Permit2 with Native (#227)

* Test for PermitTransferFrom

* permitWitnessTransferFrom test

* remove verification lib

* Move signPermitTransfer to TestKeyManager

* try permit2 import

* rm accidental change

* Use permit2 submodule

* Update test util

* Add 7739 support

* Refactor test logic

* WIP

* test passing

* WIP

* 7739 with nativeETH permit2

* Update comments

* Respond to comments

---------

Co-authored-by: Sara Reynolds <[email protected]>

Author: codyborn

.gitmodules

@@ -13,3 +13,9 @@
 [submodule "lib/account-abstraction"]
 	path = lib/account-abstraction
 	url = https://github.com/eth-infinitism/account-abstraction
+[submodule "lib/erc20-eth"]
+	path = lib/erc20-eth
+	url = https://github.com/Uniswap/ERC20-eth
+[submodule "lib/permit2"]
+	path = lib/permit2
+	url = https://github.com/Uniswap/permit2

lib/erc20-eth

@@ -12,15 +12,27 @@ import {KeyType, Key, KeyLib} from "../src/libraries/KeyLib.sol";
 import {TypedDataSignBuilder} from "./utils/TypedDataSignBuilder.sol";
 import {FFISignTypedData} from "./utils/FFISignTypedData.sol";
 import {MessageHashUtils} from "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
+import {Permit2Utils} from "./utils/Permit2Utils.sol";
+import {IPermit2} from "../lib/permit2/src/interfaces/IPermit2.sol";
+import {IAllowanceTransfer} from "../lib/permit2/src/interfaces/IAllowanceTransfer.sol";
+import {PermitHash} from "../lib/permit2/src/libraries/PermitHash.sol";
+import {ERC20ETH} from "../lib/erc20-eth/src/ERC20Eth.sol";
 
 contract ERC7739Test is DelegationHandler, TokenHandler, ERC1271Handler, FFISignTypedData {
     using TestKeyManager for TestKey;
     using TypedDataSignBuilder for *;
     using KeyLib for Key;
+    using Permit2Utils for *;
+    using PermitHash for IAllowanceTransfer.PermitSingle;
+
+    IAllowanceTransfer public permit2;
+    bytes4 private constant _1271_MAGIC_VALUE = 0x1626ba7e;
 
     function setUp() public {
         setUpDelegation();
         setUpTokens();
+        // Deploy permit2 for actual permit transfers
+        permit2 = IAllowanceTransfer(Permit2Utils.deployPermit2());
     }
 
