feat: session key native token transfer support

.gitmodules

@@ -6,10 +6,10 @@
 	url = https://github.com/leekt/I4337
 [submodule "lib/FreshCryptoLib"]
 	path = lib/FreshCryptoLib
-  url = https://github.com/rdubois-crypto/FreshCryptoLib
+	url = https://github.com/rdubois-crypto/FreshCryptoLib
 [submodule "lib/p256-verifier"]
-  path = lib/p256-verifier
-  url = https://github.com/daimo-eth/p256-verifier
+	path = lib/p256-verifier
+	url = https://github.com/daimo-eth/p256-verifier
 [submodule "lib/solady"]
 	path = lib/solady
 	url = https://github.com/vectorized/solady

src/validator/SessionKeyValidator.sol

@@ -55,7 +55,7 @@ contract SessionKeyValidator is IKernelValidator {
         // to make this fully work with paymaster service, prepack the address of paymaster up front
         if (session.paymaster == address(1)) {
             // any paymaster
-            require(userOp.paymasterAndData.length != 0, "SessionKeyValidator: paymaster not set");
+            require(userOp.paymasterAndData.length != 0 && bytes20(userOp.paymasterAndData[0:20]) != bytes20(0), "SessionKeyValidator: paymaster not set");
         } else if (session.paymaster != address(0)) {
             // specific paymaster
             require(
@@ -280,6 +280,7 @@ contract SessionKeyValidator is IKernelValidator {
     }
 
     function verifyPermission(bytes calldata data, Permission calldata permission) internal pure returns (bool) {
+        if(data.length == 0 && permission.sig == bytes4(0x0)) return true;
         if (bytes4(data[0:4]) != permission.sig) return false;
         for (uint256 i = 0; i < permission.rules.length; i++) {
             ParamRule calldata rule = permission.rules[i];