Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update EIP-7702: add a few clarifications #8795

Merged
merged 1 commit into from
Aug 12, 2024
Merged

Update EIP-7702: add a few clarifications #8795

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions EIPS/eip-7702.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,14 +61,14 @@ The [EIP-2718](./eip-2718.md) `ReceiptPayload` for this transaction is `rlp([sta

#### Behavior

At the start of executing the transaction, for each `[chain_id, address, nonce, y_parity, r, s]` tuple:
At the start of executing the transaction, after incrementing the sender's nonce, for each `[chain_id, address, nonce, y_parity, r, s]` tuple do the following:

1. `authority = ecrecover(keccak(MAGIC || rlp([chain_id, address, nonce])), y_parity, r, s]`
2. Verify the chain id is either 0 or the chain's current ID.
3. Add `authority` to `accessed_addresses` (as defined in [EIP-2929](./eip-2929.md).)
4. Verify the code of `authority` is either empty or already delegated.
5. Verify the nonce of `authority` is equal to `nonce`.
6. Refund the sender `PER_EMPTY_ACCOUNT_COST - PER_AUTH_BASE_COST` gas if `authority` exists in the trie.
6. Add `PER_EMPTY_ACCOUNT_COST - PER_AUTH_BASE_COST` gas to the global refund counter if `authority` exists in the trie.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a great clarification! This is not how I have coded it right now (I thought the refund should be applied before the execution)

7. Set the code of `authority` to be `0xef0100 || address`. This is a delegation designation.
8. Increase the nonce of `authority` by one.

Expand All @@ -80,7 +80,7 @@ Note that the signer of an authorization tuple may be different than `tx.origin`

The delegation designation uses the banned opcode `0xef` from [EIP-3541](./eip-3541.md) to designate the code has a special purpose. This designator requires all code retrieving operations follow the address pointer to fill the accounts observable code. The following instructions are impacted: `EXTCODESIZE`, `EXTCODECOPY`, `EXTCODEHASH`, `CALL`, `CALLCODE`, `STATICCALL`, `DELEGATECALL`.

For example, `EXTCODESIZE` would return the size of the code pointed to by `address` instead of `24` which would represent the delegation designation. `CALL` would similarly load the code from `address` and execute it in the context of `authority`.
For example, `EXTCODESIZE` would return the size of the code pointed to by `address` instead of `23` which would represent the delegation designation. `CALL` would similarly load the code from `address` and execute it in the context of `authority`.

In case a delegation designator points to another designator, creating a potential chain or loop of designators, clients must retrieve only the first code and then stop following the designator chain.

Expand All @@ -90,7 +90,7 @@ The intrinsic cost of the new transaction is inherited from [EIP-2930](./eip-293

The transaction sender will pay for all authorization tuples, regardless of validity or duplication.

If a code reading instruction accesses a cold account during the resolution of delegated code, assess an additional [EIP-2929](eip-2929.md) `COLD_ACCOUNT_READ_COST` cost of `2600` gas to the normal cost. Otherwise, assess a `WARM_STORAGE_READ_COST` cost of `100`.
If a code reading instruction accesses a cold account during the resolution of delegated code, add an additional [EIP-2929](eip-2929.md) `COLD_ACCOUNT_READ_COST` cost of `2600` gas to the normal cost and add the account to `accessed_addresses`. Otherwise, assess a `WARM_STORAGE_READ_COST` cost of `100`.

#### Transaction Origination

Expand Down Expand Up @@ -215,6 +215,8 @@ With this EIP, it becomes possible to cause transactions from other accounts to

While there are a few mitigations for this, the authors recommend that clients do not accept more than one pending transaction for any EOA with a non-zero delegation designator. This minimizes the number of transactions that can be invalidated by a single transaction. Another alternative would be to expand the EIP-7702 transaction with a list of accounts the caller wishes to "hydrate" during the transaction. Those accounts behave as the delegated code *only* for EIP-7702 transactions which include them in such a list, thus returning to clients the ability to statically analyze and reason about pending transactions.

A related issue is that an EOA's nonce maybe incremented more than once per transaction. Because clients already need to be robust in a worse scenario (described above), it isn't a major security concern. However, clients should be aware this behavior is possible and design their transaction propagation accordingly.

## Copyright

Copyright and related rights waived via [CC0](../LICENSE.md).
Loading