feat(Wallet): add execution ordering via git-style branching

fubuloubu · fubuloubu · commit e99328ea449e · 2025-10-20T16:26:03.000-04:00
diff --git a/contracts/Ruffsack.vy b/contracts/Ruffsack.vy
@@ -15,7 +15,7 @@ EIP712_DOMAIN_TYPEHASH: constant(bytes32) = keccak256(
     "EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
 )
 MODIFY_TYPEHASH: constant(bytes32) = keccak256(
-    "Modify(uint256 action,bytes data)"
+    "Modify(bytes32 parent,uint256 action,bytes data)"
 )
 
 struct Call:
@@ -29,7 +29,7 @@ CALL_TYPEHASH: constant(bytes32) = keccak256(
     "Call(address target,uint256 value,bytes data)"
 )
 EXECUTE_TYPEHASH: constant(bytes32) = keccak256(
-    "Execute(Call[] calls)Call(address target,uint256 value,bytes data)"
+    "Execute(bytes32 parent,Call[] calls)Call(address target,uint256 value,bytes data)"
 )
 
 # @dev The current implementation address for `RuffsackProxy`
@@ -44,6 +44,9 @@ signers: public(DynArray[address, 11])
 threshold: public(uint256)
 # NOTE: invariant `0 < threshold <= len(signers)`
 
+# @dev The last message hash (`Modify` or `Execute` struct) that was executed
+head: public(bytes32)
+
 # @dev Set of pre-approved transaction hashes, indexed by signer
 approved: public(HashMap[bytes32, HashMap[address, bool]])
 
@@ -247,10 +250,11 @@ def modify(
     # NOTE: Skip argument to use on-chain approvals
 ):
     msghash: bytes32 = self._hash_typed_data_v4(
-        # NOTE: Per EIP712, Dynamic ABI types are encoded as the hash of their contents
-        keccak256(abi_encode(MODIFY_TYPEHASH, action, keccak256(data)))
+        # NOTE: Per EIP712, Dynamic structures are encoded as the hash of their contents
+        keccak256(abi_encode(MODIFY_TYPEHASH, self.head, action, keccak256(data)))
     )
     self._verify_signatures(msghash, signatures)
+    self.head = msghash
 
     admin_guard: IAdminGuard = self.admin_guard
     if admin_guard.address != empty(address):
@@ -332,9 +336,10 @@ def execute(
         # Step 3: Hash concatenated item hashes, together with typehash, then with domain to get msghash
         msghash: bytes32 = self._hash_typed_data_v4(
             # NOTE: Per EIP712, Arrays are encoded as the hash of their encoded members, concated together
-            keccak256(abi_encode(EXECUTE_TYPEHASH, keccak256(encoded_call_array)))
+            keccak256(abi_encode(EXECUTE_TYPEHASH, self.head, keccak256(encoded_call_array)))
         )
         self._verify_signatures(msghash, signatures)
+        self.head = msghash
 
     guard: IExecuteGuard = self.execute_guard
     for call: Call in calls:
diff --git a/ruffsack/messages/admin.py b/ruffsack/messages/admin.py
@@ -8,6 +8,7 @@
 
 class ModifyBase(EIP712Message):
     _name_ = "Ruffsack Wallet"
+    parent: "bytes32"
     action: "uint256"  # type: ignore
     data: "bytes"
 
@@ -22,6 +23,7 @@ class ActionType(Flag):
 
     def __call__(
         self,
+        parent: bytes,
         *args,
         version: Version | None = None,
         address: AddressType | None = None,
@@ -46,6 +48,7 @@ class Modify(ModifyBase):
                 arg_types = ("address",)
 
         return Modify(  # type: ignore[call-arg]
+            parent=parent,
             action=self.value,
             data=abi_encode(arg_types, args),
         )
diff --git a/ruffsack/messages/execute.py b/ruffsack/messages/execute.py
@@ -1,5 +1,6 @@
 from typing import TYPE_CHECKING, Self
 
+from ape.types import HexBytes
 from ape.utils import ManagerAccessMixin
 from eip712 import EIP712Message, EIP712Type
 
@@ -17,17 +18,24 @@ class Call(EIP712Type):
 class ExecuteBase(EIP712Message):
     _name_ = "Ruffsack Wallet"
 
+    parent: "bytes32"
     calls: list[Call] = []
 
 
 class Execute(ManagerAccessMixin):
-    def __init__(self, version: "Version", address: "AddressType", chain_id: int):
+    def __init__(
+        self,
+        parent: HexBytes,
+        version: "Version",
+        address: "AddressType",
+        chain_id: int,
+    ):
         class Execute(ExecuteBase):
             _verifyingContract_ = address
             _version_ = str(version)
             _chainId_ = chain_id
 
-        self.message = Execute()
+        self.message = Execute(parent=parent)
 
     def add_raw(self, target: "AddressType", value: int = 0, data: bytes = b"") -> Self:
         self.message.calls.append(Call(target=target, value=value, data=data))
diff --git a/tests/test_admin.py b/tests/test_admin.py
@@ -7,6 +7,7 @@ def test_upgrade(
     new_impl = create_release()
 
     msg = ActionType.UPGRADE_IMPLEMENTATION(
+        sack.head(),
         new_impl.address,
         version=VERSION,
         address=sack.address,
@@ -32,11 +33,14 @@ def test_upgrade(
     ]
     assert sack.IMPLEMENTATION() == new_impl
 
+    assert sack.head() == msg._message_hash_
+
 
 def test_rotate_signers(
     accounts, chain, VERSION, THRESHOLD, sack, owners, approval_flow
 ):
     msg = ActionType.ROTATE_SIGNERS(
+        sack.head(),
         [accounts[len(owners)].address],
         [owners[0].address],
         sack.threshold(),
@@ -66,3 +70,5 @@ def test_rotate_signers(
     ]
     assert sack.signers(0) == accounts[1]
     assert sack.signers(len(owners) - 1) == accounts[len(owners)]
+
+    assert sack.head() == msg._message_hash_
diff --git a/tests/test_operation.py b/tests/test_operation.py
@@ -40,6 +40,7 @@ def test_execute(
     accounts, chain, VERSION, THRESHOLD, owners, sack, approval_flow, calls
 ):
     txn = Execute(
+        parent=sack.head(),
         version=VERSION,
         address=sack.address,
         chain_id=chain.chain_id,
@@ -75,3 +76,4 @@ def test_execute(
         if total_calls > 0
         else []
     )
+    assert sack.head() == txn.message._message_hash_
