ithacaxyz · howydev · Sep 10, 2025 · Sep 10, 2025
diff --git a/lib/forge-std b/lib/forge-std
diff --git a/snapshots/BenchmarkTest.json b/snapshots/BenchmarkTest.json
@@ -16,11 +16,11 @@
   "testERC20Transfer_ERC4337MinimalAccount": "171906",
   "testERC20Transfer_ERC4337MinimalAccount_AppSponsor": "168917",
   "testERC20Transfer_ERC4337MinimalAccount_ERC20SelfPay": "217488",
-  "testERC20Transfer_IthacaAccount": "129918",
-  "testERC20Transfer_IthacaAccountWithSpendLimits": "190787",
-  "testERC20Transfer_IthacaAccount_AppSponsor": "141350",
-  "testERC20Transfer_IthacaAccount_AppSponsor_ERC20": "163827",
-  "testERC20Transfer_IthacaAccount_ERC20SelfPay": "147559",
+  "testERC20Transfer_IthacaAccount": "129892",
+  "testERC20Transfer_IthacaAccountWithSpendLimits": "190850",
+  "testERC20Transfer_IthacaAccount_AppSponsor": "141324",
+  "testERC20Transfer_IthacaAccount_AppSponsor_ERC20": "163801",
+  "testERC20Transfer_IthacaAccount_ERC20SelfPay": "147533",
   "testERC20Transfer_Safe4337": "197515",
   "testERC20Transfer_Safe4337_AppSponsor": "191679",
   "testERC20Transfer_Safe4337_ERC20SelfPay": "238658",
@@ -29,25 +29,25 @@
   "testERC20Transfer_ZerodevKernel_ERC20SelfPay": "252683",
   "testERC20Transfer_batch100_AlchemyModularAccount": "10104466",
   "testERC20Transfer_batch100_AlchemyModularAccount_ERC20SelfPay": "11635798",
-  "testERC20Transfer_batch100_IthacaAccount": "7695808",
-  "testERC20Transfer_batch100_IthacaAccount_AppSponsor": "8394864",
-  "testERC20Transfer_batch100_IthacaAccount_AppSponsor_ERC20": "8244232",
-  "testERC20Transfer_batch100_IthacaAccount_ERC20SelfPay": "7540412",
+  "testERC20Transfer_batch100_IthacaAccount": "7693208",
+  "testERC20Transfer_batch100_IthacaAccount_AppSponsor": "8392264",
+  "testERC20Transfer_batch100_IthacaAccount_AppSponsor_ERC20": "8241632",
+  "testERC20Transfer_batch100_IthacaAccount_ERC20SelfPay": "7537812",
   "testERC20Transfer_batch100_ZerodevKernel": "12626718",
   "testERC20Transfer_batch100_ZerodevKernel_ERC20SelfPay": "14176437",
   "testNativeTransfer_AlchemyModularAccount": "180829",
   "testNativeTransfer_CoinbaseSmartWallet": "178916",
-  "testNativeTransfer_IthacaAccount": "131320",
-  "testNativeTransfer_IthacaAccount_AppSponsor": "142783",
-  "testNativeTransfer_IthacaAccount_ERC20SelfPay": "156273",
+  "testNativeTransfer_IthacaAccount": "131294",
+  "testNativeTransfer_IthacaAccount_AppSponsor": "142757",
+  "testNativeTransfer_IthacaAccount_ERC20SelfPay": "156247",
   "testNativeTransfer_Safe4337": "198595",
   "testNativeTransfer_ZerodevKernel": "208635",
   "testUniswapV2Swap_AlchemyModularAccount": "238767",
   "testUniswapV2Swap_CoinbaseSmartWallet": "237571",
   "testUniswapV2Swap_ERC4337MinimalAccount": "231242",
-  "testUniswapV2Swap_IthacaAccount": "189228",
-  "testUniswapV2Swap_IthacaAccount_AppSponsor": "200648",
-  "testUniswapV2Swap_IthacaAccount_ERC20SelfPay": "211681",
+  "testUniswapV2Swap_IthacaAccount": "189202",
+  "testUniswapV2Swap_IthacaAccount_AppSponsor": "200622",
+  "testUniswapV2Swap_IthacaAccount_ERC20SelfPay": "211655",
   "testUniswapV2Swap_Safe4337": "257453",
   "testUniswapV2Swap_ZerodevKernel": "266487"
 }
diff --git a/src/IthacaAccount.sol b/src/IthacaAccount.sol
@@ -260,14 +260,21 @@ contract IthacaAccount is IIthacaAccount, EIP712, GuardedExecutor {
         virtual
         returns (bytes4)
     {
+        // If the signature's length is 64 or 65, treat it like an secp256k1 signature.
+        if (LibBit.or(signature.length == 64, signature.length == 65)) {
+            return bytes4(
+                ECDSA.recoverCalldata(digest, signature) == address(this) ? 0x1626ba7e : 0xffffffff
+            );
+        }
+
         // To sign an app digest (e.g. Permit2), you would need to perform a `hashTypedData` on the app's 712,
         // along with the app's domain, then `signTypedData` with the account's 712 and account domain.
         // The account domain is added as a layer to prevent replay attacks since some apps do not include the
         // account address as a field in their 712 data.
         bytes32 replaySafeDigest = EfficientHashLib.hash(SIGN_TYPEHASH, digest);
         digest = _hashTypedDataOnlyVerifyingContract(replaySafeDigest);
 
