stackup-wallet
diff --git a/‎.env.example‎
Lines changed: 6 additions & 0 deletions b/‎.env.example‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 3 additions & 0 deletions b/‎.gitignore‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎LICENSE.md‎
Lines changed: 21 additions & 0 deletions b/‎LICENSE.md‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 25 additions & 12 deletions b/‎README.md‎
Lines changed: 25 additions & 12 deletions
diff --git a/‎audits/spearbit-july2025.pdf‎
211 KB b/‎audits/spearbit-july2025.pdf‎
211 KB
diff --git a/‎broadcast/DeployKeystore.s.sol/1/run-1755316591.json‎
Lines changed: 47 additions & 0 deletions b/‎broadcast/DeployKeystore.s.sol/1/run-1755316591.json‎
Lines changed: 47 additions & 0 deletions
@@ -1,2 +1,8 @@
+ETH_RPC_URL=
 BASE_RPC_URL=
+ARBITRUM_RPC_URL=
+OPTIMISM_RPC_URL=
+POLYGON_RPC_URL=
+BSC_RPC_URL=
+AVAX_RPC_URL=
 ETHERSCAN_API_KEY=
@@ -12,3 +12,6 @@ docs/
 
 # Dotenv file
 .env
+
+# Dependency directories
+node_modules/
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Stackup Finance, Inc
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -10,12 +10,12 @@ All contracts are deployed deterministically with the following addresses.
 
 | Contract                     | Address                                      |
 | ---------------------------- | -------------------------------------------- |
-| Keystore                     | `0x18c90BdFc5667D11605ebde82E5E9CDC4D789363` |
-| KeystoreAccountFactory       | `0x2F775F9FFC02231C3Bb1EA1281f1Da9ba2f2a069` |
-| UserOpECDSAVerifier          | `0xf5bC4DB1cdedf1aDDD0d6543BA669837d5D0f3b3` |
-| UserOpMultiSigVerifier       | `0xC498f1f881bdd8a2FEB6aABf166cF6E08Cf4e559` |
-| UserOpWebAuthnVerifier       | `0xEcb9be3dbB737Ed13a768B2B7D030B483Bf5c9f2` |
-| UserOpWebAuthnCosignVerifier | `0x36674817e050a37DA325d66B6dbD1a93063Dc6B9` |
+| Keystore                     | `0x69C9F626b5Bd934C0F9806346682eD407FB978d3` |
+| KeystoreAccountFactory       | `0x625cF8EDec3f68d48D3aA385F356524B04760BE8` |
+| UserOpECDSAVerifier          | `0x294CD71960eed5AEa11DbbFa5D3c8eA4A1c1CE0F` |
+| UserOpMultiSigVerifier       | `0x1dBadE1E34706f83598ae9acFC63B7F4f928146E` |
+| UserOpWebAuthnVerifier       | `0xE19620169A26aEbC4Fe229A073639da6b009bF1a` |
+| UserOpWebAuthnCosignVerifier | `0x7CD0D83C0c33AAC9cef88c75F3EDec80F4175252` |
 
 ## Usage
 
@@ -25,6 +25,7 @@ Before being able to run any command, you need to create a .env file and set you
 
 ```shell
 $ forge install
+$ npm install
 ```
 
 ### Build
@@ -43,14 +44,26 @@ $ forge test
 
 ```shell
 # Keystore
-source .env && forge script script/DeployKeystore.s.sol --rpc-url $BASE_RPC_URL --ledger --verify --broadcast
+source .env && forge script script/DeployKeystore.s.sol --rpc-url $ETH_RPC_URL --ledger --verify --broadcast
 
 # Keystore account factory
-source .env && forge script script/DeployKeystoreAccountFactory.s.sol --rpc-url $BASE_RPC_URL --ledger --verify --broadcast
+source .env && forge script script/DeployKeystoreAccountFactory.s.sol --rpc-url $ETH_RPC_URL --ledger --verify --broadcast
 
 # Verifiers
-source .env && forge script script/DeployUserOpECDSAVerifier.s.sol --rpc-url $BASE_RPC_URL --ledger --verify --broadcast
-source .env && forge script script/DeployUserOpMultiSigVerifier.s.sol --rpc-url $BASE_RPC_URL --ledger --verify --broadcast
-source .env && forge script script/DeployUserOpWebAuthnVerifier.s.sol --rpc-url $BASE_RPC_URL --ledger --verify --broadcast
-source .env && forge script script/DeployUserOpWebAuthnCosignVerifier.s.sol --rpc-url $BASE_RPC_URL --ledger --verify --broadcast
+source .env && forge script script/DeployUserOpECDSAVerifier.s.sol --rpc-url $ETH_RPC_URL --ledger --verify --broadcast
