Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ethereum Core Devs Meeting 136 Agenda #508

Closed
timbeiko opened this issue Apr 4, 2022 · 10 comments
Closed

Ethereum Core Devs Meeting 136 Agenda #508

timbeiko opened this issue Apr 4, 2022 · 10 comments

Comments

@timbeiko
Copy link
Collaborator

timbeiko commented Apr 4, 2022
edited
Loading

Meeting Info

Agenda
@timbeiko timbeiko added the agenda label Apr 4, 2022
@timbeiko timbeiko mentioned this issue Apr 4, 2022
Closed
@yperbasis
Copy link
Member

On Shanghai planning. If we're not ready to commit to EIP-4758: Deactivate SELFDESTRUCT in Shanghai, should we at least prohibit SELFDESTRUCT in EOF code as part of EIP-3540 or EIP-3670? I think @axic suggested that some time ago.

@chfast
Copy link
Member

chfast commented Apr 11, 2022

On Shanghai planning. If we're not ready to commit to EIP-4758: Deactivate SELFDESTRUCT in Shanghai, should we at least prohibit SELFDESTRUCT in EOF code as part of EIP-3540 or EIP-3670? I think @axic suggested that some time ago.

This is in EIP-3670's Rationale section and it also includes CALLCODE instruction. https://eips.ethereum.org/EIPS/eip-3670#possibility-for-deprecation

@timbeiko
Copy link
Collaborator Author

Added to the agenda, @yperbasis @chfast

@yperbasis
Copy link
Member

Also, time permitting, I'd like to discuss compatibility between EOF and code chunking for Verkle Trees.

@mkalinin
Copy link
Contributor

I have updated latestValidHash analysis with my recent thoughts on a couple of attack vectors on nodes that doesn't support latestValidHash, https://hackmd.io/GDc0maGsQeKfP8o2C7L52w?view#Do-not-support-during-SYNCING

Based on the analysis, I think it's important to have this supported by all EL clients as it is currently stated in the spec.

@MarekM25
Copy link

In testnet plans we could discuss how we can mitigate a few risks. Of course, the main risk is bugs, and I believe that the sooner we start forking public testnets longer the time we should observe it. Two additional points:

  1. All our devnets/shadowforks are controlled by one man-our wizard - @parithosh. Is it worth starting devnet with something closer to public tesnet in terms of validators control? Or should we try it on a real testnet like Sepolia?
  2. Misconfiguration. In every hardfork, we've observed some amounts of nodes that were forgotten to upgrade (let's say X). All previous hardforks were significantly less demanding for node operators. Now node operator needs to do a few things:
    a) Upgrade EL
    b) Upgrade CL
    c) Configure JWT Secret between clients
    d) Make sure that there is a connection between clients.
    In theory, people can train it on Kiln, and we can mitigate it with correct announcements and documentation. However, in practice, I believe that longer public testnets will reduce the number X for the next testnet and later for the mainnet. People need to get used to running Ethereum nodes with two apps. From my observation, the configuration was a bit confusing even for devs and technical people (especially JWT/ports in the beginning).

@axic
Copy link
Member

axic commented Apr 15, 2022
edited
Loading

Also, time permitting, I'd like to discuss compatibility between EOF and code chunking for Verkle Trees.

@yperbasis the ideal solution would be to have two "account types", for legacy accounts the code chunking needs to work as described, and for the "EOF accounts" it wouldn't need to have the FIO field, saving 1 byte per chunk.

This could be easily accomplished by having two different values in the VERSION_LEAF_KEY.

That being said, the current verkle chunking spec is compatible with EOF, just not as optimal as it could be.

@axic
Copy link
Member

axic commented Apr 15, 2022

On Shanghai planning. If we're not ready to commit to EIP-4758: Deactivate SELFDESTRUCT in Shanghai, should we at least prohibit SELFDESTRUCT in EOF code as part of EIP-3540 or EIP-3670? I think @axic suggested that some time ago.

This is in EIP-3670's Rationale section and it also includes CALLCODE instruction. https://eips.ethereum.org/EIPS/eip-3670#possibility-for-deprecation

It would be nice to disable "undesirable* opcodes, however it will not solve the question of those existing in legacy code. If SELFDESTRUCT is transformed into a different useful feature, then disabling it also makes no sense.

@adietrichs
Copy link
Member

If there is time today, I would like to briefly get some feedback on how important a security fix people think EIP-4396 would be. Being mindful of the desire to pause CFIs for Shanghai, and given that the EIP still requires significant work in comparing its different variants & picking the optimal one, it would be helpful to get a feeling for whether this should realistically target Shanghai.

@timbeiko timbeiko mentioned this issue Apr 15, 2022
Closed
@timbeiko
Copy link
Collaborator Author

Closed in favor of #514

@Santhosh1692 Santhosh1692 mentioned this issue Apr 20, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@axic @chfast @mkalinin @MarekM25 @timbeiko @adietrichs @yperbasis and others