Conversation
- Added stricter rotation in `validateUserOp`, requiring `confirmNextCommit` to equal `nextPkCommit` and atomically updating `currentPkCommit` and `nextPkCommit` in one step. - Extended unit tests to assert the new rotation flow, emitting `WOTSCommitmentsUpdated` and verifying state transitions. - Introduced negative test confirming mismatched `confirmNextCommit` causes `validateUserOp` to revert. Testing ✅ forge build ✅ forge test -vv ✅ slither .
- Added dedicated `BadECDSA` error and integrated it into `validateUserOp` to guarantee on-chain ECDSA owner checks remain mandatory even with future aggregator support. - Introduced tests asserting invalid ECDSA signatures always revert, whether WOTS data is valid (aggregator path) or invalid (fallback path), ensuring the owner check is enforced. Testing ✅ forge build ✅ forge test -vv ✅ forge snapshot ✅ slither .
…etters - Wired in optional aggregator support by introducing aggregator, verifier, and forceOnChainVerify storage fields with corresponding events, while keeping on-chain verification enabled by default. - Added getAggregator view that returns the aggregator address only when on-chain verification is disabled. - Implemented owner-only setters to update aggregator, verifier, and force-on-chain settings. - Updated ABI and tests to cover aggregator defaults and setter behavior, ensuring new view/setter functions are exposed in the public interface. Testing ✅ forge build ✅ forge test -vv ✅ forge snapshot ✅ slither .
- Clarified contract nonce semantics by documenting that nonce() is the source of the WOTS signature index, with check + increment occurring at the end of validateUserOp. - Added documentation highlighting the link between nonce() and the WOTS index for developers and integrators. - Extended test coverage to assert nonce increments on successful ops and remains unchanged when a mismatched nonce causes a revert. Testing ✅ forge build ✅ forge test -vv
…on and ownership - Introduced dedicated custom errors to reduce bytecode size: ECDSA_Invalid, PQC_CommitMismatch, NextCommit_ConfirmMismatch, Nonce_Invalid, NotOwner, and Sig_Length. - Updated wallet validation and setter logic to use these custom errors, covering signature length checks, commit/nonce mismatches, and owner access control. - Revised tests to expect new error selectors for owner checks, nonce and commit validation, ECDSA failures, and signature-length gating.
- Added helper functions for managing EntryPoint funds, including a balanceOfEntryPoint getter to query the wallet’s deposit on the EntryPoint contract. - Updated ABI to expose balanceOfEntryPoint alongside depositToEntryPoint. - Extended DummyEntryPoint and added tests that deposit ETH and verify recorded balances through the new helper.
- Updated Solidity WOTS library so commitPK concatenates public key elements and applies SHA-256, matching the Dart implementation. - Added Solidity ↔ Dart parity tests using a fixed public key vector, asserting the commitment equals a known SHA-256 value. - Documented deterministic WOTS commit parity and included example output in PQC development notes.
- Added forge snapshot step to CI workflow to capture gas snapshots during contract checks. - Updated gas usage docs with Phase-0 full WOTS on-chain numbers: validateUserOp median gas = 2,921,463, plus recorded execute and executeBatch values.
- Documented public state variables with NatSpec, clarifying EntryPoint, owner, WOTS commitments, and verification settings. - Added detailed NatSpec for all emitted events, describing triggers and parameters. - Regenerated and exported PQCWallet.json so ABI reflects updated event definitions. - Verified generated docs render event summaries and parameter tables from NatSpec comments.
…play - Updated mobile example configuration to align with new schema, adding chain ID, aggregator, prover registry, and verification flags alongside existing RPC and bundler URLs. - Expanded main screen UI to display all new configuration fields— chain ID, wallet, entry point, aggregator, prover registry, and force-on-chain-verify—within the top cards for clarity.
…serOp - Added RPC view extension to issue eth_call requests and return hex-encoded results from contract functions. - Updated _sendEth to query nonce, currentPkCommit, and nextPkCommit via ABI-encoded calls, parse responses, and log them before building the UserOperation. - UserOperation now uses on-chain nonce, confirms on-chain nextPkCommit, and proposes commitment derived from index + 2 for WOTS key rotation. - Introduced unit test with local JSON-RPC server to verify new callViewHex helper.
…etries - Added secure storage layer to persist pending UserOperation records per chain and wallet, enabling retries across app restarts. - Orchestrated UserOp flow to reuse stored hybrid signatures when hash matches, or rebuild new hybrids when calldata changes, updating storage accordingly. - Wired main wallet UI to send operations through new flow, display pending records, and support manual/automatic cleanup after confirmation.
…settings - Added biometric authentication via local_auth and platform permissions, enabling Face ID/Touch ID prompts on iOS and Android. - Created reusable BiometricService and persistent AppSettings to enforce biometric checks on mainnet and optionally on testnets, with a UI switch controlling testnet requirement. - Integrated biometric gate into signing workflow and main app so signatures are produced only after successful authentication, with toggle exposed in settings screen.
…ew UI - Added RPC utilities to fetch priority fee suggestions and recent fee history, enabling dynamic gas pricing. - Implemented EntryPoint service using canonical getUserOpHash ABI to compute hashes via eth_call. - Introduced FeeState model and fee preview sheet to display network and bundler fees with manual gas parameter overrides. - Updated send flow to gather fee suggestions, allow user adjustments, and compute userOpHash with EntryPoint service before signing.
- Added Base token registry with USDC/WETH addresses, feature flags, and Permit2 support for Base networks. - Introduced ChainTokens model to load token data and provide address and feature lookups per chain. - Implemented ERC-20 ABI encoders for transfer, approve, and scaffolded permit, enabling batched token transactions. - Built token send UI with token selection, recipient/amount fields, and toggles for EIP-2612 and Permit2, wired into new sendToken flow. - Extended user operation flow with sendToken path and buildTokenSendBatch to assemble executeBatch calldata for transfers. - Registered new token asset and added unit test verifying registry loading in pubspec.yaml.
…tegration - Introduced serializable ActivityItem model to capture user operation details, persisted via new ActivityStore backed by shared_preferences. - Added ActivityPoller to resolve pending operations through bundler and chain RPC, updating feed statuses in near real time. - Rendered scrollable ActivityFeed and integrated store/poller into main send flows for ETH and token transfers, creating feed entries upon UserOp submission.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR delivers a major update to the EqualFi wallet and mobile app by
introducing token support, fee handling, biometric authentication, secure
pending UserOp storage, and a real-time activity feed. It also extends RPC
utilities and updates configs to align with the new schema.
Changes
Motivation
These updates bring the wallet closer to MVP parity by enabling token
transfers, dynamic fee selection, and secure, user-friendly flows with
biometric auth. The ActivityFeed provides real-time visibility of pending
operations, while backend improvements (secure storage, aggregator support,
gas snapshots, and custom errors) strengthen robustness and auditability.
Testing
forge buildforge test -vvforge snapshotslither .Checklist