Keystore Validator Module
Table of Contents
The Keystore Validator (KV) is a validation module for both ERC-6900 and ERC-7579 smart accounts which authenticates userOps against data from the keystore.
User Smart Accounts
For smart accounts, the module supports both ERC-6900 and ERC-7579 validateUserOp(..)
interfaces which call the same underlying logic.
/// ERC-6900
function validateUserOp(uint32, PackedUserOperation calldata userOp, bytes32 userOpHash) external;
/// ERC-7579
function validateUserOp(PackedUserOperation calldata userOp, bytes32 userOpHash) external;
Other forms of validation (such as ERC-6900's validateRuntime(..)
) are not supported.
Key Data Consumers
Key data consumers are separate smart contracts that serve as external components of the KV, responsible for defining how keyData
is processed and validated against. The keyData
includes metadata that informs the KV which consumer contract to invoke for validation. Within the validation flow, once the KV has verified the authenticity of the keyData
, it will forward the keyData
to the consumer contract for further external use. The KV expects that keyData
has the following format:
keyData[0] - domain separator (should be 0x00)
keyData[1..33] - key data consumer codehash
keyData[33..] - arbitrary key data
The codehash
uniquely identifies the logic embedded within the consumer contract and effectively allows a certain keystoreAddress
to signal how its keyData
should be validated.
All key data consumer contracts must implement the following interface:
function consumeKeyData(bytes calldata keyData, bytes calldata authData, bytes32 userOpHash)
external;
As an example, a key data consumer could implement signature verification logic. In this scenario:
keyData
would be an encoding of a threshold and a list of valid signersauthData
would be a list of signaturesuserOpHash
would be the digest signed by the signatures
Architecturally, separating the verification of some key data's presence on the keystore from its actual use allows the former to be immutable while allowing for new forms of the latter to be introduced permissionlessly via external consumer contracts.