 with Joseph J and Naim, and they are going to share about asset write abstractions a case for smart contract wallets. Go ahead. Hey everybody, my name is Joseph, this is Naim. We are from a project called Pawn, and today we are not going to talk about Pawn, but about something that we developed for the community because it's important to us and to our cause. So we are going to talk about asset write abstraction, our case for smart contract wallets. So I'm a CEO of Pawn, whatever being a CEO means, Naim is a smart contract dev, so he's actually the guy who is going to tell you the interesting stuff. I'm here just as a staffing. So first, why? So why did we start developing a smart contract wallet? In short, Pawn is a generalized borrowing and lending protocol, but we also need a whole bunch of tooling out there in the ecosystem, and since it wasn't available at the time, we decided to develop it ourselves. So in Pawn, our kind of holy grail, what we want to see, what we want to build in the ecosystem is seeing long-term loans, mortgage type of loans, being issued on-chain. So we are looking at like 5, 10, 15 years contracts that should last on-chain and should be actually perceived as legitimate. Like today what we see in DeFi is mostly short-term or something that will get set up and can be erased like 30 seconds later. But we kind of want to get us to the point where people will be able to back their long-term mortgages with digital assets, and this is an important piece of the ecosystem or like piece of the tooling that we need. So we decided to dive into smart contract wallets and kind of allow using the assets that you own while you're using them to back alone. But our case or the case for our smart contract wallet is much wider. So today we are going to dive into that. So most people I guess know smart contract wallets as a multi-sig or something that allows you to operate a wallet or operate an account as multiple users. But there is much more. So depending on your level of technical knowledge or just like the time you spend in the ecosystem, just a quick rundown what are actual smart contract wallets. So contract wallets are essentially smart contracts that are creating a proxy between a user or like an end user account and another contract with some extra logic at it. So there are some examples. Why would you use it? So first you can enable, you can create more events, automations or call of wrappers or multiple contracts and do more things in one transaction than you would otherwise be able to do. A good example for that is Gnosis Safe or Safe as it was recently renamed, which uses it for multi-sig interactions or another great example is a DeFi saver smart contract wallet which makes it easier to operate in the DeFi ecosystem. Another example would be just general identities. So there's a lot of talk about decentralized identity standards and the way you can use multiple keys in one smart contract and essentially like use the contract as your on-chain identity. There is a whole bunch of attempts around the DID or there is also the Argent wallet which essentially does a very simple thing. Now smart contract wallets are indefinitely useful for everything. They have some downsides so that's especially the gas overhead because again you're using extra proxy. You have to do more computation in every single transaction that you're using it for and secondary you may require some level of integration. So EIP 1271 for sign messages would be one example of like what everybody everyone else has to integrate in order for smart contract wallets to work just as like a user account would. So in our specific case like why do we want to mess up with with asset rights? As I mentioned we want to allow the case where you kind of can have your cake and eat it to where you can have assets in your custody but still create some sort of right for another person to eventually be able to access those assets and kind of like take them with them. So the very basic case for us is essentially creating a hook in the wallet in someone else's account that allows you to essentially drain the wallet if a certain criteria is met and obviously if the other person consents to it so they would actually like sign up for that in another contract. What is it good for is that you don't actually have to move those assets that you have in the account you can just create this like rights that will allow someone else to access those assets and if some people state from the previous talk from like EA or just the enterprise ecosystem this could be useful for even like KYC assets because or like assets that require KYC because you don't have to move them from wallet you can just wait until the point where you actually have to move them and that's the point where you can kind of like start dealing with KYC because the actual asset didn't you know didn't move nothing nothing happened to it. So again for us the case is a DeFi mortgage where we just want to allow someone to you know buy a piece of decentralized lock it as collateral keep that in their custody still like allow them to use it but use the value of the asset as a backing for loan. Another example would be you know like Dow voting rights again like you still want to use those but you might want to utilize the value or that's that's kind of backing the particle token the same goes for gaming items or ENS names are again the perfect example. Another useful thing is that you can also allow asset trending you can just reverse the case and essentially just give someone the right to like transfer the right to someone else but keep the token transfer right and keep the ownership of the asset and withdraw it later if certain criteria is met again. So this is the basic intro and now finally now it's the interesting stuff so passing the word over to Naim. Thanks Joseph. Hi guys my name is Naim. Before we start for those who don't know me besides I'm being a smart contractor I'm also a contemporary circus artist so I'm even though I'm used to performing in front of people I am not used to speaking in front of people so I'm super nervous now and I was thinking how can I like make me less nervous so I decided I want to perform you something unfortunately I'm jumping on a trampoline which is which cannot be fit here so I'll just show you a video of me being