Skip to content

feat: update to new session signatures#235

Merged
cpb8010 merged 11 commits intomainfrom
update-contracts
Dec 5, 2025
Merged

feat: update to new session signatures#235
cpb8010 merged 11 commits intomainfrom
update-contracts

Conversation

@cpb8010
Copy link
Contributor

@cpb8010 cpb8010 commented Nov 25, 2025
edited
Loading

Summary

This PR updates the project to use the new signature scheme and corresponding updated function / API signatures across the SSO service. The change aligns the repo with the latest authentication spec and fixes incompatibilities with clients that expect the new signing behavior.

Description

  • Updated server-side signature verification and generation to the new signature format.
  • Updated public APIs and internal function signatures that accept or return signature-related payloads.
  • Adjusted client helper utilities to produce signatures in the new format.
  • Updated type definitions and interfaces to reflect the new shapes.
  • Updated and added unit tests that validate the new signing and verification flows.
  • Updated relevant documentation and comments for the new signature behavior.

Additional context

The previous signature format is did not pass audit and is no longer compatible with newer clients and the updated auth spec.
This change ensures interoperability, improves correctness of verification, and removes ambiguity from signature formats used by downstream consumers.

@github-actions
Copy link

github-actions bot commented Nov 25, 2025
edited
Loading

Visit the preview URL for this PR (updated for commit de766a4):

https://zksync-auth-server-staging--pr235-update-contracts-8piijhn7.web.app

(expires Thu, 11 Dec 2025 18:08:23 GMT)

🔥 via Firebase Hosting GitHub Action 🌎

Sign: 509a9c9ea42583076f531c53cf2979c544d5d0b7

@cpb8010 cpb8010 requested a review from Copilot December 1, 2025 18:51
@cpb8010 cpb8010 self-assigned this Dec 1, 2025
@cpb8010 cpb8010 added the enhancement New feature or request label Dec 1, 2025
Copilot AI reviewed Dec 1, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates function signatures across the codebase to include a proof parameter for session creation, aligning with changes made to audited smart contracts. The proof parameter represents a signature from the session key proving ownership, which binds the session to a specific account.

Key changes:

  • Added proof: Bytes parameter to session creation functions in Rust
  • Updated TypeScript SDK to generate and pass session key proofs
  • Changed LimitType enum from string values to numeric values matching contract enums
  • Updated finalize_recovery to accept a data parameter

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
lib.rs Added proof parameter to encode_create_session_call_data function
send.rs Updated tests to generate session proofs using session key signatures
revoke.rs Updated tests to generate session proofs and moved variable declaration
create.rs Added proof parameter to CreateSessionParams and related functions
active.rs Updated tests to generate dynamic session keys and proofs
session.rs Changed contract module visibility from private to public
finalize.rs Added data parameter to FinalizeRecoveryParams
deploy.rs Modified account deployment to install session validator post-deployment
utils.ts Added getSessionHash utility and updated sessionSpecToJSON to convert enum values
types.ts Changed LimitType enum from string to numeric values
session.test.ts Updated test assertions to expect string limit types instead of numeric
client-actions.ts Added proof parameter to createSession function
actions/sessions.ts Added proof parameter to CreateSessionParams and function calls
SessionKeyValidator.ts Added proof parameter to ABI definition
erc4337-contracts Updated subproject commit reference
SessionCreator.vue Added proof generation logic for session creation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@cpb8010 cpb8010 changed the title feat: update to new signatures feat: update to new session signatures Dec 2, 2025
@cpb8010 cpb8010 marked this pull request as ready for review December 2, 2025 17:44
Copilot AI reviewed Dec 2, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 16 out of 16 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@cpb8010
Update packages/sdk-platforms/rust/zksync-sso-erc4337/crates/zksync-s…
a2d093c 
…so-erc4337-core/src/erc4337/account/modular_smart_account/session/create.rs

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
JackHamer09
JackHamer09 previously approved these changes Dec 4, 2025
View reviewed changes
@JackHamer09
Copy link
Member

JackHamer09 commented Dec 4, 2025

ah CI is failing

@cpb8010 cpb8010 enabled auto-merge (squash) December 5, 2025 05:21
@cpb8010 cpb8010 merged commit c26c70f into main Dec 5, 2025
20 of 21 checks passed
@cpb8010 cpb8010 deleted the update-contracts branch December 5, 2025 12:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@JackHamer09 JackHamer09 JackHamer09 approved these changes

@ly0va ly0va Awaiting requested review from ly0va

Assignees

@cpb8010 cpb8010

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cpb8010 @JackHamer09