diff --git a/ERCS/erc-7730.md b/ERCS/erc-7730.md deleted file mode 100644 index 8def5482e76..00000000000 --- a/ERCS/erc-7730.md +++ /dev/null @@ -1,1456 +0,0 @@ ---- -eip: 7730 -title: Structured Data Clear Signing Format -description: JSON format describing how to clear-sign smart contract calls and typed messages. -author: Laurent Castillo (@lcastillo-ledger), Derek Rein (@arein), Pierre Aoun (@paoun-ledger), Arik Galansky (@arikg) -discussions-to: https://ethereum-magicians.org/t/eip-7730-proposal-for-a-clear-signing-standard-format-for-wallets/20403 -status: Draft -type: Standards Track -category: ERC -created: 2024-02-07 -requires: 155, 712 ---- - -## Abstract - -This specification defines a JSON format carrying additional information required to correctly display structured data for human verification on wallet screens or for machine consumption e.g. by transaction simulation engines. - -The [ERC-7730](./eip-7730.md) specification enriches type data contained in the ABIs and schemas of structured messages (structures like the calldata of an EVM transaction or an [EIP-712](./eip-712.md) message) with additional formatting information and dynamic value interpolation, enabling both human-readable display with contextual intent descriptions and machine-interpretable data processing. For instance, a solidity field containing an amount, encoded as an uint256, can be converted to the right magnitude and appended with the correct ticker for display, or parsed programmatically for transaction simulation. - -Wallets and automated systems will use curated ERC-7730 files alongside the raw data to sign in order to construct appropriate interfaces for their respective use cases. - -This enables significantly improved signing user experiences and lower end-user risk from frontend and phishing attacks. - -## Motivation - -Properly validating a transaction on a hardware wallet's screen (also known as Clear Signing) is a key element of good security practices for end users when interacting with any Blockchain. Unfortunately, most data to sign, even enriched with the data structure description (like ABIs or EIP-712 types) are not self-sufficient in terms of correctly displaying them to the user for review. Among other things: - -* Function name or main message type is often a developer oriented name and does not translate to a clear intent for the user -* Fields in the data to sign are tied to primitive types only, but those can be displayed in many different ways. For instance, integers can be displayed as percentages, dates, etc... -* Some fields require additional metadata to be displayed correctly, for instance token amounts require knowledge of the decimals and the ticker, as well as where to find the token address itself to be correctly formatted. - -This specification intends to provide a simple, open standard format to provide wallets with the additional information required to properly format a structured data to sign for review by users. - -Providing this additional formatting information requires deep knowledge of the way a smart contract or message is going to be used. It is expected that app developers will be the best placed to write such a file. The intent of an open standard is to only write this file once and have it work with most wallets supporting this standard. - - -## Specification - -The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 and RFC 8174. - -### Simple example - -The following is an example of how to clear sign a `transfer` function call on an [ERC-20](./eip-20.md) contract. - -```json -{ - "$schema": "https://eips.ethereum.org/assets/eip-7730/erc7730-v1.schema.json", - - "context": { - "$id": "Example ERC-20", - "contract" : { - "abi": "https://api.example.io/api?module=contract&action=getabi&address=0xdac17f958d2ee523a2206206994597c13d831ec7", - "deployments": [ - { - "chainId": 1, - "address": "0xdAC17F958D2ee523a2206206994597C13D831ec7" - }, - { - "chainId": 137, - "address": "0xc2132D05D31c914a87C6611C10748AEb04B58e8F" - }, - { - "chainId": 42161, - "address": "0xFd086bC7CD5C481DCC9C85ebE478A1C0b69FCbb9" - } - ] - } - }, - - "metadata": { - "owner": "Example", - "info": { - "legalName": "Example Inc.", - "url": "https://example.io/", - "deploymentDate": "2017-11-28T12:41:21Z" - } - }, - - "display": { - "formats": { - "transfer(address _to,uint256 _value)": { - "intent": "Send", - "interpolatedIntent": "Send {_value} to {_to}", - "fields": [ - { - "path": "_to", - "label": "To", - "format": "addressOrName" - }, - { - "path": "_value", - "label": "Amount", - "format": "tokenAmount", - "params": { - "tokenPath": "@.to" - } - } - ], - "required": ["_to", "_value"], - "excluded": [] - } - } - } -} -``` - -The `$schema` key refers to the latest version of this specification json schema (version 1 at the time of writing). - -The `context` key is used to provide binding context information for this file. It can be seen as a set of *constraints* on the structured data being reviewed, indicating whether the ERC-7730 file is valid for this data. A wallet MUST ensure these constraints are met before ERC-7730 formatting information is applied to the data being signed. - -In this example, the context section indicates that the ERC-7730 file should only be applied to the Example smart contract whose deployment addresses are provided and only if they match the reference ABI. Note that the ABI is used to define unique *path* references to fields being formatted in the `display.formats` section, so the ABI is mandatory for all contracts clear-signed. - -The `metadata` section contains constants that can be trusted when the ERC-7730 file is applicable for the given context. This section is typically used to: -* Provide displayable information about the recipient of the contract call / message -* Provide displayable values of enumeration or encoded id parameters, typically smart contract / message specific -* Provide common constants used by the various formats defined in the file - -In this example, the metadata section contains only the recipient information, in the form of a displayable name (`owner` key) and additional information (`info` key) that MAY be used by wallets to provide details about the recipient. - -Finally, the `display` section contains the definitions of how to format each field of targeted contract calls under the `formats` key. - -In this example, the function being described is identified by its solidity signature `transfer(address _to,uint256 _value)`. This is the signature used to compute the function selector `0xa9059cbb` (using the solidity signature guarantees unicity in the context of the contract). -* The `intent` key contains a human-readable string that wallets SHOULD display to explain to the user the intent of the function call. -* The `fields` key contains all the parameters that CAN be displayed, and the way to format them -* The `required` key indicates which parameters wallets SHOULD display. -* The `excluded` key indicates which parameters are intentionally left out (none in this example). - -In this example, the `_to` parameter and the `_value` SHOULD both be displayed, one as an address replaceable by a trusted name (ENS or others), the other as an amount formatted using metadata of the target ERC-20 contract. - -### Common concepts - -#### Key naming convention - -In all the specification, key names starting with `$` are *internal* and have no value beyond readability of the specification file itself. They should not be used in any function to build the UI to review structured data. - -#### Structured Data - -This specification intends to be extensible to describe the display formatting of any kind of *structured data*. - -By *Structured data*, we target any data format that has: -* A well-defined *type* system; the data being described itself being of a specific type -* A description of the type system, the *schema*, that should allow splitting the data into *fields*, each field clearly identified with a *path* that can be described as a string. - -Displaying structured data is often done by wallets to review its content before authorizing an action in the form of a *signature* over some serialization of the structured data. As such, the structured data is contained in a *container structure*: -* Container structure has a well-defined *signature* scheme (a serialization scheme, a hashing scheme, and signature algorithm). -* The container structure does not necessarily follow the same type system as the structured data. -* Wallets receive the full container structure and uses the signature scheme to generate a signature on the overall structure. - -![Structured Data and Container](../assets/eip-7730/structured-data.svg) - -Current specification covers EVM smart contract calldata: -* Defined in Solidity -* The schema is the ABI (expected in json format when linked to) -* The container structure is an EVM Transaction serialized in RLP encoding - -It also supports EIP-712 messages -* Defined in EIP-712 -* The schema is extracted from the message itself, from the `types` definitions and the `primaryType` key. -* An EIP-712 message is self-contained, the signature is applied to the hashed message itself. - - -The *schema* is referenced and bound to this file under the `context` key. In turn, it enables using *path* strings to target specific fields in the `display` section to describe what formatting should be applied to these fields before display. - -Formats are dependent on and defined for the underlying *types* on the structured data. The [Reference](#reference) section covers formats and types supported by this current version of the specification. - -It is sometime necessary for formatting of fields of the structured data to reference values of the *container structure*. These values are dependent on the container structure itself and are defined in the [Reference](#reference) section. - -#### Path references - -This specification uses a limited [json path](https://www.rfc-editor.org/rfc/rfc9535) notation to reference values that can be found in multiple json documents. - -Limitation to the json path specification are the following: -* Paths MUST use the dot notation, including for slice and array selectors (i.e. an element of an array should be selected through `array_name.