+source .env && forge script script/DeployUserOpMultiSigVerifier.s.sol --rpc-url $ETH_RPC_URL --ledger --verify --broadcast
+source .env && forge script script/DeployUserOpWebAuthnVerifier.s.sol --rpc-url $ETH_RPC_URL --ledger --verify --broadcast
+source .env && forge script script/DeployUserOpWebAuthnCosignVerifier.s.sol --rpc-url $ETH_RPC_URL --ledger --verify --broadcast
+```
+
+### Example scripts
+
+The following commands are useful for users and application developers to work with the Keystore protocol.
+
+#### Verify configuration
+
+A minimal script to generate and verify a UCMT using the [openzeppelin Merkle tree library](https://github.com/OpenZeppelin/merkle-tree).
+
+```shell
+$ npm run examples:verify-ucmt
 ```
@@ -0,0 +1,47 @@
+{
+  "transactions": [
+    {
+      "hash": "0x018808a95bbedb109b33649e5c309544753ccfedbf0dea34f0dcfdab97d418d4",
+      "transactionType": "CREATE2",
+      "contractName": "Keystore",
+      "contractAddress": "0x69c9f626b5bd934c0f9806346682ed407fb978d3",
+      "function": null,
+      "arguments": null,
+      "transaction": {
+        "from": "0xf6731de143cd04d7e9aebe3b1b00adbbd4710249",
+        "to": "0x4e59b44847b379578588920ca78fbf26c0b4956c",
+        "gas": "0x1fc557",
+        "value": "0x0",
+        "input": "0x00000000000000000000000000000000000000000000000000000000000000006080604052348015600e575f5ffd5b506118d08061001c5f395ff3fe608060405234801561000f575f5ffd5b506004361061006f575f3560e01c806380855fff1161004d57806380855fff146100c15780638e9bd7c4146100d4578063afa6f9011461016c575f5ffd5b80634ffa04841461007357806359f99c78146100995780635ed9592a146100ae575b5f5ffd5b610086610081366004611027565b61018c565b6040519081526020015b60405180910390f35b6100ac6100a7366004611099565b61019e565b005b6100866100bc3660046110d8565b6104ac565b6100ac6100cf36600461110f565b610577565b6100866100e23660046111b3565b5f92835260016020908152604080852077ffffffffffffffffffffffffffffffffffffffffffffffff84168652825280852073ffffffffffffffffffffffffffffffffffffffff949094168552929052918190205491901b7fffffffffffffffffffffffffffffffffffffffffffffffff00000000000000001667ffffffffffffffff9091161790565b61017f61017a36600461120c565b6106a2565b604051610090919061128b565b5f610197838361077b565b9392505050565b6101a66107c0565b805f5b8181101561049e57368484838181106101c4576101c461129d565b90506020028101906101d691906112ca565b90505f5f6101ea8360400135604081901c91565b90925090505f61020c843561020560a0870160808801611306565b8585610848565b90505f80610244863561022560a0890160808a01611306565b61023260a08a018a61131f565b61023f60c08c018c61131f565b6108e8565b915091505f6102538784610ac1565b90506102a0818361026760e08b018b61131f565b8080601f0160208091040260200160405190810160405280939291908181526020018383808284375f92019190915250610c1b92505050565b156103175760208701356102ba60a0890160808a01611306565b60408051818b013581525f602082015273ffffffffffffffffffffffffffffffffffffffff92909216918a35917fdf6fe3b7516d2857b309887e79be529e781c7260ac62875fedf6c1adcccf3cbd910160405180910390a461048b565b61034160208801358461032e6101008b018b61131f565b61033c6101208d018d61131f565b610cb4565b801561039c575061039c8161035a6101208a018a61131f565b8080601f0160208091040260200160405190810160405280939291908181526020018383808284375f92019190915250610267925050506101408b018b61131f565b156103b65760208701356102ba60a0890160808a01611306565b86355f90815260208181526040822090890135916103da60a08b0160808c01611306565b73ffffffffffffffffffffffffffffffffffffffff16815260208101919091526040015f205561041c873561041560a08a0160808b01611306565b8887610d7e565b602087013561043160a0890160808a01611306565b60408051818b013581526001602082015273ffffffffffffffffffffffffffffffffffffffff92909216918a35917fdf6fe3b7516d2857b309887e79be529e781c7260ac62875fedf6c1adcccf3cbd910160405180910390a45b5050600190950194506101a99350505050565b50506104a8610e19565b5050565b5f806104ce8335336104c1604087018761131f565b61023f606089018961131f565b9150505f5f6104dc83610e43565b909250905073ffffffffffffffffffffffffffffffffffffffff82166304b073c5602087013561050f608089018961131f565b856040518563ffffffff1660e01b815260040161052f9493929190611380565b602060405180830381865afa15801561054a573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061056e91906113eb565b95945050505050565b60148110156105b2576040517f30812d4200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5f6105c06014828486611402565b6105c991611429565b60601c03610603576040517fbaa3de5f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5f61060e863361077b565b90505f838360405161062192919061148f565b6040518091039020905061063786868484610efd565b61066d576040517f09bde33900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5f82815260026020908152604080832084845282528083203384529091529020610698848683611568565b5050505050505050565b606060025f6106b1868661077b565b815260208082019290925260409081015f908120858252835281812073ffffffffffffffffffffffffffffffffffffffff87168252909252902080546106f6906114cb565b80601f0160208091040260200160405190810160405280929190818152602001828054610722906114cb565b801561076d5780601f106107445761010080835404028352916020019161076d565b820191905f5260205f20905b81548152906001019060200180831161075057829003601f168201915b505050505090509392505050565b5f8281526020818152604080832073ffffffffffffffffffffffffffffffffffffffff8516845290915281205480156107b457806107b6565b835b9150505b92915050565b7f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f005c15610819576040517f3ee5aeb500000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b61084660017f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f005b90610f35565b565b5f84815260016020908152604080832077ffffffffffffffffffffffffffffffffffffffffffffffff86168452825280832073ffffffffffffffffffffffffffffffffffffffff8716845290915290205467ffffffffffffffff90811690821681146108e0576040517f756688fe00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b949350505050565b5f6060848203610a0f576108fc838561167e565b915060025f61090b8a8a61077b565b815260208082019290925260409081015f908120858252835281812073ffffffffffffffffffffffffffffffffffffffff8b16825290925290208054610950906114cb565b80601f016020809104026020016040519081016040528092919081815260200182805461097c906114cb565b80156109c75780601f1061099e576101008083540402835291602001916109c7565b820191905f5260205f20905b8154815290600101906020018083116109aa57829003601f168201915b50505050509050601481511015610a0a576040517f726a091f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b610ab6565b8383604051610a1f92919061148f565b604080519182900382206020601f8701819004810284018101909252858352935085908590819084018382808284375f920182905250939450610a6892505050868801886116ba565b9050610a7e81610a788b8b61077b565b85610f3c565b610ab4576040517f09bde33900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b505b965096945050505050565b5f610ad260808401606085016117a0565b610b745782356020840135610aed60a0860160808701611306565b604086013585610b0161012089018961131f565b604051610b0f92919061148f565b60408051918290038220602083019790975281019490945273ffffffffffffffffffffffffffffffffffffffff9092166060840152608083015260a082015260c081019190915260e00160405160208183030381529060405280519060200120610197565b82356020840135610b8b60a0860160808701611306565b604086013585610b9f61012089018961131f565b604051610bad92919061148f565b60408051918290038220602083019790975281019490945273ffffffffffffffffffffffffffffffffffffffff9092166060840152608083015260a082015260c08101