or
or
By clicking below, you agree to our terms of service.
New to HackMD? Sign up
Syntax | Example | Reference | |
---|---|---|---|
# Header | Header | 基本排版 | |
- Unordered List |
|
||
1. Ordered List |
|
||
- [ ] Todo List |
|
||
> Blockquote | Blockquote |
||
**Bold font** | Bold font | ||
*Italics font* | Italics font | ||
~~Strikethrough~~ | |||
19^th^ | 19th | ||
H~2~O | H2O | ||
++Inserted text++ | Inserted text | ||
==Marked text== | Marked text | ||
[link text](https:// "title") | Link | ||
 | Image | ||
`Code` | Code |
在筆記中貼入程式碼 | |
```javascript var i = 0; ``` |
|
||
:smile: | ![]() |
Emoji list | |
{%youtube youtube_id %} | Externals | ||
$L^aT_eX$ | LaTeX | ||
:::info This is a alert area. ::: |
This is a alert area. |
On a scale of 0-10, how likely is it that you would recommend HackMD to your friends, family or business associates?
Please give us some advice and help us improve HackMD.
Syncing
xxxxxxxxxx
Extensible
Safe
ArchitectureThis document outlines an extensible
Safe
architecture, increasing the novel integrations / applications forSafe
.The following guiding principles have been strictly employed:
SafeProxy
MUST not be modified, ensuring maximum security.delegatecall
within the architecture.Use cases
Currently, a
safe
may only be interacted with via either:owners
viaexecTransaction
; ormodule
viaexecTransactionFromModule
; orsignature
(ERC-1271).Use cases that this revised architecture seeks to enable include:
SafeProxy
. As an example, this would make it theoretically possible to convert aSafeProxy
into an ERC20 token by implementing ERC20 methods.Safe
. As an example, one could delegate the CoW Protocol EIP-712 domain to a contract that verified all signatures for selling any ERC20 token to ETH, ie. Max ETH- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →Current Architecture
The execution path of any method call that is not implemented in the
Safe
singleton follows this path:CompatibilityFallbackHandler
provides:If a developer wishes to extend the functionality of a
Safe
, they have to replace theCompatibilityFallbackHandler
, requiring significant heavy lifting, being careful to not remove any existing functionality so as to not breakSafe
(some parts of existing infrastructure require the use of threshold signatures, and some apps are using approved hashes such as CoW Protocol dapp).A developer may extend
CompatibilityFallbackHandler
, though it can be made much easier if one could simply specify a custom handler for arbitrary individual methods. This is whereExtensibleFallbackHandler
comes in.ExtensibleFallbackHandler
This handler replaces
CompatibilityFallbackHandler
, but preserves backwards compatibility with:Safe
approved hashes / threshold signatures.In addition to the backwards compatibility, a user may:
Safe
now supports an interface.Custom Methods
Security requirements:
Safe
SHALL determine (based on the authorisation in the setter) whether a custom method isview
or not (ie. whether or not the custom method can modify state on invocation).Execution Path:
Custom EIP-712 Verifiers
User requirements:
bytes
payload.Security requirements:
EIP-712
domain separator MUST be checked against thehash
, ensuring a 1:1 relationship between domain separator andISafeSignatureVerifier
.Execution Path for
isValidSignature(bytes32,bytes)
:Encoding of
signature
approvedhash
-signature
is set to zero-lengthbytes
.threshold
-signature
is a multiple of 65 bytes (forr
,s
,v
).custom
(ie.ISafeSignatureVerifier
) -signature
is an ABI encoded function callsafeSignature(bytes32,bytes32,bytes32,bytes)
where the tuple equates to(bytes32 domainSeparator, bytes32 typeHash, bytes32 encodeData, bytes payload)
. It is the4bytes
selector in the ABI encoded function call that is used to trigger the custom signer.Custom Verifier Validation
Before
SignatureVerifierMuxer
calls a custom verifier, it MUST match thedomainSeparator
to thehash
. Therefore, this then means thattypeHash
, andencodeData
can be trusted withinISafeSignatureVerifier
if called fromSignatureVerifierMuxer
.ISafeSignatureVerifier
Security requirements:
_hash = h(abi.encodePacked("\x19\x01", domainSeparator, h(typeHash || encodeData)))
.Storage
Storage of custom method handlers and custom domain verifiers is contained within the
ExtensibleFallbackhandler
deployment. Therefore, any update of thefallbackHandler
for aSafe
would in-effect "reset" the custom methods / domain verifiers for theSafe.