Account Abstraction compatibility

Signature validation

Use an ERC1271-compatible library to validate signatures from your users in your smart contracts (Solidity) and front-end (JavaScript), instead of assuming a fixed signature length.

To validate signatures in smart contracts, we recommend using OpenZeppelin's SignatureChecker:

import {SignatureChecker} from "@openzeppelin/contracts/utils/cryptography/SignatureChecker.sol";
// ...
using SignatureChecker for address;
// ...
bool isValid = someAddress.isValidSignatureNow(messageHash, signature);

To validate signatures in the front-end, we recommend using Matter Labs' great library to abstract that logic away:

import * as zksync from "zksync-web3";

// for signed messages:
const isValid = await zksync.utils.isMessageSignatureCorrect(provider, address, message, signature);
// for typed data:
const promise = await zksync.utils.isTypedDataSignatureCorrect(provider, address, domain, types, value, signature);

Don't ignore this warning when you compile your Solidity code!

Avoid `tx.origin`

As recommended by Matter Labs, it shouldn't be used as it blocks smart accounts and can lead to a full loss of funds for users. There are also plans to remove it from Ethereum in a future upgrade.

PreviousZkSync Era NextArgent Login

Last updated 1 year ago