This EIP is totally awesome! Please, try hard to advertise it. Here is copy of part of my comment https://gist.github.com/Dexaran/9bd90c1885b4818573368ad02b784125?permalink_comment_id=5288645#gistcomment-5288645
(and then I will tell what you need to add):
I think native tokens (EIP-7809) is way to go (yes, I changed my opinion on native tokens). Native tokens have many advantages over ERC-223 tokens, and thus native tokens actually have chance to become widespread. And native tokens solve problems, which ERC-223 intends to solve.
- First of all, if native tokens are implemented in EVM, then they will be considered “official” by everyone and everyone will support them
- Native tokens implemented directly in nodes, and thus they are very cheap in terms of gas
- As I said above, native tokens will be “official”, and thus they will be supported in Solidity. So, you will be able to write
payable
functions in Solidity, which accept tokens. Thus you will not have double ABI encoding problem of ERC-223, i. e. you will not need to encode arguments to bytes data
. You will get clean type safe experience. (Unfortunately, as well as I understand, EIP-7809’s Solidity fork doesn’t implement payable
. I think this is a mistake.)
- Node implementations can “see” native tokens, and thus nodes can implement optimizations, which are impossible with ERC-20 and ERC-223 tokens. For example, balance can be stored in owning account (in implementation), not in token contract. This will cause major efficiency gains, because ERC-20 tokens are responsible for huge share of Ethereum state (see figure 2 here:
https://www.paradigm.xyz/2024/03/how-to-raise-the-gas-limit-1
)
- When you do ERC-223 transfer, you call untrusted
transfer
function, which then calls untrusted tokenReceived
function. This is bad for security, and opens door for reentrancy attacks and other attacks. And you cannot be sure that transfer
will actually execute tokenReceived
. You cannot be sure that token contract will not take some fee. With native tokens transfer is implemented directly in nodes, transfer causes execution of receiving function, but it does not cause execution of untrusted code of token itself. Thus, security is improved. Moreover, if you transfer tokens to EOA, then no external code is executed at all!
Now let me tell you what to add.
First of all, we need feature parity with ERC-20. ERC-20 has transfer logs, and thus native tokens need something similar, too. So you should ensure that JSON-RPC allows one to read token transfer history.
Then: as I said above, payable
Solidity functions are mandatory.
Then: it may be good idea to introduce native tokens in the same time as EOF ( https://github.com/ipsilon/eof/blob/main/spec/eof.md
). So we will have a chance to change opcodes in breaking way. We will have a chance to change semantic of CALL
instead of adding NTCALL
.
Then: currently “Motivation” section is not motivating at all. It is vague. I suggest removing it and rewriting from scratch. Focus on technical advantages. And there are a lot of them! I listed them above, feel free to copy. Additional motivations:
- Native tokens solve ERC-20 problems. First of all, awkward “approve + transferFrom” pattern. Second, native tokens solve problem of approval-related insecurity. Then, NTs solve problem of “stuck” ERC-20 tokens (
https://gist.github.com/Dexaran/9bd90c1885b4818573368ad02b784125
)
- Vitalik says here (
https://hackmd.io/@vbuterin/selfdestruct
): “SELFDESTRUCT is the only opcode which can change other accounts’ balances without their consent… This risks breaking smart contract wallets, breaks other potentially useful tricks, and generally is yet another edge case that contract developers and auditors need to think about”. So, Vitalik says that impossibility to send someone money without their consent is important property. And I agree with him. And, as well as I understand, native tokens provide this invariant! (Assuming SELFDESTRUCT will be deleted.)
Then: “Cross-Contract NT Transfers” - I fully disagree with your solution here. Instead, this EIP should be implemented such way, that existing contracts should reject transfers of any native tokens, except for ETH. I. e. rejection should be default. I. e. specially designed contracts only should accept other native tokens.
Then: as I already said on Github, ETH’s id should be 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
, not zero. Also, I just found that this is requirement by ERC-7528.
Then: total supply for ETH should be tracked the same way it is tracked for other native tokens. I don’t see any reasons for making ETH special. Yes, this will be possibly major technical task, and it is possible it will even require changes to consensus layer nodes. But still this task is solvable, and there is no any fundamental reasons not to solve it