Hinkal Wallet

Overview

HinkalWallet is a minimal, emporium-controlled wallet used for stateful Emporium operations. It exposes a tightly scoped call surface that only the Emporium contract can invoke. It also supports EIP-1271 signatures and ERC721/1155 receipt interfaces, allowing it to participate in complex DeFi/NFT flows while preserving safety through recipient gating.

Inheritance

  • Transferer — token/ETH helpers and ERC721/1155 receiver stubs

  • Implements IHinkalWallet

Storage

  • address public immutable emporium — the only authorized caller

Constructor

constructor(address _emporium)

  • Binds the wallet to its controlling Emporium instance.

Access Control

modifier onlyEmporium()

  • Reverts NotAllowedToCallWallet() unless msg.sender == emporium.

Stateful Execution Hooks

function callHinkalWallet(address endpoint, bytes data, uint value)
    external onlyEmporium returns (bool success, bytes err)

  • Performs a low-level call to endpoint with optional ETH value and calldata.

  • Returns (success, err) for upstream handling in Emporium.

function doSendToRelay(address relay, uint256 amount, address token)
    external onlyEmporium

  • Transfers amount of token (or ETH) to the relay using Transferer.sendToRelay.

  • Used when Emporium needs to pay fees from the wallet’s balances.

Signature Validation (EIP-1271)

function isValidSignature(bytes32 _hash, bytes _signature) external view returns (bytes4)

  • Returns 0x1626ba7e when the recovered signer equals address(this); otherwise 0xffffffff.

  • Enables contracts to verify off-chain approvals “from” the wallet for meta-operations.

Interface Support (EIP-165)

function supportsInterface(bytes4 _interfaceId) public view override returns (bool)

  • Extends Transferer.supportsInterface and additionally supports IERC165 and IERC1271.

  • Wallet can safely receive NFTs (ERC721/1155) and be recognized as a signature-validating contract.

ETH Handling

receive() external payable

  • Emits EthReceivedOnWallet(sender, amount) when ETH is sent directly to the wallet.

Security Notes

  • Strict caller gating: Emporium is the sole invoker of stateful actions.

  • No arbitrary approval management exposed; token movements use Transferer utilities.

  • EIP-1271 limited to self-signature semantics (wallet-as-signer), keeping validation simple and explicit.

PreviousEmporiumNextUnexpected Relay Costs Accounting - Stealth Addresses

Last updated