Handle EIP-7702 code delgation

Signed-off-by: Lukasz Gasior <[email protected]>

Author: lukasz-hashgraph

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/operations/CustomDelegateCallOperation.java

@@ -79,6 +79,8 @@ public OperationResult execute(@NonNull final MessageFrame frame, @NonNull final
     private boolean isRedirectFromNativeEntity(@NonNull final MessageFrame frame) {
         final var updater = (ProxyWorldUpdater) frame.getWorldUpdater();
         final var recipient = requireNonNull(updater.getHederaAccount(frame.getRecipientAddress()));
+        // TODO(Pectra): update the condition below. Specifically recipient.isRegularAccount() no longer holds.
+        // Consider adding a frame variable (e.g. isFacadeExecution) or a different mechanism.
         return recipient.isTokenFacade() || recipient.isScheduleTxnFacade() || recipient.isRegularAccount();
     }
 }

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/processors/CustomMessageCallProcessor.java

@@ -157,7 +157,7 @@ && isPayloadEligibleForAccountServiceRedirect(frame.getInputData())) {
             // disable precompile if so configured.
             evmPrecompile = null;
         }
-        // TODO(Pectra): revisit this?
+        // TODO(Pectra): double check all corner cases for the below condition
         // Check to see if the code address is a system account and possibly halt
         // Note that we allow calls to the allowance hook address(0x16d) if the call is part of
         // a hook dispatch; in that case, the allowance hook is being treated as a normal

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/common/AbstractCallAttempt.java

@@ -17,10 +17,10 @@
 import com.swirlds.config.api.Configuration;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import edu.umd.cs.findbugs.annotations.Nullable;
-
 import java.nio.BufferUnderflowException;
 import java.util.Arrays;
 import java.util.Optional;
+import java.util.Set;
 import org.apache.tuweni.bytes.Bytes;
 import org.hyperledger.besu.datatypes.Address;
 
@@ -35,8 +35,12 @@ public abstract class AbstractCallAttempt<T extends AbstractCallAttempt<T>> {
     protected final AccountID senderId;
     protected final Bytes input;
     protected final byte[] selector;
+    protected final Optional<Address> maybeRedirectAddress;
 
-    protected final Optional<Address> legacyRedirectAddress;
+    private boolean matchesFnSelector(Function fn, Bytes input) {
+        final var selector = fn.selector();
+        return Arrays.equals(input.toArrayUnsafe(), 0, selector.length, selector, 0, selector.length);
+    }
 
     /**
      * @param input the input in bytes
@@ -46,29 +50,36 @@ public AbstractCallAttempt(
             // we are keeping the 'input' out of the 'options' for not duplicate and keep close to related params
             @NonNull final Bytes input,
             @NonNull final CallAttemptOptions<T> options,
-            Function redirectFunction) {
+            Set<Address> systemContractAddresses,
+            Function legacyRedirectFunction) {
         requireNonNull(input);
         this.options = requireNonNull(options);
         this.senderId = options.addressIdConverter().convertSender(options.senderAddress());
 
-        final var redirectFnSelector = redirectFunction.selector();
-        final var matchesRedirectSelector = Arrays.equals(input.toArrayUnsafe(), 0, redirectFnSelector.length, redirectFnSelector, 0, redirectFnSelector.length);
-        if (matchesRedirectSelector) {
+        // If the recipient address of this call doesn't match the system contract address
+        // it means we're running an EIP-7702 delegation (i.e. a facade/redirect call).
+        final var isDelegationRedirect = !systemContractAddresses.contains(options.recipientAddress());
+        if (isDelegationRedirect) {
+            this.maybeRedirectAddress = Optional.of(options.recipientAddress());
+            this.input = input;
+        } else if (matchesFnSelector(legacyRedirectFunction, input)) {
             Tuple abiCall = null;
             try {
-                abiCall = redirectFunction.decodeCall(input.toArrayUnsafe());
+                abiCall = legacyRedirectFunction.decodeCall(input.toArrayUnsafe());
             } catch (IllegalArgumentException | BufferUnderflowException | IndexOutOfBoundsException ignore) {
-                // no-op
+                // ignore
             }
             if (abiCall != null) {
-                this.legacyRedirectAddress = Optional.of(Address.fromHexString(abiCall.get(0).toString()));
+                this.maybeRedirectAddress =
+                        Optional.of(Address.fromHexString(abiCall.get(0).toString()));
                 this.input = Bytes.wrap((byte[]) abiCall.get(1));
             } else {
-                this.legacyRedirectAddress = Optional.empty();
+                this.maybeRedirectAddress = Optional.empty();
                 this.input = input;
             }
         } else {
-            this.legacyRedirectAddress = Optional.empty();
+            // A regular call; neither EIP-7702 redirect nor legacy redirect function. Process as-is.
+            this.maybeRedirectAddress = Optional.empty();
             this.input = input;
         }
 