[index]`) -* Only name, index and slices selectors are supported. -* Slices selectors MUST NOT contain the optional step. Start index is inclusive, end index is exclusive. Start or end index can be omitted to indicate the beginning or end of the array. - -In addition, additional *roots* are introduced to support description of paths over multiple files in a single common notation. The root node identifier indicates which document or data location this path references, according to the following table: - -| Root node identifier | Refers to | Value location | -|----------------------|---------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------| -| # | Path applies to the structured data *schema* (ABI path for contracts, path in the message types itself for EIP-712) | Values can be found in the serialized representation of the structured data | -| $ | Path applies to the current file describing the structured data formatting, after merging with includes | Values can be found in the merged file itself | -| @ | Path applies to the container of the structured data to be signed | Values can be found in the serialized container to sign, and are uniquely defined per container in the [Reference](#reference) section | - -Root nodes and following separator can be omitted, in which case the path is *relative* to the structure being described. In case there is no encapsulating structure, relative paths refer to the top-level structure described in the current file and are equivalent to `#.` root node. - -For paths referring to structured data fields, if a field has a variable length primitive type (like `bytes` or `string` in solidity), a slice selector can be appended to the path, to refer to the specific set of bytes indicated by the slice. - -*Examples* - -References to values in the serialized structured data -* `#.params.amountIn` or `params.amountIn` refers to parameter `amountIn` in top-level structure `params` as defined in the ABI -* `#.data.path.[0].path.[-1].to` or `data.path.[0].path.[-1].to` refers to the field `to` taken from last member of `path` array, itself taken from first member of enclosing `path` array, itself part of top level `data` structure. -* `#.params.path.[:20]` or `#.params.path.[0:20]` refers to the first 20 bytes of the `path` byte array -* `#.params.path.[-20:]` refers to the last 20 bytes of the `path` byte array -* `#.details.[]` refers to the array with the Permit Details of a PermitBatch message - -References to values in the format specification file -* `$.metadata.enums.interestRateMode` refers to the values of an enum defined in the specification file (typically to convert an integer into a displayed string) -* `$.display.definitions.minReceiveAmount` refers to a common definition reused across fields formatting definition - -References to values in the container (here an EVM Tx container) -* `@.value` refers to the enclosing transaction native currency amount -* `@.to` refers to the enclosing transaction destination address (usually, a smart contract bound to this ERC-7730 through the `context` section) - -#### Value Interpolation - -The `interpolatedIntent` field supports embedding formatted field values directly within intent strings using interpolation syntax. This allows constructing dynamic, context-aware descriptions of transactions and messages. - -The `interpolatedIntent` makes transaction intents significantly shorter and easier to read by presenting all relevant information in a single, natural language sentence rather than as separate labeled fields. This is particularly valuable for: -- Reducing the cognitive load on users reviewing transactions -- Displaying concise summaries on resource-constrained devices -- Enabling clear descriptions of batch transactions (e.g., [EIP-5792](./eip-5792.md)), where multiple operations can be concatenated into a single readable sentence - -**Interpolation Syntax** - -Values are interpolated using curly braces containing a path reference: `{path}`. The path MUST follow the [path reference rules](#path-references) and can reference: -- Structured data fields (e.g., `{_to}`, `{params.amountIn}`) -- Container values (e.g., `{@.value}`, `{@.from}`) -- Metadata constants (e.g., `{$.metadata.constants.nativeAssetAddress}`) - -**Formatting Behavior** - -When a wallet processes an `interpolatedIntent`: -1. The wallet MUST identify all interpolation expressions `{path}` in the string -2. For each expression, the wallet MUST resolve the path and locate the corresponding field format specification in the `fields` array -3. The wallet MUST apply the field's `format` and `params` to format the value -4. The wallet MUST replace the interpolation expression with the formatted value -5. If any interpolation fails (path not found, formatting error, etc.), the wallet MUST fall back to displaying the regular `intent` field - -**Escaping** - -To include literal curly braces in the intent text, escape them by doubling: `{{` for `{` and `}}` for `}`. - -**Examples** - -*Simple token transfer:* -```json -{ - "intent": "Send", - "interpolatedIntent": "Send {_value} to {_to}", - "fields": [ - {"path": "_to", "format": "addressName"}, - {"path": "_value", "format": "tokenAmount", "params": {"tokenPath": "@.to"}} - ] -} -``` -Displays as: **"Send 100 USDT to cyberdrk.eth"** - -*Swap with native currency:* -```json -{ - "intent": "Swap", - "interpolatedIntent": "Swap {amountIn} for at least {amountOutMinimum}", - "fields": [ - {"path": "amountIn", "format": "tokenAmount", "params": {"tokenPath": "tokenIn"}}, - {"path": "amountOutMinimum", "format": "tokenAmount", "params": {"tokenPath": "tokenOut"}} - ] -} -``` -Displays as: **"Swap 1000 USDC for at least 0.25 WETH"** - -*Using container values:* -```json -{ - "intent": "Wrap ETH", - "interpolatedIntent": "Wrap {@.value} ETH for WETH", - "fields": [ - {"path": "@.value", "format": "amount"} - ] -} -``` -Displays as: **"Wrap 0.5 ETH for WETH"** - -*Escaping literal braces:* -```json -{ - "interpolatedIntent": "Execute {{function}} with {amount} tokens" -} -``` -Displays as: **"Execute {function} with 100 tokens"** - -**Batch Transactions (EIP-5792)** - -When displaying batch transactions as defined in [EIP-5792](./eip-5792.md), wallets SHOULD concatenate the `interpolatedIntent` strings of individual operations using " and " as a separator to create a single, human-readable description of the entire batch. - -This approach provides users with a clear, natural language summary of complex multi-step operations without requiring them to mentally piece together separate transaction descriptions. - -*Permit + Swap example:* -```json -[ - { - "function": "permit", - "interpolatedIntent": "Approve {spender} to spend {value} USDC" - }, - { - "function": "swapExactTokensForTokens", - "interpolatedIntent": "Swap {amountIn} for at least {amountOutMin}" - } -] -``` -Combined display: **"Approve Uniswap Router to spend 1000 USDC and Swap 1000 USDC for at least 0.25 WETH"** - -*Approve + Swap example:* -```json -[ - { - "function": "approve", - "interpolatedIntent": "Approve {_spender} to spend {_value}" - }, - { - "function": "exactInputSingle", - "interpolatedIntent": "Swap {amountIn} for at least {amountOutMinimum}" - } -] -``` -Combined display: **"Approve Uniswap V3 Router to spend 5000 DAI and Swap 5000 DAI for at least 1.2 ETH"** - -*Approve + Swap + Mint NFT example:* -```json -[ - { - "function": "approve", - "interpolatedIntent": "Approve {_spender} to spend {_value}" - }, - { - "function": "swapExactTokensForETH", - "interpolatedIntent": "Swap {amountIn} for at least {amountOutMin} ETH" - }, - { - "function": "mint", - "interpolatedIntent": "Mint {quantity} NFT(s) from {collection}" - } -] -``` -Combined display: **"Approve DEX Router to spend 2000 USDC and Swap 2000 USDC for at least 0.5 ETH and Mint 2 NFT(s) from NftProject"** - -**Implementation Guidance for Batch Transactions** - -Wallets implementing batch transaction display SHOULD: -1. Process each transaction in the batch to generate its `interpolatedIntent` -2. Join the resulting intent strings with " and " (note the spaces) -3. Display the combined string as a single transaction summary -4. Provide a way for users to view individual transaction details if needed -5. Fall back to displaying individual `intent` fields if any `interpolatedIntent` processing fails - -Wallets MAY: -- Apply additional formatting (e.g., capitalizing the first letter, adding a period at the end) -- Truncate very long combined intents and provide expansion UI -- Group related operations visually while still showing the combined intent - -#### Organizing files - -Smart contracts and EIP-712 messages are often re-using common interfaces or types that share similar display formatting. This specification supports a basic inclusion mechanism that enables sharing files describing specific interfaces or types. - -The `includes` top-level key is a URL pointing to an ERC-7730 file that MUST follow this specification. - -A wallet using an ERC-7730 file including another file SHOULD merge those files into a single reference file. When merging, conflicts between common unique keys are resolved by prioritizing the including file. -*Merging field format specifications* - -Special care must be taken when merging [field format