Skip to content

EIP-7702 Session Key Utils #151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 25, 2025
Merged

EIP-7702 Session Key Utils #151

merged 1 commit into from
Jun 25, 2025

Conversation

0xFirekeeper
Copy link
Member

@0xFirekeeper 0xFirekeeper commented Jun 25, 2025

Closes TOOL-4874

PR-Codex overview

This PR introduces new classes and methods related to session keys and permissions for EIP-7702 accounts in the Thirdweb wallet system. It enhances functionality for managing session states, call policies, and transfer policies.

Detailed summary

  • Added LimitState and SessionState classes to manage session-related data.
  • Implemented CreateSessionKey, SignerHasFullPermissions, GetCallPoliciesForSigner, GetTransferPoliciesForSigner, GetSessionExpirationForSigner, and GetSessionStateForSigner methods.
  • Introduced Ensure7702 method to validate EIP-7702 execution mode and delegation status.
  • Updated comments to clarify method purposes and exceptions.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

  • New Features

    • Introduced advanced session key management for compatible wallets, including creation of session keys with granular permissions and policies.
    • Added ability to check signer permissions, retrieve session expiration, and inspect session and policy details for signers.
    • Expanded data models to represent session states and permission limits for improved session management visibility.
  • Documentation

    • Enhanced in-code examples and comments to illustrate session key workflows and permission management.

Copy link

linear bot commented Jun 25, 2025

Copy link

coderabbitai bot commented Jun 25, 2025

Walkthrough

New session key management and query methods were added to the EcosystemWallet class for EIP-7702 accounts, including session creation, permission checks, and policy/state retrieval. Supporting data structures for session state were introduced. Example usage of these features was added to the console application, with improved address resolution efficiency.

Changes

Files/Paths Change Summary
Thirdweb.Console/Program.cs Expanded EIP-7702 example: caches ENS address, demonstrates new session key creation and querying methods.
Thirdweb/Thirdweb.Wallets/InAppWallet/EcosystemWallet/EcosystemWallet.cs Added async methods for session key creation, permission checks, and session/call/transfer policy retrieval.
Thirdweb/Thirdweb.Wallets/SmartWallet/Thirdweb.AccountAbstraction/AATypes.cs Added LimitState and SessionState structs for representing session and policy state.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant EcosystemWallet
    participant EIP7702Contract

    User->>EcosystemWallet: CreateSessionKey(chainId, signerAddress, ...)
    EcosystemWallet->>EcosystemWallet: Ensure7702()
    EcosystemWallet->>EIP7702Contract: createSessionKey(...)
    EIP7702Contract-->>EcosystemWallet: TransactionReceipt
    EcosystemWallet-->>User: TransactionReceipt

    User->>EcosystemWallet: SignerHasFullPermissions(chainId, signerAddress)
    EcosystemWallet->>EcosystemWallet: Ensure7702()
    EcosystemWallet->>EIP7702Contract: hasFullPermissions(signerAddress)
    EIP7702Contract-->>EcosystemWallet: bool
    EcosystemWallet-->>User: bool

    User->>EcosystemWallet: GetSessionStateForSigner(chainId, signerAddress)
    EcosystemWallet->>EcosystemWallet: Ensure7702()
    EcosystemWallet->>EIP7702Contract: getSessionState(signerAddress)
    EIP7702Contract-->>EcosystemWallet: SessionState
    EcosystemWallet-->>User: SessionState
Loading

Assessment against linked issues

Objective Addressed Explanation
Expose EIP-7702 session key read extensions (TOOL-4874)

Possibly related PRs

  • thirdweb-dev/dotnet#150: Expands session key management in Program.cs using new EcosystemWallet methods for session key creation and querying, directly related to the changes here.

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)
  • EIP-7702: Entity not found: Issue - Could not find referenced Issue.

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4666962 and 5c3a454.

📒 Files selected for processing (3)
  • Thirdweb.Console/Program.cs (1 hunks)
  • Thirdweb/Thirdweb.Wallets/InAppWallet/EcosystemWallet/EcosystemWallet.cs (4 hunks)
  • Thirdweb/Thirdweb.Wallets/SmartWallet/Thirdweb.AccountAbstraction/AATypes.cs (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (1)
  • GitHub Check: build-test-cov
🔇 Additional comments (5)
Thirdweb/Thirdweb.Wallets/SmartWallet/Thirdweb.AccountAbstraction/AATypes.cs (1)

650-684: LGTM! Well-structured data types for session state management.

The LimitState and SessionState structs are properly defined with correct ABI encoding and JSON serialization attributes. They follow the existing patterns in the file and provide a clean structure for representing session limits and state.

Thirdweb.Console/Program.cs (1)

375-427: Good optimization: Caching ENS resolved address.

The introduction of signerAddress variable to cache the ENS lookup result is a smart optimization that avoids redundant network calls. The examples effectively demonstrate the usage of the new session key management APIs.

Thirdweb/Thirdweb.Wallets/InAppWallet/EcosystemWallet/EcosystemWallet.cs (3)

453-503: Well-implemented session key creation with comprehensive validation.

The CreateSessionKey method properly validates inputs, handles the session spec creation with appropriate defaults, and uses EIP-712 signing correctly. The integration with the contract execution flow is clean.


505-618: Excellent implementation of session query methods.

All the query methods (SignerHasFullPermissions, GetCallPoliciesForSigner, GetTransferPoliciesForSigner, GetSessionExpirationForSigner, GetSessionStateForSigner) follow a consistent pattern with proper validation and error handling. The documentation is comprehensive and the async implementation is correct.


1472-1486: Clean helper method for EIP-7702 validation.

The Ensure7702 method provides proper validation for execution mode and delegation status with clear error messages. Good abstraction of common validation logic.

✨ Finishing Touches
  • 📝 Generate Docstrings

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@codecov-commenter
Copy link

Codecov Report

Attention: Patch coverage is 0% with 7 lines in your changes missing coverage. Please review.

Project coverage is 60.73%. Comparing base (4666962) to head (5c3a454).

Files with missing lines Patch % Lines
...SmartWallet/Thirdweb.AccountAbstraction/AATypes.cs 0.00% 7 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #151      +/-   ##
==========================================
- Coverage   60.78%   60.73%   -0.05%     
==========================================
  Files          41       41              
  Lines        6563     6570       +7     
  Branches      832      832              
==========================================
+ Hits         3989     3990       +1     
- Misses       2385     2392       +7     
+ Partials      189      188       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@0xFirekeeper 0xFirekeeper merged commit daf4ca2 into main Jun 25, 2025
4 checks passed
@0xFirekeeper 0xFirekeeper deleted the firekeeper/7702-utils branch June 25, 2025 22:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants