feat: add replacePlugin

src/account/PluginManagerInternals.sol

@@ -16,6 +16,7 @@ import {
     PluginManifest
 } from "../interfaces/IPlugin.sol";
 import {FunctionReference, IPluginManager} from "../interfaces/IPluginManager.sol";
+import {IVersionRegistry} from "../interfaces/IVersionRegistry.sol";
 import {
     AccountStorage,
     getAccountStorage,
@@ -44,6 +45,8 @@ abstract contract PluginManagerInternals is IPluginManager {
     error PluginNotInstalled(address plugin);
     error RuntimeValidationFunctionAlreadySet(bytes4 selector, FunctionReference validationFunction);
     error UserOpValidationFunctionAlreadySet(bytes4 selector, FunctionReference validationFunction);
+    error IncompatiblePluginVersion(address oldPlugin, address newPlugin);
+    error onReplaceForNewPluginFailed(address plugin, bytes revertReason);
 
     modifier notNullFunction(FunctionReference functionReference) {
         if (functionReference.isEmpty()) {
@@ -643,6 +646,315 @@ abstract contract PluginManagerInternals is IPluginManager {
         emit PluginUninstalled(plugin, onUninstallSuccess);
     }
 
+    function _replacePlugin(address oldPlugin, address newPlugin, bytes32 newManifestHash) internal {
+        AccountStorage storage _storage = getAccountStorage();
+        PluginManifest memory oldManifest = IPlugin(oldPlugin).pluginManifest();
+
+        // To avoid Stack Too Deep
+        {
+            IVersionRegistry versionRegistry = IVersionRegistry(oldManifest.versionRegistry);
+
+            // Check if new plugin is a compatible patch-level upgrade of an old plugin.
+            if (!versionRegistry.isPluginCompatible(oldPlugin, newPlugin)) {
+                revert IncompatiblePluginVersion(oldPlugin, newPlugin);
+            }
+        }
+
+        // Check if the old plugin exists.
+        if (!_storage.plugins.remove(oldPlugin)) {
+            revert PluginNotInstalled(oldPlugin);
+        }
+
+        // Check if the plugin exists.
+        if (!_storage.plugins.add(newPlugin)) {
+            revert PluginAlreadyInstalled(newPlugin);
+        }
+
+        // Check manifest hash.
+        PluginManifest memory newManifest = IPlugin(newPlugin).pluginManifest();
+        if (!_isValidPluginManifest(newManifest, newManifestHash)) {
+            revert InvalidPluginManifest();
+        }
+
+        // Check that the dependencies match the manifest.
+        FunctionReference[] memory dependencies = _storage.pluginData[oldPlugin].dependencies;
+        if (dependencies.length != newManifest.dependencyInterfaceIds.length) {
+            revert InvalidDependenciesProvided();
+        }
+
+        // Replace the plugin metadata to the account
+        _storage.pluginData[oldPlugin].manifestHash = bytes32(0);
+        _storage.pluginData[oldPlugin].dependencies = new FunctionReference[](0);
+        _storage.pluginData[newPlugin].manifestHash = newManifestHash;
+        _storage.pluginData[newPlugin].dependencies = dependencies;
+
+        // Update components according to the manifest.
+        // All conflicts should revert.
+
+        // Mark whether or not this plugin may spend native token amounts
+        if (newManifest.canSpendNativeToken) {
+            _storage.pluginData[newPlugin].canSpendNativeToken = true;
+        }
+
+        uint256 length = newManifest.executionFunctions.length;
+        for (uint256 i = 0; i < length;) {
+            if (i < oldManifest.executionFunctions.length) {
+                _removeExecutionFunction(oldManifest.executionFunctions[i]);
+            }
+            _setExecutionFunction(newManifest.executionFunctions[i], newPlugin);
+
+            unchecked {
+                ++i;
+            }
+        }
+
+        length = newManifest.permittedExecutionSelectors.length;
+        for (uint256 i = 0; i < length;) {
+            if (i < oldManifest.permittedExecutionSelectors.length) {
+                _storage.callPermitted[getPermittedCallKey(oldPlugin, oldManifest.permittedExecutionSelectors[i])]
+                = false;
+            }
+            _storage.callPermitted[getPermittedCallKey(newPlugin, newManifest.permittedExecutionSelectors[i])] =
+                true;
+
+            unchecked {
+                ++i;
+            }
+        }
+
+        // Update the permitted external calls of the account.
+        if (newManifest.permitAnyExternalAddress) {
+            _storage.pluginData[oldPlugin].anyExternalExecPermitted = false;
+            _storage.pluginData[newPlugin].anyExternalExecPermitted = true;
+        } else {
+            // Only update the specific permitted external calls if "permit any" flag was not set.
+            length = newManifest.permittedExternalCalls.length;
+            for (uint256 i = 0; i < length;) {
+                ManifestExternalCallPermission memory externalCallPermission =
+                    newManifest.permittedExternalCalls[i];
+                PermittedExternalCallData storage newPermittedExternalCallData =
+                    _storage.permittedExternalCalls[IPlugin(newPlugin)][externalCallPermission.externalAddress];
+
+                newPermittedExternalCallData.addressPermitted = true;
+
+                if (i < oldManifest.permittedExternalCalls.length) {
+                    PermittedExternalCallData storage oldPermittedExternalCallData =
+                        _storage.permittedExternalCalls[IPlugin(oldPlugin)][externalCallPermission.externalAddress];
+
+                    oldPermittedExternalCallData.addressPermitted = false;
+
+                    if (externalCallPermission.permitAnySelector) {
+                        oldPermittedExternalCallData.anySelectorPermitted = false;
+                        newPermittedExternalCallData.anySelectorPermitted = true;
+                    } else {
+                        uint256 oldExternalContractSelectorsLength = externalCallPermission.selectors.length;
+                        for (uint256 j = 0; j < oldExternalContractSelectorsLength;) {
+                            oldPermittedExternalCallData.permittedSelectors[externalCallPermission.selectors[j]] =
+                                false;
+                            newPermittedExternalCallData.permittedSelectors[externalCallPermission.selectors[j]] =
+                                true;
+
+                            unchecked {
+                                ++j;
+                            }
+                        }
+                    }
+                } else {
+                    if (externalCallPermission.permitAnySelector) {
+                        newPermittedExternalCallData.anySelectorPermitted = true;
+                    } else {
+                        uint256 newExternalContractSelectorsLength = externalCallPermission.selectors.length;
+                        for (uint256 j = 0; j < newExternalContractSelectorsLength;) {
+                            newPermittedExternalCallData.permittedSelectors[externalCallPermission.selectors[j]] =
+                                true;
+
+                            unchecked {
+                                ++j;
+                            }
+                        }
+                    }
+                }
+
+                unchecked {
+                    ++i;
+                }
+            }
+        }
+
+        length = newManifest.userOpValidationFunctions.length;
+        for (uint256 i = 0; i < length;) {
+            ManifestAssociatedFunction memory mv = newManifest.userOpValidationFunctions[i];
+            if (i < oldManifest.userOpValidationFunctions.length) {
+                _removeUserOpValidationFunction(
+                    mv.executionSelector,
+                    _resolveManifestFunction(
+                        mv.associatedFunction, oldPlugin, dependencies, ManifestAssociatedFunctionType.NONE
+                    )
+                );
+            }
+
+            _addUserOpValidationFunction(
+                mv.executionSelector,
+                _resolveManifestFunction(
+                    mv.associatedFunction, newPlugin, dependencies, ManifestAssociatedFunctionType.NONE
+                )
+            );
+
+            unchecked {
+                ++i;
+            }
+        }
+
+        length = newManifest.runtimeValidationFunctions.length;
+        for (uint256 i = 0; i < length;) {
+            ManifestAssociatedFunction memory mv = newManifest.runtimeValidationFunctions[i];
+            if (i < oldManifest.runtimeValidationFunctions.length) {
+                _removeRuntimeValidationFunction(
+                    mv.executionSelector,
+                    _resolveManifestFunction(
+                        mv.associatedFunction,
+                        oldPlugin,
+                        dependencies,
+                        ManifestAssociatedFunctionType.RUNTIME_VALIDATION_ALWAYS_ALLOW
+                    )
+                );
+            }
+
+            _addRuntimeValidationFunction(
+                mv.executionSelector,
+                _resolveManifestFunction(
+                    mv.associatedFunction,
+                    newPlugin,
+                    dependencies,
+                    ManifestAssociatedFunctionType.RUNTIME_VALIDATION_ALWAYS_ALLOW
+                )
+            );
+
+            unchecked {
+                ++i;
+            }
+        }
+
+        // Hooks are not allowed to be provided as dependencies, so we use an empty array for resolving them.
+        FunctionReference[] memory emptyDependencies;
+
+        length = newManifest.preUserOpValidationHooks.length;
+        for (uint256 i = 0; i < length;) {
+            ManifestAssociatedFunction memory mh = newManifest.preUserOpValidationHooks[i];
+            if (i < oldManifest.preUserOpValidationHooks.length) {
+                _removePreUserOpValidationHook(
+                    mh.executionSelector,
+                    _resolveManifestFunction(
+                        mh.associatedFunction,
+                        oldPlugin,
+                        emptyDependencies,
+                        ManifestAssociatedFunctionType.PRE_HOOK_ALWAYS_DENY
+                    )
+                );
+            }
+
+            _addPreUserOpValidationHook(
+                mh.executionSelector,
+                _resolveManifestFunction(
+                    mh.associatedFunction,
+                    newPlugin,
+                    emptyDependencies,
+                    ManifestAssociatedFunctionType.PRE_HOOK_ALWAYS_DENY
+                )
+            );
+
+            unchecked {
+                ++i;
+            }
+        }
+
+        length = newManifest.preRuntimeValidationHooks.length;
+        for (uint256 i = 0; i < length;) {
+            ManifestAssociatedFunction memory mh = newManifest.preRuntimeValidationHooks[i];
+            if (i < oldManifest.preRuntimeValidationHooks.length) {
+                _removePreRuntimeValidationHook(
+                    mh.executionSelector,
+                    _resolveManifestFunction(
+                        mh.associatedFunction,
+                        oldPlugin,
+                        emptyDependencies,
+                        ManifestAssociatedFunctionType.PRE_HOOK_ALWAYS_DENY
+                    )
+                );
+            }
+
+            _addPreRuntimeValidationHook(
+                mh.executionSelector,
+                _resolveManifestFunction(
+                    mh.associatedFunction,
+                    newPlugin,
+                    emptyDependencies,
+                    ManifestAssociatedFunctionType.PRE_HOOK_ALWAYS_DENY
+                )
+            );
+
+            unchecked {
+                ++i;
+            }
+        }
+
+        length = newManifest.executionHooks.length;
+        for (uint256 i = 0; i < length;) {
+            ManifestExecutionHook memory mh = newManifest.executionHooks[i];
+            if (i < oldManifest.executionHooks.length) {
+                _removeExecHooks(
+                    mh.executionSelector,
+                    _resolveManifestFunction(
+                        mh.preExecHook,
+                        oldPlugin,
+                        emptyDependencies,
+                        ManifestAssociatedFunctionType.PRE_HOOK_ALWAYS_DENY
+                    ),
+                    _resolveManifestFunction(
+                        mh.postExecHook, oldPlugin, emptyDependencies, ManifestAssociatedFunctionType.NONE
+                    )
+                );
+            }
+
+            _addExecHooks(
+                mh.executionSelector,
+                _resolveManifestFunction(
+                    mh.preExecHook,
+                    newPlugin,
+                    emptyDependencies,
+                    ManifestAssociatedFunctionType.PRE_HOOK_ALWAYS_DENY
+                ),
+                _resolveManifestFunction(
+                    mh.postExecHook, newPlugin, emptyDependencies, ManifestAssociatedFunctionType.NONE
+                )
+            );
+
+            unchecked {
+                ++i;
+            }
+        }
+
+        delete _storage.pluginData[oldPlugin];
+
+        // Retrieve data from the old plugin for migration
+        bytes memory migrationData = IPlugin(oldPlugin).getDataForReplacement();
+
+        // Call the old plugin's clean-up function
+        bool onReplaceOldSuccess = true;
+        try IPlugin(oldPlugin).onReplaceForOldPlugin() {}
+        catch {
+            onReplaceOldSuccess = false;
+        }
+
+        // Pass the migration data to the new plugin
+        try IPlugin(newPlugin).onReplaceForNewPlugin(migrationData) {}
+        catch (bytes memory revertReason) {
+            revert onReplaceForNewPluginFailed(newPlugin, revertReason);
+        }
+
+        emit PluginReplaced(oldPlugin, newPlugin, onReplaceOldSuccess);
+    }
+
     function _addOrIncrement(EnumerableMap.Bytes32ToUintMap storage map, bytes32 key) internal {
         (bool success, uint256 value) = map.tryGet(key);
         map.set(key, success ? value + 1 : 0);