specifications](#field-format-specification). These objects are grouped in an array under the `fields` key, allowing ordering of field formatters. When merging the two arrays, a wallet SHOULD: -* Merge together objects sharing the same `path` value, overriding parameters of the included file with those of the including file. -* Append objects with `path` values not part of the included file to the resulting array. - -*Example* - -This file defines a generic ERC-20 interface for a single `approve` function: -```json -{ - "context": { - "contract": { - "abi": [ - { - "inputs": [ - { - "name": "_spender", - "type": "address" - }, - { - "name": "_value", - "type": "uint256" - } - ], - "name": "approve", - "type": "function" - } - ] - } - }, - "display": { - "formats": { - "approve(address _spender,uint256 _value)": { - "intent": "Approve", - "fields": [ - { - "path": "_spender", - "label": "Spender", - "format": "addressOrName" - }, - { - "path": "_value", - "label": "Amount", - "format": "tokenAmount", - "params": { - "tokenPath": "@.to", - "threshold": "0x8000000000000000000000000000000000000000000000000000000000000000", - "thresholdLabel": "Unlimited" - } - } - ], - "required": ["_spender", "_value"] - } - } - } -} -``` -Note that there are no keys for binding the contract to a specific address or owner, nor any contract specific metadata. - -The following file would include this generic interface and bind it to the specific USDT contract, overriding the threshold value to one relative to USDT: -```json -{ - "context": { - "$id": "Example Contract", - "contract" : { - "deployments": [ - { - "chainId": 1, - "address": "0xdAC17F958D2ee523a2206206994597C13D831ec7" - } - ] - } - }, - - "includes": "./example-erc20.json", - - "metadata": { - "owner": "Example", - "info": { - "legalName": "Example Inc.", - "url": "https://example.io/", - "deploymentDate": "2017-11-28T12:41:21Z" - }, - "token": { - "ticker": "STABLE", - "name": "Example Stablecoin", - "decimals": 6 - } - }, - - "display": { - "formats": { - "approve(address _spender,uint256 _value)": { - "fields": [ - { - "path": "_value", - "params" : { - "threshold": "0xFFFFFFFFFFFFFFFFFF" - } - } - ] - } - } - } -} -``` -Note that the keys under `context.contract` would be merged together to construct a full contract binding object. The field formatter `_value` parameter `threshold` is overridden with value `0xFFFFFFFFFFFFFFFFFF`. - -### `Context` section - -The `context` section describes a set of *constraints* that must be verified by the structured data and container structure before formatting them using the ERC-7730 file. A wallet MUST verify that the structured data and container it is trying to sign matches the constraints of the `context` section. - -The current version of this specification only supports two types of binding context, EVM smart contracts and EIP-712 domains. - -All context support an `$id` sub-key as an internal identifier (only relevant to provide a human-readable name to the ERC-7730 file) - -#### EVM smart contract binding context (denoted 'calldata') - -The `contract` sub-key is used to introduce an EVM smart contract binding context, with the following constraints expressed as sub-keys of `contract`. - -**`contract.abi`** - -Either an URL of the reference ABI (served in json representation), or the ABI itself as a json array. - -A wallet MUST verify that the ABI is applicable to the contract being called. - -All paths described in the ERC-7730 starting with the `#.` root node (typically used to describe a single parameter of the contract call) are using selectors names coming from the parameter names of the ABI referenced. - -The `contract.abi` key is mandatory for a smart contract ERC-7730 file. - -**`contract.deployments`** - -An array of deployments options. Wallets MUST verify that the target chain and contract address of the containing transaction MUST match one of these deployment options. - -A deployment option is an object with: - * `chainId`: an [EIP-155 identifier](./eip-155.md) of the chain the described contract is deployed on. - * `address`: the address of the deployed contract on specified `chainId` chain. - ---- -*The following constraints for contracts are considered draft* - -**`contract.addressMatcher`** - -An URL that can be used to check whether the current transaction `(chainId, contract address)` can be formatted using the ERC-7730 file. - -A wallet MAY use this URL to check unknown addresses, default is to fail constraint on unknown addresses. - -**`contract.factory`** - -An object describing the factory used to deploy smart contracts that can be clear signed using the ERC-7730 file. - -A factory is a json object with: -* `deployEvent` key, specifying the solidity signature of the events emitted when deploying a clear-signable contract. -* `deployments` key: an array of deployment options as in `contract.deployments`. These deployments represent the addresses at which the *factory* is deployed. - -To verify a factory constraints a wallet MUST check that: -* The current transaction destination address is included in an event of signature `factory.deployEvent` -* The emitter of the event is a factory contract deployed at an address matching one of the deployment option in `factory.deployments` ---- - -#### EIP-712 messages binding context (denoted 'messages') - -* The `eip712` sub-key is used to introduce an EIP-712 message type to bind to: - -**`eip712.schemas`** - -The `schemas` key is either an URL pointing to the EIP-712 schemas (in json representation) or an array of either individual *EIP-712 json schema*, or URLs pointing to a single message schema. - -An *EIP-712 schema* consists in the subset of the EIP-712 message containing only the `types` and `primaryType` elements of the message, represented in json notation for this specification. - -A wallet MUST verify that the message being signed matches the `types` and `primaryType` of the schema. - -All paths in the ERC-7730 file relative to the message (root node `#.`) are using selectors taken from the types *names* in the schema. As such, the `schema` is a mandatory key for `eip712` contexts. - -*Example* - -In the sample EIP-712 message included in the specification [here](../assets/eip-712/Example.js), the schema for the message would be the following json. Note the inclusion in an array, since a single ERC-7730 can describe multiple messages. - -```json -{ - "context": { - "eip712": { - "schemas": [ - { - "types": { - "EIP712Domain": [ - { "name": "name", "type": "string" }, - { "name": "version", "type": "string" }, - { "name": "chainId", "type": "uint256" }, - { "name": "verifyingContract", "type": "address" } - ], - "Person": [ - { "name": "name", "type": "string" }, - { "name": "wallet", "type": "address" } - ], - "Mail": [ - { "name": "from", "type": "Person" }, - { "name": "to", "type": "Person" }, - { "name": "contents", "type": "string" } - ] - }, - "primaryType": "Mail" - } - ] - } - } -} -``` - -**`eip712.domain`** - -The `domain` constraint is a json object with simple key-value pairs, describing a set of values that the *EIP-712 Domain* of the message MUST match. - -A wallet MUST verify that each key-value pair in this `domain` binding matches the values of the `domain` key-value pairs of the message. Note that the message can have more keys in its `domain` than those listed in the ERC-7730 file. An EIP-712 domain is a free-form list of keys, but those are very common to include: - -* `name`: the name of the message verifier -* `version`: the version of the message -* `chainID`: an [EIP-155](./eip-155.md) identifier of the chain the message is bound to -* `verifyingContract`: the address the message is bound to - -Note that `chainId` and `verifyingContract` can also be bound to their values thanks to the `eip712.deployments` constraint, in a more flexible way (supporting multiple deployment values). - -**`eip712.deployments`** - -An array of deployments options. - -When an `eip712.deployments` constraint is set, the wallet MUST verify that: -* The message being displayed has both `domain.chainId` and `domain.verifyingContract` keys -* The `chainId` and `verifyingContract` values in the domain match ONE of the deployment option specified in `eip712.deployments` - -A deployment option is an object with: -* `chainId`: an EIP-155 identifier of the chain the described contract is deployed on. -* `address`: the address of the deployed contract on specified `chainId` chain. - -**`eip712.domainSeparator`** - -An hex string containing the value of the *domainSeparator* to check. - -Wallet MUST verify that the message *EIP-712 Domain* hashes (as defined in EIP-712) to the value in `eip712.domainSeparator`. - -When the exact construction of the EIP-712 domain is not known (for instance, when the smart contract code only contains the hash value of the domain separator), `domainSeparator` and `domain.verifyingContract` can still be used to target the right message recipients. - -*Examples* - -```json -{ - "context" : { - "eip712": { - "schemas": [ - { - "types": { - "EIP712Domain": [], - "PermitDetails": [], - "PermitSingle": [] - }, - "primaryType": "PermitSingle" - } - ], - "domain": { - "name": "Permit2" - }, - "deployments": [ - { - "chainId": 1, - "address": "0x000000000022D473030F116dDEE9F6B43aC78BA3" - }, - { - "chainId": 42161, - "address": "0x000000000022D473030F116dDEE9F6B43aC78BA3" - } - ] - } - } -} -``` -The previous snippet defines a context for a `Permit2` EIP-712 message (types have been omitted for readability). - -The `domain` key indicates that the message signed domain MUST contain a `name` key of value `Permit2`. The `deployments` key means that the domain must contain both `chainId` and `verifyingContract` keys and they MUST match one of the deployment