Extending ERC-4337

The desired outcome should be verified based on executing the entire bundle (batch) rather than just a specific intent.

Reference: https://github.com/blndgs/ERCs/blob/balloondogs/ERCS/erc-post_execution_4337_validation.md

ERC-4337 Account Abstraction with Post-Execution Validation

ERC-4337 facilitates a leap toward flexible and secure account abstraction. This standard allows user wallets to interact with Ethereum's blockchain intuitively, masking the underlying limitations. However, as we dive deeper into decentralized finance (DeFi), NFTs, Staking, Gaming, and beyond, the interactions become increasingly complex, warranting a robust mechanism to validate the conclusion of Intent Operations. Enter the proposed extension: a framework designed to validate operations post-execution, ensuring they align with the user's original Intent.

The Need for Post-Execution Validation

ERC-4337 user operations fulfill the user Intents, yet the current standard's lack of atomic post-execution operation validation poses a challenge. The inability to assess the cumulative effect of these operations within a transaction bundle limits the potential to execute complex, dependent operations with confidence. This limitation is the driving force behind the proposed extension, which aims to bridge this gap by introducing a post-execution validation layer. That comprehensive validation mechanism ensures the final state post-execution mirrors the user's initial Intent vision.

A New Account Interface And The Entrypoint Changes

This proposal introduces an optional IAccountPostExecution interface, which declares a post-bundle execution validation function to address the aforementioned limitations. Each user operation can be assessed against the final state of the network post-bundle execution, ensuring that the collective outcome of operations aligns with the user's initial intent. The handleOps function within the EntryPoint contract will be updated to invoke conditionally validatePostExecution If signaled by a specific selector within the userOp's signature field, a validation layer will be introduced that provides a comprehensive view of the final state for each user operation.

Technical Deep Dive

The proposal mandates the introduction of the IAccountPostExecution interface to facilitate the post-execution validation of user operations. This interface includes the validatePostExecution function designed to revert if the post-bundle state does not pass validation criteria. This function represents a critical extension of the ERC-4337 standard, enabling a post-execution validation process that was previously unattainable within the existing framework.

Validation Plugins

To accommodate diverse validation needs and scenarios, the proposal remains agnostic regarding implementing specific module standards for custom validation logic. This flexibility ensures that developers can tailor validation mechanisms to suit the unique requirements of their smart accounts.

Rationale Behind the Proposal

Introducing post-execution validation unlocks capabilities and scenarios for intent fulfillment and DApps, particularly in complex operations interactions. This feature is invaluable in scenarios such as DeFi sequences, blockchain-based games, and social recovery processes, where one operation's outcome may directly influence subsequent operations' success within the same transaction bundle.

Security Considerations

The proposal addresses potential security risks, including DoS and griefing attacks, by proposing mitigation strategies such as stake-based throttling and banning. These measures aim to safeguard the validation process against malicious activities.

This feature's vast utility spans DeFi sequences where a user's operations—like token swaps, liquidity provision, and staking—can be validated in totality post-execution.

Last updated