[🔥A1] Modifier.sol Transactions with EIP-712 and EIP-1271 Signature Authentication

contracts/core/GuardableModifier.sol

@@ -0,0 +1,92 @@
+// SPDX-License-Identifier: LGPL-3.0-only
+pragma solidity >=0.7.0 <0.9.0;
+
+import "../guard/Guardable.sol";
+import "./Modifier.sol";
+
+abstract contract GuardableModifier is Module, Guardable, Modifier {
+    /// @dev Passes a transaction to be executed by the avatar.
+    /// @notice Can only be called by this contract.
+    /// @param to Destination address of module transaction.
+    /// @param value Ether value of module transaction.
+    /// @param data Data payload of module transaction.
+    /// @param operation Operation type of module transaction: 0 == call, 1 == delegate call.
+    function exec(
+        address to,
+        uint256 value,
+        bytes memory data,
+        Enum.Operation operation
+    ) internal virtual override returns (bool success) {
+        address currentGuard = guard;
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkTransaction(
+                /// Transaction info used by module transactions.
+                to,
+                value,
+                data,
+                operation,
+                /// Zero out the redundant transaction information only used for Safe multisig transctions.
+                0,
+                0,
+                0,
+                address(0),
+                payable(0),
+                "",
+                sentOrSignedBy()
+            );
+        }
+        success = IAvatar(target).execTransactionFromModule(
+            to,
+            value,
+            data,
+            operation
+        );
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkAfterExecution(bytes32(0), success);
+        }
+    }
+
+    /// @dev Passes a transaction to be executed by the target and returns data.
+    /// @notice Can only be called by this contract.
+    /// @param to Destination address of module transaction.
+    /// @param value Ether value of module transaction.
+    /// @param data Data payload of module transaction.
+    /// @param operation Operation type of module transaction: 0 == call, 1 == delegate call.
+    function execAndReturnData(
+        address to,
+        uint256 value,
+        bytes memory data,
+        Enum.Operation operation
+    )
+        internal
+        virtual
+        override
+        returns (bool success, bytes memory returnData)
+    {
+        address currentGuard = guard;
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkTransaction(
+                /// Transaction info used by module transactions.
+                to,
+                value,
+                data,
+                operation,
+                /// Zero out the redundant transaction information only used for Safe multisig transctions.
+                0,
+                0,
+                0,
+                address(0),
+                payable(0),
+                "",
+                sentOrSignedBy()
+            );
+        }
+
+        (success, returnData) = IAvatar(target)
+            .execTransactionFromModuleReturnData(to, value, data, operation);
+
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkAfterExecution(bytes32(0), success);
+        }
+    }
+}

