Function: validateSessionKey(address smartAccount, uint48 validUntil, uint48 validAfter, address sessionValidationModule, byte[] sessionKeyData, byte[32][] merkleProof)

Validates that Session Key and parameters are enabled by being included into the Merkle tree.

Inputs

  • smartAccount

    • Control: Full.

    • Constraints: Must be a valid Ethereum address.

    • Impact: The smartAccount for which the session key is being validated.

  • validUntil

    • Control: Full.

    • Constraints: N/A.

    • Impact: The timestamp when the session key expires.

  • validAfter

    • Control: Full.

    • Constraints: N/A.

    • Impact: The timestamp when the session key becomes valid.

  • sessionValidationModule

    • Control: Full.

    • Constraints: Must be a valid contract address.

    • Impact: The address of the Session Validation Module.

  • sessionKeyData

    • Control: Full.

    • Constraints: N/A.

    • Impact: The session parameters (limitations/permissions).

  • merkleProof

    • Control: Full.

    • Constraints: N/A.

    • Impact: The Merkle proof for the leaf that represents this session key and params.

Branches and code coverage (including function calls)

Intended branches

  • Function successfully fetches the session key storage for the provided smart account.

Negative behavior

  • Function reverts with SessionNotApproved due to invalid session key (data).

Function call analysis

  • rootFunction -> verify(bytes32[], bytes32, bytes32)

    • What is controllable?: merkleProof, smartAccount, validUntil, validAfter, sessionValidationModule, and sessionKeyData.

    • If return value controllable, how is it used and how can it go wrong?: It is used to verify the proof.

    • What happens if it reverts, reenters, or does other unusual control flow?: N/A.

Zellic © 2024Back to top ↑