src/account/UpgradeableModularAccount.sol

@@ -285,6 +285,15 @@ contract UpgradeableModularAccount is
         _uninstallPlugin(plugin, manifest, pluginUninstallData);
     }
 
+    /// @inheritdoc IPluginManager
+    function replacePlugin(address oldPlugin, address newPlugin, bytes32 newManifestHash)
+        external
+        override
+        wrapNativeFunction
+    {
+        _replacePlugin(oldPlugin, newPlugin, newManifestHash);
+    }
+
     /// @notice ERC165 introspection
     /// @dev returns true for `IERC165.interfaceId` and false for `0xFFFFFFFF`
     /// @param interfaceId interface id to check against

src/helpers/VersionDecoder.sol

@@ -0,0 +1,50 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.19;
+
+struct Version {
+    uint256 major;
+    uint256 minor;
+    uint256 patch;
+}
+
+error NonDigitChar();
+
+function decodeVersion(string memory versionString) pure returns (Version memory) {
+    uint256 major;
+    uint256 minor;
+    uint256 patch;
+    uint256 lastIndex = 0;
+    uint256 dotCount = 0;
+
+    // Convert the versionString to bytes for manipulation
+    bytes memory versionBytes = bytes(versionString);
+
+    for (uint256 i = 0; i < versionBytes.length; i++) {
+        if (versionBytes[i] == 0x2E) {
+            if (dotCount == 0) {
+                major = _parseUint256(versionBytes, lastIndex, i);
+            } else if (dotCount == 1) {
+                minor = _parseUint256(versionBytes, lastIndex, i);
+            }
+            lastIndex = i + 1;
+            dotCount++;
+        }
+    }
+
+    // Parse the patch version, which is after the last dot
+    patch = _parseUint256(versionBytes, lastIndex, versionBytes.length);
+
+    return Version(major, minor, patch);
+}
+
+function _parseUint256(bytes memory b, uint256 start, uint256 end) pure returns (uint256) {
+    uint256 result = 0;
+    for (uint256 i = start; i < end; i++) {
+        // Ensure the character is a digit
+        if (b[i] < 0x30 || b[i] > 0x39) {
+            revert NonDigitChar();
+        }
+        result = result * 10 + (uint256(uint8(b[i])) - 0x30);
+    }
+    return result;
+}