     function test_signPersonalSign_matches_signWrappedPersonalSign_ffi() public {
@@ -112,4 +124,165 @@ contract ERC7739Test is DelegationHandler, TokenHandler, ERC1271Handler, FFISign
         // Assert that the ffi generated signature is NOT the same as the locally generated signature
         assertNotEq(signature, key.sign(typedDataSignDigest));
     }
+
+    function test_signTypedSignData_permitSingleTransfer() public {
+        // Register a test key with the signer account
+        uint256 testPrivateKey = 0x123456;
+        TestKey memory testKey = TestKeyManager.withSeed(KeyType.Secp256k1, testPrivateKey);
+        vm.prank(address(signerAccount));
+        signerAccount.register(testKey.toKey());
+
+        // Give the signer account some tokens to permit
+        uint256 initialBalance = 10000;
+        deal(address(tokenA), address(signerAccount), initialBalance);
+        
+        // Approve permit2 to spend tokens on behalf of the signer account
+        vm.prank(address(signerAccount));
+        tokenA.approve(address(permit2), type(uint256).max);
+
+        // Create a PermitSingle for permit2 (using permit2's actual domain)
+        uint160 allowanceAmount = 1000;
+        IAllowanceTransfer.PermitSingle memory permitSingle = IAllowanceTransfer.PermitSingle({
+            details: IAllowanceTransfer.PermitDetails({
+                token: address(tokenA), 
+                amount: allowanceAmount, 
+                expiration: uint48(block.timestamp + 1 hours), 
+                nonce: 0
+            }),
+            spender: address(this),
+            sigDeadline: block.timestamp + 1 hours
+        });
+
+        // Generate the permit2 domain separator and hash
+        bytes32 permit2DomainSeparator = permit2.DOMAIN_SEPARATOR();
+        bytes32 permitHash = permitSingle.hash();
+        
+        // Build ERC-7739 TypedDataSign signature for permit2
+        string memory contentsDescr = "PermitDetails(address token,uint160 amount,uint48 expiration,uint48 nonce)PermitSingle(PermitDetails details,address spender,uint256 sigDeadline)PermitSingle";
+        (string memory contentsName, string memory contentsType) = mockERC7739Utils.decodeContentsDescr(contentsDescr);
+
+        bytes memory signerAccountDomainBytes = IERC5267(address(signerAccount)).toDomainBytes();
+        bytes32 typedDataSignDigest = permitHash.hashTypedDataSign(signerAccountDomainBytes, permit2DomainSeparator, contentsName, contentsType);
+
+        // Sign the digest with the test key
+        bytes memory signature = testKey.sign(typedDataSignDigest);
+
+        // Build the TypedDataSign signature for ERC-7739
+        bytes memory typedDataSignSignature = TypedDataSignBuilder.buildTypedDataSignSignature(signature, permit2DomainSeparator, permitHash, contentsDescr);
+
+        // Wrap the signature with keyHash and empty hook data
+        bytes memory wrappedSignature = abi.encode(testKey.toKeyHash(), typedDataSignSignature, bytes(""));
+
+        // Test by calling permit2.permit() which will internally call isValidSignature() on the signer account
+        // This should succeed without reverting, proving the signature is valid
+        permit2.permit(address(signerAccount), permitSingle, wrappedSignature);
+        
+        // Verify the allowance was actually set
+        (uint160 allowance, uint48 expiration, uint48 nonce) = permit2.allowance(address(signerAccount), address(tokenA), address(this));
+        assertEq(allowance, allowanceAmount);
+        assertEq(expiration, uint48(block.timestamp + 1 hours));
+        assertEq(nonce, 1); // nonce should be incremented after permit
+    }
+
+    function test_signTypedSignData_permitSingleTransfer_transferNative() public {
+        // Register a test key with the signer account
+        uint256 testPrivateKey = 0x123456;
+        TestKey memory testKey = TestKeyManager.withSeed(KeyType.Secp256k1, testPrivateKey);
+        vm.prank(address(signerAccount));
+        signerAccount.register(testKey.toKey());
+
+        // Deploy ERC20ETH contract for native ETH transfers
+        ERC20ETH erc20Eth = new ERC20ETH();
+        
+        // Give the signer account some ETH 
+        uint256 initialEthBalance = 10 ether;
+        vm.deal(address(signerAccount), initialEthBalance);
+        
+        // Approve ERC20ETH to spend native ETH on behalf of the signer account
+        vm.prank(address(signerAccount));
+        signerAccount.approveNative(address(erc20Eth), type(uint256).max);
+
+        // Create a PermitSingle for permit2 using ERC20ETH
+        uint160 allowanceAmount = 1 ether;
+        IAllowanceTransfer.PermitSingle memory permitSingle = IAllowanceTransfer.PermitSingle({
+            details: IAllowanceTransfer.PermitDetails({
+                token: address(erc20Eth), 
+                amount: allowanceAmount, 
+                expiration: uint48(block.timestamp + 1 hours), 
+                nonce: 0
+            }),
+            spender: address(this),
+            sigDeadline: block.timestamp + 1 hours
+        });
+
+        // Generate the permit2 domain separator and hash
+        bytes32 permit2DomainSeparator = permit2.DOMAIN_SEPARATOR();
+        bytes32 permitHash = permitSingle.hash();
+        
+        // Build ERC-7739 TypedDataSign signature for permit2
+        string memory contentsDescr = "PermitDetails(address token,uint160 amount,uint48 expiration,uint48 nonce)PermitSingle(PermitDetails details,address spender,uint256 sigDeadline)PermitSingle";
+        (string memory contentsName, string memory contentsType) = mockERC7739Utils.decodeContentsDescr(contentsDescr);
+
+        bytes memory signerAccountDomainBytes = IERC5267(address(signerAccount)).toDomainBytes();
+        bytes32 typedDataSignDigest = permitHash.hashTypedDataSign(signerAccountDomainBytes, permit2DomainSeparator, contentsName, contentsType);
+
+        // Sign the digest with the test key
+        bytes memory signature = testKey.sign(typedDataSignDigest);
+
+        // Build the TypedDataSign signature for ERC-7739
+        bytes memory typedDataSignSignature = TypedDataSignBuilder.buildTypedDataSignSignature(signature, permit2DomainSeparator, permitHash, contentsDescr);
+
+        // Wrap the signature with keyHash and empty hook data
+        bytes memory wrappedSignature = abi.encode(testKey.toKeyHash(), typedDataSignSignature, bytes(""));
+
+        // Test by calling permit2.permit() which will internally call isValidSignature() on the signer account
+        // This should succeed without reverting, proving the signature is valid
+        permit2.permit(address(signerAccount), permitSingle, wrappedSignature);
+        
+        // Verify the allowance was actually set
+        (uint160 allowance, uint48 expiration, uint48 nonce) = permit2.allowance(address(signerAccount), address(erc20Eth), address(this));
+        assertEq(allowance, allowanceAmount);
+        assertEq(expiration, uint48(block.timestamp + 1 hours));
+        assertEq(nonce, 1); // nonce should be incremented after permit
+
+        // Now verify the spender can actually pull the ETH
+        address recipient = address(0xBEEF);
+        uint160 transferAmount = 0.5 ether;
+        
+        // Check initial ETH balances
+        uint256 signerEthBalanceBefore = address(signerAccount).balance;
+        uint256 recipientEthBalanceBefore = recipient.balance;
+
+        // Verify wrong spender cannot transfer ETH
+        address wrongSpender = address(0xBAD);
+        vm.expectRevert(); // Should revert with insufficient allowance
+        vm.prank(wrongSpender);
+        permit2.transferFrom(address(signerAccount), wrongSpender, 1, address(erc20Eth));
+
+        // Verify correct spender cannot exceed allowance limit
+        vm.expectRevert(); // Should revert with insufficient allowance
+        permit2.transferFrom(address(signerAccount), recipient, allowanceAmount + 1, address(erc20Eth));
+        
+        // Transfer ETH using the permit
+        permit2.transferFrom(address(signerAccount), recipient, transferAmount, address(erc20Eth));
+        
+        // Verify ETH balances changed correctly
+        assertEq(address(signerAccount).balance, signerEthBalanceBefore - transferAmount);
+        assertEq(recipient.balance, recipientEthBalanceBefore + transferAmount);
+        
+        // Verify allowance was decremented
+        (uint160 allowanceAfter,,) = permit2.allowance(address(signerAccount), address(erc20Eth), address(this));
+        assertEq(allowanceAfter, allowanceAmount - transferAmount);
+        
+        // Transfer remaining allowed ETH
+        permit2.transferFrom(address(signerAccount), recipient, allowanceAmount - transferAmount, address(erc20Eth));
+        
+        // Verify final ETH balances
+        assertEq(address(signerAccount).balance, initialEthBalance - allowanceAmount);
+        assertEq(recipient.balance, allowanceAmount);
+        
+        // Verify allowance is now zero
+        (uint160 finalAllowance,,) = permit2.allowance(address(signerAccount), address(erc20Eth), address(this));
+        assertEq(finalAllowance, 0);
+    }
 }

