Description

The amount of gas passed into the _validatePaymasterUserOp() function is equal to the userOp.verificationGasLimit. This same gas limit is later used when the _postOp() function is called. However, _validatePaymasterUserOp() does not check to ensure that userOp.verificationGasLimit is high enough to handle the call to _postOp().

Impact

If _validatePaymasterUserOp() succeeds, and execution then fails in the call to _postOp(), the Entrypoint contract will revert the entire transaction, so the whole bundle of user operations being executed would revert.

Recommendations

Enforce a minimum value for userOp.verificationGasLimit in _validatePaymasterUserOp(). This will ensure that the bundle containing this user operation is invalidated sooner, saving on gas fees.

Remediation

The client stated that the verificationGasLimit is checked in the out of scope Entrypoint contract. They have also added an integration test for this case in test/bundler-integration/sponsorship-paymaster/biconomy-verifying-paymaster-v2-specs.ts at commit c7dc1dff↗.