EIP-8282: Builder Execution Requests

wemeetagain · June 4, 2026, 7:40am

Discussion topic for EIP-8282

Update Log

2026-06-04: initial draft Add EIP: Builder Execution Requests by wemeetagain · Pull Request #11760 · ethereum/EIPs · GitHub

External Reviews

None as of 2026-06-04.

Outstanding Issues

None as of 2026-06-04.

Summary

A new EIP that gives EIP-7732 (ePBS) builders their own
execution-layer request contracts on the EIP-7685 request bus, rather than routing
builder onboarding and exit through the validator flows. Two predeploys:

Request type	Contract	Entrypoint	Record
`0x03`	builder deposit (also top-up)	`deposit(pubkey, withdrawal_credentials, amount, signature)`	`pubkey ++ wc ++ amount ++ signature` (184 B)
`0x04`	builder exit	`exit(pubkey)`	`source_address ++ pubkey` (68 B)

Both are thin queues over a shared RequestQueue (EIP-1559-style fee, EXCESS_INHIBITOR,
end-of-block SYSTEM_ADDRESS drain), modeled on the EIP-7002/7251 request bus. Neither
performs on-chain cryptography or emits logs. Addresses, request-type bytes, and runtime
code are placeholders pending allocation and audit.

Rationale

Decouples builders from validators. Dedicated request types let the consensus layer
route by type instead of inspecting withdrawal-credential prefixes, keying the validator
and builder registries independently — which also lets a single public key be both a
validator and a builder (a restriction this EIP removes).
Bounds a consensus-side DoS. A builder deposit’s proof-of-
possession is verified by the consensus layer (as in EIP-7732). Delivering deposits
through a request bus capped at MAX_REQUESTS_PER_BLOCK per block, plus the EIP-1559 fee
on top of the 1-ETH stake, bounds the per-block verification work and the spam economics.
Cold-key exit. A builder’s BLS key is hot (it signs bids), so exit is authorized by
the builder’s execution_address, mirroring EIP-7002’s rationale for 0x01 credentials.

Consensus-layer changes (EIP-7732 / gloas)

This EIP modifies EIP-7732’s builder lifecycle (normative “Changes to EIP-7732” section):

Remove the builder branch from process_deposit_request; post-fork builders are sourced
only from execution request0x03. A 0x00 deposit carrying a builder (0x03-prefix) credential is rejected.
Remove the builder branch from process_voluntary_exit (it becomes validator-only);
builders exit only via execution request 0x04.
Retain onboard_builders_from_pending_deposits so genesis builders exist from the
activation slot (apps depending on builders at the fork are unaffected).