mau
  • 🧩Account Abstraction
    • 📎Introduction ERC-4337
    • 🙍Key Roles and Their Interactions
      • 📄UserOperation Breakdown and Security Concerns
    • 🌉Interfaces
      • 1️⃣EntryPoint Interface
      • 2️⃣Account Interface
      • 3️⃣Aggregator
    • ⛓️Transaction Nonce
    • 🤝Using Signature Aggregators
    • 🚪Required entry point contract functionality
      • 🏦Paymaster extension
        • 🌉Paymaster Interfaces
    • 🤸Handling UserOperation
      • 🤖Simulation
      • 🔄Alternative Mempools
    • Bundling
      • Forbidden opcodes
    • Reputation
      • Unstaked
      • Specification
    • Storage associated with an address
    • 📚Extra References
  • 🔐Signature
    • 🔁Replay Attack
    • 🗝️Signature Malleability
  • 🧱Ethereum Blockchain
    • 📖Account State
    • 👩‍💻create2 OPCODE
  • 📑Ethereum Improvement Proposals
    • 📄EIP-191
      • 📄ECDSA
      • 📄ABI Encode and Keccak256
    • 📄EIP-712
    • 📄EIP-7212
      • 📄Abstract
      • 📄Motivation
      • 📄Elliptic Curve Signature Verification Steps
      • 📄Verification and Sepecification
      • 📄Rationale
    • 📄EIP-1271
    • 📄EIP-1167
  • ⚒️Foundry
  • 📚DeFi and the Future of Finance - Book
    • 🔧The Problems DeFi Solves
    • 1️⃣DeFi Basics
      • 🪙Equity, Liquidity and Governance Token
      • 🛃Custody
      • 🔄Supply Adjustment
      • 📈Bounding Curve
      • 💸Incentives
      • 🔁Swaps
      • 💰Collateralized/Uncollateralized Loans
    • 2️⃣Credit and Lending
  • ⛽Gas Griefing
    • 1️⃣Understanding Gas in Ethereum
    • 2️⃣Gas Allocation and Contract Interactions
    • 3️⃣Understanding Gas Limits: Exploring the 63/64 Rule
    • 4️⃣Understanding Gas Limits in Contract-to-Contract Calls
    • 5️⃣Gas Griefing Attack
    • 6️⃣Inner Call Out Of Gas Attack
    • 7️⃣Gas Griefing Contest Findings
      • ⛽Withdrawals with high gas limits can be bricked by a malicious user, permanently locking funds
      • ⛽Gas limit check is inaccurate, leading to an operator being able to fail a job intentionally
  • ✏️My Auditing Process
    • ❓How do I start ?
    • ⭕Bounded Context Technique
    • 🌳BTT
  • 🏃‍♀️Productivity
    • ✖️Best way to use Twitter Bookmarks
    • ⌛How to track focused working hours
    • 👩‍💻VS Code plugins to increase performance
    • 🏗️How to create your audit process methodology
    • 📕You should also have your Gitbook
    • 👮Best way to study for Secureum
  • 📙Secureum
    • 📄RACE 4
    • 📄RACE 5
  • 💻Mainnet Attacks
    • 🔁Reentrancy
      • 2022 Dec - Grim Finance
      • 2016 June - The DAO
  • ABI Encode
    • Basic Design
    • Function Selector
    • Elementary Types
    • Formal Specification of the Encoding
    • Examples
    • Events
    • Errors
    • Non-standard Packed Mode
    • References
  • Solidity
Powered by GitBook
On this page
  1. Account Abstraction
  2. Bundling

Forbidden opcodes

Forbidden Opcodes Explained

In the context of the described system, there are certain opcodes that are prohibited when they are executed at depth levels greater than 2. This basically implies that when core contracts like the factory, account, paymaster, and others are being executed, these opcodes should not be permitted. The motivation for this restriction is to ensure consistency and reliability during the simulation and execution processes.

Let's dive deeper:

  1. List of Forbidden Opcodes:

    • GASPRICE: Returns the gas price of the transaction.

    • GASLIMIT: Provides the maximum gas that is allowed in a block.

    • DIFFICULTY: Returns the difficulty of the current block.

    • TIMESTAMP: Gives the timestamp of the current block.

    • BASEFEE: Indicates the base fee of the current block.

    • BLOCKHASH: Returns the hash of one of the 256 most recent blocks.

    • NUMBER: Provides the block number.

    • SELFBALANCE: Returns the contract's balance.

    • BALANCE: Fetches the Ether balance of a specific address.

    • ORIGIN: Gives the sender of the transaction.

    • GAS: Returns the amount of gas left.

    • CREATE: Initiates a new contract.

    • COINBASE: Returns the miner of the current block.

    • SELFDESTRUCT: Causes the contract to terminate.

  2. Rationale Behind Prohibition:

    • The primary reason for forbidding these opcodes is to maintain the consistency of the simulation process.

    • The outputs of these opcodes can change between the simulation and the actual on-chain execution. This variability makes them unreliable. For instance, the gas price or block timestamp can change between when a transaction is simulated and when it is actually executed, leading to potential discrepancies.

    • If transactions are simulated using these opcodes, it's hard to guarantee that the actual on-chain execution would yield the same results as the simulation.

  3. Exceptions to the Rule:

    • While these opcodes are generally forbidden, there are specific exceptions:

      • CREATE2: This opcode is permitted only if the op.initcode.length is not zero. The use of CREATE2 should result in the deployment of a new UserOperation.sender that hasn't been deployed before.

      • GAS: Using the GAS opcode is allowed if it is immediately followed by a call-type opcode such as CALL, DELEGATECALL, CALLCODE, or STATICCALL. Essentially, while making contract calls is permitted, directly querying the amount of gas left using the gasleft() function or the GAS opcode is not.

In conclusion, these forbidden opcodes are essentially a safeguard to ensure that the simulation process provides a reliable indication of what would occur during the actual on-chain execution. By regulating their usage, the system aims to achieve a higher degree of consistency and predictability.

PreviousBundlingNextReputation

Last updated 1 year ago

🧩