Update EIP-7702: Add decoding limits for AuthList items

Merged by EIP-Bot.

EIPS/eip-7702.md

@@ -8,7 +8,7 @@ status: Review
 type: Standards Track
 category: Core
 created: 2024-05-07
-requires: 2718, 2929, 2930, 3541, 3607
+requires: 2, 2718, 2929, 2930, 3541, 3607
 ---
 
 ## Abstract
@@ -44,6 +44,15 @@ rlp([chain_id, nonce, max_priority_fee_per_gas, max_fee_per_gas, gas_limit, dest
 authorization_list = [[chain_id, address, nonce, y_parity, r, s], ...]
 ```
 
+Transaction is considered invalid if authorization list items can't be decoded as:
+
+* `chain_id`: unsigned 256-bit integer.
+* `nonce`: unsigned 64-bit integer.
+* `address`: 20 bytes array.
+* `y_parity`: Value 0 or 1.
+* `r`: unsigned 256-bit integer.
+* `s`: unsigned 256-bit integer and value less or equal than `secp256k1n/2`, specified in [EIP-2](./eip-2.md).
+
 The fields `chain_id`, `nonce`, `max_priority_fee_per_gas`, `max_fee_per_gas`, `gas_limit`, `destination`, `value`, `data`, and `access_list` of the outer transaction follow the same semantics as [EIP-4844](./eip-4844.md). *Note, this means a null destination is not valid.*
 
 The `authorization_list` is a list of tuples that store the address to code which the signer desires to execute in the context of their EOA. The transaction is considered invalid if the length of `authorization_list` is zero.