search

Policy Validator

The PolicyValidator contract is the on-chain enforcement point for all Brain policies. It is invoked from the ERC-4337 validateUserOp path. Any UserOperation without a valid policy proof is rejected at the account level.

hashtag
Contract

contract PolicyValidator {
    /// @notice Verify that `proof` is a valid approval signature for `action`
    ///         according to Brain's policy engine and configured constraints.
    /// @param action  Canonical encoding of the proposed action.
    /// @param proof   Signed approval from the Brain policy engine.
    /// @return        True if the proof is valid for the action; false otherwise.
    function validate(
        bytes calldata action,
        bytes calldata proof
    )
        external
        returns (bool)
    {
        // 1. Decode the action hash from `action`
        // 2. Recover the signer address from `proof`
        // 3. Verify signer matches the authorised Brain policy engine address
        // 4. Verify the action hash in the proof matches `action`
        // 5. Verify the proof has not expired and the nonce is unused
    }
}

hashtag
What the Proof Contains

Field
Description

Action hash

Canonical hash of target, calldata, value, and nonce

Agent ID

The agentId authorised to perform the action

Policy hash

Hash of the active policy at time of approval

Timestamp

When the approval was issued

Expiry

After this time the proof is rejected

Signature

ECDSA signature from the Brain policy engine key

hashtag
Integration with ERC-4337

The PolicyValidator is called inside BrainAccount.validateUserOp:

circle-exclamation

The PolicyValidator is not upgradeable without user action. Policy updates require the user to call setPolicy on their BrainAccount, ensuring no changes can be made silently by any third party.

PreviousAgent RegistryNextJob Escrow

Last updated