options (here, on ETH mainnet and Arbitrum). - -### `Metadata` section - -The `metadata` section contains information about constant values relevant in the scope of the current contract / message (as matched by the `context` section). - -In the context of wallets and clear signing, these constant values are either used to construct the UI when approving the signing operation, or to provide parameters / checks on the data being signed. But these constant values are relevant outside of the scope of wallets, and should be understood as reference values concerning the bound contract / message. - -All keys but the `metadata.owner` key are optional. - -**`metadata.owner`** - -A key containing a displayable name of the *owner* of the contract or of the verifying contract for a message. - -Wallet MAY use this value to display the target of the interaction being reviewed. - -**`metadata.info`** - -A key containing additional structured info about the *owner* of the contract: - * `legalName` is the legal owner entity name - * `deploymentDate` is the date of deployment of the contract (or verifying contract) - * `url` is the official URL of the owner - -A wallet MAY use this information to display additional details about the targeted contract. - -**`metadata.token`** - -The `token` key is only relevant for `contract` ERC-7730 files and only for contracts supporting an ERC-20 interface. - -It contains the ERC-20 metadata when the contract itself does not support the optional calls to retrieve it. It SHOULD NOT be present if the contract does support the `name()`, `symbol()` and `decimals()` smart contract calls. - -The ERC-20 token metadata for the contract described is in the sub-keys `name`, `ticker` and `decimals` - -**`metadata.constants`** - -This key contains in a json object all the constants that can be re-used as parameters in the formatters, or that make sense in the context of this contract / message. - -It is a list of key / value pairs, the key being used to reference this constant (as a *path* starting with a root node `$.` i.e. `$.metadata.constants.KEY_NAME`). - -*Example* - -```json -{ - "metadata": { - "constants": { - "nativeAssetAddress": "0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE" - } - } -} -``` -This snippet introduces a constant `nativeAssetAddress` (an address typically used to represent the native network underlying currency, which is smart contract specific). This constant can be referenced using the path `$.metadata.constants.nativeAssetAddress` - -**`metadata.enums`** - -The `enums` key contains displayable values for parameters that are enumerations (in a loose sense including parameters taking fixed number of well known values). These `enums` are used to replace specific parameter values with a human-readable one. - -Each key of the `enums` object is an *enumeration* name. Enumeration names can be referred to in the `display` section formatters by using a path starting with root node `$.` (i.e. `$.metadata.enums.ENUM_NAME`). - -An enum is a json object with a flat list of key / value pairs, each key being the enumeration *value* to replace, and the value being the display string to use instead of the enumeration value. - ---- -*The following is considered a draft* - -Alternatively, rather than a json object with displayable values, an enum can be a simple string containing an URL. That URL MUST return the json object with the enumeration key-values. - -A wallet MAY use this URL to resolve more dynamic enumeration values under the control of the owner of the URL. - -*Examples* - -```json -{ - "metadata": { - "enums": { - "interestRateMode": { - "1": "stable", - "2": "variable" - }, - "vaultIDs": "https://example.com/vaultIDs" - } - } -} -``` -This snippet introduces an enumeration describing the displayable values of an integer parameter used to represent multiple modes of interest rates. It can be referenced using the path `$.metadata.enums.interestRateMode`. - -It also shows how to describe a more dynamic enumeration, like a list of possible vaultIDs as integer values, retrievable through an URL. This dynamic enumeration can be referenced using `$.metadata.enums.vaultIDs`. - -```json -{ - "display": { - "formats": { - "repay(address asset, uint256 amount, uint256 interestRateMode)": { - "$id": "repay", - "intent": "Repay loan", - "interpolatedIntent": "Repay {amount} of {interestRateMode} rate loan", - "fields": [ - { - "path": "amount", - "format": "tokenAmount", - "label": "Amount to repay", - "params": { "tokenPath": "asset" } - }, - { - "path": "interestRateMode", - "format": "enum", - "label": "Interest rate mode", - "params": { "$ref": "$.metadata.enums.interestRateMode" } - } - ], - "required": ["amount", "interestRateMode"] - } - } - } -} -``` - -In this example, the `interestRateMode` field is formatted using the enumeration defined under `$.metadata.enums.interestRateMode`. - -### `Display` section - -The `display` section contains the actual formatting instructions for each field of the bound structured data. It is split into two parts, a `display.definitions` key that contains common formats that can be re-used in the other parts and a `display.formats` key containing the actual format instructions for each function / message type bound to the specification file. - -**`display.definitions`** - -The `definitions` key is an object in which each sub-key is a [*field format specification*](#field-format-specification). The sub-key name is the name of the common definition and is used to refer to this object in the form of a path starting with root node `$.` (i.e. `$.display.definitions.DEF_NAME`). - -Definitions don't usually include the `path` or `value` key of a [*field format specification*](#field-format-specification), since they are intended for re-use in other fields specifications, that will specify locally what path they apply to. - -*Example* - -```json -{ - "display": { - "definitions": { - "sendAmount": { - "label": "Amount to Send", - "format": "tokenAmount", - "params": { - "tokenPath": "fromToken", - "nativeCurrencyAddress": "$.display.constants.addressAsEth" - } - } - } - } -} -``` -This snippet defines a common formatter for an amount to send that can be used by a simple reference to the path `$.display.definitions.sendAmount`. - -**`metadata.formats`** - -The `formats` key is an object containing the actual information used to format the structured data. It is a json object in which each sub-key is a specific function call (for contracts) or a specific message type (for EIP-712) being described. The values are each a *structured data format specification*. - -For contracts, the key names MUST be one of those three forms: -* A 4-bytes selector of the function being described, in hex string notation: the corresponding function MUST be in the abi specified in `context.abi`. -* The function signature used to compute the selector, i.e. without parameter names and without spaces (refer to Solidity documentation): the corresponding function MUST be in the abi specified in `context.abi`. -* A full solidity signature, including parameter names: the corresponding function MUST be in the abi specified in `context.abi` and the parameters names MUST match those in the ABI. - -For EIP-712, the key names MUST be one of the primary type names included in `context.eip712.schemas`. - -#### Structured data format specification - -A *Structured data format specification* is used to describe how to format all the fields of a single function or EIP-712 message. It is contained in a single json object under each sub-keys of `display.formats`. - -**`$id`** - -This key is purely internal and used to specify a human-readable identifier for this specification. - -**`intent`** - -Use to specify the *intent* of the function call or message signature in a user-friendly way. - -An intent can take two forms: -* A simple string with human-readable content -* A json object with a flat list of string key-value pairs, representing more complex intents. Both keys and values should be human-readable and user-friendly. - -Wallets SHOULD use this `intent` value to display a clear intent when reviewing the structured data before signature. When displaying a complex json intent, it is expected that keys represent labels, and values should be displayed after their label. - -```json -{ - "display": { - "formats": { - "withdraw(uint256)": { - "intent": { - "Native Staking": "Withdraw", - "Rewards": "Consensus & Exec" - } - } - } - } -} -``` -This snippet defines an intent for a withdrawal function on a contract, with an expectation that the intent would be displayed in a structured way on the wallet screen. - -**`interpolatedIntent`** - -A string containing an intent description with embedded field values using [interpolation syntax](#value-interpolation). - -The `interpolatedIntent` provides a more dynamic, contextual description than the static `intent` field by embedding actual transaction/message values directly in the intent string. This is particularly useful for: -- Displaying concise, single-line transaction summaries -- Improving UX on devices with limited screen space -- Reducing cognitive load by presenting values in natural language context - -When both `intent` and `interpolatedIntent` are present: -- Wallets SHOULD prefer displaying `interpolatedIntent` when interpolation is successfully processed -- Wallets MUST fall back to `intent` if interpolation fails for any reason -- Wallets MAY display both fields, with `interpolatedIntent` as the primary description - -Interpolated paths MUST reference fields that have corresponding format specifications in the `fields` array. The formatting applied during interpolation MUST match the formatting that would be applied if the field were displayed separately. - -*Example