-        (bool isValid, bytes32 keyHash) = unwrapAndValidateSignature(digest, signature);
+        (bool isValid, bytes32 keyHash) = _unwrapAndValidateSignature(digest, signature);
         if (LibBit.and(keyHash != 0, isValid)) {
             isValid =
                 _isSuperAdmin(keyHash) || _getKeyExtraStorage(keyHash).checkers.contains(msg.sender);
@@ -491,17 +498,24 @@ contract IthacaAccount is IIthacaAccount, EIP712, GuardedExecutor {
     function unwrapAndValidateSignature(bytes32 digest, bytes calldata signature)
         public
         view
-        virtual
         returns (bool isValid, bytes32 keyHash)
     {
-        // Early return if unable to unwrap the signature.
-        if (signature.length < 0x21) return (false, 0);
-
         // If the signature's length is 64 or 65, treat it like an secp256k1 signature.
         if (LibBit.or(signature.length == 64, signature.length == 65)) {
             return (ECDSA.recoverCalldata(digest, signature) == address(this), 0);
         }
 
+        return _unwrapAndValidateSignature(digest, signature);
+    }
+
+    function _unwrapAndValidateSignature(bytes32 digest, bytes calldata signature)
+        internal
+        view
+        returns (bool isValid, bytes32 keyHash)
+    {
+        // Early return if unable to unwrap the signature.
+        if (signature.length < 0x21) return (false, 0);
+
         unchecked {
             uint256 n = signature.length - 0x21;
             keyHash = LibBytes.loadCalldata(signature, n);
@@ -753,6 +767,6 @@ contract IthacaAccount is IIthacaAccount, EIP712, GuardedExecutor {
         returns (string memory name, string memory version)
     {
         name = "IthacaAccount";
-        version = "0.5.7";
+        version = "0.5.8";
     }
 }
diff --git a/test/Account.t.sol b/test/Account.t.sol
@@ -93,12 +93,10 @@ contract AccountTest is BaseTest {
 
         bytes32 replaySafeDigest = keccak256(abi.encode(d.d.SIGN_TYPEHASH(), digest));
 
-        (, string memory name, string memory version,, address verifyingContract,,) =
-            d.d.eip712Domain();
         bytes32 domain = keccak256(
             abi.encode(
                 0x035aff83d86937d35b32e04f0ddc6ff469290eef2f1b692d8a815c89404d4749, // DOMAIN_TYPEHASH with only verifyingContract
-                verifyingContract
+                d.eoa
             )
         );
         replaySafeDigest = keccak256(abi.encodePacked("\x19\x01", domain, replaySafeDigest));
+0 −1		.github/CODEOWNERS
+100 −67		.github/workflows/ci.yml
+2 −2		README.md
+0 −12		RELEASE_CHECKLIST.md
+4 −8		foundry.toml
+1 −1		package.json
+9 −22		src/Base.sol
+0 −60		src/Config.sol
+0 −477		src/LibVariable.sol
+0 −1		src/Script.sol
+47 −142		src/StdAssertions.sol
+3 −3		src/StdChains.sol
+0 −612		src/StdConfig.sol
+0 −30		src/StdConstants.sol
+2 −2		src/StdStorage.sol
+1 −0		src/StdUtils.sol
+0 −1		src/Test.sol
+16 −247		src/Vm.sol
+1 −1		src/interfaces/IERC1155.sol
+1 −1		src/interfaces/IERC4626.sol
+0 −72		src/interfaces/IERC6909.sol
+1 −1		src/interfaces/IERC721.sol
+1 −1		src/interfaces/IERC7540.sol
+1 −1		src/interfaces/IERC7575.sol
+0 −44		test/CommonBase.t.sol
+0 −352		test/Config.t.sol
+0 −434		test/LibVariable.t.sol
+3 −3		test/StdChains.t.sol
+24 −45		test/StdCheats.t.sol
+0 −38		test/StdConstants.t.sol
+2 −2		test/Vm.t.sol
+1 −1		test/compilation/CompilationScript.sol
+1 −1		test/compilation/CompilationScriptBase.sol
+1 −1		test/compilation/CompilationTest.sol
+1 −1		test/compilation/CompilationTestBase.sol
+0 −81		test/fixtures/config.toml