Modify MEVBoostPaymaster workflow
Modify to charge in PostOp, while only checking the Searcher balance in paymaster validation
Clearer workflow
Lower gas consumption: 20730 gas reduction
Analyze the attack vectors against MEVBoostPaymaster reputation in both new and old modes
From the perspective of Bundler, these attack vectors cannot resist attacks on the reputation of MEVBoostPaymaster, whether in new or old modes.
However, due to the fact that the userOp using MEVBoostPaymaster is directly linked by the searcher (the searcher will submit the bundle in some way) and does not go through the Bundler.
Searchers will construct the bundle themself and push it to the EntryPoint without relying on the Bundler system
Bundler's reputation system and constraints on the userOp validation phase will not affect MEVBoostPaymaster
Note: Relevant analysis articles will be published in the future
Searcher signature follows ERC-721 signature
MEVBoostAccount&MEVBoostPaymaster supports ERC165
MEVBoostAccount inherits CallBackHandler
Adjust the code specifications to follow the style in the official documentation
Write an article analyzing the attack vectors against MEVBoostPaymaster reputation in both old and new modes, and explaining why MEVBoostPaymaster is secure.
Start to develop SDK for sender
修改 MEVBoostPaymaster 工作流
修改为在 PostOp 扣款,而在 ValidationPaymaster 中只检查 Searcher 余额
工作流更加清晰
更低的 gas 消耗:降低 20730 gas
分析了新旧模式下对 MEVBoostPaymaster 信誉的攻击向量
在 Bundler 的视角看这些攻击向量,无论新旧模式都无法防住对 MEVBoostPaymaster 的信誉的攻击。
然而,由于采用 MEVBoostPaymaster 的 userOp 是由 Searcher 负责直接上链的(Searcher 会以某种方式直接提交 bundle),并不会经过 Bundler。
Searcher 会自己构造 bundle 上链,无需依靠 Bundler 系统
Bundler 的信誉系统以及对 userOp validation 阶段的约束并不会影响 MEVBoostPaymaster
注:后续会发表相关的分析文章
Searcher 签名遵循 ERC-721 签名
MEVBoostAccount & MEVBoostPaymaster 支持 ERC165
MEVBoostAccount 继承 CallBackHandler
调整代码规范,遵循官方文档中的 style
撰写文章,分析了新旧模式下对 MEVBoostPaymaster 信誉的攻击向量,并说明 MEVBoostPaymaster 为什么是安全的。
MEVBoostAA 的 contract 初版定型
基于 MEVBoostAA 的 contract 初版,开始开发 sender 端的 SDK