update executeUserOp implementation

[livingrockrises]

msgSender field that the hook sees
one major upside of delegatecalling to the account only is that existing hooks will be more easily compatible

eg a spending limit hook will decode the execute calldata and check for the function signature but in the case of using the executeUserOp func on nexus the calldata could be address(erc20), transfer(...) in which case hooks also need to be able to decode this
If you instead have the account delegatecall to eg execute, then the hook can just decode normally

there are no real downsides to delegatecall here

[github-actions]

🤖 Slither Analysis Report 🔎

Slither report

# Slither report

THIS CHECKLIST IS NOT COMPLETE. Use --show-ignored-findings to show all the results.
Summary

• constable-states (2 results) (Optimization)

constable-states

Impact: Optimization
🔴 Confidence: High

• ID-0
  RegistryAdapter.registry should be constant

base/RegistryAdapter.sol#L10

• ID-1
  RegistryFactory.threshold should be constant

factory/RegistryFactory.sol#L39

_This comment was automatically generated by the GitHub Actions workflow._

[github-actions]

Changes to gas cost

Generated at commit: 69b47bd8f24c5255ab2ff0a0a03bbac1599c6d01, compared to commit: 847828b5ba32696d19e543ee36e5fe20ef290650

🧾 Summary (5% most significant diffs)

Contract	Method	Avg (+/-)	%

---

Full diff report 👇

Contract	Deployment Cost (+/-)	Method	Min (+/-)	%	Avg (+/-)	%	Median (+/-)	%	Max (+/-)	%	# Calls (+/-)
Nexus	5,641,328 (-12,762)

[filmakarov]

Agree, that delegatecall'ing here is better

[filmakarov]

I have a question. Can we limit execute to be onlyEntryPoint , not onlyEntryPointOrSelf ?
Now when executeUserOp doesn't call execute , I think we can do it
This will make execute safer for using with SmartSessions

[livingrockrises]

I have a question. Can we limit execute to be onlyEntryPoint , not onlyEntryPointOrSelf ? Now when executeUserOp doesn't call execute , I think we can do it This will make execute safer for using with SmartSessions

executeUserOp can now delegate call to self with any calldata actually

btw these below methods are also onlyEntryPointOrSelf

1. installModule
2. uninstallModule
3. setRegistry
4. upgradeToAndCall
5. _authorizeUpgrade
6. withdrawDepositTo

[filmakarov]

executeUserOp can now delegate call to self with any calldata actually

yep, which is good.
I mean, since it can delegatecall now, can we make execute to be onlyEntryPoint ?
It will make execute->execute impossible. so the flow is more deterministic.
otherwise it will be possible to trick user to create some execute->execute permission and bypass some limits with sessions

so I suggest execute to be onlyEntryPoint

[livingrockrises]

what do you mean by making execute-> execute impossible? and need for that