@@ -211,7 +222,7 @@ public boolean isStaticCall() {
      * @return whether the current call attempt is redirected to a system contract address
      */
     public boolean isRedirect() {
-        return this.legacyRedirectAddress.isPresent() || options.maybeRedirectAddress().isPresent();
+        return this.maybeRedirectAddress.isPresent();
     }
 
     /**

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/common/CallAttemptOptions.java

@@ -13,13 +13,12 @@
 import com.swirlds.config.api.Configuration;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import java.util.List;
-import java.util.Optional;
 import org.hyperledger.besu.datatypes.Address;
 
 public record CallAttemptOptions<T extends AbstractCallAttempt<T>>(
         @NonNull ContractID contractID,
         @NonNull Address senderAddress,
-        @NonNull Optional<Address> maybeRedirectAddress,
+        @NonNull Address recipientAddress,
         @NonNull Address authorizingAddress,
         boolean onlyDelegatableContractKeysActive,
         @NonNull HederaWorldUpdater.Enhancement enhancement,
@@ -34,6 +33,7 @@ public record CallAttemptOptions<T extends AbstractCallAttempt<T>>(
     /**
      * @param contractID the target system contract ID
      * @param senderAddress the address of the sender of this call
+     * @param recipientAddress the recipient address of this call
      * @param authorizingAddress the contract whose keys are to be activated
      * @param onlyDelegatableContractKeysActive whether the strategy should require a delegatable contract id key
      * @param enhancement the enhancement to get the native operations to look up the contract's number
@@ -48,7 +48,7 @@ public record CallAttemptOptions<T extends AbstractCallAttempt<T>>(
     public CallAttemptOptions(
             @NonNull final ContractID contractID,
             @NonNull final Address senderAddress,
-            @NonNull final Optional<Address> maybeRedirectAddress,
+            @NonNull final Address recipientAddress,
             @NonNull final Address authorizingAddress,
             final boolean onlyDelegatableContractKeysActive,
             @NonNull final Enhancement enhancement,
@@ -61,7 +61,7 @@ public CallAttemptOptions(
             final boolean isStaticCall) {
         this.contractID = requireNonNull(contractID);
         this.senderAddress = requireNonNull(senderAddress);
-        this.maybeRedirectAddress = requireNonNull(maybeRedirectAddress);
+        this.recipientAddress = requireNonNull(recipientAddress);
         this.authorizingAddress = requireNonNull(authorizingAddress);
         this.onlyDelegatableContractKeysActive = onlyDelegatableContractKeysActive;
         this.enhancement = requireNonNull(enhancement);

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/has/HasCallAttempt.java

@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0
 package com.hedera.node.app.service.contract.impl.exec.systemcontracts.has;
 
+import static com.hedera.node.app.service.contract.impl.exec.systemcontracts.HasSystemContract.HAS_EVM_ADDRESS;
 import static com.hedera.node.app.service.contract.impl.utils.ConversionUtils.isLongZero;
 import static com.hedera.node.app.service.contract.impl.utils.ConversionUtils.numberOfLongZero;
 import static java.util.Objects.requireNonNull;
@@ -17,6 +18,7 @@
 import com.hedera.node.config.data.HederaConfig;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import edu.umd.cs.findbugs.annotations.Nullable;
+import java.util.Set;
 import org.apache.tuweni.bytes.Bytes;
 import org.hyperledger.besu.datatypes.Address;
 
