feat: ID-4134: Support Bootstrap Flow for Wallet Initial Transaction

[naveen-imtb]

Summary:
This PR implements support for the bootstrap flow in the v1 wallet system. This is done by checking if the initial txn is signed by the Immutable signer without requiring a pre-stored image hash.

Motivation:

Pre-change:
When a new wallet is created, the image hash (representing the wallet's signer configuration) needs to be stored before transactions can be validated. In the absence of the imageHash, the first transaction is validated by recalculating the CREATE2 address of the wallet using the imageHash as the salt. The imageHash is retrieved from the signed message and the message payload. If the calculated address (CFA) matches the deployed wallet address then the imageHash is stored and used to validate subsequent transactions.

The problem
Currently in the Immutable ZKEVM chain, the primary wallet owner / signer identity instrument is stored by a 3rd party and we access the signer via their TEE. In a multi-chain world, we would potentially be integrating with different infrastructure providers across chain and therefore have different signers.
The primary wallet owner / signer influences the CFA i.e the user's Passport wallet address and since we need to preserve the same CFA, the current model of validating the first transaction by verifying if the recalculated wallet CFA matches the deployed wallet address doesn't work.

Post-change
To work around the above problem, this PR introduces the following changes:

• A new wallet's first transaction is submitted with a signature from the Immutable Signer contract
• During signature validation, the contract checks:
  • If the current nonce is 1 (meaning this is the first transaction, since nonce was 0 before increment)
  • If the Immutable Signer contract address is among the signers in the signature
  • If both conditions are met, the signature is automatically approved and the computed image hash is stored
• Subsequent transactions follow the standard validation path, checking against the stored image hash

Overall Flow:

---

Note

Introduces immutable signer–based bootstrap to validate the first wallet transaction without user signature, updating constructors, deployments, and compiler settings.

• Contracts:
  • ModuleAuthDynamic: Adds IMMUTABLE_SIGNER_CONTRACT and overrides signature validation to auto-approve first tx (nonce=0) when immutable signer is present; integrates nonce/image checks via ModuleStorage/NonceKey.
  • MainModuleDynamicAuth + mocks (MainModuleMockV1/2/3): Constructors now accept and pass _immutableSignerContract.
  • ModuleAuth: Exposes FLAG_* as internal; marks validation functions virtual to enable overrides.
• Deployment:
  • scripts/deploy.ts & scripts/step4.ts: Deploy ImmutableSigner before MainModuleDynamicAuth and supply its address during deployment; output includes immutable signer details.
• Build/Config:
  • hardhat.config.ts: Enables viaIR in Solidity compiler settings.
  • .gitignore: Ignores lib/.

^{Written by Cursor Bugbot for commit 7716f65. This will update automatically on new commits. Configure here.}

[cursor]

This is the final PR Bugbot will review for you during this billing cycle

Your free Bugbot reviews will reset on December 13

Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[drinkcoffee]

Remove check that Immtuable signer contract is zero

[naveen-imtb]

@drinkcoffee I tweaked this settling to resolve a "stack too deep" error. Not sure if there's any unintended side effects that I'm not aware of. Pls advise.