From 9cf30fc4d61e4ea5d8e0a54d622422e29d912638 Mon Sep 17 00:00:00 2001
From: leekt <leekt216@gmail.com>
Date: Tue, 30 Jan 2024 02:05:34 +0900
Subject: [PATCH 1/4] weighted ecdsa to valdiate the userOp for the last sig

---
 src/validator/WeightedECDSAValidator.sol           |  2 +-
 .../foundry/validator/WeightedECDSAValidator.t.sol | 14 +++++++-------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/validator/WeightedECDSAValidator.sol b/src/validator/WeightedECDSAValidator.sol
index bd2888bd..e0f58357 100644
--- a/src/validator/WeightedECDSAValidator.sol
+++ b/src/validator/WeightedECDSAValidator.sol
@@ -261,7 +261,7 @@ contract WeightedECDSAValidator is EIP712, IKernelValidator {
         uint256 totalWeight = 0;
         address signer;
         for (uint256 i = 0; i < sigCount; i++) {
-            signer = ECDSA.recover(hash, signature[i * 65:(i + 1) * 65]);
+            signer = ECDSA.recover(ECDSA.toEthSignedMessageHash(hash), signature[i * 65:(i + 1) * 65]);
             totalWeight += guardian[signer][msg.sender].weight;
             if (totalWeight >= strg.threshold) {
                 return packValidationData(ValidAfter.wrap(0), ValidUntil.wrap(0));
diff --git a/test/foundry/validator/WeightedECDSAValidator.t.sol b/test/foundry/validator/WeightedECDSAValidator.t.sol
index 46797c4d..2a81a6f3 100644
--- a/test/foundry/validator/WeightedECDSAValidator.t.sol
+++ b/test/foundry/validator/WeightedECDSAValidator.t.sol
@@ -109,20 +109,20 @@ contract KernelWeightedECDSATest is KernelTestBase {
     }
 
     function getWrongSignature(UserOperation memory op) internal view override returns (bytes memory) {
-        return abi.encodePacked(bytes4(0x00000000), entryPoint.signUserOpHash(vm, ownerKeys[0], op));
+        return abi.encodePacked(bytes4(0x00000000), entryPoint.signUserOpHash(vm, ownerKey + 1, op));
     }
 
     function signHash(bytes32 hash) internal view override returns (bytes memory) {
-        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], hash);
-        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1], hash);
-        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2], hash);
+        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], ECDSA.toEthSignedMessageHash(hash));
+        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1], ECDSA.toEthSignedMessageHash(hash));
+        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2], ECDSA.toEthSignedMessageHash(hash));
         return abi.encodePacked(r0, s0, v0, r1, s1, v1, r2, s2, v2);
     }
 
     function getWrongSignature(bytes32 hash) internal view override returns (bytes memory) {
-        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], hash);
-        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1] + 1, hash);
-        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2] + 1, hash);
+        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], ECDSA.toEthSignedMessageHash(hash));
+        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1] + 1, ECDSA.toEthSignedMessageHash(hash));
+        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2] + 1, ECDSA.toEthSignedMessageHash(hash));
         return abi.encodePacked(r0, s0, v0, r1, s1, v1, r2, s2, v2);
     }
 

From a3e142ed32bdcfc0e9abad4f00a0bc61bab2075b Mon Sep 17 00:00:00 2001
From: leekt <leekt216@gmail.com>
Date: Tue, 30 Jan 2024 22:51:19 +0900
Subject: [PATCH 2/4] removed toEthSignedMessage

---
 src/validator/WeightedECDSAValidator.sol | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/validator/WeightedECDSAValidator.sol b/src/validator/WeightedECDSAValidator.sol
index e0f58357..bd2888bd 100644
--- a/src/validator/WeightedECDSAValidator.sol
+++ b/src/validator/WeightedECDSAValidator.sol
@@ -261,7 +261,7 @@ contract WeightedECDSAValidator is EIP712, IKernelValidator {
         uint256 totalWeight = 0;
         address signer;
         for (uint256 i = 0; i < sigCount; i++) {
-            signer = ECDSA.recover(ECDSA.toEthSignedMessageHash(hash), signature[i * 65:(i + 1) * 65]);
+            signer = ECDSA.recover(hash, signature[i * 65:(i + 1) * 65]);
             totalWeight += guardian[signer][msg.sender].weight;
             if (totalWeight >= strg.threshold) {
                 return packValidationData(ValidAfter.wrap(0), ValidUntil.wrap(0));

