Merge branch 'master' into prague-meta

timbeiko · web-flow · commit 1f6ab3575fa5 · 2024-01-25T07:32:29.000-08:00
diff --git a/EIPS/eip-5806.md b/EIPS/eip-5806.md
@@ -17,19 +17,21 @@ This EIP adds a new transaction type that allows EOAs to execute arbitrary code
 
 ## Motivation
 
-EOA are the most widely used of account, yet their ability to perform operation is limited to deploying contracts and sending call transaction. It is currently not possible for an EOA to execute arbitrary code, which greatly limits the interractions users can have with he blockchain. Account abstraction has been extensively discussed but the path toward mainstream adoption is still unclear. Some approaches, such as [ERC-4337](./eip-4337.md) hope to improve the usability of smart wallets, without addressing the issue of smart wallet support by applications. [EIP-3074](./eip-3074.md) proposes another approach that favors existing EOAs but comes with replay risks.
+EOA are the most widely used type of account, yet their ability to perform operations is limited to deploying contracts and sending "call" transactions. It is currently not possible for an EOA to execute arbitrary code, which greatly limits the interactions users can have with the blockchain. Account abstraction has been extensively discussed but the path toward mainstream adoption is still unclear. Some approaches, such as [ERC-4337](./eip-4337.md) hope to improve the usability of smart wallets, without addressing the issue of smart wallet support by applications. [EIP-3074](./eip-3074.md) proposes another option to extend the ability of EOA to execute batched or conditional calls, but remains limited to calls operation (with no access to opcodes such as create2).
 
-While smart contract wallets have a lot to offer in terms of UX, it is unlikelly that all users will migrate any time soon because of the associated cost and the fact that some EOA have custody of non-transferable assets.
+While smart contract wallets have a lot to offer in terms of UX, it is unlikely that all users will migrate any time soon because of the associated cost and the fact that some EOAs have custody of non-transferable assets.
 
-This EIP proposes an approach to allow EOA executing arbitrary code, with minimal change over the EVM, and using the same security model users are used to. By allowing EOAs to perform delegate calls to a contract (similarly to how contracts can delegate calls to other contracts using [EIP-7](./eip-7.md)), EOAs will be able to have more control over what operations they want to execute. This proposal goal is NOT to provide an account abstraction primitive, though it would enable some usescases that fall in the scope of account abstraction.
+This EIP proposes an approach to allow the execution of arbitrary code by EOAs, with minimal change over the EVM, and using the same security model users are used to. By allowing EOAs to perform delegate calls to a contract (similarly to how contracts can delegate calls to other contracts using [EIP-7](./eip-7.md)), EOAs will be able to have more control over what operations they want to execute. This proposal's goal is NOT to provide an account abstraction primitive.
 
-Performing a delegate call to a multicall contract (such as the one deployed to `0xcA11bde05977b3631167028862bE2a173976CA11`), EOAs would be able to batch multiple transactions into a single one, while being the `msg.sender` of all the sub calls. Other unforeseen logic could be implemented in smart contracts and used by EOA. This includes deploying contracts using `create2`, emitting events or using storage under the EOA's account.
+By performing a delegate call to a multicall contract (such as the one deployed to `0xcA11bde05977b3631167028862bE2a173976CA11`), EOAs would be able to batch multiple transactions into a single one (being the `msg.sender` of all the sub calls). This would provide a better UX for users that want to interact with protocols (no need for multiple transactions, with variable gas prices and 21k gas overhead) and increase the security of such interactions (by avoiding unsafe token approvals being exploited between an `approval` and the following `transferFrom`).
+
+Other unforeseen logic could be implemented in smart contracts and used by EOA. This includes deploying contracts using `create2`, emitting events, or using storage under the EOA's account.
 
 This EIP doesn't aim to replace other account abstraction proposals. It hopes to be an easy-to-implement alternative that would significantly improve the user experience of EOA owners in the near future.
 
 ## Specification
 
-The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119.
+The keywords “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119.
 
 ### Parameters
 
@@ -48,11 +50,11 @@ rlp([chain_id, nonce, max_priority_fee_per_gas, max_fee_per_gas, gas_limit, dest
 
 The definitions of all fields share the same meaning with [EIP-1559](./eip-1559.md). Note the absence of `amount` field in this transaction!
 
-The `signature_y_parity, signature_r, signature_s` elements of this transaction represent a secp256k1 signature over `keccak256(0x02 || rlp([chain_id, nonce, max_priority_fee_per_gas, max_fee_per_gas, gas_limit, destination, data, access_list]))`.
+The `signature_y_parity, signature_r, signature_s` elements of this transaction represent a secp256k1 signature over `keccak256(TX_TYPE || rlp([chain_id, nonce, max_priority_fee_per_gas, max_fee_per_gas, gas_limit, destination, data, access_list]))`.
 
 The [EIP-2718](./eip-2718.md) `ReceiptPayload` for this transaction is `rlp([status, cumulative_transaction_gas_used, logs_bloom, logs])`.
 
-The execution of this new transaction type is equivalent to the delegate call mechanism introduced in [EIP-7](./eip-7.md), but performed by an EOA (the transaction sender). This implies that the code present at `destination`, if any, should be executed in the context of the sender. As a consequence, such a transaction can set and read storage under the EOA. It can also emit an event from the EOA.
+The execution of this new transaction type is equivalent to the delegate call mechanism introduced in [EIP-7](./eip-7.md), but performed by an EOA (the transaction sender). This implies that the code present at `destination`, if any, should be executed in the context of the sender. As a consequence, such a transaction can set and read storage under the EOA. It can also emit an event from the EOA or use `Create2` with the address of the EOA as the creator.
 
 ## Rationale
 
@@ -68,9 +70,13 @@ Due to the inclusion logic and the gas cost being similar to type 2 transactions
 
 ## Security Considerations
 
-The nonce mechanism, already used in other transaction types, prevents replay attacks. This makes this approach safer, but also less powerful than [EIP-3074](./eip-3074.md).
+The nonce mechanism, already used in other transaction types, prevents replay attacks. Similar to existing transaction types, a delegate transaction can be cancelled by replacing it with a dummy transaction that pays more fees.
+
+Since the object signed by the wallet is a transaction and not a signature that could potentially be processed in many ways (as is the case for [EIP-3074](./eip-3074.md)), the risks associated with the miss-use of the signature are reduced. A wallet could simulate the execution of this delegate transaction and provide good guarantees that the operation that the user signs won't be manipulated.
+
+Contracts being called through this mechanism can execute any operation on behalf of the signer. As with other transaction types, signers should be extremely careful when signing a delegate transaction.
 
-Contracts being called through this mechanism can execute any operation on behalf of the signer. Signers should be extremely careful signing this transaction (just like any other transaction).
+Because an EOA may perform delegate transactions to multiple contracts in its lifetime, there are risks associated with the storage under the EOA. Multiple contracts could have conflicting views of storage and tamper with one another. This would be potentially dangerous if wallets perform delegate transactions to arbitrary contracts that rely on existing storage. Wallets, on the other hand could hide this transaction type behind abstract interfaces for batch transactions (or others) that use standard contracts as targets (such as the one at `0xcA11bde05977b3631167028862bE2a173976CA11`). In any case, storage conflict should be detectable through simulation of the delegate transaction and could be resolved using a delegate transaction.
 
 ## Copyright
 
diff --git a/EIPS/eip-6404.md b/EIPS/eip-6404.md
@@ -4,7 +4,7 @@ title: SSZ Transactions Root
 description: Migration of transactions MPT commitment to SSZ
 author: Etan Kissling (@etan-status), Vitalik Buterin (@vbuterin)
 discussions-to: https://ethereum-magicians.org/t/eip-6404-ssz-transactions-root/12783
-status: Draft
+status: Review
 type: Standards Track
 category: Core
 created: 2023-01-30
diff --git a/EIPS/eip-6916.md b/EIPS/eip-6916.md
@@ -91,7 +91,7 @@ Note that depending on the client architecture, it may not be feasible to fully
 
 Ephemeral testnets with deterministic parameters provide a sustainable alternative to traditional testnets, with the same infrastructure. At each reset, the validator set is cleared, faucets are filled again and the database is kept small.
 
-Upon reset the whole state is purged, which, on the one hand keeps the network small and easy to bootstrap but introduces problems for testing longer term / advanced applications. However, basic contract infrastracture can be automatically deployed after each reset by any user. Generally, using the network is recommended for short term testing, deploying `Hello World` kinds of contracts that don't need to stay forever on a long term testnet. However, there can be an offchain mechanism that automatically deploys standard contract primitives after each reset so application developers can also utilize the network more.
+Upon reset the whole state is purged, which, on the one hand keeps the network small and easy to bootstrap but introduces problems for testing longer term / advanced applications. However, basic contract infrastructure can be automatically deployed after each reset by any user. Generally, using the network is recommended for short term testing, deploying `Hello World` kinds of contracts that don't need to stay forever on a long term testnet. However, there can be an offchain mechanism that automatically deploys standard contract primitives after each reset so application developers can also utilize the network more.
 
 By defining two mechanisms for Genesis and Reset, this EIP enables two levels of how a client implementation can support the testnet;
 
diff --git a/EIPS/eip-7002.md b/EIPS/eip-7002.md
@@ -207,11 +207,10 @@ num_exits_to_dequeue = min(num_exits_in_queue, MAX_EXITS_PER_BLOCK)
 # Retrieve exits from the queue
 expected_exits = []
 for i in range(num_exits_to_dequeue):
-    queue_storage_slot = EXIT_MESSAGE_QUEUE_STORAGE_OFFSET + (queue_head_index + i) * 2
-    source_address = address(SLOAD(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot)[0:20]
+    queue_storage_slot = EXIT_MESSAGE_QUEUE_STORAGE_OFFSET + (queue_head_index + i) * 3
+    source_address = address(sload(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot)[0:20])
     validator_pubkey = (
-        SLOAD(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot + 1) + SLOAD(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot + 1)
-        + SLOAD(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot + 1) + SLOAD(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot + 1)[0:16]
+        sload(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot + 1)[0:32] + sload(VALIDATOR_EXIT_PRECOMPILE_ADDRESS, queue_storage_slot + 2)[0:16]
     )
     exit = ValidatorExit(
         source_address=Bytes20(source_address),