919091524660e082015261010001604051602081830303815290604052805190602001209392505050565b5f5f5f610c2785610e43565b9150915060018273ffffffffffffffffffffffffffffffffffffffff166304b073c58887856040518463ffffffff1660e01b8152600401610c6a939291906117bf565b602060405180830381865afa158015610c85573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610ca991906113eb565b149695505050505050565b5f80610cc2858701876116ba565b90505f839003610d1657610cd7818989610f3c565b610d0d576040517f1420d2a700000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5f915050610d74565b610d3881898686604051610d2b92919061148f565b6040518091039020610f3c565b610d6e576040517f1420d2a700000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b60019150505b9695505050505050565b610d898160016117e9565b5f94855260016020908152604080872077ffffffffffffffffffffffffffffffffffffffffffffffff95909516875293815283862073ffffffffffffffffffffffffffffffffffffffff959095168652939093525090912080547fffffffffffffffffffffffffffffffffffffffffffffffff00000000000000001667ffffffffffffffff909216919091179055565b6108465f7f9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f00610840565b5f6060601483511015610e82576040517f30812d4200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b610e8e835f6014610f7c565b610e979061182e565b60601c9150610ea98360148551610f7c565b905073ffffffffffffffffffffffffffffffffffffffff8216610ef8576040517fbaa3de5f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b915091565b5f8315610f2d578360051b8501855b803580851160051b94855260209485185260405f209301818110610f0c5750505b501492915050565b80825d5050565b5f835115610f755760208401845160051b81015b8151841160051b938452815160209485185260405f209390910190808210610f505750505b5014919050565b60608351828111610f8b578092505b838111610f96578093505b508183101561019757506040518282038484017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f830181165b8281015185820152810180610fd1575050508060208301015f81526020810160405250808252509392505050565b803573ffffffffffffffffffffffffffffffffffffffff81168114611022575f5ffd5b919050565b5f5f60408385031215611038575f5ffd5b8235915061104860208401610fff565b90509250929050565b5f5f83601f840112611061575f5ffd5b50813567ffffffffffffffff811115611078575f5ffd5b6020830191508360208260051b8501011115611092575f5ffd5b9250929050565b5f5f602083850312156110aa575f5ffd5b823567ffffffffffffffff8111156110c0575f5ffd5b6110cc85828601611051565b90969095509350505050565b5f602082840312156110e8575f5ffd5b813567ffffffffffffffff8111156110fe575f5ffd5b820160a08185031215610197575f5ffd5b5f5f5f5f5f60608688031215611123575f5ffd5b85359450602086013567ffffffffffffffff811115611140575f5ffd5b61114c88828901611051565b909550935050604086013567ffffffffffffffff81111561116b575f5ffd5b8601601f8101881361117b575f5ffd5b803567ffffffffffffffff811115611191575f5ffd5b8860208284010111156111a2575f5ffd5b959894975092955050506020019190565b5f5f5f606084860312156111c5575f5ffd5b833592506111d560208501610fff565b9150604084013577ffffffffffffffffffffffffffffffffffffffffffffffff81168114611201575f5ffd5b809150509250925092565b5f5f5f6060848603121561121e575f5ffd5b8335925061122e60208501610fff565b929592945050506040919091013590565b5f81518084528060208401602086015e5f6020828601015260207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f83011685010191505092915050565b602081525f610197602083018461123f565b7f4e487b71000000000000000000000000000000000000000000000000000000005f52603260045260245ffd5b5f82357ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffea18336030181126112fc575f5ffd5b9190910192915050565b5f60208284031215611316575f5ffd5b61019782610fff565b5f5f83357fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe1843603018112611352575f5ffd5b83018035915067ffffffffffffffff82111561136c575f5ffd5b602001915036819