From 77442d047e5e0843165a61b5c3cfeb36a36ce45a Mon Sep 17 00:00:00 2001
From: leekt <leekt216@gmail.com>
Date: Tue, 30 Jan 2024 22:54:23 +0900
Subject: [PATCH 3/4] test done

---
 .../foundry/validator/WeightedECDSAValidator.t.sol | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/test/foundry/validator/WeightedECDSAValidator.t.sol b/test/foundry/validator/WeightedECDSAValidator.t.sol
index 2a81a6f3..46797c4d 100644
--- a/test/foundry/validator/WeightedECDSAValidator.t.sol
+++ b/test/foundry/validator/WeightedECDSAValidator.t.sol
@@ -109,20 +109,20 @@ contract KernelWeightedECDSATest is KernelTestBase {
     }
 
     function getWrongSignature(UserOperation memory op) internal view override returns (bytes memory) {
-        return abi.encodePacked(bytes4(0x00000000), entryPoint.signUserOpHash(vm, ownerKey + 1, op));
+        return abi.encodePacked(bytes4(0x00000000), entryPoint.signUserOpHash(vm, ownerKeys[0], op));
     }
 
     function signHash(bytes32 hash) internal view override returns (bytes memory) {
-        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], ECDSA.toEthSignedMessageHash(hash));
-        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1], ECDSA.toEthSignedMessageHash(hash));
-        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2], ECDSA.toEthSignedMessageHash(hash));
+        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], hash);
+        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1], hash);
+        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2], hash);
         return abi.encodePacked(r0, s0, v0, r1, s1, v1, r2, s2, v2);
     }
 
     function getWrongSignature(bytes32 hash) internal view override returns (bytes memory) {
-        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], ECDSA.toEthSignedMessageHash(hash));
-        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1] + 1, ECDSA.toEthSignedMessageHash(hash));
-        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2] + 1, ECDSA.toEthSignedMessageHash(hash));
+        (uint8 v0, bytes32 r0, bytes32 s0) = vm.sign(ownerKeys[0], hash);
+        (uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(ownerKeys[1] + 1, hash);
+        (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(ownerKeys[2] + 1, hash);
         return abi.encodePacked(r0, s0, v0, r1, s1, v1, r2, s2, v2);
     }
 

From f9d9e69c2a0dffaacc29802f047618b5923fbe02 Mon Sep 17 00:00:00 2001
From: leekt <leekt216@gmail.com>
Date: Thu, 1 Feb 2024 17:35:31 +0900
Subject: [PATCH 4/4] allow non-userOpHash signed mode when paymaster != 0

---
 src/validator/WeightedECDSAValidator.sol | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/validator/WeightedECDSAValidator.sol b/src/validator/WeightedECDSAValidator.sol
index bd2888bd..7ad208de 100644
--- a/src/validator/WeightedECDSAValidator.sol
+++ b/src/validator/WeightedECDSAValidator.sol
@@ -221,10 +221,14 @@ contract WeightedECDSAValidator is EIP712, IKernelValidator {
                 return packValidationData(ValidAfter.wrap(0), ValidUntil.wrap(0));
             }
         } else if (proposal.status == ProposalStatus.Approved || passed) {
-            address signer = ECDSA.recover(ECDSA.toEthSignedMessageHash(userOpHash), userOp.signature);
-            if (guardian[signer][msg.sender].weight != 0) {
-                proposal.status = ProposalStatus.Executed;
-                return packValidationData(ValidAfter.wrap(0), ValidUntil.wrap(0));
+            if(userOp.paymasterAndData.length == 0) {
+                address signer = ECDSA.recover(ECDSA.toEthSignedMessageHash(userOpHash), userOp.signature);
+                if (guardian[signer][msg.sender].weight != 0) {
+                    proposal.status = ProposalStatus.Executed;
+                    return packValidationData(proposal.validAfter, ValidUntil.wrap(0));
+                }
+            } else {
+                return packValidationData(proposal.validAfter, ValidUntil.wrap(0));
             }
         }
         return SIG_VALIDATION_FAILED;