-
Notifications
You must be signed in to change notification settings - Fork 5.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add EIP: Prevent Block Gas Smuggling
Merged by EIP-Bot.
- Loading branch information
Showing
1 changed file
with
193 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,193 @@ | ||
--- | ||
eip: 7778 | ||
title: Prevent Block Gas Smuggling | ||
description: Exclude Discounts & Refunds for Block GasLimit Enforcement | ||
author: Ben Adams (@benaadams) | ||
discussions-to: https://ethereum-magicians.org/t/eip-7778-prevent-block-gas-smuggling/21234 | ||
status: Draft | ||
type: Standards Track | ||
category: Core | ||
created: 2024-10-01 | ||
--- | ||
|
||
Prevent the circumvention of the block gas limit by excluding certain gas discounts and refunds from block gas accounting, except for those reflecting actual reductions in computational work. | ||
|
||
This proposal aims to align the block gas usage with the Ethereum Virtual Machine's (EVM) real workload, preventing "block gas smuggling." It complements [EIP-7623](./eip-7623) by further reducing the maximum block size and its variance, enhancing network stability and efficiency. | ||
|
||
Example block `20878522` "uses" 28.5 MGas, but also in that net figure is 4.01 MGas of refunds for a total of 32.51 MGas gross; which is 2.51MGas above the current mainnet block gaslimit. | ||
|
||
## **Abstract** | ||
|
||
This EIP modifies the gas accounting mechanism to prevent block gas smuggling — situations where transactions include more gas-consuming operations than the block gas limit intends due to gas discounts and refunds. | ||
|
||
By excluding these discounts and refunds from block gas limit calculations, except for those corresponding to actual workload reductions (e.g., warm storage accesses, `SSTORE` reverting to original values), the proposal ensures that the block gas limit accurately reflects the EVM's computational and storage workload. | ||
|
||
It complements [EIP-7623](./eip-7623), which increases calldata costs for data availability (DA) transactions, by further reducing maximum block sizes and over-the-wire data. | ||
|
||
## **Motivation** | ||
|
||
### **Preventing Block Gas Smuggling** | ||
|
||
- **Current Issue:** | ||
- Gas discounts and refunds can be exploited to include more operations in a block than the block gas limit permits. | ||
- This "smuggling" allows for oversized blocks, leading to network instability and potential denial-of-service (DoS) vectors. | ||
|
||
- **Need for Change:** | ||
- Align block gas accounting with actual EVM workload. | ||
- Prevent blocks from exceeding intended computational limits. | ||
- Preserve user incentives for efficient behavior without compromising network performance. | ||
|
||
### **Complementing EIP-7623** | ||
|
||
- **EIP-7623 Goals:** | ||
- Increase calldata costs for DA-heavy transactions to reduce maximum block size and variance. | ||
- Encourage the adoption of more efficient data availability solutions (e.g., blobs from [EIP-4844](./eip-4844)). | ||
|
||
- **Complementary Approach:** | ||
- By preventing block gas smuggling, we further reduce maximum block sizes and over-the-wire data. | ||
- Ensure that block gas usage accurately reflects computational workload, enhancing the effectiveness of [EIP-7623](./eip-7623). | ||
|
||
## **Specification** | ||
|
||
### **Gas Cost Adjustments** | ||
|
||
1. **User Gas Costs:** | ||
|
||
- **`SSTORE` Operations:** | ||
- Users receive gas refunds when resetting storage to zero or reverting to original values. | ||
- **Warm vs. Cold Storage Access Costs:** | ||
- Users benefit from lower gas costs for warm storage accesses. | ||
|
||
2. **Block Gas Accounting:** | ||
|
||
- **`SSTORE` Operations:** | ||
- **Setting Storage to Zero:** | ||
- Charged at full cost in block gas accounting without subtracting refunds. | ||
- **Reverting Storage to Original Value:** | ||
- Receive discounts in block gas accounting, reflecting reduced workload (no actual write to storage). | ||
- **Warm vs. Cold Storage Access:** | ||
- Discounts for warm storage accesses are preserved in block gas accounting, as they correspond to reduced computational effort. | ||
- **Other Discounts and Refunds:** | ||
- Exclude any discounts and refunds not associated with actual reductions in computational workload from block gas accounting. | ||
|
||
### **Transaction Gas Calculation (Adjusted)** | ||
|
||
With [EIP-7623](./eip-7623) for transactions, the gas used (`tx.gasUsed`) is calculated as: | ||
|
||
