Add removeLastOwner for replayability (#52)

* Added removeLastOwner selector to list of approved selectors for replayability * add missing arg to certora .spec * Fix typo in sig hash in spec
coinbase · Apr 12, 2024 · 9edcf7f · 9edcf7f
1 parent 487151a
commit 9edcf7f
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 1 deletion.
diff --git a/certora/specs/ERC4337Account.spec b/certora/specs/ERC4337Account.spec
@@ -119,7 +119,8 @@ rule OnlyOwnerOrSelf(env e, method f) filtered {
     // There is no difference between filtering functions and using them as a lhs of implication
     f -> f.selector == sig:addOwnerAddress(address).selector 
         || f.selector == sig:addOwnerPublicKey(bytes32, bytes32).selector
-        || f.selector == sig:removeOwnerAtIndex(uint256, bytes).selector 
+        || f.selector == sig:removeOwnerAtIndex(uint256, bytes).selector
+        || f.selector == sig:removeLastOwner(uint256, bytes).selector
         || f.selector == sig:upgradeToAndCall(address, bytes).selector 
 } {
     bool ownerBefore = e.msg.sender == currentContract || isOwnerAddress(e.msg.sender); // owner can remove themselves

diff --git a/src/CoinbaseSmartWallet.sol b/src/CoinbaseSmartWallet.sol
@@ -255,6 +255,7 @@ contract CoinbaseSmartWallet is MultiOwnable, UUPSUpgradeable, Receiver, ERC1271
             functionSelector == MultiOwnable.addOwnerPublicKey.selector
                 || functionSelector == MultiOwnable.addOwnerAddress.selector
                 || functionSelector == MultiOwnable.removeOwnerAtIndex.selector
+                || functionSelector == MultiOwnable.removeLastOwner.selector
                 || functionSelector == UUPSUpgradeable.upgradeToAndCall.selector
         ) {
             return true;

diff --git a/test/CoinbaseSmartWallet/CanSkipChainIdValidation.t.sol b/test/CoinbaseSmartWallet/CanSkipChainIdValidation.t.sol
@@ -8,6 +8,7 @@ contract TestCanSkipChainIdValidation is SmartWalletTestBase {
         MultiOwnable.addOwnerAddress.selector,
         MultiOwnable.addOwnerPublicKey.selector,
         MultiOwnable.removeOwnerAtIndex.selector,
+        MultiOwnable.removeLastOwner.selector,
         UUPSUpgradeable.upgradeToAndCall.selector
     ];
     bytes4[] otherSelectors = [CoinbaseSmartWallet.execute.selector, CoinbaseSmartWallet.executeBatch.selector];