Implement ERC-1271 drop authorization

[punk6529]

Summary

• Adds ERC-1271 contract signer support to the existing EIP-712 DropAuthorization path.
• Keeps EOA/EIP-2098 validation unchanged, while contract signers validate the same digest with isValidSignature(bytes32,bytes).
• Requires the standard ERC-1271 magic value 0x1626ba7e and fails closed on reverted checks, empty returns, short returns, extra return data, invalid magic, wrong digest, and wrong signature bytes.
• Adds StreamDropsERC1271.t.sol target-state coverage for fixed-price and auction contract-signer flows, negative contract-signer paths, replay, expiry, and EOA regression.
• Updates the ADR, roadmap, blockers, README, test docs, and durable autonomous run state to mark ERC-1271 support as implemented.

Closes #19.

Validation

• forge test --match-contract StreamDropsERC1271Test -vvv passed with 12 tests.
• forge test --match-contract StreamDropsEIP712Test -vvv passed with 23 tests.
• make check passed with 59 tests and the known Solidity warning baseline.
• powershell -ExecutionPolicy Bypass -File scripts\check.ps1 passed with 59 tests and the known Solidity warning baseline.
• forge fmt --check smart-contracts\StreamDrops.sol test\StreamDropsERC1271.t.sol test\StreamDropsEIP712.t.sol passed.
• git diff --check and git diff --cached --check passed.
• Markdown heading scan passed for touched README, docs, roadmap, and autonomous state files.
• Stale ERC-1271 pending-policy grep returned no active documentation or source matches outside historical run-log entries.

Notes

• ERC-1271 contract signatures are intentionally opaque: malleability checks remain an ECDSA/EOA concern, while contract signers decide which signature bytes are valid for the supplied digest.
• Auction custody/settlement and pull-payment accounting remain separate P0 blockers tracked in the roadmap.

Summary by CodeRabbit

• New Features

  • Add support for contract-based signatures (ERC-1271) alongside EOA EIP-712 authorizations.

• Documentation

  • Clarified authorization docs and roadmap to state EOA and ERC-1271 flows, fail-closed contract semantics, and updated status/operations notes.

• Tests

  • Added end-to-end tests for valid ERC-1271 flows and many failure cases (malformed/empty/extra returns, wrong digest/signature, reverts, replay/expiry).

• Chores

  • Updated operation/run records and roadmap progress.

[claude]

⚠️ Code review skipped — your organization's overage spend limit has been reached.

Code review is billed via overage credits. To resume reviews, an organization admin can raise the monthly limit at claude.ai/admin-settings/claude-code.

Once credits are available, push a new commit or reopen this pull request to trigger a review.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 97eba12b-e688-4577-bfbf-4957bbf60af1

📥 Commits

Reviewing files that changed from the base of the PR and between a6ae314 and 10f1c88.

📒 Files selected for processing (9)

• README.md
• docs/adr/0001-drop-authorization.md
• docs/known-blockers.md
• ops/AUTONOMOUS_RUN.md
• ops/ROADMAP.md
• smart-contracts/StreamDrops.sol
• test/README.md
• test/StreamDropsEIP712.t.sol
• test/StreamDropsERC1271.t.sol

---

📝 Walkthrough

Walkthrough

Adds ERC-1271 contract-signer validation to StreamDrops: mintDrop computes the EIP-712 digest and delegates signer resolution to _validateSigner, which routes to EOA ecrecover or ERC-1271 staticcall checks; includes comprehensive ERC-1271 tests and documentation/ops updates.

Changes

ERC-1271 Authorization Implementation

Layer / File(s)	Summary
ERC-1271 Interface and Constants smart-contracts/StreamDrops.sol	New IERC1271 interface and ERC1271_MAGIC_VALUE constant establish the contract signature validation contract and required magic value for fail-closed semantics.
Signer Validation Logic smart-contracts/StreamDrops.sol	mintDrop now computes the EIP-712 digest and delegates signer resolution to _validateSigner, which routes to _recoverEOASigner for EOAs or ERC-1271 staticcall to isValidSignature for contracts, validating call success, return length, and decoded magic value.
ERC-1271 Test Suite test/StreamDropsERC1271.t.sol	New comprehensive test contract with StreamDropsERC1271Test and MockERC1271Signer covering valid contract-signature minting, multiple failure modes (invalid magic, reverts, malformed return data, wrong digest/signature), replay, expiry, and EOA compatibility confirmation.
EOA Test Refactoring test/StreamDropsEIP712.t.sol, test/README.md	Renamed EIP-712 test to explicitly assert fail-closed behavior when a contract lacks ERC-1271 implementation; updated test documentation to name both EOA and ERC-1271 coverage paths.
Architecture and Documentation Updates README.md, docs/adr/0001-drop-authorization.md, docs/known-blockers.md, ops/ROADMAP.md, ops/AUTONOMOUS_RUN.md	Updated drop flow description, ADR fail-closed requirements and test plan, blocker status, roadmap P0-AUTH-003 completion, and ops durable state to reflect ERC-1271 support and test matrix alignment.

