Difference from ERC-7579 standard

The Veive protocol presents some key differences from the ERC-7579 standard, adapting to the specificities of the Koinos blockchain and introducing significant improvements in terms of security and flexibility.

Operation

Unlike the ERC-7579 standard, which does not specify the concept of "operation" in detail, Veive places particular emphasis on this concept. An operation in Veive is defined as a single action that is part of a transaction and is identified by:

• contract_id: The ID of the smart contract where the operation is executed.

• entry_point: The specific method of the contract being invoked.

• args: The arguments or parameters passed to the method.

This approach allows for more granular and precise control over operations. For example, if a contract is called to execute a token transfer (koinContract.transfer({amount: 100})), every detail of the operation is examined to ensure it complies with predefined rules.

EntryPoint

In the ERC-7579 standard, there is a centralized concept called "EntryPoint" through which all operations pass. In Koinos, this is not present; operations can be sent directly to smart accounts without a centralized control point. This offers greater flexibility and speed in interactions with smart contracts but requires a more robust operation control system to ensure security.

Authorization control

Veive extends operation control by including not only initial user operations (user_op) but also "external" operations generated internally by contracts. This means that every call, even internal ones, is validated. For example, if a contract tries to manipulate a token transfer within a larger operation, this manipulation is detected and blocked if unauthorized.

The authorize method is crucial in this context. It is automatically called for every operation that requires validation, ensuring that all operations are verified by appropriate validation modules. This method ensures that even "external" operations are subject to control, preventing abuses or unauthorized executions.

Contextualization and module selection

In Veive, modules are selected and activated based on a specific "scope," which determines when and how a module should be used. This scope system is more flexible than the ERC-7579 standard, which does not provide specific guidelines for module selection. Default module scopes in Veive are defined at three levels of specificity:

• entry_point + contract_id: Modules specific to a method of a particular contract.

• entry_point: Modules active for a specific method, regardless of the contract.

• any: Modules applicable to any operation.

Scope management differs among module types:

• Validators: A single valid module is sought, following the order of specificity from the most specific (entry_point + contract_id) to the most generic (any).

• Executor and Hooks: All relevant modules are executed if present in the scopes, ensuring complete operation execution.

• Sign Modules: There is only one default scope, allowing only one signature module to be installed at a time. This approach ensures that only one signing method is active for the account at a given time, simplifying key management and authentication methods.