EIP-7702: Set EOA account code

EIPs EIPs core
135

All I know is that the original proposal doesn’t have many of the security features you deem critical. If they were so critical, I would have expected them in that proposal instead of the “insecure” variation.

  1. same as 3074 – should be handled by the code which the account has delegated to.
  2. same as 3074
  3. I don’t recall discussing whether 3074 should sign over code vs. an address. I believe it was always an address. I could misremeber though. I did consider a bit using address in the tuple but still signing over code. The main reason to not do this is you now impose a database lookup on clients before they can determine the signer of the auth tuple. The reason it’s okay to skip signing over chain id is wallets can ensure you only sign to contracts with a deterministic address. This was the same argument for 3074, but we added it because it didn’t feel like such an inconvenience. Now people are requesting the nonce be optional. At that point, we should just drop it altogether.
  4. SSTORE should not be banned because smart contract wallets need to figure out how to deal with storage conflicts today. It’s a known problem and will be solved by the application layer. It’s not necessary to inhibit the protocol by it. Additionally, banning SSTORE means we can not as directly use existing smart contract wallet code. Avoiding “two tracks” of AA development is a main goal of this EIP.
  5. This one I am very conflicted on. In general I prefer not having initcode as it feels weird to run initcode in accounts that have already be “initialized”. On the other, it feels weird to allow anyone to take 7702 auth tuples and force code into your account in contexts that you may not have expected. After much discussion, I feel like setting code directly is still okay to do. In either case, a dishonest user will be able to sign multiple messages and grief people sending 1155 tokens. Honest users / wallets should follow the safe guidelines, and that is to only sign a single 7702 message per account to a proxy contract. That will allow them full flexibility of changing / revoking code, without potential of being griefed.
  6. This is something we might be able to do in the future, but it seems out of scope for pectra at this point.

Obviously this thread and other discussions informed my view. I wasn’t aware of issue with 1155, but I am confident the solution we proposed is suitable. If there is a better solution, we could consider.

I didn’t start working to remove them. Client devs and 4337 devs beginning to ask why the nonce was there. That’s why max nonce has been discussed so much and why there have been other alternative proposals.

I have always been consistent about not wanting these values in the signature. If client teams again decide that they should be in 7702, they will be. ACD is constantly trying to do the best thing possible. That’s why we’re even discussing 7702 in the first place. 3074 was previously accepted and some are upset saying ACD shouldn’t waiver like this. I disagree. Our job is to create the best protocol we can with the information available to us.