@@ -26,8 +28,9 @@
  * everything it will need to execute.
  */
 public class HasCallAttempt extends AbstractCallAttempt<HasCallAttempt> {
-    public static final Function LEGACY_REDIRECT_FOR_ACCOUNT =
-            new Function("redirectForAccount(address,bytes)");
+    private static final Set<Address> HAS_ADDRESSES = Set.of(Address.fromHexString(HAS_EVM_ADDRESS));
+
+    public static final Function LEGACY_REDIRECT_FOR_ACCOUNT = new Function("redirectForAccount(address,bytes)");
 
     @Nullable
     private final Account redirectAccount;
@@ -39,13 +42,10 @@ public HasCallAttempt(
             @NonNull final Bytes input,
             @NonNull final CallAttemptOptions<HasCallAttempt> options,
             @NonNull final SignatureVerifier signatureVerifier) {
-        super(input, options, LEGACY_REDIRECT_FOR_ACCOUNT);
+        super(input, options, HAS_ADDRESSES, LEGACY_REDIRECT_FOR_ACCOUNT);
 
         this.redirectAccount =
-            this.legacyRedirectAddress
-                .or(options::maybeRedirectAddress)
-                .map(this::linkedAccount)
-                .orElse(null);
+                this.maybeRedirectAddress.map(this::linkedAccount).orElse(null);
 
         this.signatureVerifier = requireNonNull(signatureVerifier);
     }

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/has/HasCallFactory.java

@@ -84,7 +84,7 @@ public HasCallFactory(
                 new CallAttemptOptions<>(
                         contractID,
                         frame.getSenderAddress(),
-                        maybeRedirectAddress,
+                        frame.getRecipientAddress(),
                         frame.getSenderAddress(),
                         addressChecks.hasParentDelegateCall(frame),
                         enhancement,

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/hss/HssCallAttempt.java

@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0
 package com.hedera.node.app.service.contract.impl.exec.systemcontracts.hss;
 
+import static com.hedera.node.app.service.contract.impl.exec.systemcontracts.HssSystemContract.HSS_EVM_ADDRESS;
 import static com.hedera.node.app.service.contract.impl.utils.ConversionUtils.isLongZero;
 import static com.hedera.node.app.service.contract.impl.utils.ConversionUtils.maybeMissingNumberOf;
 import static com.hedera.node.app.service.contract.impl.utils.ConversionUtils.numberOfLongZero;
@@ -28,8 +29,10 @@
  * everything it will need to execute.
  */
 public class HssCallAttempt extends AbstractCallAttempt<HssCallAttempt> {
-    public static final Function LEGACY_REDIRECT_FOR_SCHEDULE =
-            new Function("redirectForSchedule(address,bytes)");
+    private static final Set<Address> HSS_ADDRESSES = Set.of(Address.fromHexString(HSS_EVM_ADDRESS));
+
+    public static final Function LEGACY_REDIRECT_FOR_SCHEDULE_TXN =
+            new Function("redirectForScheduleTxn(address,bytes)");
 
     @Nullable
     private final Schedule redirectScheduleTxn;
@@ -41,13 +44,10 @@ public HssCallAttempt(
             @NonNull final Bytes input,
             @NonNull final CallAttemptOptions<HssCallAttempt> options,
             @NonNull final SignatureVerifier signatureVerifier) {
-        super(input, options, LEGACY_REDIRECT_FOR_SCHEDULE);
+        super(input, options, HSS_ADDRESSES, LEGACY_REDIRECT_FOR_SCHEDULE_TXN);
 
         this.redirectScheduleTxn =
-            this.legacyRedirectAddress
-                .or(options::maybeRedirectAddress)
-                .map(this::linkedSchedule)
-                .orElse(null);
+                this.maybeRedirectAddress.map(this::linkedSchedule).orElse(null);
 
         this.signatureVerifier = signatureVerifier;
     }

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/hss/HssCallFactory.java

@@ -1,7 +1,6 @@
 // SPDX-License-Identifier: Apache-2.0
 package com.hedera.node.app.service.contract.impl.exec.systemcontracts.hss;
 