with complex intent:* -```json -{ - "intent": { - "Action": "Approve", - "Type": "Batch" - }, - "interpolatedIntent": "Approve {spender} to spend up to {amount} on your behalf until {deadline}", - "fields": [ - {"path": "spender", "label": "Spender", "format": "addressName"}, - {"path": "amount", "label": "Amount", "format": "tokenAmount", "params": {"tokenPath": "@.to"}}, - {"path": "deadline", "label": "Deadline", "format": "date", "params": {"encoding": "timestamp"}} - ] -} -``` - -**`fields`** - -The `fields` key defines formatting information for individual fields of the structured data (function or message). -each key name is a [path](#path-references) in the structured data, -`fields` is an array of elements, each element being either: - * A single [*field format specification*](#field-format-specification) - * A reference to a format specification in the `definitions` section: by declaring an object with two keys, a `path` key with the [path](#path-references) to the field being formatted, and a `$ref` key with a path to the internal definition. - * A reference object can override a field format specification `params` by including its own `params` sub-key, whose values will take precedence over the common definition - * A recursive [*structured data format specification*](#structured-data-format-specification), by declaring an object with two keys, a `path` key with the [path](#path-references) to the field(s) being formatted, and a `fields` with the recursive list of sub-fields. - -Recursive references work by concatenating the paths of the parents *structured data format specification*, all the way to the leaf, to build a full reference path to the field being described. The leaf should be either a *field format specification*, or a reference to a *field format specification* in the `definitions` section. - -This recursivity allows structuring the ERC-7730 file itself, but is NOT RECOMMENDED. It is expected that resource limited wallets will only support very limited recursivity in the ERC-7730 file itself, so the initial intent of the spec is to "flatten" the list of fields to display using the *path* mechanics. - -*Examples* - -Let's assume the following solidity contract - -```solidity -pragma solidity ^0.8.0; - -contract MyContract { - - struct MyParamType { - string name; - uint256 value; - } - - // Function declaration - function myFunction(address _address, uint256 _amount, MyParamType memory _param) public { - // Function logic here - } -} -``` - -The following ERC-7730 shows examples for the three kinds of `fields` options -```json -{ - "display": { - "formats": { - "myFunction(address _address,uint256 _amount,MyParamType _param)" : { - "fields": [ - { - "path": "_address", - "$ref": "$.display.definitions.sendTo", - "params": { "type": "eoa" } - }, - { - "path": "_amount", - "label": "Number of items", - "format": "raw" - }, - { - "path": "_param", - "fields": [ - { "path": "name", "$ref": "$.display.definitions.itemName" }, - { "path": "value", "$ref": "$.display.definitions.itemReference" } - ] - } - ] - } - } - } -} -``` -* The `_address` field is an example of an internal reference (reference not included in the example), overriding the reference `type` parameter with another value. -* The `_amount` field shows an example of a simple formatter, displaying an int in its natural representation with a label. -* The `_param` field shows an example of defining formatters with a recursive structure, ending up defining two embedded formatters for paths `#._param.name` and `#._param.value` - -Note that the recursive definition is equivalent to the following definition, which is the preferred form: -```json -{ - "display": { - "formats": { - "myFunction(address _address,uint256 _amount,MyParamType _param)" : { - "fields": [ - { "path":"_param.name", "$ref": "$.display.definitions.itemName" }, - { "path":"_param.value", "$ref": "$.display.definitions.itemReference" } - ] - } - } - } -} -``` - -**`required`** - -Required fields, as an array of *paths* referring to specific fields. - -Wallets SHOULD display at least all the fields referred by the `required` key. - -**`excluded`** - -Intentionally excluded fields, as an array of *paths* referring to specific fields. - -A field that has no formatter and is not declared in this list MAY be considered as an error by the wallet when interpreting the descriptor. - -**`screens`** - -Wallet specific grouping information. The structure of the `screens` sub-keys is wallet maker specific, more details in the [wallets](#wallets-specific-layouts) section. - -The current ERC-7730 specification does not contain layout or ordering information, since capabilities for controlling those are highly wallet dependent. - -It is expected that wallets supporting advanced re-ordering and layout features would enable those in the `screens` object. - -Wallets SHOULD NOT override formatting information in the `fields` key in the wallet specific `screens` key. - -#### Field format specification - -A *field format specification* is a json object defining how to format a single field of the structured data. - -* The `path` is the absolute or relative path to the field location in the structured data, as described in the [path section](#path-references). A literal `value` can be used instead to display a constant rather than looking up a field in the structured data. -* The `label` is a displayable string that should be shown before displaying this field -* The `format` key indicates how the value of the field should be formatted before being displayed. The list of supported formats are in the [Reference](#field-formats) section -* Each field format might have parameters in a `params` sub-key. Available parameters are described in the [Reference](#field-formats) section -* Each field definition can have an optional internal `$id` used to identify easily which field is described - -#### Slices in paths - -A slice can be applied at the end of paths. - -A slice on a primitive type like uint256, bytes and string means that the associated [field format specification](#field-format-specification) MUST only be applied to the corresponding slice of bytes of the underlying data. - -A slice on an array type means that the associated [field format specification](#field-format-specification) or recursive [structured data format specification](#structured-data-format-specification) MUST be applied to ALL the array elements part of the slice. - -*Example* - -```json -{ - "display": { - "formats": { - "0x09b81346": { - "fields": [ - { - "path": "params.amountInMaximum", - "label": "Maximum Amount to Send", - "format": "tokenAmount", - "params": { - "tokenPath": "params.path.[0:20]" - } - } - ] - } - } - } -} -``` -The `tokenPath` parameter uses a slice on a `bytes` value, indicating only the first 20 bytes should be taken as the address and used as the reference for the formatting of the corresponding token amount. - -```json -{ - "display": { - "formats": { - "0xb2f1e6db": { - "fields": [ - { - "path": "pools.[-1]", - "label": "Last pool", - "format": "raw" - } - ] - } - } - } -} -``` -This examples uses an array slice to indicate that only the last element of the `pools` array should be displayed using the `raw` format. - -```json -{ - "display": { - "formats": { - "PermitBatch": { - "intent": "Approve token spending", - "interpolatedIntent": "Approve {spender} to spend multiple tokens until {sigDeadline}", - "fields": [ - { - "path": "details.[]", - "fields": [ - { - "path": "amount", - "label": "Amount allowance", - "format": "tokenAmount", - "params": { - "tokenPath": "token" - } - }, - { - "path": "expiration", - "label": "Approval expires", - "format": "date", - "params": { - "encoding": "timestamp" - } - } - ] - }, - { - "path": "spender", - "label": "Spender", - "format": "addressName" - }, - { - "path": "sigDeadline", - "label": "Signature Deadline", - "format": "date", - "params": { - "encoding": "timestamp" - } - } - ] - } - } - } -} -``` -This example uses a full array selector `details.[]` to apply the list of the underlying two underlying formats to ALL the elements of the `details` array. - -#### Embedded Calldata - -Embedded calldata is used when a parameter of a smart contract function contains the calldata for another function call to a smart contract. -This pattern is common in contract interactions where one function call triggers another function call as part of its execution. -For example, the `permitAndCall` function verifies a permit and then executes another function within the same contract using the provided embedded calldata. -Here is an example of how to format embedded calldata:" - -```json -{ - "display": { - "formats": { - "permitAndCall(bytes permit, bytes action)": { - "intent": "Execute with permit", - "fields": [ - { - "path": "action", - "label": "Swap", - "format": "calldata", - "params": { - "calleePath": "@.to", - } - } - ], - "required": ["action"], - "excluded": ["permit"] - } - } - } -} -``` - -In this example, the `permitAndCall` function accepts two parameters: `permit` and `action`. -The `action` parameter contains the calldata for a subsequent function call. -The `format` field is set to `calldata`, instructing the wallet to interpret the action parameter as embedded calldata. -The `calleePath` parameter defines the path to the address of the target contract, while the optional `selector` parameter specifies the function selector if it is not the first 4 bytes of the calldata. -When displaying the transaction, the wallet will attempt to resolve an ERC-7730 descriptor for the embedded calldata using the callee address and the selector. -In some cases, embedded calldata may require a transaction value and/or a spender to be properly clear-signed, as the underlying function