Skip to content

Add RelayedCall library to hide the msg.sender from a target contract #5630

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 21 commits into from
Sep 9, 2025
Merged

Add RelayedCall library to hide the msg.sender from a target contract #5630

merged 21 commits into from
Sep 9, 2025

Conversation

Amxx
Copy link
Collaborator

@Amxx Amxx commented Apr 8, 2025
edited
Loading

Some contract are required to perform arbitrary action controlled by user input. This is dangerous if the contract has special permissions, or holds assets. In such cases, using a relay contract can be useful to change the msg.sender of the outgoing call. This pattern is used in the ERC-4337 entrypoint that relies on a helper called the "senderCreator" when calling account factories. Similarly ERC-6942 does factory calls that could be dangerous if performed directly.

This library provides a relayCall that can be used to perform dangerous calls. These calls are indirect through a minimal relayer.

Edit: this can also be usefull for some construction that use a singleton with "satellites" contract that hold assets/permissions.

PR Checklist

  • Tests
  • Documentation
  • Changeset entry (run npx changeset add)

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Apr 8, 2025
edited
Loading

🦋 Changeset detected

Latest commit: dfbbc3d

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
openzeppelin-solidity Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

Amxx
Amxx commented Apr 8, 2025
View reviewed changes
@Amxx Amxx changed the title Add a RelayedCall abstract contract Add a IndirectCall library Jun 10, 2025
@Amxx Amxx changed the title Add a IndirectCall library IndirectCall library Jun 10, 2025
@Amxx Amxx added this to the 5.5 milestone Jun 10, 2025
@Amxx Amxx requested a review from a team as a code owner July 9, 2025 19:55
@Amxx Amxx force-pushed the feature/relayed-calls branch from 4d8b726 to d31d407 Compare July 9, 2025 19:56
@Amxx Amxx requested a review from frangio July 11, 2025 08:07
ernestognw
ernestognw reviewed Jul 28, 2025
View reviewed changes
@Amxx Amxx changed the title IndirectCall library RelayedCall library Jul 31, 2025
ernestognw
ernestognw previously approved these changes Jul 31, 2025
View reviewed changes
@ernestognw ernestognw changed the title RelayedCall library Add RelayedCall library to hide the msg.sender address from a target contract Jul 31, 2025
@ernestognw ernestognw changed the title Add RelayedCall library to hide the msg.sender address from a target contract Add RelayedCall library to hide the msg.sender from a target contract Jul 31, 2025
@Amxx Amxx merged commit a060e93 into OpenZeppelin:master Sep 9, 2025
20 checks passed
@Amxx Amxx deleted the feature/relayed-calls branch September 9, 2025 13:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ernestognw ernestognw ernestognw approved these changes

@frangio frangio Awaiting requested review from frangio

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
5.5
Development

Successfully merging this pull request may close these issues.
2 participants
@Amxx @ernestognw