AA Wallet Integration

Table of Contents

• Design Overview

As a complement to the keystore rollup itself, we built adapters to integrate the identity data with ERC-4337 smart contract wallets on L2.

Design Overview

To authenticate ERC-4337 AA wallets via identity data from the keystore rollup, the validation phase of the 4337 lifecycle needs to read the keystore rollup state and use it to validate userOps. During finalization, the keystore output root is committed to L1 storage, from which the state root can be extracted. Following this, the key data can be extracted from the state root. So we need a total of two Merkle proofs:

• Storage proof from keystore output root to L1 blockhash. The state root can be extracted from this output root.
• Merkle proof from identity data to keystore state root.

We provide the following two smart contracts for deployment on L2 to facilitate the above objectives:

• KeystoreStateOracle: A smart contract that trustlessly caches keystore state roots onto the L2, exposing it to the L2’s execution environment. A more detailed specification is available here.
• KeystoreValidator: A smart contract that facilitates IMT Merkle proofs to verify data against the state root, and validates smart account authentication data against key data. A more detailed specification is available here.