cowprotocol / research

CoW Protocol Research
GNU Lesser General Public License v3.0
0 stars 0 forks source link

research(contracts): delegated eip1271 signing scheme #10

Open mfw78 opened 7 months ago

mfw78 commented 7 months ago

Problem

Only the owner of the order can sign for the order - this creates the limitation that all smart orders MUST belong to a smart contract (supporting ERC-1271).

Acceptance criteria

Details

Signing schemes supported currently include:

  1. eth_sign
  2. eip712 (i.e. eth_signTypedData_v4)
  3. preSign (i.e. GPv2Settlement.setPreSignature)
  4. eip1271

All of these signing schemes must be called by, or initiated by the owner of the order.

Possible Solutions

  1. Add delegateEip1271 as a signing scheme, which allows for an smart contract supporting a constrained version of ERC-1271 to sign on-behalf of the user. Security wise, could allow a user to specify if the order asserts the receiver is equal to the order's owner.
  2. Smart order types themselves implement eip1271 and take custody of user's funds, similar in style to Eth-Flow.

Research track

fleupold commented 5 months ago

This could also be implemented as a separate trade handling logic implementation (cf. https://github.com/cowprotocol/research/issues/3#issuecomment-2178816637) but might be important enough to make it part of the default order type.

In particular this would be needed to allow TWAP and StopLoss orders for EOA without massive account abstraction implementation overhead (as EOA could simply defer signature to TWAP/StopLoss ERC1271 implementations).