might rely on a value passed from the parent transaction (e.g., for swaps or staking). -To handle this, the `amountPath` and/or `spenderPath` parameters can be used to specify these values explicitly. - -```json -{ - "display": { - "formats": { - "permitAndCall(bytes permit, address target, bytes action)": { - "intent": "Execute with permit", - "fields": [ - { - "path": "action", - "label": "Swap", - "format": "calldata", - "params": { - "calleePath": "target", - "amountPath": "@.value", - "spenderPath": "@.to" - } - } - ], - "required": ["action", "target"], - "excluded": ["permit"] - } - } - } -} -``` - -### Reference - -### Container structure values - -This section describes all container structure supported by this specification and possible references path to relevant values. - -#### EVM Transaction container - -| Value reference | Value Description | Examples | -|-----------------|---------------------------------------------------------------------------------------------|----------| -| @.from | The address of the sender of the transaction | | -| @.value | The native currency value of the transaction | | -| @.to | The destination address of the containing transaction, ie the target smart contract address | | - -#### EIP-712 container - -| Value reference | Value Description | Examples | -|-----------------|-----------------------------------------------------------------------------------------------------------------------------------|----------| -| @.from | The address of the signer of the message | | -| @.value | EIP-712 have no underlying currency value transferred, so a wallet MAY interpret it as 0 | | -| @.to | The verifying contract address, when known. If not known a wallet SHOULD reject using the ERC-7730 file to clear sign the message | | - -### Field formats - -In the following references, the format title is the value to use under the `format` key of a [*field format specification*](#field-format-specification). - - -#### Integer formats - -Formats usable for uint/int solidity types. - ---- -| **`raw`** | | -|---------------|-----------------------------------------------------------------------| -| *Description* | Display the integer as a raw int in natural, localized representation | -| *Parameters* | None | -| *Examples* | Value 1000 displayed as `1000` | - ---- -| **`amount`** | | -|---------------|------------------------------------------------------------------------------| -| *Description* | Display as an amount in native currency, using best ticker / magnitude match | -| *Parameters* | None | -| *Examples* | Value 0x2c1c986f1c48000 is displayed as `0.19866144 ETH` | - ---- -| **`tokenAmount`** | | -|-------------------------|----------------------------------------------------------------------------------------------------------------------| -| *Description* | Convert value using token decimals, and append token ticker name. If value is above optional `threshold`, display instead `message` with ticker. | -| *Parameters* | --- | -| `tokenPath` or `token` | path reference, or constant value for the address of the token contract. Used to associate correct ticker. If ticker is not found or `tokenPath`/`token` is not set, the wallet SHOULD display the raw value instead with an "Unknown token" warning | -| `nativeCurrencyAddress` | Either a string or an array of strings. If the address pointed to by `tokenPath` is equal to one of the addresses in `nativeCurrencyAddress`, the tokenAmount is interpreted as expressed in native currency | -| `threshold` | integer value, above which value is displayed as a special message. Optional | -| `message` | message to display above threshold. Optional, defaults to "Unlimited" | -| *Examples* | --- | -| `1 DAI` | Field value = 1000000
`tokenPath` =0x6B17...1d0F (DAI, 6 decimals) | -| `Unlimited DAI` | Field value = 0xFFFFFFFF
`token` =0x6B17...1d0F (DAI, 6 decimals)
`threshold` "0xFFFFFFFF" | -| `Max DAI` | Field value = 0xFFFFFFFF
`tokenPath` =0x6B17...1d0F (DAI, 6 decimals)
`threshold` "0xFFFFFFFF"
`message` = "Max" | -| `0.002 ETH` | Field value = 2000000000000000
`tokenPath` = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE
`nativeCurrencyAddress` = ["0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE"] | - ---- -| **`nftName`** | | -|------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------| -| *Description* | Display value as a specific NFT in a collection, if found by wallet, or fallback to a raw int token ID if not | -| *Parameters* | --- | -| `collectionPath` or `collection` | A path reference, or constant value for the collection address | -| *Examples* | --- | -| `Collection Name: BoredApeYachtClub`
`Token ID: 1036` | Field Value = 1036
`collectionPath` = ""0xBC4CA0EdA7647A8aB7C2061c2E118A18a936f13D | - ---- -| **`date`** | | -|-----------------------------|-------------------------------------------------------------------------------------------| -| *Description* | Display int as a date, using specified encoding. Date display RECOMMENDED use of RFC 3339 | -| *Parameters* | --- | -| `"encoding": "timestamp"` | value is encoded as a unix timestamp | -| `"encoding": "blockheight"` | value is a blockheight and is converted to an approximate unix timestamp | -| *Examples* | --- | -| `2024-02-29T08:27:12` | Field Value = 1709191632
`encoding` = "timestamp" | -| `2024-02-29T09:00:35` | Field Value = 19332140
`encoding` = "blockheight" | - ---- -| **`duration`** | | -|----------------|-----------------------------------------------------------------------------------------| -| *Description* | Display int as a duration interpreted in seconds and represented as a duration HH:MM:ss | -| *Parameters* | None | -| *Examples* | --- | -| `02:17:30` | Field Value = 8250 | - ---- -| **`unit`** | | -|---------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| *Description* | Value is converted to a float using `decimals` (`value / 10^decimals`) and displayed appending the corresponding unit. If `prefix` is true, the value is further converted to scientific representation, minimizing the significand and converting the exponent to an SI prefix added in front of the unit symbol | -| *Parameters* | --- | -| `base` | The symbol of the base unit, an SI unit or other acceptable symbols like "%", "bps" | -| `decimals` | Number of decimals in integer representation, defaults to 0 | -| `prefix` | A boolean indicating whether an SI prefix should be appended, defaults to `False` | -| *Examples* | --- | -| `10h` | Field Value = 10
`base` = "h" | -| `1.5d` | Field Value = 15
`base` = "d"
`decimals` = 1 | -| `36ks` | Field Value = 36000
`base` = "s"
`prefix` = True | - ---- -| **`enum`** | | -|---------------|--------------------------------------------------------------------------------------------| -| *Description* | Value is converted using referenced constant enumeration values | -| *Parameters* | --- | -| `$ref` | An internal path (starting with root node `$.`) to an enumerations in `metadata.constants` | -| *Examples* | | - -#### String formats - -Formats usable for strings. - ---- -| **`raw`** | | -|---------------|-----------------------------------------------| -| *Description* | Display as an UTF-8 encoded string | -| *Parameters* | None | -| *Examples* | --- | -| `Ledger` | Field Value = ['4c','65','64','67','65','72'] | - -#### Bytes formats - -Formats usable for bytes - ---- -| **`raw`** | | -|---------------|------------------------------------------------| -| *Description* | Display byte array as an hex-encoded string | -| *Parameters* | None | -| *Examples* | --- | -| `123456789A` | Field Value = Value ['12','34','56','78','9a'] | - ---- -| **`calldata`** | | -|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| *Description* | Contains a call to another smart contract or to another function within the same contract. To resolve an ERC-7730 descriptor for this embedded calldata, use the `callee` and `selector` parameters. If no matching ERC-7730 descriptor is found or if tha wallet does not support embedded calldata, it MAY display a hash of the embedded calldata instead, with target `calleePath` resolved to a trusted name if possible. | -| *Parameters* | --- | -| `calleePath` or `callee` | A path reference or a constant value specifying the address of the contract being called. | -| `selectorPath` or `selector`| Optional. If omitted, the first 4 bytes of the calldata are used as the selector. | -| `chainIdPath` or `chainId` | Optional. Specifies the chain ID if it differs from the current contract’s chain. | -| `amountPath` or `amount` | Optional. Specifies the native currency amount associated with the calldata, if applicable. If provided, the ERC-7730 descriptor for this embedded calldata MAY reference this value using the `@.value` container path. | -| `spenderPath` or `spender` | Optional. Specifies the spender address associated with the calldata, if applicable. If provided, the ERC-7730 descriptor for this embedded calldata MAY reference this value using the `@.from` container path. | -| *Examples* | | - -#### Address - -Formats usable for address - ---- -| **`raw`** | | -|-----------------|----------------------------------------------------------------------------------------------| -| *Description* | Display address as an [EIP-55](./eip-55.md) formatted string. Truncation is device dependent | -| *Parameters* | None | -| *Examples* | --- | -| `0x5aAe...eAed` | Field Value 0x5aAeb6053F3E94C9b9A09f33669435E7Ef1BeAed | - ---- -| **`addressName`** | | -|-------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| *Description* | Display address as a trusted name if a trusted source exists, an EIP-55 formatted address otherwise. See [next section](#address-types-and-sources) for a reference of trusted sources | -| *Parameters* | --- | -| `types` | An array of expected types of the address (see [next section](#address-types-and-sources)). If set, the wallet SHOULD check that the address matches one of the types provided | -| `sources` | An array of acceptable sources for names (see [next section](#address-types-and-sources)). If set, the wallet SHOULD restrict name lookup to relevant sources | -| `senderAddress` | Either a string or an array of strings. If the address pointed to by `addressName` is equal to one of the addresses in `senderAddress`, the addressName is interpreted as the sender referenced by `@.from` | -| *Examples* | --- | -| `vitalik.eth` | Field Value 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045
