code optimisation

[livingrockrises]

• Remove pack() function and move everything to own implementation of getHash()

• refactor this.exchangeRate -> exchangeRate by making function external -> public

• aid contract FeeManager which might be helpful in future

• dev notes : todo / review that should be checked on final stage (early stage of audits)

• not using userOp.gasPrice() as bundlers would reject this (because it touches GASPRICE and BASEFEE opcodes)
  NOTE: postOp may still use calculation based on above op-codes as max priority would be truth for accurate calcs
  updated context accordingly so we still have needful information

• commented allowance check and validateConstructor to open a discussion around this
  EDIT: removed above

• Added a test case for undeployed wallet

[tomarsachin2271]

what is PND offset. Defined this in line comment above this line.

[livingrockrises]

ok done

[tomarsachin2271]

In Constructor, _transferOwnership(_owner) is already done in BasePaymaster.
No need to do this again in this constructor.

[livingrockrises]

fixed

[tomarsachin2271]

In setFeeReceiver() method, we are saving feeReceiver address in a slot variable.

assembly {
    sstore(feeReceiver.slot, _newFeeReceiver)
}

But in constructor we are saving directly in variable.

feeReceiver = address(this);

Same is happening for oracleAggregator as well.

[livingrockrises]

I din't get this. We can make this consistent, is that what you mean?

[livingrockrises]

can use assembly in the constructor

[tomarsachin2271]

yes need to make this consistent

[livingrockrises]

this change is already done, pushed in last commit.

[tomarsachin2271]

why is this made payable?

[livingrockrises]

All the methods that are not likely to be called (for example onlyOwner ones) will save gas if they are payable, because this removes the verification if there's value provided with the call

[tomarsachin2271]

Update this comment

from

/**
  * add a deposit for this paymaster, used for paying for transaction fees
  */

to

/**
  * Add a deposit in native currency for this paymaster, used for paying for transaction fees. 
  * This is ideally done by the entity who is managing the received ERC20 gas tokens.
  */

[livingrockrises]

ok done

[tomarsachin2271]

We should add the fee also during actualTokenCost calculation.

[livingrockrises]

@tomarsachin2271 fee is in token terms, not gas execution cost or like fee multiplier even.

in below line check, no of tokens being transferred is actualTokenCost + fee

[tomarsachin2271]

Where is this enum used?

[livingrockrises]

within the contract where Exec could be used.

this is utils contract which is not used directly in token paymaster. and won't be part of the audit

[tomarsachin2271]

Also emit effectiveExchangePrice , userOpHash, priceSource in the event for better tracking purpose.

If possible add another field which have value 'actualTokenCost + fee' also to simplify the accounting if it is to be used off-chain.

Need to pass userOpHash in the context from validatePaymasterUserOp method.

[livingrockrises]

so what all we should emit?

userOpHash will anyways be emitted in UserOperationEvent (sender as well)

I am also emitting actualTokenCost and fee separately, do you want us to emit actualTokenCost, fee, and actualTokenCost + fee ?

and should all of these be in same event (I can index at max 3 values - all indexed is ideal)

[tomarsachin2271]

Yes we need to also emit UserOpHash in this event, coz we want to co-relate the transaction when we update these transactions in the database in paymaster service.
Eg. When signing request comes to paymaster service, we save the data in db with userOpHash as primary key.
Now when we track the TokenPaymasterOperation event, then it becomes hard to corelate it with userOpHash already present in the database. Now we have to get all the logs of same transactino and try to search UserOperation event (which can be multiple btw in same transaction) and then try to corelate it with this event.

That's why its important to emit userOpHash also in this event, so we can corelate this event with actual transaction data in database.

Also its fine if there are more than 3 events, it can be decoded using the ABI, not a big issue.

So in all we need to emit
userOpHash, (actualTokenCost+fee), fee, account, tokenAddress, effectiveExchangePrice, priceSource

Where account, tokenAddress, actualTokenCost+fee are indexed.

[livingrockrises]

ok, let me make single event and add more fields.

[livingrockrises]

done

[tomarsachin2271]

Contract level comment can be made more clear and simple.

/**
 * A token-based paymaster that allows user to pay gas fee in ERC20 tokens. The paymaster owner chooses which tokens to accept.
 * The payment manager (usually the owner) first deposits native gas into the EntryPoint. Then, for each transaction, it takes the gas fee from the user's ERC20 token balance. The manager must convert these collected tokens back to native gas and deposit it into the EntryPoint to keep the system running.
 * It is an extension of VerifyingPaymaster which trusts external signer to authorize the transaction, but also with an ability to withdraw tokens.
 * 
 * The validatePaymasterUserOp function does not interact with external contracts but uses an externally provided exchange rate.
 * Based on the exchangeRate and requiredPrefund amount, the validation method checks if the user's account has enough token balance. This is done by only looking at the referenced storage.
 * All Withdrawn tokens are sent to a dynamic fee receiver address.
 * 
 * Optionally a safe guard deposit may be used in future versions.
 */

[livingrockrises]

done

[tomarsachin2271]

Below line can be changed as paymasterAndData now contains more data.

The paymaster data is expected to be the paymaster and a signature over the entire request parameters.

[livingrockrises]

done

[livingrockrises]

if rest of the things are fine you can approve this and I can merge.