Sequence diagram:

sequenceDiagram
  participant Caller
  participant mintDrop as StreamDrops.mintDrop
  participant validate as _validateSigner
  participant EOA as _recoverEOASigner
  participant ERC1271 as IERC1271.isValidSignature

  Caller->>mintDrop: call mintDrop(DropAuthorization, signature)
  mintDrop->>validate: compute digest, pass signer & signature
  validate->>validate: check signer.code.length
  alt EOA (no code)
    validate->>EOA: ecrecover(digest, signature)
    EOA-->>validate: recovered address
  else Contract (has code)
    validate->>ERC1271: staticcall isValidSignature(digest, signature)
    ERC1271-->>validate: bytes4 magic or revert/invalid data
    validate->>validate: verify success && magic == ERC1271_MAGIC_VALUE
  end
  validate-->>mintDrop: validated signer or revert

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related issues

• #19: [P0-AUTH-003] Implement ERC-1271 contract signer support — this PR implements the ERC-1271 validation, magic-value checks, fail-closed behavior, tests, and docs requested by the issue.

Possibly related PRs

• 6529-Collections/6529Stream#20: ADR updates that this PR refines with ERC-1271 fail-closed language.
• 6529-Collections/6529Stream#56: Prior PR that moved mint flow forward; this PR builds on it by adding ERC-1271 validation.
• 6529-Collections/6529Stream#55: Related mintDrop/authorization digest changes; both PRs touch mintDrop authorization handling.

Poem

🐰 I hopped through code where magic values hide,

I sniffed the sigs on every contract side,
EOAs nod, contracts either sing or choke,
Tests clap paws when the right bytes poke,
Roadmaps gleam where the rabbit's footprints glide.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title "Implement ERC-1271 drop authorization" is concise and directly summarizes the primary change: adding ERC-1271 contract signer support to the drop authorization system.
Linked Issues check	✅ Passed	The PR implements all core objectives from issue #19: ERC-1271 contract signer support with standard magic value validation, proper fail-closed behavior, comprehensive test coverage for success/failure paths, and complete documentation updates.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to implementing and documenting ERC-1271 contract signer support and updating project state. No unrelated modifications detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/erc1271-drop-authorization

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[punk6529]

@claude please review this PR.

Focus areas:

• ERC-1271 validation is done by staticcall against the same EIP-712 digest used for EOA signatures.
• The contract requires exactly one ABI word containing magic value 0x1626ba7e and fails closed on revert, empty return, short return, extra return data, invalid magic, wrong digest, and wrong signature bytes.
• EOA and EIP-2098 paths should remain unchanged from Replace drop authorization with EIP-712 #56.
• test/StreamDropsERC1271.t.sol should cover fixed-price success, auction success, negative contract-signer paths, replay, expiry, and EOA regression.
• Docs/roadmap should accurately move ERC-1271 from pending blocker to implemented support while preserving remaining P0 blockers.

[punk6529]

@coderabbitai review

Please review the latest head 10f1c880b0572665b19cb1efeace0a697b1adda2. The earlier CodeRabbit run failed only because the head moved while the durable-state bookkeeping commit was pushed.

[coderabbitai]

@punk6529 Understood — I'll kick off a fresh review of the current head 10f1c880b0572665b19cb1efeace0a697b1adda2, covering:

• ERC-1271 staticcall validation against the EIP-712 digest
• Exact ABI word / magic value 0x1626ba7e return-data handling and all fail-closed paths
• EOA / EIP-2098 path regression
• StreamDropsERC1271.t.sol coverage (fixed-price, auction, negative, replay, expiry, EOA regression)
• Docs / roadmap accuracy for ERC-1271 status and remaining P0 blockers

✅ Action performed

Full review finished.

[punk6529]

@coderabbitai the latest review comment reports no actionable comments and pre-merge checks passed for 10f1c880b0572665b19cb1efeace0a697b1adda2, but the GitHub commit status is still pending. Please finalize/update the CodeRabbit status for the latest head.

[coderabbitai]

@punk6529 Understood — triggering a fresh full review now to force CodeRabbit to re-evaluate 10f1c880b0572665b19cb1efeace0a697b1adda2 and post an updated commit status.

✅ Action performed

Full review finished.

[punk6529]

Autonomous merge evidence for latest head 10f1c880b0572665b19cb1efeace0a697b1adda2:

• CI run 27261955570 completed successfully.
• CodeRabbit review command completed for the latest head; its PR summary reports 5 pre-merge checks passed and no review threads are open.
• The CodeRabbit commit status remains pending after two explicit review/status refresh requests, so I am treating that status as stale bot state rather than actionable review feedback.
• Claude was explicitly requested but skipped review because the organization's overage spend limit has been reached.
• Local validation passed before push: focused ERC-1271 tests, EIP-712 regression tests, make check, Windows scripts/check.ps1, forge fmt check, whitespace checks, and docs heading scan.

Proceeding with squash merge under the AFK autonomous-run instruction set.