Hi I am recently looking to use account abstraction (AA) and noticed that DApp contracts should support ERC 1271 if it is to be compatible with AA contract wallets.
My concern relates to when I should call the isValidSignature method in my DApp contracts. So here is an example of what my initial DApp contract would look like if using ERC1271.
contract TestDApp1 {
function testFn1(
address _addr,
bytes32 _hash,
bytes memory _signature
) external {
bytes4 result = IERC1271(_addr).isValidSignature(_hash, _signature);
require(result == 0x1626ba7e, "INVALID_SIGNATURE");
// do something
}
}
However, my thinking is that not every function needs to call isValidSignature? For example, if the function logic sets some important value to only the msg.sender, then it does not really matter if the signature is valid or not, because the caller of the function would never be able to mess with other address's values. Here is an example:
contract TestDApp2 {
mapping(address => uint256) importantValue;
function testFn2(
uint256 _value,
address _addr,
bytes32 _hash,
bytes memory _signature
) external {
// bytes4 result = IERC1271(_addr).isValidSignature(_hash, _signature); // NOT NEEDED
// require(result == 0x1626ba7e, "INVALID_SIGNATURE"); // NOT NEEDED
// do something
importantValue[msg.sender] = _value;
}
}
So in this example, caller (EOA or wallet contract (AA)) can only ever alter their own important value, thus signature verification is not needed.
I know this is a silly question but I am not too familiar of how AA may alter this behavior. Can I confirm that my assumption is right in that signature validation is not needed for the second example?
Also, if my assumption is right, then it seems that many functions do not need to call isValidSignature as they can just use the msg.sender way?