UniversalProfile.sol smart contract is a combination of two LSP standards:
- LSP0-ERC725Account Standard that also contains some LSP3Profile metadata, giving a "face and uniqueness" to the smart contract based account.
- LSP3-UniversalProfile-Metadata Standard
The LSP3 Profile Metadata enables to give a "face" to the smart contract based account, making it distinguishable and unique from others Universal Profiles.
UniversalProfile as a smart contract can be used as a blockchain-based account by humans, machines, organizations, or even other smart contracts.
Functionalities & Behaviour
UniversalProfile has all the basic functionalities of an Externally Owned Account (EOA), as well as the following functions that give the contract additional features:
execute(...): enables to execute functions on other contracts, transfer value, or deploy new contracts.
isValidSignature(...): delivers verification of signatures and signed messages from EOAs.
universalReceiver(...): brings notification of incoming calls and assets.
setData(...): offers to set information in the account storage.
The contract also includes the LSP20-CallVerification at its core. Meaning if the contract is owned by an other contract, LSP20 enables to interact with the contract directly without having to resolve through its owner first. This allows seamless integrations with other contracts, protocols and dApps, as the contract can be called directly, making the developer experience easier.
To illustrate, if an other address than the owner calls the
execute(..) function, the account contract will:
- Forward the call to the owner.
- The execution of the function will only continue if the owner returns the
LSP20 MAGIC VALUE, indicating that the caller is allowed to execute the function.
The magic value can also determine if there should be any post-execution check on the owner. This same behavior applies to other ownable functions as well.
The structure allows the account to have a more dynamic and adaptable approach for managing function execution logic, using the LSP20-CallVerification standard.
However, calls to the
fallback function will revert if no extension is registered for the function selector that was called.
The only exception is the
0x00000000 function selector, which returns in order to allow the Universal Profile to act similarly to an EOA, and receive "graffiti" data (when receiving native tokens or not) without executing anything else.
If your Universal Profile calls an extension to perform some security check, verification or validation, you should not rely on the extension to revert to ensure
the validation failed, but check the
bytes returned by the extension through
Be aware of phantom functions for functions in extensions with the
For example, a contract might perform some kind of validation in an extension (e.g: checking for permissions), and expect the function to revert if the user is not authorized.
However, since the function's selector is
0x00000000 and the LSP0 account doesn't have this extension registered, the
fallback function will
return instead of reverting, giving the contract the impression that the user is authorized.
_fallbackLSP17Extendablefor more details.
In such case, make sure to double that an extension is registered first for the
0x00000000 selector via
Unlike private keys and EOAs that cannot hold any metadata, a UniversalProfile is a blockchain based account that can have any info attached to it.
LSP3Profile data key has a special meaning. It enables you to edit your profile details