Skip to content

Simplification & Fixes in Orchestrator and Account #258

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
legion2002 wants to merge 11 commits into
base: main
Choose a base branch
from
Draft

Simplification & Fixes in Orchestrator and Account #258

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b78b0c4
feat: removing batching from the orchestrator
legion2002 Jul 21, 2025
dc628ec
feat: add peripheral intent batching contract
legion2002 Jul 21, 2025
6151a44
fix: combined gas issue, use executeGas instead
legion2002 Jul 21, 2025
478cde0
feat: create separate simulation contracts with bytecode overloads
legion2002 Jul 22, 2025
ed98d3a
chore: return gAccountExecute in OrchestratorSim
legion2002 Jul 22, 2025
88eeb7d
chore: update simulator to new gas mechanism (WIP)
legion2002 Jul 23, 2025
b9adc71
chore: updated simulator
legion2002 Jul 31, 2025
2cdc071
chore: (WIP) fixing tests
legion2002 Aug 4, 2025
5e2a016
fix: intent encoding in self call standardized
legion2002 Aug 5, 2025
0c22774
fix: some overrides, still has a bug related to code overrides
legion2002 Aug 5, 2025
0a5058b
fix: bunch of fixes still WIP
legion2002 Aug 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 44 additions & 0 deletions src/Batcher.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.23;

import {IOrchestrator} from "./interfaces/IOrchestrator.sol";

/// @title Batcher
/// @notice Contract for executing multiple intents through the orchestrator in a single transaction
/// @dev Individual intent failures do not revert the entire batch
contract Batcher {
/// @notice Emitted when an intent execution fails
event IntentFailed(uint256 indexed index, bytes reason);

error InvalidArrayLength();
error ArrayLengthMismatch();

/// @notice Execute multiple intents through the orchestrator
/// @param orchestrator The orchestrator contract address
/// @param encodedIntents Array of encoded intents
/// @param intentGas Array of gas amounts for each intent
function batchExecute(
address orchestrator,
bytes[] calldata encodedIntents,
uint256[] calldata intentGas
) external {
uint256 length = encodedIntents.length;

if (length == 0) revert InvalidArrayLength();
if (length != intentGas.length) revert ArrayLengthMismatch();

// Execute each intent
for (uint256 i = 0; i < length; ++i) {
// Encode the function call
bytes memory data =
abi.encodeWithSelector(IOrchestrator.execute.selector, encodedIntents[i]);

// Make the call with specified gas
(bool success, bytes memory returnData) = orchestrator.call{gas: intentGas[i]}(data);

if (!success) {
emit IntentFailed(i, returnData);
}
}
}
}
7 changes: 0 additions & 7 deletions src/IthacaAccount.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -627,13 +627,6 @@ contract IthacaAccount is IIthacaAccount, EIP712, GuardedExecutor {
// Set the target key hash to the payer's.
keyHash = k;

Copy link
Contributor

@github-actions github-actions bot Jul 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Simulation Logic Removal - Security Improvement

Excellent removal of simulation-specific logic from production contract!

Security benefits:

  1. Eliminates attack surface: Removes special-case logic that could be exploited
  2. Cleaner audit trail: Production contract behavior is now deterministic
  3. Separation of concerns: Simulation logic moved to dedicated simulation contracts

The removal of the address(ORCHESTRATOR).balance == type(uint256).max check is particularly good - this was a hacky way to detect simulation mode that could potentially be gamed.

Copy link
Collaborator

@Vectorized Vectorized Jul 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i like this removal. now the simulation functionality is more isolated.

// If this is a simulation, signature validation errors are skipped.
/// @dev to simulate a paymaster, state override the balance of the msg.sender
/// to type(uint256).max. In this case, the msg.sender is the ORCHESTRATOR.
if (address(ORCHESTRATOR).balance == type(uint256).max) {
isValid = true;
}

if (!isValid) {
revert Unauthorized();
}
Expand Down
293 changes: 56 additions & 237 deletions src/Orchestrator.sol
View file
Open in desktop

Large diffs are not rendered by default.

Loading
Loading