Function: validateSessionKey(address smartAccount, uint48 validUntil, uint48 validAfter, address sessionValidationModule, byte[] sessionKeyData, byte[32][] merkleProof)

Validates that Session Key and parameters are enabled by being included into the Merkle tree.

Inputs

• smartAccount

  • Control: Full.

  • Constraints: Must be a valid Ethereum address.

  • Impact: The smartAccount for which the session key is being validated.

• validUntil

  • Control: Full.

  • Constraints: N/A.

  • Impact: The timestamp when the session key expires.

• validAfter

  • Control: Full.

  • Constraints: N/A.

  • Impact: The timestamp when the session key becomes valid.

• sessionValidationModule

  • Control: Full.

  • Constraints: Must be a valid contract address.

  • Impact: The address of the Session Validation Module.

• sessionKeyData

  • Control: Full.

  • Constraints: N/A.

  • Impact: The session parameters (limitations/permissions).

• merkleProof

  • Control: Full.

  • Constraints: N/A.

  • Impact: The Merkle proof for the leaf that represents this session key and params.

Branches and code coverage (including function calls)

Intended branches

• Function successfully fetches the session key storage for the provided smart account.

  Test coverage

Negative behavior

• Function reverts with SessionNotApproved due to invalid session key (data).

  Negative test

Function call analysis

• rootFunction -> verify(bytes32[], bytes32, bytes32)

  • What is controllable?: merkleProof, smartAccount, validUntil, validAfter, sessionValidationModule, and sessionKeyData.

  • If return value controllable, how is it used and how can it go wrong?: It is used to verify the proof.

  • What happens if it reverts, reenters, or does other unusual control flow?: N/A.