, debug *Debug) *RpcAdapter {
+	return &RpcAdapter{client, debug}
 }
 
 // Eth_sendUserOperation routes eth_sendUserOperation method calls to *Client.SendUserOperation.
@@ -24,3 +29,12 @@ func (r *RpcAdapter) Eth_supportedEntryPoints() ([]string, error) {
 func (r *RpcAdapter) Eth_chainId() (string, error) {
 	return r.client.ChainID()
 }
+
+// Debug_bundler_sendBundleNow routes eth_chainId method calls to *Debug.SendBundleNow.
+func (r *RpcAdapter) Debug_bundler_sendBundleNow() (string, error) {
+	if r.debug == nil {
+		return "", errors.New("rpc: debug mode is not enabled")
+	}
+
+	return r.debug.SendBundleNow()
+}

pkg/entrypoint/methods.go

@@ -0,0 +1,69 @@
+package entrypoint
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/ethereum/go-ethereum/accounts/abi"
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	"github.com/stackup-wallet/stackup-bundler/pkg/userop"
+)
+
+var (
+	bytes32, _                    = abi.NewType("bytes32", "", nil)
+	uint256, _                    = abi.NewType("uint256", "", nil)
+	bytes, _                      = abi.NewType("bytes", "", nil)
+	validatePaymasterUserOpMethod = abi.NewMethod(
+		"validatePaymasterUserOp",
+		"validatePaymasterUserOp",
+		abi.Function,
+		"",
+		false,
+		false,
+		abi.Arguments{
+			{Name: "userOp", Type: userop.UserOpType},
+			{Name: "userOpHash", Type: bytes32},
+			{Name: "maxCost", Type: uint256},
+		},
+		abi.Arguments{
+			{Name: "context", Type: bytes},
+			{Name: "deadline", Type: uint256},
+		},
+	)
+	validatePaymasterUserOpSelector = hexutil.Encode(validatePaymasterUserOpMethod.ID)
+)
+
+type validatePaymasterUserOpOutput struct {
+	Context []byte
+}
+
+func decodeValidatePaymasterUserOpOutput(ret any) (*validatePaymasterUserOpOutput, error) {
+	hex, ok := ret.(string)
+	if !ok {
+		return nil, errors.New("validatePaymasterUserOp: cannot assert type: hex is not of type string")
+	}
+	data, err := hexutil.Decode(hex)
+	if err != nil {
+		return nil, fmt.Errorf("validatePaymasterUserOp: %s", err)
+	}
+
+	args, err := validatePaymasterUserOpMethod.Outputs.Unpack(data)
+	if err != nil {
+		return nil, fmt.Errorf("validatePaymasterUserOp: %s", err)
+	}
+	if len(args) != 2 {
+		return nil, fmt.Errorf(
+			"validatePaymasterUserOp: invalid args length: expected 2, got %d",
+			len(args),
+		)
+	}
+
+	ctx, ok := args[0].([]byte)
+	if !ok {
+		return nil, errors.New("validatePaymasterUserOp: cannot assert type: hex is not of type string")
+	}
+
+	return &validatePaymasterUserOpOutput{
+		Context: ctx,
+	}, nil
+}