003821315611092575f5ffd5b84815260606020820152826060820152828460808301375f608084830101525f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f850116820160808382030160408401526113e0608082018561123f565b979650505050505050565b5f602082840312156113fb575f5ffd5b5051919050565b5f5f85851115611410575f5ffd5b8386111561141c575f5ffd5b5050820193919092039150565b80357fffffffffffffffffffffffffffffffffffffffff0000000000000000000000008116906014841015611488577fffffffffffffffffffffffffffffffffffffffff000000000000000000000000808560140360031b1b82161691505b5092915050565b818382375f9101908152919050565b7f4e487b71000000000000000000000000000000000000000000000000000000005f52604160045260245ffd5b600181811c908216806114df57607f821691505b602082108103611516577f4e487b71000000000000000000000000000000000000000000000000000000005f52602260045260245ffd5b50919050565b601f82111561156357805f5260205f20601f840160051c810160208510156115415750805b601f840160051c820191505b81811015611560575f815560010161154d565b50505b505050565b67ffffffffffffffff8311156115805761158061149e565b6115948361158e83546114cb565b8361151c565b5f601f8411600181146115e4575f85156115ae5750838201355b7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff600387901b1c1916600186901b178355611560565b5f838152602081207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe08716915b828110156116315786850135825560209485019460019092019101611611565b508682101561166c577fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff60f88860031b161c19848701351681555b505060018560011b0183555050505050565b803560208310156107ba577fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff602084900360031b1b1692915050565b5f602082840312156116ca575f5ffd5b813567ffffffffffffffff8111156116e0575f5ffd5b8201601f810184136116f0575f5ffd5b803567ffffffffffffffff81111561170a5761170a61149e565b8060051b6040517fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0603f830116810181811067ffffffffffffffff821117156117555761175561149e565b604052918252602081840181019290810187841115611772575f5ffd5b6020850194505b8385101561179557843580825260209586019590935001611779565b509695505050505050565b5f602082840312156117b0575f5ffd5b81358015158114610197575f5ffd5b838152606060208201525f6117d7606083018561123f565b8281036040840152610d74818561123f565b67ffffffffffffffff81811683821601908111156107ba577f4e487b71000000000000000000000000000000000000000000000000000000005f52601160045260245ffd5b805160208201517fffffffffffffffffffffffffffffffffffffffff000000000000000000000000811691906014821015611893577fffffffffffffffffffffffffffffffffffffffff000000000000000000000000808360140360031b1b82161692505b505091905056fea26469706673582212208b6bd610be10cd7a4abbffcf557f19951214c8906f04b3791c8811aa7059e2e264736f6c634300081c0033",
+        "nonce": "0x7a",
+        "chainId": "0x1"
+      },
+      "additionalContracts": [],
+      "isFixedGasLimit": false
+    }
+  ],
+  "receipts": [
+    {
+      "status": "0x1",
+      "cumulativeGasUsed": "0x8f74c6",
+      "logs": [],
+      "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+      "type": "0x2",
+      "transactionHash": "0x018808a95bbedb109b33649e5c309544753ccfedbf0dea34f0dcfdab97d418d4",
+      "transactionIndex": "0x61",
+      "blockHash": "0x85f6b864b7aacdab3b559ecf3b0d50a3a036944ef389ad470c324c6b1ddf0b01",
+      "blockNumber": "0x16141ce",
+      "gasUsed": "0x15b943",
+      "effectiveGasPrice": "0xfef7c34",
+      "from": "0xf6731de143cd04d7e9aebe3b1b00adbbd4710249",
+      "to": "0x4e59b44847b379578588920ca78fbf26c0b4956c",
+      "contractAddress": "0x69c9f626b5bd934c0f9806346682ed407fb978d3"
+    }
+  ],
+  "libraries": [],
+  "pending": [],
+  "returns": {},
+  "timestamp": 1755316591,
+  "chain": 1,
+  "commit": "a30abbb"
+}