chore: remove existing permissions system

erc6900 · Jun 19, 2024 · ee0a657 · ee0a657
1 parent b680f75
commit ee0a657
Show file tree

Hide file tree

Showing 8 changed files with 11 additions and 38 deletions.
diff --git a/src/account/AccountStorage.sol b/src/account/AccountStorage.sol
@@ -55,7 +55,6 @@ struct AccountStorage {
     // Execution functions and their associated functions
     mapping(bytes4 => SelectorData) selectorData;
     mapping(FunctionReference => ValidationData) validationData;
-    mapping(address caller => mapping(bytes4 selector => bool)) callPermitted;
     // For ERC165 introspection
     mapping(bytes4 => uint256) supportedIfaces;
 }

diff --git a/src/account/PluginManagerInternals.sol b/src/account/PluginManagerInternals.sol
@@ -187,14 +187,6 @@ abstract contract PluginManagerInternals is IPluginManager {
             _setExecutionFunction(selector, isPublic, allowSharedValidation, plugin);
         }
 
-        // Add installed plugin and selectors this plugin can call
-        length = manifest.permittedExecutionSelectors.length;
-        for (uint256 i = 0; i < length; ++i) {
-            // If there are duplicates, this will just enable the flag again. This is not a problem, since the
-            // boolean will be set to false twice during uninstall, which is fine.
-            _storage.callPermitted[plugin][manifest.permittedExecutionSelectors[i]] = true;
-        }
-
         length = manifest.validationFunctions.length;
         for (uint256 i = 0; i < length; ++i) {
             ManifestAssociatedFunction memory mv = manifest.validationFunctions[i];
@@ -288,11 +280,6 @@ abstract contract PluginManagerInternals is IPluginManager {
             );
         }
 
-        length = manifest.permittedExecutionSelectors.length;
-        for (uint256 i = 0; i < length; ++i) {
-            _storage.callPermitted[plugin][manifest.permittedExecutionSelectors[i]] = false;
-        }
-
         length = manifest.executionFunctions.length;
         for (uint256 i = 0; i < length; ++i) {
             bytes4 selector = manifest.executionFunctions[i].executionSelector;

diff --git a/src/account/UpgradeableModularAccount.sol b/src/account/UpgradeableModularAccount.sol
@@ -546,11 +546,9 @@ contract UpgradeableModularAccount is
         AccountStorage storage _storage = getAccountStorage();
 
         if (
-            msg.sender == address(_ENTRY_POINT) || msg.sender == address(this)
-                || _storage.selectorData[msg.sig].isPublic
-        ) return;
-
-        if (!_storage.callPermitted[msg.sender][msg.sig]) {
+            msg.sender != address(_ENTRY_POINT) && msg.sender != address(this)
+                && !_storage.selectorData[msg.sig].isPublic
+        ) {
             revert ExecFromPluginNotPermitted(msg.sender, msg.sig);
         }
     }

diff --git a/src/interfaces/IPlugin.sol b/src/interfaces/IPlugin.sol
@@ -73,8 +73,6 @@ struct PluginManifest {
     ManifestAssociatedFunction[] validationFunctions;
     ManifestExecutionHook[] executionHooks;
     uint8[] signatureValidationFunctions;
-    // Plugin execution functions already installed on the MSCA that this plugin will be able to call.
-    bytes4[] permittedExecutionSelectors;
     // List of ERC-165 interface IDs to add to account to support introspection checks. This MUST NOT include
     // IPlugin's interface ID.
     bytes4[] interfaceIds;

diff --git a/test/account/AccountExecHooks.t.sol b/test/account/AccountExecHooks.t.sol
@@ -24,8 +24,8 @@ contract AccountExecHooksTest is AccountTestBase {
     uint8 internal constant _POST_HOOK_FUNCTION_ID_2 = 2;
     uint8 internal constant _BOTH_HOOKS_FUNCTION_ID_3 = 3;
 
-    PluginManifest internal m1;
-    PluginManifest internal m2;
+    PluginManifest internal _m1;
+    PluginManifest internal _m2;
 
     event PluginInstalled(address indexed plugin, bytes32 manifestHash, FunctionReference[] dependencies);
     event PluginUninstalled(address indexed plugin, bool indexed callbacksSucceeded);
@@ -35,7 +35,7 @@ contract AccountExecHooksTest is AccountTestBase {
     function setUp() public {
         _transferOwnershipToTest();
 
-        m1.executionFunctions.push(
+        _m1.executionFunctions.push(
             ManifestExecutionFunction({
                 executionSelector: _EXEC_SELECTOR,
                 isPublic: true,
@@ -163,8 +163,8 @@ contract AccountExecHooksTest is AccountTestBase {
     }
 
     function _installPlugin1WithHooks(ManifestExecutionHook memory execHooks) internal {
-        m1.executionHooks.push(execHooks);
-        mockPlugin1 = new MockPlugin(m1);
+        _m1.executionHooks.push(execHooks);
+        mockPlugin1 = new MockPlugin(_m1);
         manifestHash1 = keccak256(abi.encode(mockPlugin1.pluginManifest()));
 
         vm.expectEmit(true, true, true, true);

diff --git a/test/account/UpgradeableModularAccount.t.sol b/test/account/UpgradeableModularAccount.t.sol
@@ -11,7 +11,7 @@ import {IERC1271} from "@openzeppelin/contracts/interfaces/IERC1271.sol";
 import {PluginManagerInternals} from "../../src/account/PluginManagerInternals.sol";
 import {UpgradeableModularAccount} from "../../src/account/UpgradeableModularAccount.sol";
 import {FunctionReference, FunctionReferenceLib} from "../../src/helpers/FunctionReferenceLib.sol";
-import {IPlugin, PluginManifest} from "../../src/interfaces/IPlugin.sol";
+import {PluginManifest} from "../../src/interfaces/IPlugin.sol";
 import {IAccountLoupe} from "../../src/interfaces/IAccountLoupe.sol";
 import {IPluginManager} from "../../src/interfaces/IPluginManager.sol";
 import {Call} from "../../src/interfaces/IStandardExecutor.sol";
@@ -37,7 +37,7 @@ contract UpgradeableModularAccountTest is AccountTestBase {
 
     address public ethRecipient;
     Counter public counter;
-    PluginManifest internal manifest;
+    PluginManifest internal _manifest;
 
     FunctionReference public ownerValidation;
 
@@ -262,8 +262,6 @@ contract UpgradeableModularAccountTest is AccountTestBase {
         vm.startPrank(address(entryPoint));
 
         PluginManifest memory m;
-        m.permittedExecutionSelectors = new bytes4[](1);
-        m.permittedExecutionSelectors[0] = IPlugin.onInstall.selector;
 
         MockPlugin mockPluginWithBadPermittedExec = new MockPlugin(m);
         bytes32 manifestHash = keccak256(abi.encode(mockPluginWithBadPermittedExec.pluginManifest()));
@@ -403,7 +401,7 @@ contract UpgradeableModularAccountTest is AccountTestBase {
     function _installPluginWithExecHooks() internal returns (MockPlugin plugin) {
         vm.startPrank(address(entryPoint));
 
-        plugin = new MockPlugin(manifest);
+        plugin = new MockPlugin(_manifest);
         bytes32 manifestHash = keccak256(abi.encode(plugin.pluginManifest()));
 
         IPluginManager(account1).installPlugin({

diff --git a/test/mocks/plugins/PermittedCallMocks.sol b/test/mocks/plugins/PermittedCallMocks.sol
@@ -22,10 +22,6 @@ contract PermittedCallerPlugin is BasePlugin {
             manifest.executionFunctions[i].isPublic = true;
         }
 
-        // Request permission only for "foo", but not "bar", from ResultCreatorPlugin
-        manifest.permittedExecutionSelectors = new bytes4[](1);
-        manifest.permittedExecutionSelectors[0] = ResultCreatorPlugin.foo.selector;
-
         return manifest;
     }
 

diff --git a/test/mocks/plugins/ReturnDataPluginMocks.sol b/test/mocks/plugins/ReturnDataPluginMocks.sol
@@ -138,9 +138,6 @@ contract ResultConsumerPlugin is BasePlugin, IValidation {
             allowSharedValidation: false
         });
 
-        manifest.permittedExecutionSelectors = new bytes4[](1);
-        manifest.permittedExecutionSelectors[0] = ResultCreatorPlugin.foo.selector;
-
         return manifest;
     }