`types` = ["eoa"] (Externally Owned Account)
`sources` = ["ens"] (Ethereum Name Service) | -| `Uniswap V3: WBTC-USDC` | Field Value 0x99ac8cA7087fA4A2A1FB6357269965A2014ABc35
`types` = ["contract"] | -| `Sender` | Field Value 0x0000000000000000000000000000000000000000
`senderAddress` = ["0x0000000000000000000000000000000000000000"]
`types` = ["eoa"] | - -#### Address types and sources - -Address names trusted sources specify which type and source of trusted names SHOULD be used to replace an address with a human-readable names. - -When specified a wallet MUST only use specified sources to resolve address names. Wallet MUST verify the type of the address if able to. - -When omitted, a wallet MAY use any source to resolve an address. - -| Address type | Description | -|--------------|------------------------------------------------| -| wallet | Address is an account controlled by the wallet | -| eoa | Address is an Externally Owned Account | -| contract | Address is a well known smart contract | -| token | Address is a well known ERC-20 token | -| collection | Address is a well known NFT collection | - -A wallet MAY verify that a `wallet` address is in fact controlled by the wallet, and reject signing if not the case. - -Sources values are wallet manufacturer specific. Some example values could be: - -| Source type | Description | -|-------------|------------------------------------------------------------------------------------------------------------------------------------| -| local | Address MAY be replaced with a local name trusted by user. Wallets MAY consider that `local` setting for `sources` is always valid | -| ens | Address MAY be replaced with an associated ENS domain | - -### Wallets specific layouts - -Wallets MAY extend the specification with wallet specific layout instructions by defining a schema bound to the `display.formats.screens` field. - -## Rationale - -### Human readability - -It is expected that the main limitation to adoption of ERC-7730 will be the complexity of writing this interface description file compared to interest of writing it. - -This drove a few choices when introducing this ERC specification: -* The form of an ERC itself will allow usage of these file by any wallets (Hardware or Software, without restrictions), and in turn drive up the benefits for app developers to provide their own ERC-7730 description -* The specification is intended to be directly readable by developers, in order to facilitate direct edition by developers. -* In addition, a set of edition tools will be created and open sourced to ease visualization of the results for end users - -### Wallet limitations - -Wide support by wallets is key for adoption of this specification. - -Hardware wallets tend to have more limited capabilities that will impact what they can display securely, especially since the intention of the specification is to create a strong security binding between the spec and the data being reviewed. - -This consideration is driving a few choices done for ERC-7730: -* Complex UI constructs like layouts, grouping and re-ordering of fields have been left to a wallet specific section, yet unspecified. After a time, we may see patterns emerge between wallets in terms of minimal features. -* Representation of fields has been created to allow "flattening" the list of fields, when handling complex message structures. This flattened representation is expected to work better with Hardware wallets in particular, and is recommended at first. -* Some formatters that require recursive constructs, like `calldata` are expected to work with restrictions at first, especially on Hardware wallets. - -### Internationalization - -This specification intentionally does not address internationalization or localization of displayable strings. - -All display strings in ERC-7730 files—including intents, labels, field names, and enumeration values—are expected to be authored in English. - -Future versions of this specification may consider standardized internationalization support once the base standard achieves wider adoption and the ecosystem can better assess the need for multilingual support. - -### Why is the ABI still necessary? - -The full signature of a function call does not contain information about the types of complex parameters that might be used in the function call, only their names, while the ABI does carry this information. This is why the ABI is the reference and the function signature MUST match it. The full form of the function call is allowed in order to simplify writing and reading the ERC-7730 file. - -### Extensibility to other Structured Data formats - -In the future, this specification could be extended to structured data like Meta Transaction in [EIP-2771](./eip-2771.md), User Operations in [EIP-4337](./eip-4337.md), and batch transaction payloads in [EIP-5792](./eip-5792.md). - -The `interpolatedIntent` field is particularly well-suited for [EIP-5792](./eip-5792.md) batch transactions, as it enables wallets to concatenate multiple operation descriptions into a single, natural language sentence. By joining individual `interpolatedIntent` strings with " and ", wallets can provide users with clear, readable summaries of complex multi-step operations like "Approve Uniswap Router to spend 1000 USDC and Swap 1000 USDC for at least 0.25 WETH". This significantly improves the user experience when reviewing batch transactions compared to displaying separate, disconnected operation descriptions. See the [Value Interpolation](#value-interpolation) section for detailed implementation guidance and examples. - -## Test Cases - -More examples can be found in the asset folder [here](../assets/eip-7730/example-main.json) and [here](../assets/eip-7730/example-include.json). - -## Security Considerations - -ERC-7730 creates a risk surface where malicious actors could abuse formatting to make unsafe transactions appear benign. In addition to misapplied or malformed files, implementers should anticipate phishing techniques such as (a) parameter injection using legitimate, high-profile contract formats, (b) registry poisoning with well-formed but misleading entries, and (c) front-end/CDN compromise that prompts signatures for unexpected contracts or parameters. - -### Binding context - -The binding `context` mitigates misuse by specifying exactly which structured data a given ERC-7730 file may format. app developers MUST set restrictive constraints; wallets MUST verify all constraints and ensure formatting is cryptographically bound to the reviewed data and not tamperable in transit (including on resource-constrained hardware wallets). - -### Registry Poisoning - -Curation and registry of ERC-7730 files are out of scope for this specification, but any external registry or wallet ecosystem MUST assume it will be targeted. A secure registry should (a) require cryptographically verifiable provenance and attestations for each ERC-7730 file and its maintainer, (b) keep a public, tamper-evident history of submissions, approvals, and revocations, (c) implement a mechanism to credibly link contract ownership or authority to the submitted file, and (d) adopt a clear governance model with multi-party sign-off and automated monitoring to detect anomalies or mass poisoning attempts. These measures mitigate attacks on ERC-7730 files in transit and make registry compromise significantly harder without constraining this ERC itself. - -### Interpolated Intent Security - -The `interpolatedIntent` feature introduces additional attack surfaces that wallets MUST mitigate: - -**Injection Attacks** - -Malicious contracts could craft parameter values that, when interpolated, create misleading intent descriptions. For example: -- A token name containing "to vitalik.eth" could make "Send {amount} to {recipient}" appear as "Send 100 USDT to vitalik.eth to 0x123..." -- Addresses with misleading ENS names could obscure the true destination -- Very long formatted values could push critical information off-screen - -*Mitigations:* -- Wallets MUST apply the same formatting and validation to interpolated values as they would for separately displayed fields -- Wallets MUST validate that ENS names and other address labels are verified before interpolation -- Wallets SHOULD display field values separately in addition to the interpolated intent, or provide easy access to detailed field view - -**Format Consistency** - -Wallets MUST ensure that the formatting applied during interpolation exactly matches the formatting that would be applied if the field were displayed separately. This prevents attackers from exploiting differences in formatting to hide malicious values. - -*Implementation requirement:* -- The interpolation engine MUST use the same formatter functions and parameters specified in the corresponding field format specification -- If a path in `interpolatedIntent` does not have a corresponding field format specification, interpolation MUST fail and fall back to `intent` - -**Path Validation** - -Wallets MUST validate that all paths in interpolation expressions: -1. Follow the [path reference