-import static com.hedera.node.app.service.contract.impl.exec.systemcontracts.HssSystemContract.HSS_EVM_ADDRESS;
 import static com.hedera.node.app.service.contract.impl.exec.utils.FrameUtils.configOf;
 import static com.hedera.node.app.service.contract.impl.exec.utils.FrameUtils.proxyUpdaterFor;
 import static com.hedera.node.app.service.contract.impl.exec.utils.FrameUtils.systemContractGasCalculatorOf;
@@ -19,12 +18,10 @@
 import com.hedera.node.app.spi.signatures.SignatureVerifier;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import java.util.List;
-import java.util.Optional;
 import javax.inject.Inject;
 import javax.inject.Named;
 import javax.inject.Singleton;
 import org.apache.tuweni.bytes.Bytes;
-import org.hyperledger.besu.datatypes.Address;
 import org.hyperledger.besu.evm.frame.MessageFrame;
 
 /**
@@ -72,19 +69,12 @@ public HssCallFactory(
         requireNonNull(input);
         requireNonNull(frame);
         final var enhancement = proxyUpdaterFor(frame).enhancement();
-
-        // If we're executing a HSS call, but the recipient isn't the HSS address
-        // then it must be a redirect/delegate call.
-        final var isRedirect = !frame.getRecipientAddress().equals(Address.fromHexString(HSS_EVM_ADDRESS));
-        final Optional<Address> maybeRedirectAddress =
-                isRedirect ? Optional.of(frame.getRecipientAddress()) : Optional.empty();
-
         return new HssCallAttempt(
                 input,
                 new CallAttemptOptions<>(
                         contractID,
                         frame.getSenderAddress(),
-                        maybeRedirectAddress,
+                        frame.getRecipientAddress(),
                         frame.getSenderAddress(),
                         addressChecks.hasParentDelegateCall(frame),
                         enhancement,

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/hts/HtsCallAttempt.java

@@ -1,10 +1,13 @@
 // SPDX-License-Identifier: Apache-2.0
 package com.hedera.node.app.service.contract.impl.exec.systemcontracts.hts;
 
+import static com.hedera.node.app.service.contract.impl.exec.systemcontracts.HtsSystemContract.HTS_167_EVM_ADDRESS;
+import static com.hedera.node.app.service.contract.impl.exec.systemcontracts.HtsSystemContract.HTS_16C_EVM_ADDRESS;
 import static com.hedera.node.app.service.contract.impl.utils.ConversionUtils.isLongZeroAddress;
 import static com.hedera.node.app.service.contract.impl.utils.ConversionUtils.numberOfLongZero;
 import static java.util.Objects.requireNonNull;
 
+import com.esaulpaugh.headlong.abi.Function;
 import com.hedera.hapi.node.base.AccountID;
 import com.hedera.hapi.node.base.TokenID;
 import com.hedera.hapi.node.base.TokenType;
@@ -15,17 +18,19 @@
 import com.hedera.node.app.service.contract.impl.exec.systemcontracts.common.CallAttemptOptions;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import edu.umd.cs.findbugs.annotations.Nullable;
+import java.util.Set;
 import org.apache.tuweni.bytes.Bytes;
 import org.hyperledger.besu.datatypes.Address;
-import com.esaulpaugh.headlong.abi.Function;
 
 /**
  * Manages the call attempted by a {@link Bytes} payload received by the {@link HtsSystemContract}. Translates a valid
  * attempt into an appropriate {@link Call} subclass, giving the {@link Call} everything it will need to execute.
  */
 public class HtsCallAttempt extends AbstractCallAttempt<HtsCallAttempt> {
-    public static final Function LEGACY_REDIRECT_FOR_TOKEN =
-            new Function("redirectForToken(address,bytes)");
+    private static final Set<Address> HTS_ADDRESSES =
+            Set.of(Address.fromHexString(HTS_167_EVM_ADDRESS), Address.fromHexString(HTS_16C_EVM_ADDRESS));
+
+    public static final Function LEGACY_REDIRECT_FOR_TOKEN = new Function("redirectForToken(address,bytes)");
 