```python | ||
tx.gasUsed = { | ||
21000 \ | ||
+ | ||
max ( | ||
STANDARD_TOKEN_COST * tokens_in_calldata \ | ||
+ evm_gas_used \ | ||
+ isContractCreation * (32000 + InitCodeWordGas * words(calldata)), | ||
TOTAL_COST_FLOOR_PER_TOKEN * tokens_in_calldata | ||
) | ||
``` | ||
|
||
With this eip for `evm_gas_used` the user tx price the gas used remains the same: | ||
|
||
``` | ||
|
||
tx.evm_gas_used = evm_gas_used - evm_gas_refund | ||
|
||
``` | ||
|
||
However when calculating the block gas used, the refund is not considered | ||
|
||
``` | ||
|
||
block.evm_gas_used += evm_gas_used | ||
|
||
``` | ||
|
||
- **For User Costs:** | ||
- Users pay according to the above formula, reflecting increased costs for DA-heavy transactions. | ||
- **For Block Gas Accounting:** | ||
- Apply the same calculation but exclude discounts and refunds that do not correspond to actual workload reductions. | ||
|
||
### **Block Gas Limit Enforcement** | ||
|
||
- **Block Gas Usage:** | ||
- The sum of the gas used by all transactions, calculated using the adjusted rules, must not exceed the block gas limit. | ||
|
||
### **Implementation** | ||
|
||
- **Client Updates:** | ||
- Adjust gas accounting mechanisms to integrate both [EIP-7623](./eip-7623) and the modified block gas accounting rules. | ||
- **Transaction Processing:** | ||
- Update transaction validation to apply adjusted calldata costs and block gas accounting. | ||
|
||
## **Rationale** | ||
|
||
### **Preventing Block Gas Smuggling** | ||
|
||
- **Aligning Workload with Block Gas Limit:** | ||
- Excluding certain discounts and refunds ensures the block gas limit reflects actual computational and storage workload. | ||
- **Reducing Maximum Block Size and Variance:** | ||
- Prevents oversized blocks that can burden the network. | ||
- **Maintaining User Incentives:** | ||
- Users continue to benefit from discounts that correspond to real workload reductions. | ||
- **Enhancing Network Stability:** | ||
- Accurate gas accounting reduces the risk of network congestion and DoS attacks. | ||
|
||
### **Complementing EIP-7623** | ||
|
||
- **Enhanced Reduction of Block Size and Over-the-Wire Data:** | ||
- By combining increased calldata costs with adjusted block gas accounting, we effectively reduce maximum block sizes. | ||
- **Encouraging Efficient Data Usage:** | ||
- DA-heavy transactions face higher costs, incentivizing the adoption of efficient data availability methods (e.g., blobs). | ||
- **Minimal Impact on Regular Users:** | ||
- Regular transactions remain largely unaffected in terms of costs and inclusion. | ||
|
||
### **Backwards Compatibility** | ||
|
||
- **Hard Fork Required:** | ||
- The changes are not backwards compatible and require a scheduled network upgrade. | ||
- **Impact on Users and Developers:** | ||
- Regular users and developers may need minimal adjustments. | ||
- DA-heavy applications may need to optimize data usage or adopt alternative solutions. | ||
|
||
## **Test Cases** | ||
|
||
1. **DA-Heavy Transactions:** | ||
|
||
- Transactions with large calldata used for DA are charged higher costs. | ||
- Verify that such transactions cannot cause the block gas usage to exceed limits. | ||
|
||
2. **Regular Transactions:** | ||
|
||
- Transactions with typical calldata and EVM usage are processed as usual. | ||
- Ensure that user costs and block gas accounting reflect minimal changes. | ||
|
||
3. **`SSTORE` Operations:** | ||
|
||
- **Reset to Zero:** | ||
- User receives refunds, but block gas accounting charges full cost. | ||
- Verify that inclusion adheres to block gas limit. | ||
- **Revert to Original Value:** | ||
- Discounts apply in both user costs and block gas accounting. | ||
- Ensure block gas usage reflects reduced workload. | ||
|
||
4. **Warm vs. Cold Storage Accesses:** | ||
|
||
- Discounts for warm accesses are preserved in both user costs and block gas accounting. | ||
- Verify accurate representation of computational effort. | ||
|
||
5. **Blocks Near Gas Limit:** | ||
|
||
- Construct blocks to test the new gas limit enforcement. | ||
- Ensure correct processing without exceeding limits. | ||
|
||
## **Security Considerations** | ||
|
||
- **Network Stability:** | ||
- Ensures block gas limits accurately represent the workload, preventing network overload. | ||
- **Mitigating DoS Risks:** | ||
- Reduces attack vectors that exploit gas discounts to overload the network. | ||
|
||
|
||
## **Copyright** | ||
|
||
Copyright and related rights waived via CC0 1.0 Universal. |