Update EIP-7702: Prohibit nonce-changing opcodes #8538
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
c-update
File
|
eth-bot
changed the title
Amxx
commented
May 9, 2024
yoavw
reviewed
May 9, 2024
| @@ -57,7 +57,7 @@ At the start of executing the transaction, for each `[contract_code, y_parity, r | |||
| 2. Verify that the contract code of `signer` is empty. | |||
| 3. Set the contract code of `signer` to `contract_code`. | |||
|
|
|||
| At the end of the transaction, set the `contract_code` of each `signer` back to empty. | |||
| At the end of the transaction, set the `contract_code` of each `signer` back to empty. Any storage set for the `signer` must also be cleared. | |||
There was a problem hiding this comment.
I'd say not cleared, but prevent SSTORE in the first place. Otherwise it might have unintended consequences to code that assumes the SSTORE was not implicitly a TSTORE. See my Safe example in the EM thread.
Amxx
changed the title
Cirruslucent
approved these changes
May 9, 2024
|
Resharing my comment from the 7702 eip... Not so sure about the invariant because a contract that sets storage at initialization but also returns 0 bytes at initialization has no bytecode but has > 0 storage slots set. E.g Returns no runtime code but definitely has something at storage slot 0 which if read via an rpc returns 0x01 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Rational for this change is explained in the PR, but might deserve some discussion. All these are a transposition of a discussion that already happened on EIP-5806 (alghouth without all the attention/participation that EIP-7702 is getting today)
Restricting nonce-changing operation
Then Alice's nonce would increase, and the "normal" transaction would no longer be valid. This could DoS Alice's ability to use her EOA. It would also mess up with the mempool. Therefore, I strongly believe that these opcode MUST be restrited.
Restricting SSTORE
EDIT: The SSTORE part is the subject of #8539, no longer in this PR.
I understand people want to use SSTORE. I'm one of them, and I was very reluctant to add this restriction to EIP-5806. However, there is an invariant formulated somewhere (maybe @gballet can find the refenrence) that accounts without code SHOULD NOT have storage slot set. I believe this has to do with the transition to Verkle, or with safety assumption if permanent code is ever placed at this address. This restriction was recognised during the AA breakout session n°2.
I guess the proposed behavior is similar to what happens today if you use SSTORE in a contract that is selfdestructed within its construction transaction.
If you need persistent storage, you can use a third party contract that holds it for you