shot from you human cannon. Thanks guys yeah it helped me it helped me a lot so back to the topic let's define some requirements for this for this contract wallet obviously it has to act as a normal contract wallet that means that you have to be able to call arbitrary call data on on any address basically and the nice feature enable tokenizing asset transfer rights we want to enable tokenizing these rights to fungible non fungible and semi fungible assets and one of two things it means is actually to enable the ATR token holder to transfer the assets from owner's wallet so you don't own the asset but you are able to actually transfer it and the second part of it is prevent the owner without the ATR token without the ATR token to transfer it so yeah you are not screwed if you are a token holder so high level wallet design first after some prototypes we try to implement our own smart contract wallet which is something we realize we don't want to do because we'll be basically reinventing the wheel so after some research of Gnosis safe we realize they have two very nice components one is guard and one is module for those of you who don't know the safe ecosystem that well guard is a is a contract which you can basically link to your safe which will check every transaction made from your safe like before and after this transaction in our context it's a guard which will basically enforce the transfer rules okay so if we see that the the safe has the ATR token minted but is not the holder we'll basically revert to the transaction and that's the responsibility of the guard the second component is a module this enables to execute the transaction without actually reaching the owner's threshold which is also something we really want because we want the ATR token holder which is not the owner of the safe to be able to transfer or start the execution of the transfer from someone else's safe so yeah that's cool with these two components which i was like very surprised they have we were able to build this ATR smart contract on top of Gnosis safe which is really great we encountered obviously some challenges so we will talk about them right now first is approval issue while minting an ATR token it's pretty obvious that you don't want to mint an ATR token and have approved addresses at the same time because if you if you do the approved address can transfer the the asset without even triggering the the guard or the module so this is obvious like a thing we have to we have to solve next is something we called stalking attack it's basically a type of attack where i as an attacker will create a malicious asset i will tokenize its transfer rights i will transfer it to my victim's wallet and remove it with some non-standard way so let's say the asset can be transferred by the owner i as an attacker am the owner so i'll be able to to withdraw that in that case the victim's wallet goes into state where every execution will fail because the guard will not have the proper like sufficient tokenized balance so it's also bad then we have challenges like EIP 1271 where the input of the function is basically just hashing signature so we cannot like enforce the rules if we don't know what is actually like verifying then there is a gas overhead it's a contract wallet it's always will be there always will be some gas overhead plus there is a lot of checks for every execution right then there is the non-standard assets we have we currently support just the standards we cannot support non-standard asset because we are actually enforcing the the the transfer rules right so yeah that's one challenge and not possible it not possible to use the delegate skull because then it will alter the logic of the smart contract and again you are you are able to transfer it or do whatever you want with that so let's talk about the first one yeah approval issue while minting ATR token we need to check that the the asset which is going to the asset which ATR is going to be minted doesn't have the approved address currently there is like four types of approvals for ERC 20 it's approval amount for ERC sum 21 it's a proof ID or set approval for all and for ERC 1155 it's a just set approval for all only one of these approved function has actually a gather for the address so it's it was a big issue at first but after realizing that all the approval exit or all the transaction which are approving the the assets are done through the wallet then we can basically just track all the all the approved addresses and on the time of minting we can check that the asset is not doesn't have an approved address so yeah cool we need to we need to check the approved addresses the stalking attack how i described previously it's it's the malicious asset which is transferred from the victims wallet by the non-standard way it would divert on insufficient tokenized balance and but we don't we still want the ATR token holder to be able to transfer it to any asset so because of that we need to basically divide the transfer function into two first is claim where i as an ATR token holder and transferring the asset to my wallet which is cool there is no possibility of stalking attack so yeah we'll let you do that and the second is the generic transfer to any address but in that case we require the recipient permission in this permission the the recipient can actually specify what type of asset is going to be transferred by whom some expiration stuff and so on and so on so it's much harder for an attacker to actually execute this stalking attack it's still possible but it's much much much harder but still because it's it's possible we need to implement the function to recover the safe from from that attack which we did that's a good one so after solving some challenges the the final design looks like this we actually right you can see the the ATR token or the ATR module here is the here is the guard it's implemented as a proxy for basically be more future proof if there is some widely adapted ERC which we want to we want to like support we don't want to force every like safe owner to deploy new ones we'll we'll basically do like a force update for them then you can see the operators context this is a contract responsible for tracking the approved addresses per save per per the collection and our ponce factory just to like be sure that the address we