Facilities for smart accounts or identity contracts

[frangio]

Smart accounts came up in #1005. They came up in the context of SignatureBouncer because the contract is designed to work with ECDSA signatures by externally owned accounts, and thus doesn't support smart accounts. I proposed that instead of changing SignatureBouncer we first look into generalizing ECRecovery or building an intermediate abstraction.

It seems to me like we need a function isSignedBy(bytes message, address account, bytes signature) returns (bool) that does ECDSA verification for EOAs, and calls account.isValidSignature(signature, message) for contracts.

I started going through all the identity ERCs to see if there is a function like isValidSignature already proposed... but there are a lot of related ERCs and I got a bit lost. I don't think I saw anything like this function though. I'd appreciate some thoughts from someone more interiorized in this space. Pinging @PhABC since he brought it up initially.

I'm nore sure what facilities other than this we could provide.

[PhABC]

I agree that perhaps this should be outside of the Bouncer contract as it could be useful to many applications. I do not recall any ERC on this specifically and initially discussed with @shrugs about making one on this topic. Let me try to draft something and the three of us iterate on it.

[PhABC]

Done! See ethereum/EIPs#1258

[shrugs]

affected by: #1272

[nfurfaro]

Hello. Has there been any progress on this front?

[abcoathup]

Hi @nfurfaro,

The roadmap includes redesigning access control #2068 though I am not aware of anything specific to smart accounts/identity contracts.

I suggest posting in the Community Forum with what your needs are as this would be great for thinking about future additions to OpenZeppelin Contracts: https://forum.openzeppelin.com/

[thegostep]

I'd like to bump this - would be useful to have a reference implementation

[frangio]

@thegostep What are you interested in specifically?

[thegostep]

@frangio added an example in #2424