ethereum · g11tech · Jul 26, 2024 · Jul 26, 2024 · Jul 26, 2024 · Jul 26, 2024
@@ -121,12 +121,13 @@
 
 Considering that the delegation from one contract to another contract may cause conflicts and corrupt the storage with a broken contract at the least and a compromised contract at the worst, it is prudent to separate the storage of each delegation in deterministic way.
 
-To this effect, the delegated EOA's storage keys should be proxied (accessed or written) at `keccak256(key||address)`. So essentially we use this key modification for `SLOAD` and `SSTORE` operations for the delegated EOA's orignal key but still writing into EOA storage.
+To this effect, the delegated EOA's storage keys should be proxied (accessed or written) at `keccak256(key||address)[0:30] || key[30:32]`. So essentially we use this key modification for `SLOAD` and `SSTORE` operations for the delegated EOA's orignal key but still writing into EOA storage.
 
 With this method:
 
 * if EOA is delegated to a new address, it (essentially) starts with clean storage
 * if the contract is delegated back to a previous `address`, the EVM will be able to _re-attach_ its old storage.
+* chunks of `256` consecutive keys are mapped again to consecutive keys which is nice for debuggings as well as state trie optimizations (a la verkle)
 
 #### In-protocol revocation
 
@@ -177,14 +178,14 @@

 ### Secure delegation

 The following is a non-exhaustive list of checks/pitfalls/conditions that delegate contracts *should* be wary of and require a signature over from the account's authority:

 * Replay protection -- (ex. a nonce) should be implemented by the delegate and signed over. Without it, a malicious actor can reuse a signature, repeating its effects.
 * `value` -- without it, a malicious sponsor could cause unexpected effects in the callee.
 * `gas` -- without it, a malicious sponsor could cause the callee to run out of gas and fail, griefing the sponsee.
 * `target` / `calldata` -- without them, a malicious actor may call arbitrary functions in arbitrary contracts.

 A poorly implemented delegate can *allow a malicious actor to take near complete control over a signer's EOA*.

 ### Setting code as `tx.origin`