🔒 M-06 - Correct Typehash for ModuleEnableMode Struct to Meet EIP-712 Standards

[Aboudjem]

M-06. Typehash for ModuleEnableMode struct is incorrect

• Issue: Incorrect typehash for the ModuleEnableMode structure.
• Affected Functions: _getEnableModeDataHash.
• Fix: Correct the typehash to keccak256("ModuleEnableMode(address module,bytes initData)").

---

[github-actions]

🤖 Slither Analysis Report 🔎

Slither report

# Slither report

THIS CHECKLIST IS NOT COMPLETE. Use --show-ignored-findings to show all the results.
Summary

• constable-states (2 results) (Optimization)

constable-states

Impact: Optimization
🔴 Confidence: High

• ID-0
  RegistryAdapter.registry should be constant

base/RegistryAdapter.sol#L12

• ID-1
  RegistryFactory.threshold should be constant

factory/RegistryFactory.sol#L39

_This comment was automatically generated by the GitHub Actions workflow._

[github-actions]

Changes to gas cost

Generated at commit: c758c485fd32ffb130371e39ad4421c15a66342a, compared to commit: ab9616bd71fcd51048e834f87a7b60dccbfc0adb

🧾 Summary (5% most significant diffs)

Contract	Method	Avg (+/-)	%
Bootstrap	initNexusScoped	+30,796 ❌	+60.09%
Nexus	executeFromExecutor	+5,434 ❌	+37.82%

---

Full diff report 👇

Contract	Deployment Cost (+/-)	Method	Min (+/-)	%	Avg (+/-)	%	Median (+/-)	%	Max (+/-)	%	# Calls (+/-)
Bootstrap	2,460,986 (+701,914)	getInitNexusScopedCalldata initNexusScoped	6,101 (+1,469) 62,207 (+30,796)	+31.71% +98.04%	6,101 (+1,469) 82,042 (+30,796)	+31.71% +60.09%	6,101 (+1,469) 82,107 (+30,796)	+31.71% +60.02%	6,101 (+1,469) 82,107 (+30,796)	+31.71% +60.02%	918 (0) 309 (0)
Nexus	5,443,677 (+1,065,416)	accountId execute executeFromExecutor initializeAccount installModule isModuleInstalled uninstallModule validateUserOp	920 (+22) 6,212 (+53) 14,529 (+5,451) 110,748 (+30,857) 32,441 (+4,323) 611 (+2) 8,104 (+24) 7,157 (+174)	+2.45% +0.86% +60.05% +38.62% +15.37% +0.33% +0.30% +2.49%	920 (+22) 48,985 (+1,519) 19,803 (+5,434) 130,583 (+30,857) 38,267 (+4,828) 804 (+3) 10,250 (+31) 8,728 (+170)	+2.45% +3.20% +37.82% +30.94% +14.44% +0.37% +0.30% +1.99%	920 (+22) 37,912 (+2,131) 19,610 (+5,432) 130,648 (+30,857) 39,969 (+4,997) 780 (-3) 9,883 (+60) 7,157 (+174)	+2.45% +5.96% +38.31% +30.92% +14.29% -0.38% +0.61% +2.49%	920 (+22) 142,990 (+53) 25,465 (+5,422) 130,648 (+30,857) 43,756 (+4,961) 2,839 (+33) 12,765 (+10) 35,948 (+175)	+2.45% +0.04% +27.05% +30.92% +12.79% +1.18% +0.08% +0.49%	8 (0) 76 (0) 4 (0) 309 (0) 23 (0) 331 (0) 6 (0) 351 (0)
NexusAccountFactory	816,559 (+20,789)	computeAccountAddress createAccount	1,225 (+60) 212,343 (+32,188)	+5.15% +17.87%	1,225 (+60) 229,964 (+32,188)	+5.15% +16.27%	1,225 (+60) 232,483 (+32,188)	+5.15% +16.07%	1,225 (+60) 232,483 (+32,188)	+5.15% +16.07%	609 (0) 8 (0)
MockExecutor	944,236 (+120,669)	isModuleType	369 (+21)	+6.03%	369 (+21)	+6.03%	369 (+21)	+6.03%	369 (+21)	+6.03%	12 (0)
MockPaymaster	1,161,593 (0)	getHash	2,087 (0)	0.00%	2,318 (+32)	+1.40%	2,427 (+61)	+2.58%	2,697 (+62)	+2.35%	17 (0)
BiconomyMetaFactory	717,254 (+216)
MockHandler	458,413 (+29,768)
MockHook	247,225 (+4,746)
MockValidator	683,471 (+27,098)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 71.73%. Comparing base (684a39c) to head (78aa868).

Additional details and impacted files

@@                Coverage Diff                 @@
##           fix/security-m-05     #122   +/-   ##
==================================================
  Coverage              71.73%   71.73%           
==================================================
  Files                     13       13           
  Lines                    697      697           
  Branches                 133      157   +24     
==================================================
  Hits                     500      500           
  Misses                   197      197           

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 684a39c...78aa868. Read the comment docs.