contracts/core/GuardableModule.sol

@@ -0,0 +1,93 @@
+// SPDX-License-Identifier: LGPL-3.0-only
+pragma solidity >=0.7.0 <0.9.0;
+
+import "../guard/Guardable.sol";
+import "./Module.sol";
+
+/// @title GuardableModule  - A contract that can pass messages to a Module Manager contract if enabled by that contract.
+abstract contract GuardableModule is Module, Guardable {
+    /// @dev Passes a transaction to be executed by the avatar.
+    /// @notice Can only be called by this contract.
+    /// @param to Destination address of module transaction.
+    /// @param value Ether value of module transaction.
+    /// @param data Data payload of module transaction.
+    /// @param operation Operation type of module transaction: 0 == call, 1 == delegate call.
+    function exec(
+        address to,
+        uint256 value,
+        bytes memory data,
+        Enum.Operation operation
+    ) internal override returns (bool success) {
+        address currentGuard = guard;
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkTransaction(
+                /// Transaction info used by module transactions.
+                to,
+                value,
+                data,
+                operation,
+                /// Zero out the redundant transaction information only used for Safe multisig transctions.
+                0,
+                0,
+                0,
+                address(0),
+                payable(0),
+                "",
+                msg.sender
+            );
+        }
+        success = IAvatar(target).execTransactionFromModule(
+            to,
+            value,
+            data,
+            operation
+        );
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkAfterExecution(bytes32(0), success);
+        }
+    }
+
+    /// @dev Passes a transaction to be executed by the target and returns data.
+    /// @notice Can only be called by this contract.
+    /// @param to Destination address of module transaction.
+    /// @param value Ether value of module transaction.
+    /// @param data Data payload of module transaction.
+    /// @param operation Operation type of module transaction: 0 == call, 1 == delegate call.
+    function execAndReturnData(
+        address to,
+        uint256 value,
+        bytes memory data,
+        Enum.Operation operation
+    )
+        internal
+        virtual
+        override
+        returns (bool success, bytes memory returnData)
+    {
+        address currentGuard = guard;
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkTransaction(
+                /// Transaction info used by module transactions.
+                to,
+                value,
+                data,
+                operation,
+                /// Zero out the redundant transaction information only used for Safe multisig transctions.
+                0,
+                0,
+                0,
+                address(0),
+                payable(0),
+                "",
+                msg.sender
+            );
+        }
+
+        (success, returnData) = IAvatar(target)
+            .execTransactionFromModuleReturnData(to, value, data, operation);
+
+        if (currentGuard != address(0)) {
+            IGuard(currentGuard).checkAfterExecution(bytes32(0), success);
+        }
+    }
+}

contracts/core/Modifier.sol

@@ -1,12 +1,18 @@
 // SPDX-License-Identifier: LGPL-3.0-only
-
-/// @title Modifier Interface - A contract that sits between a Module and an Avatar and enforce some additional logic.
 pragma solidity >=0.7.0 <0.9.0;
 
 import "../interfaces/IAvatar.sol";
+import "../signature/ExecutionTracker.sol";
+import "../signature/SignatureChecker.sol";
 import "./Module.sol";
 
-abstract contract Modifier is Module, IAvatar {
+/// @title Modifier Interface - A contract that sits between a Module and an Avatar and enforce some additional logic.
+abstract contract Modifier is
+    Module,
+    ExecutionTracker,
+    SignatureChecker,
+    IAvatar
+{
     address internal constant SENTINEL_MODULES = address(0x1);
     /// Mapping of modules.
     mapping(address => address) internal modules;
@@ -32,8 +38,10 @@ abstract contract Modifier is Module, IAvatar {
 
     /*
     --------------------------------------------------
-    You must override at least one of following two virtual functions,
+    You must override both of the following virtual functions,
     execTransactionFromModule() and execTransactionFromModuleReturnData().
+    It is recommended that implementations of both functions make use the 
+    onlyModule modifier.
     */
 
     /// @dev Passes a transaction to the modifier.
@@ -47,7 +55,7 @@ abstract contract Modifier is Module, IAvatar {
         uint256 value,
         bytes calldata data,
         Enum.Operation operation
-    ) public virtual override moduleOnly returns (bool success) {}
+    ) public virtual returns (bool success);
 
     /// @dev Passes a transaction to the modifier, expects return data.
     /// @notice Can only be called by enabled modules.
@@ -60,23 +68,46 @@ abstract contract Modifier is Module, IAvatar {
         uint256 value,
         bytes calldata data,
         Enum.Operation operation
-    )
-        public
-        virtual
-        override
-        moduleOnly
-        returns (bool success, bytes memory returnData)
-    {}
+    ) public virtual returns (bool success, bytes memory returnData);
 
     /*
     --------------------------------------------------
     */
 
     modifier moduleOnly() {
-        if (modules[msg.sender] == address(0)) revert NotAuthorized(msg.sender);
+        if (modules[msg.sender] == address(0)) {
+            (bytes32 hash, address signer) = moduleTxSignedBy();
+
+            // is the signer a module?
+            if (modules[signer] == address(0)) {
+                revert NotAuthorized(msg.sender);
+            }
+
+            // is the provided signature fresh?
+            if (consumed[signer][hash]) {
+                revert HashAlreadyConsumed(hash);
+            }
+
+            consumed[signer][hash] = true;
+            emit HashExecuted(hash);
+        }
+
         _;
     }
 