     // The id address of the account authorizing the call, in the sense
     // that (1) a dispatch should omit the key of this account from the
@@ -40,13 +45,9 @@ public class HtsCallAttempt extends AbstractCallAttempt<HtsCallAttempt> {
     private final Token redirectToken;
 
     public HtsCallAttempt(@NonNull final Bytes input, @NonNull final CallAttemptOptions<HtsCallAttempt> options) {
-        super(input, options, LEGACY_REDIRECT_FOR_TOKEN);
+        super(input, options, HTS_ADDRESSES, LEGACY_REDIRECT_FOR_TOKEN);
 
-        this.redirectToken =
-            this.legacyRedirectAddress
-                .or(options::maybeRedirectAddress)
-                .map(this::linkedToken)
-                .orElse(null);
+        this.redirectToken = this.maybeRedirectAddress.map(this::linkedToken).orElse(null);
 
         this.authorizingId = (options.authorizingAddress() != senderAddress())
                 ? addressIdConverter().convertSender(options.authorizingAddress())

hedera-node/hedera-smart-contract-service-impl/src/main/java/com/hedera/node/app/service/contract/impl/exec/systemcontracts/hts/HtsCallFactory.java

@@ -1,8 +1,6 @@
 // SPDX-License-Identifier: Apache-2.0
 package com.hedera.node.app.service.contract.impl.exec.systemcontracts.hts;
 
-import static com.hedera.node.app.service.contract.impl.exec.systemcontracts.HtsSystemContract.HTS_167_EVM_ADDRESS;
-import static com.hedera.node.app.service.contract.impl.exec.systemcontracts.HtsSystemContract.HTS_16C_EVM_ADDRESS;
 import static com.hedera.node.app.service.contract.impl.exec.utils.FrameUtils.CallType.QUALIFIED_DELEGATE;
 import static com.hedera.node.app.service.contract.impl.exec.utils.FrameUtils.configOf;
 import static com.hedera.node.app.service.contract.impl.exec.utils.FrameUtils.proxyUpdaterFor;
@@ -19,12 +17,10 @@
 import com.hedera.node.app.service.contract.impl.exec.utils.SystemContractMethodRegistry;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import java.util.List;
-import java.util.Optional;
 import javax.inject.Inject;
 import javax.inject.Named;
 import javax.inject.Singleton;
 import org.apache.tuweni.bytes.Bytes;
-import org.hyperledger.besu.datatypes.Address;
 import org.hyperledger.besu.evm.frame.MessageFrame;
 
 /**
@@ -70,20 +66,12 @@ public HtsCallFactory(
         requireNonNull(input);
         requireNonNull(frame);
         final var enhancement = proxyUpdaterFor(frame).enhancement();
-
-        // If we're executing a HTS call, but the recipient isn't the HTS address
-        // then it must be a redirect/delegate call.
-        final var isRedirect = !frame.getRecipientAddress().equals(Address.fromHexString(HTS_167_EVM_ADDRESS))
-                && !frame.getRecipientAddress().equals(Address.fromHexString(HTS_16C_EVM_ADDRESS));
-        final Optional<Address> maybeRedirectAddress =
-                isRedirect ? Optional.of(frame.getRecipientAddress()) : Optional.empty();
-
         return new HtsCallAttempt(
                 input,
                 new CallAttemptOptions<>(
                         contractID,
                         frame.getSenderAddress(),
-                        maybeRedirectAddress,
+                        frame.getRecipientAddress(),
                         // We only need to distinguish between the EVM sender id and the
                         // "authorizing id" for qualified delegate calls; and even then, only
                         // for classic transfers. In that specific case, the qualified delegate