are interacting with is actually safe and then there is some some like agnosis safe agnosis safe contract and and the owner because of of this proxy still we didn't solve all the challenges so open challenges are enable EIP 1271 it will be possible if the wallet basically pre-approved the hash in that case we can actually check what is approved and if if it doesn't like break any transfer rules it'll say yeah okay you can this hash is approved so every call for the is valid signature will return to or the magic value for for this hash uh guess overhead of course we want to have we want to have the gas cost as low as possible so currently minting the atr token has a constant overhead which is night which is nice uh and transferring the asset via the atr token has linear overhead because it's like it's depending on number of tokenized assets in the in the safe because we need to check that every tokenized asset after the execution is actually there and that the tokenized balance is still sufficient uh then there is an issue with non-standard asset I think this this issue will be there like forever because uh yeah that's like we can work only with the honest assets so if somebody is trying to give you his atr token for some malicious asset which is not standard they find some like approved functions or transfer functions we cannot basically like prevent him to do that and if you accept this atr token then yeah you're screwed sorry and the possibility of using delegate calls there is actually an option to like whitelist some addresses uh to be able to use the delegate call or to call the delegate call at uh but we cannot do it like generally we cannot say hey you can you can call delegate call on any uh any address because then it's a it's a huge security issue for us yeah and I think that's all so thank you there was me and Joseph thank you so much Naim and Joseph and thank you for I also think we have two more things to show though there are two slides where yeah two more slides I'm sorry yeah maybe it's stupid to put two more slides after a thank you page but you know stuff happens uh if you can go to thank you one as actually oh yeah number 18 cool so I realized like maybe some of the some of the graphics weren't really visible here so if you go to pond at mirror XYZ there is an article about the pond safe where everything should be described also you can just check out our website and pond XYZ where you can see our audits see our repos we have a bunch of documentation for users or or developers as well and finally well here's our poll up yeah thanks for coming and I think we have six more minutes for questions is it right yeah so if any of you have a question anyone thank you uh good afternoon uh how are you going to handle the I don't remember we were the the EIP the correct EIP but there was one that what will allow you to approve and transmit at the same in the same transaction have you any plans for that I think it was 12 71 or something similar come again if we want to support standard that can approve and call in the same transaction yes there I believe there was one of the EIPs that that what allowed you to sign a transaction several same several transactions in the same in at the same time if I understood it correctly there is one EIP I think it's 13 73 something like that it's a token standard which implements another set of approved functions these approved functions can basically approve and call arbitrary data in one transaction we are actually supporting that so beside these well-known 27 721 1155 we are also supporting 777 and these 13 63 I'm not sure about the number now so I hope I answered your question or it was something else anyone else thank you um landing out NFTs is always a bit tricky and you mentioned that you can land it out without using collateral how is that realized and is that compatible with any existing wallets that would display NFTs well the idea about not using collateral is that you will use collateral but the atr token so basically if I want to lend you some asset some whatever asset I will first tokenize its transfer rights I will send you that asset and I'll keep the transfer rates to myself so you are stated as an owner of that asset in the whole DeFi ecosystem but if you stop paying me my installments or whatever I'm still able to transfer it back from you even though normally I'm not I don't have the rights to do that so it's not like uncollateralized in like very technical sense but you are not using the asset itself as a collateral you are using the transfer rates instead anyone else hey guys thank you so would you elaborate a little bit about the account rental you are talking about the like account rental or so and the bribery attack for the account rental so if I have if I understand it correctly then we'll be allowed to rent our account under usage of it so how yeah go ahead it was about specifically the assets but now if you want to take that one is the is the renting case all right well so essentially what what Naim did which I didn't realize when he was developing it but I thought it was super cool is that within within the realm of the the saves which have this particle guard and module enabled because you would generate them using a specific like contract factory you can still transfer the asset to essentially like any safe that's that has that particle guard and module and the asset token the the atr token will still be executable and you will be able to essentially get it from anyone anyone's wallet within within that particle realm so obviously like you have to you have to be you you have to realize like the particle asset has this deed created around it but it's essentially the same as like having real estate property and like having a deed on that property and then you know we can be like friends that that wants you like reuse our gaming assets we can have the asset token regenerate it I can safely like give my you know magic sword to to nimes wallet I'll tell him to give it back to me in 30 days if I can just claim it back and obviously you can you can put it into contract you can set your set set kind of like exact parameters on like how the return should happen but the asset token the atr token is basically the the thing that will execute a transfer later on perfect thank you so much naeem and joseph