update isContract checks

[livingrockrises]

Summary

Comments in draft report

In a few functions, if an address is a contract, the transaction is reverted.
This behavior can be seen in the depositFor(), setSigner(), and setFeeCollector() functions.

The isContract() function uses extcodesize, and returns true if the address has any code in it. However, this code is bypassable by a contract that performs all its’ operations in the constructor and does not contain any runtime code.

After taking a look at the Entrypoint contract and how it handles withdrawing funds to these addresses, we were unable to find any security impact from allowing these addresses to be con- tracts. Therefore, we are marking this finding as informational in impact.
However, since this means the check is somewhat unnecessary, we note that it does increase gas usage.

Recommendations

Remove the isContract() checks unless there is a valid reason for them to be there.

Change Type

• Bug Fix
• Refactor
• New Feature
• Breaking Change
• Documentation Update
• Performance Improvement
• Other

Checklist

• My code follows this project's style guidelines
• I've reviewed my own code
• I've added comments for any hard-to-understand areas
• I've updated the documentation if necessary
• My changes generate no new warnings
• I've added tests that prove my fix is effective or my feature works
• All unit tests pass locally with my changes
• Any dependent changes have been merged and published

Additional Information

Branch Naming

[linear]

SMA-575 Sponsorship Paymaster V2 Remediations