rules](#path-references) -2. Reference fields that exist in the structured data being signed -3. Have corresponding field format specifications in the `fields` array -4. Do not create circular references or unbounded recursion - -**Fallback Behavior** - -If interpolation fails for any reason (invalid path, formatting error, missing field specification, validation failure), wallets MUST: -1. Fall back to displaying the static `intent` field -2. Display all fields separately according to their field format specifications -3. NOT attempt to partially process the interpolated intent -4. Optionally warn the user that the dynamic description could not be generated - -**Resource Constraints** - -Hardware wallets and other resource-constrained devices MAY choose not to implement `interpolatedIntent` support. The `intent` field MUST always be present as a fallback for such devices. - -**Testing and Validation** - -ERC-7730 file authors SHOULD test `interpolatedIntent` strings with: -- Minimum and maximum expected values for each interpolated field -- Edge cases like zero amounts, maximum allowances, expired dates -- Long addresses, token names, and other string fields to ensure proper truncation - -Future Work - -Future improvements could bind frontends to verified contract manifests so that a compromised UI cannot silently substitute a different contract. Clear, auditable registry governance (multi-party signoff, monitoring, and revocation) can further raise the cost of phishing, parameter injection, and front-end compromise attacks. - -## Copyright - -Copyright and related rights waived via [CC0](../LICENSE.md). diff --git a/erc-8040.md b/erc-8040.md new file mode 100644 index 00000000000..70c3100d0c1 --- /dev/null +++ b/erc-8040.md @@ -0,0 +1,171 @@ +--- +eip: 8040 +title: ESG Tokenization Protocol +description: ESG-compliant, AI-native asset tokenization with quantum auditability and lifecycle integrity. +author: Leandro Lemos (@agronetlabs) +discussions-to: https://ethereum-magicians.org/t/erc-8040-esg-tokenization-protocol/25846 +status: Draft +type: Standards Track +category: ERC +created: 2025-09-06 +requires: 20, 721, 1155 +--- + +## Abstract + +This ERC defines an AI-native protocol for ESG-compliant asset tokenization, with quantum auditability, compliance-grade metadata, and lifecycle integrity. + +## Specification + +### Metadata Structure + +Tokens MUST expose a metadata JSON with the following minimum fields: + +json +``` +{ + "standard": "ERC-ESG/1.0", + "category": "carbon", + "geo": "BR-RS", + "carbon_value": 12.5, + "cycle": "2025-Q3", + "digest": "sha3-512:...", + "physical_id": "seal:XYZ123", + "attestation": { + "atf_digest": "sha3-512:...", + "signer": "did:atf:ai:..." + }, + "status": "issued|audited|retired", + "evidence": "cid:Qm..." +} +``` + +### Smart Contract Interface + +Contracts implementing this standard MUST support the following interface: + +solidity +``` +pragma solidity ^0.8.0; + +interface IERC8040 { + /// @notice Metadata structure for ESG tokens + /// @dev All digest fields use bytes to support SHA3-512 (64 bytes) + struct Metadata { + string standard; + string category; + string geo; + uint256 carbon_value; + string cycle; + bytes digest; // SHA3-512 digest (64 bytes) + string physical_id; + Attestation attestation; + string status; + string evidence; + } + + /// @notice Attestation structure for AI-native validation + /// @dev atf_digest uses bytes to support SHA3-512 (64 bytes) + struct Attestation { + bytes atf_digest; // SHA3-512 attestation digest (64 bytes) + string signer; + } + + /// @notice Mints a new ESG token with provided metadata + /// @param metadata The ESG metadata structure + /// @return tokenId The ID of the newly minted token + function mintESGToken(Metadata memory metadata) external returns (uint256 tokenId); + + /// @notice Audits an existing ESG token + /// @param tokenId The token to audit + /// @param auditDigest SHA3-512 digest of the audit report (64 bytes) + function auditESGToken(uint256 tokenId, bytes memory auditDigest) external; + + /// @notice Retires an ESG token permanently + /// @param tokenId The token to retire + /// @param reason Human-readable retirement reason + function retireESGToken(uint256 tokenId, string memory reason) external; + + /// @notice Returns the ESG metadata URI for a token + /// @param tokenId The token ID + /// @return The URI string pointing to off-chain metadata + function esgURI(uint256 tokenId) external view returns (string memory); + + /// @notice Returns the complete on-chain metadata for a token + /// @param tokenId The token ID + /// @return The complete Metadata structure + function getMetadata(uint256 tokenId) external view returns (Metadata memory); + + /// @notice Emitted when a new ESG token is minted + /// @param tokenId The ID of the minted token + /// @param category The ESG category (e.g., "carbon") + /// @param geo Geographic identifier (e.g., "BR-RS") + event Minted(uint256 indexed tokenId, string category, string geo); + + /// @notice Emitted when a token is attested by AI validator + /// @param tokenId The ID of the attested token + /// @param atfDigest SHA3-512 digest of the attestation (64 bytes) + /// @param esgURI The URI of the ESG metadata + event Attested(uint256 indexed tokenId, bytes atfDigest, string esgURI); + + /// @notice Emitted when a token is permanently retired + /// @param tokenId The ID of the retired token + /// @param timestamp The retirement timestamp + /// @param reason Human-readable retirement reason + event Retired(uint256 indexed tokenId, uint256 timestamp, string reason); +} +``` + +### JSON-RPC Example + +json +``` +{ + "method": "eth_call", + "params": [ + { + "to": "0xContractAddress", + "data": "0x..." + } + ], + "example_metadata": { + "category": "carbon", + "geo": "BR-RS", + "carbon_value": 12.5, + "digest": "sha3-512:abc123def456...", + "attestation": { + "atf_digest": "sha3-512:xyz789...", + "signer": "did:atf:ai:validator-001" + } + } +} +``` + +### Mapping & Compatibility + +- [ERC-20](./eip-20.md): Each unit represents a standardized fraction (e.g., 1e18 = 1 tCO2e). +- [ERC-721](./eip-721.md): Single credit with unique esgURI and immutable metadata. +- [ERC-1155](./eip-1155.md): Homogeneous batch with common URI, metadata, and fungible amounts. + +## Rationale + +- **Deterministic flows**: Lifecycle follows strict state transitions (issued → audited → retired). +- **Immutable metadata**: SHA3-512 digest ensures tamper-proof records with 512-bit security. +- **Machine-verifiable audit trails**: ATF-AI validates compliance deterministically. +- **Post-quantum readiness**: SHA3-512 hash functions provide quantum-resistant cryptography. +- **Full hash storage**: Using `bytes` instead of `bytes32` allows complete SHA3-512 digest storage (64 bytes). + +## Security Considerations + +1. **Metadata immutability**: All metadata fields MUST be cryptographically sealed after minting. +2. **Zero-trust validation**: ATF-AI provides deterministic validation; all attestations are timestamped. +3. **Digest integrity**: SHA3-512 (64 bytes) ensures audit-trail integrity. Implementations MUST use `bytes` type to store complete 512-bit digests. +4. **Post-quantum cryptography**: Hash functions and signature schemes MUST be quantum-resistant. SHA3-512 provides 512-bit security suitable for post-quantum scenarios. +5. **Irreversible retirement**: Once retired, tokens cannot be reactivated. +6. **Physical seal validation**: On-chain digest MUST match physical seal cryptographic hash. +7. **Input validation**: All off-chain documents MUST be hashed using SHA3-512 and publicly referenced on-chain. +8. **Hash truncation prevention**: Implementations MUST NOT truncate SHA3-512 digests. The `bytes` type MUST be used instead of `bytes32` to prevent loss of cryptographic security. + +## Copyright + +Copyright and related rights waived via CC0-1.0. diff --git a/leandro-agronetlabs.pub.asc b/leandro-agronetlabs.pub.asc new file mode 100644 index 00000000000..022f11662fb --- /dev/null +++ b/leandro-agronetlabs.pub.asc @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGj1SX4BEADMbBvChwGnUPzoB8bnlB35bisuJXdM8YJ7q9exnvoppm2IffZ+ +KyE+71ATTPrPO4Zdh4PTShZ3A59GW4MrZTJAJMu0jVsJjCF+GyNj3KHH9ayEPA6r +RENFgBu6P3VhXod0glUDK/uzWSHjfN1/NXfg05DakqgRpmcf6LrF3p9Cm4B8e2om +7dqeam+7wII81Vxhoj/UTGpapLpTu53L+Zbqyv8c2QrYF/Jv/nHOuyxKWgYvT4xN +N59unmySLTxK6FTd2lFFo+xTOnWG2EdBs+OkkkkrywbOYIH/Qo+VTwIaCigLHcU5 +TMm665WF63OPvQZOVHFC8JPQ3SzzGT1TFWhkjITc2siaTzKnym3uUO4k9pfWP7kk +0yZfvxKM2lWwU5NeKSNBn11ryX9qA6mmyhSiv5/AFVTVs4yIJ3IV+ydiKpW6Vosu +kq79guYeDPjKeDYd0ca2wcydUcgLj6ORwzQs/xTXzC+hXKFVh5n6gvzM6DNtpSu+ +I2RhNnbyYLPHPBlw1WZf3Ox/xIrspooWAW/wlpCnD09ZWxm95WQLruXp76S9zqTy +wYsW/xuXKRuJYEbsQBOWg+2YiHODpMfoZ0JzoWBHxh+Q3f8wE440z3uC9ENbAjVr +DfG9MLHxTgoeoieViTR6DxFLu6Ai5VnU1s0K4tkx6779Cdt5xjpVcmhmqQARAQAB +tDFMZWFuZHJvIExlbW9zIC0gQWdyb05ldCBMYWJzIDxsZWFuZHJvQGFncm9uZXQu +aW8+iQJXBBMBCABBFiEEiwbxi+rCgMNsVxw/LFLnRVRzkLMFAmj1SX4CGwMFCQPC +ZwAFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQLFLnRVRzkLPBoxAAo2DF +9oPuZJuJVvJf+94vlFa9T28FLLIjN8LuxzyR3D0bthmLM0Hzfw7RLT5N2bcb3aTK +fpsSc0D2k97FqMZGLK5Gv7dPN3cKZ12mS1dXgIZ4b4FM5kZobxH7Sm7GQXRZbUBP +CtM+t9blAH6UH5QPpIu4qwmgopi36ESPzzXnjgEO/MyLJgLPJZXgxPdePgCJe0kh +KltY50PfuOczxxfGSHzcYdDe0vzlK9pgRhygZdT7vXL3qCLYCilCDRBPbtbhyMn1 +y7wy9Y0t2m83kyELxwtcj6W168FnQXiarzzNh9vkP4C0NEdef/xS853+nX8B/9Bs +eGiLu8wfQRJWZnCH7jQAaEGK5rnoiboQfRtGJi/BkAQ4GrjoMk6Aft7Gz4tAM8eh +qfUKgmqD7JGCIO20TBKe9yq4xyiED6EwccUSHOnc8PXHMB9u2NDimwaJaevtWNnr +yG+5FkZP7uxiK55UDisaAs/0LE11KdFxm3RJBXX0MvzsPcehRKUW/3YCrnzSKnbG ++gxYUiFKFC08OyuNhEQh6sJa1wJD4f6GmTVsklorXIl54xSw+lQUGCgkrQakCve4 +PVKTbUvVTSNvuaQIP6jcJzLgyBcAjLpekRmJrECLneGB9OYfi1gpDfYyF6OM34Lx +2k8TErmgSxKwnk3R8bM8zbjI7Z4FugV4YHqF0Jc= +=7nbt +-----END PGP PUBLIC KEY BLOCK-----