Awesome

Modular Account

Alchemy's Modular Account is a maximally modular, upgradeable smart contract account that is compatible with ERC-4337 and ERC-6900.

[!WARNING]
This branch contains changes that are under development. To use the latest audited version make sure to use the correct commit. The tagged versions can be found in the releases.

Overview

This repository contains:

• ERC-6900 compatible account implementations: src/account
• Account factory: src/factory
• Helper contracts and libraries: src/helpers, src/libraries
• ERC-6900 compatible modules: src/modules
  • Validation modules:
    • SingleSignerValidationModule: Enables validation for a single signer (EOA or contract).
    • WebAuthnValidationModule: Enables validation for passkey signers.
  • Permission-enforcing hook modules:
    • AllowlistModule: Enforces ERC-20 spend limits and address/selector allowlists.
    • NativeTokenLimitModule: Enforces native token spend limits.
    • PaymasterGuardModule: Enforces use of a specific paymaster.
    • TimeRangeModule: Enforces time ranges for a given entity.

The contracts conform to these ERC versions:

• ERC-4337: v0.7.0
• ERC-6900: v0.8.0-rc.5

Development

Building and testing

# Install dependencies
forge install
pnpm install

# Build
forge build
FOUNDRY_PROFILE=optimized-build forge build --sizes

# Lint
pnpm lint

# Format
pnpm fmt

# Coverage
pnpm lcov

# Generate gas snapshots
pnpm gas

# Test
pnpm test
forge test -vvv

Deployment

A deployment script can be found in the scripts/ folder

forge script script/Deploy.s.sol --rpc-url $RPC_URL --broadcast

Security and audits

Our audit reports can be found in audits. The filenames for the reports have the format: YYYY-MM-DD_VENDOR_FFFFFFF.pdf, where YYYY-MM-DD refers to the date on which the final report was received, VENDOR refers to the conductor of the audit, and FFFFFFF refers to the short commit hash on which the audit was conducted.

Bug bounty

Details of our bug bounty program can be found at https://hackerone.com/alchemyplatform.

Acknowledgements

The contracts in this repository adhere to the ERC-6900 specification, and are heavily influenced by the design of the ERC-6900 reference implementation.

License

The modules provided in this repository (src/modules) are licensed under the GNU General Public License v3.0, included in our repository in LICENSE-GPL.

All other code for Modular Account is UNLICENSED.

Alchemy Insights, Inc., 548 Market St., PMB 49099, San Francisco, CA 94104; legal@alchemy.com