potential separate contract approach for setting 1967 slot

amiecorso · amiecorso · commit 10061d04f3bb · 2025-02-06T07:47:37.000-08:00
diff --git a/src/EIP7702Proxy.sol b/src/EIP7702Proxy.sol
@@ -144,4 +144,6 @@ contract EIP7702Proxy is Proxy {
     function _implementation() internal view override returns (address) {
         return ERC1967Utils.getImplementation();
     }
+
+    receive() external payable {}
 }
diff --git a/src/Implementation1967Resetter.sol b/src/Implementation1967Resetter.sol
@@ -0,0 +1,72 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.23;
+
+import {ECDSA} from "openzeppelin-contracts/contracts/utils/cryptography/ECDSA.sol";
+import {ERC1967Utils} from "openzeppelin-contracts/contracts/proxy/ERC1967/ERC1967Utils.sol";
+
+/**
+ * @title Implementation1967Resetter
+ * @notice Contract deployed via EIP-7702 to reset the ERC-1967 implementation slot
+ * @dev This contract is meant to be deployed temporarily at an EOA's address to reset
+ *      the implementation slot before re-delegating back to the EIP7702Proxy
+ */
+contract Implementation1967Resetter {
+    /// @notice Emitted when signature verification fails
+    error InvalidSignature();
+
+    /// @notice Emitted when nonce has already been used
+    error NonceAlreadyUsed();
+
+    /// @notice Address of the global nonce tracker contract
+    address public immutable nonceTracker;
+
+    constructor(address _nonceTracker) {
+        if (_nonceTracker == address(0)) revert("Zero address");
+        nonceTracker = _nonceTracker;
+    }
+
+    /**
+     * @notice Resets the ERC-1967 implementation slot after signature verification
+     * @param newImplementation The implementation address to set
+     * @param nonce The nonce for this operation (verified against NonceTracker)
+     * @param signature The EOA signature authorizing this change
+     */
+    function resetImplementation(
+        address newImplementation,
+        uint256 nonce,
+        bytes calldata signature
+    ) external {
+        // Verify nonce hasn't been used
+        if (
+            !INonceTracker(nonceTracker).verifyAndUseNonce(address(this), nonce)
+        ) {
+            revert NonceAlreadyUsed();
+        }
+
+        // Only need to sign over the implementation and nonce
+        bytes32 hash = keccak256(abi.encode(newImplementation, nonce));
+
+        // Verify signature is from this address (the EOA)
+        address recovered = ECDSA.recover(hash, signature);
+        if (recovered != address(this)) {
+            revert InvalidSignature();
+        }
+
+        // Update the implementation slot
+        ERC1967Utils.upgradeToAndCall(
+            newImplementation,
+            "" // No initialization needed
+        );
+    }
+}
+
+/**
+ * @title INonceTracker
+ * @notice Interface for the nonce tracking contract
+ */
+interface INonceTracker {
+    function verifyAndUseNonce(
+        address account,
+        uint256 nonce
+    ) external returns (bool);
+}
diff --git a/src/NonceTracker.sol b/src/NonceTracker.sol
@@ -0,0 +1,42 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.23;
+
+/**
+ * @title NonceTracker
+ * @notice Global nonce tracking for EIP-7702 accounts
+ * @dev Maintains nonce state separately from mutable EOA storage
+ */
+contract NonceTracker {
+    /// @notice Mapping of account => highest used nonce
+    mapping(address => uint256) private highestNonce;
+
+    /**
+     * @notice Verifies and marks a nonce as used for an account
+     * @param account The account using the nonce
+     * @param nonce The nonce to verify and use
+     * @return success True if nonce was valid and is now used
+     */
+    function verifyAndUseNonce(
+        address account,
+        uint256 nonce
+    ) external returns (bool) {
+        uint256 current = highestNonce[account];
+
+        // Nonce must be strictly increasing
+        if (nonce <= current) {
+            return false;
+        }
+
+        highestNonce[account] = nonce;
+        return true;
+    }
+
+    /**
+     * @notice Gets the highest used nonce for an account
+     * @param account The account to check
+     * @return The highest nonce used so far
+     */
+    function getHighestNonce(address account) external view returns (uint256) {
+        return highestNonce[account];
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -144,4 +144,6 @@ contract EIP7702Proxy is Proxy {`
`144`	`144`	`function _implementation() internal view override returns (address) {`
`145`	`145`	`return ERC1967Utils.getImplementation();`
`146`	`146`	`}`
	`147`	`+`
	`148`	`+ receive() external payable {}`
`147`	`149`	`}`