+    function sentOrSignedBy() internal view returns (address) {
+        if (modules[msg.sender] != address(0)) {
+            return msg.sender;
+        }
+
+        (, address signer) = moduleTxSignedBy();
+        if (modules[signer] != address(0)) {
+            return signer;
+        }
+
+        return address(0);
+    }
+
     /// @dev Disables a module on the modifier.
     /// @notice This can only be called by the owner.
     /// @param prevModule Module that pointed to the module to be removed in the linked list.

contracts/core/Module.sol

@@ -1,13 +1,11 @@
 // SPDX-License-Identifier: LGPL-3.0-only
-
-/// @title Module Interface - A contract that can pass messages to a Module Manager contract if enabled by that contract.
 pragma solidity >=0.7.0 <0.9.0;
 
-import "../interfaces/IAvatar.sol";
 import "../factory/FactoryFriendly.sol";
-import "../guard/Guardable.sol";
+import "../interfaces/IAvatar.sol";
 
-abstract contract Module is FactoryFriendly, Guardable {
+/// @title Module Interface - A contract that can pass messages to a Module Manager contract if enabled by that contract.
+abstract contract Module is FactoryFriendly {
     /// @dev Address that will ultimately execute function calls.
     address public avatar;
     /// @dev Address that this module will pass transactions to.
@@ -45,8 +43,14 @@ abstract contract Module is FactoryFriendly, Guardable {
         uint256 value,
         bytes memory data,
         Enum.Operation operation
-    ) internal returns (bool success) {
-        (success, ) = _exec(to, value, data, operation);
+    ) internal virtual returns (bool success) {
+        return
+            IAvatar(target).execTransactionFromModule(
+                to,
+                value,
+                data,
+                operation
+            );
     }
 
     /// @dev Passes a transaction to be executed by the target and returns data.
@@ -60,49 +64,13 @@ abstract contract Module is FactoryFriendly, Guardable {
         uint256 value,
         bytes memory data,
         Enum.Operation operation
-    ) internal returns (bool success, bytes memory returnData) {
-        (success, returnData) = _exec(to, value, data, operation);
-    }
-
-    function _exec(
-        address to,
-        uint256 value,
-        bytes memory data,
-        Enum.Operation operation
-    ) private returns (bool success, bytes memory returnData) {
-        address currentGuard = guard;
-        if (currentGuard != address(0)) {
-            IGuard(currentGuard).checkTransaction(
-                /// Transaction info used by module transactions.
+    ) internal virtual returns (bool success, bytes memory returnData) {
+        return
+            IAvatar(target).execTransactionFromModuleReturnData(
                 to,
                 value,
                 data,
-                operation,
-                /// Zero out the redundant transaction information only used for Safe multisig transctions.
-                0,
-                0,
-                0,
-                address(0),
-                payable(0),
-                "",
-                msg.sender
+                operation
             );
-            (success, returnData) = IAvatar(target)
-                .execTransactionFromModuleReturnData(
-                    to,
-                    value,
-                    data,
-                    operation
-                );
-            IGuard(currentGuard).checkAfterExecution("", success);
-        } else {
-            (success, returnData) = IAvatar(target)
-                .execTransactionFromModuleReturnData(
-                    to,
-                    value,
-                    data,
-                    operation
-                );
-        }
     }
 }

contracts/factory/ModuleProxyFactory.sol

@@ -19,10 +19,10 @@ contract ModuleProxyFactory {
     /// @notice Initialization failed.
     error FailedInitialization();
 
-    function createProxy(address target, bytes32 salt)
-        internal
-        returns (address result)
-    {
+    function createProxy(
+        address target,
+        bytes32 salt
+    ) internal returns (address result) {
         if (address(target) == address(0)) revert ZeroAddress(target);
         if (address(target).code.length == 0) revert TargetHasNoCode(target);
         bytes memory deployment = abi.encodePacked(