lib/permit2

@@ -5,8 +5,24 @@ import {DelegationHandler} from "./utils/DelegationHandler.sol";
 import {IERC7914} from "../src/interfaces/IERC7914.sol";
 import {ERC7914} from "../src/ERC7914.sol";
 import {BaseAuthorization} from "../src/BaseAuthorization.sol";
+import {IPermit2} from "../lib/permit2/src/interfaces/IPermit2.sol";
+import {ISignatureTransfer} from "../lib/permit2/src/interfaces/ISignatureTransfer.sol";
+import {ERC20ETH} from "../lib/erc20-eth/src/ERC20Eth.sol";
+import {IAllowanceTransfer} from "../lib/permit2/src/interfaces/IAllowanceTransfer.sol";
+import {Permit2Utils} from "./utils/Permit2Utils.sol";
+import {TestKeyManager, TestKey} from "./utils/TestKeyManager.sol";
+import {IERC5267} from "@openzeppelin/contracts/interfaces/IERC5267.sol";
+import {TypedDataSignBuilder} from "./utils/TypedDataSignBuilder.sol";
+import {KeyType} from "../src/libraries/KeyLib.sol";
+import {FFISignTypedData} from "./utils/FFISignTypedData.sol";
+import {ERC1271Handler} from "./utils/ERC1271Handler.sol";
+import {PermitSingle, PermitDetails} from "./utils/MockERC1271VerifyingContract.sol";
+import {MessageHashUtils} from "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
+
+contract ERC7914Test is DelegationHandler, ERC1271Handler, FFISignTypedData {
+    using Permit2Utils for *;
+    using TestKeyManager for TestKey;
 
-contract ERC7914Test is DelegationHandler {
     event TransferFromNative(address indexed from, address indexed to, uint256 value);
     event ApproveNative(address indexed owner, address indexed spender, uint256 value);
     event ApproveNativeTransient(address indexed owner, address indexed spender, uint256 value);
@@ -16,6 +32,79 @@ contract ERC7914Test is DelegationHandler {
     address bob = makeAddr("bob");
     address recipient = makeAddr("recipient");
 
