Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Biconomy PasskeyRegistry and SessionKeyManager>Threat Model>validateSessionUserOp
GeneralOverview
Findings
Critical (1)
High (1)
Medium (2)
Low (1)
DiscussionVulnerable MerkleProof library versionThe `validateSessionUserOp` uses offsets
Threat ModelWhat are threat models?
ERC20SessionValidationModule.solvalidateSessionUserOp
PasskeyRegistryModule.solSessionKeyManagerModule.sol
Audit ResultsSummary

Function: validateSessionUserOp(UserOperation _op, bytes32 _userOpHash, bytes _sessionKeyData, bytes _sessionKeySignature)

The purpose of this function is to ensure that the provided user operation is valid, matches the session key permissions, and is approved by the session key signature.

  • _op: This is a UserOperation struct representing the user's operation details.

  • _userOpHash: This is the hash of the user's operation.

  • _sessionKeyData: This is encoded session-key data containing the session key, token address, recipient address, and maximum-allowed amount.

  • _sessionKeySignature: This is the signature of the session key.

The ECDSA signature of the _userOpHash is recovered using the provided _sessionKeySignature. The recovered address is then compared with the session key. If they match, the function returns true, indicating that the user operation is valid.

Zellic © 2025Back to top ↑