+    struct Permit2TestSetup {
+        ERC20ETH erc20Eth;
+        IPermit2 permit2;
+        uint256 spendAmount;
+        uint256 totalAmount;
+    }
+
+    function _setupPermit2Test() internal returns (Permit2TestSetup memory setup) {
+        setup.erc20Eth = new ERC20ETH();
+        setup.permit2 = IPermit2(Permit2Utils.deployPermit2());
+        setup.spendAmount = 1 ether;
+        setup.totalAmount = 2 ether;
+        
+        vm.deal(address(signerAccount), setup.totalAmount);
+        vm.prank(address(signerAccount));
+        signerAccount.approveNative(address(setup.erc20Eth), type(uint256).max);
+    }
+
+    function _createPermit(address token, uint256 amount) internal view returns (ISignatureTransfer.PermitTransferFrom memory) {
+        return ISignatureTransfer.PermitTransferFrom({
+            permitted: ISignatureTransfer.TokenPermissions({
+                token: token,
+                amount: amount
+            }),
+            nonce: 0,
+            deadline: block.timestamp + 1 hours
+        });
+    }
+
+    function _testPermit2Transfer(
+        IPermit2 permit2,
+        ISignatureTransfer.PermitTransferFrom memory permit,
+        bytes memory sig,
+        uint256 spendAmount,
+        uint256 totalAmount,
+        bool isWitness,
+        bytes32 witness,
+        string memory witnessTypeString
+    ) internal {
+        // Test invalid transfer (too much)
+        ISignatureTransfer.SignatureTransferDetails memory invalidTransfer = 
+            ISignatureTransfer.SignatureTransferDetails({
+                to: bob,
+                requestedAmount: spendAmount + 1
+            });
+
+        vm.expectRevert(abi.encodeWithSelector(ISignatureTransfer.InvalidAmount.selector, spendAmount));
+        vm.prank(bob);
+        if (isWitness) {
+            permit2.permitWitnessTransferFrom(permit, invalidTransfer, address(signerAccount), witness, witnessTypeString, sig);
+        } else {
+            permit2.permitTransferFrom(permit, invalidTransfer, address(signerAccount), sig);
+        }
+
+        // Test valid transfer
+        ISignatureTransfer.SignatureTransferDetails memory validTransfer = 
+            ISignatureTransfer.SignatureTransferDetails({
+                to: bob,
+                requestedAmount: spendAmount
+            });
+        
+        vm.prank(bob);
+        if (isWitness) {
+            permit2.permitWitnessTransferFrom(permit, validTransfer, address(signerAccount), witness, witnessTypeString, sig);
+        } else {
+            permit2.permitTransferFrom(permit, validTransfer, address(signerAccount), sig);
+        }
+
+        // Verify the transfer
+        assertEq(bob.balance, spendAmount);
+        assertEq(address(signerAccount).balance, totalAmount - spendAmount);
+    }
+
     function setUp() public {
         setUpDelegation();
     }
@@ -246,4 +335,38 @@ contract ERC7914Test is DelegationHandler {
             assertEq(address(signerAccount).balance, signerAccountBalanceBefore);
         }
     }
+
+    // Test that a permit2 signature can be used to transfer native ETH
+    // using the ERC20-eth contract
+    function test_permit2SignatureTransferNative() public {
+        Permit2TestSetup memory setup = _setupPermit2Test();
+        ISignatureTransfer.PermitTransferFrom memory permit = _createPermit(address(setup.erc20Eth), setup.spendAmount);
+
+        bytes memory sig;
+        {        
+            (bytes32 appDomainSeparator, , bytes32 contentsHash) = Permit2Utils.getPermit2Fixtures(permit, bob, address(setup.permit2));
+        
+            bytes32 msgHash = MessageHashUtils.toTypedDataHash(appDomainSeparator, contentsHash);
+            sig = signerTestKey.sign(msgHash);
+        }
+        _testPermit2Transfer(setup.permit2, permit, sig, setup.spendAmount, setup.totalAmount, false, bytes32(0), "");
+    }
+
+    // Test that a permit2 witness signature can be used to transfer native ETH
+    // using the ERC20-eth contract
+    function test_permit2WitnessSignatureTransferNative() public {
+        Permit2TestSetup memory setup = _setupPermit2Test();
+        Permit2Utils.MockWitness memory witnessData = Permit2Utils.MockWitness(10000000, address(5), true);
+        bytes32 witness = keccak256(abi.encode(witnessData));
+        ISignatureTransfer.PermitTransferFrom memory permit = _createPermit(address(setup.erc20Eth), setup.spendAmount);
+        
+        bytes memory sig;
+        {        
+            (bytes32 appDomainSeparator, , bytes32 contentsHash) = Permit2Utils.getPermit2WitnessFixtures(permit, witness, bob, address(setup.permit2));
+        
+            bytes32 msgHash = MessageHashUtils.toTypedDataHash(appDomainSeparator, contentsHash);
+            sig = signerTestKey.sign(msgHash);
+        }
+        _testPermit2Transfer(setup.permit2, permit, sig, setup.spendAmount, setup.totalAmount, true, witness, Permit2Utils.WITNESS_TYPE_STRING);
+    }
 }