🤖Simulation

Ethereum uses simulation to ensure UserOperation validity and finance. This process, driven by protocol rules, isolates data access and validates against strict criteria, ensuring network integrity.

Simulation Rationale Explained

For the Ethereum network to function effectively, it's imperative that every UserOperation submitted for inclusion in the blockchain is both valid and able to finance its execution. To ensure this, the network employs a "simulation" mechanism before the actual execution. Here’s a breakdown of the reasoning behind this simulation process:

  1. Validity & Cost Coverage Assurance:

    • Before adding a UserOperation to the mempool or a bundle, the network needs to ascertain two things:

      1. The UserOperation is genuine and adheres to the protocol rules.

      2. The UserOperation has sufficient funds to cover its execution cost.

  2. Predictability & Consistency:

    • When simulating, it's crucial to ensure that the outcome remains consistent when the UserOperation is actually executed on-chain.

    • To maintain this predictability, the simulation prohibits the UserOperation from accessing dynamic blockchain elements like the current block time, block number, or block hash. This is because these values can vary between the time of simulation and the time of actual execution, leading to discrepancies.

  3. Isolated Access to Data:

    • A key principle for simulation is isolation. A UserOperation should only be able to access data related to its sender address.

    • The reasoning behind this is simple: if multiple UserOperations could access the same storage, then a single alteration in the state could potentially invalidate numerous UserOperations. This could lead to inefficiencies or even potential security vulnerabilities.

  4. Interaction with Special Contracts:

    • Three particular types of contracts play a crucial role in the interaction with the user account:

      1. Factory (initCode): This is responsible for deploying the contract.

      2. Paymaster: This can cover the gas costs for the transaction, ensuring that even if the originating account doesn't have sufficient funds, the transaction can still be executed.

      3. Signature Aggregator: This will be further elaborated upon later but pertains to signature management.

    • Each of these contracts, like the UserOperation, is also bounded by access restrictions. They are limited in their storage interactions to ensure that the validation processes for UserOperations remain isolated and independent.

In essence, the simulation rationale is designed to maintain the integrity, efficiency, and security of the Ethereum network. By ensuring each UserOperation is valid and its effects isolated, the network can maintain a smooth and predictable operation. Simulation of a UserOperation Validation Explained

When a UserOperation needs to be validated, a simulation process is performed. Here’s a step-by-step breakdown of how this process works:

  1. Initiation of the Simulation:

    • The client makes a view call to simulateValidation(userop).

    • This method is unique in that it always reverts with ValidationResult as a successful response.

    • If the call reverts due to any other error, the client must reject the given userOp.

  2. Simulation Steps:

    • If initCode is present, the account is created.

    • The method account.validateUserOp is called.

    • If a paymaster is specified, paymaster.validatePaymasterUserOp is invoked.

  3. Validity Timestamps:

    • The methods validateUserOp or validatePaymasterUserOp can provide validAfter and validUntil timestamps, establishing when the UserOperation can be validly executed on-chain.

    • If a UserOperation is close to expiration, nodes can choose to drop it.

  4. Opcode Restrictions:

    • There are specific opcodes which are forbidden or have particular rules:

      1. The GAS opcode is not allowed unless it's immediately followed by one of the call opcodes: { CALL, DELEGATECALL, CALLCODE, STATICCALL }.

      2. CREATE2 opcode is permitted only once if op.initcode.length is not zero.

  5. Storage Access Limitations:

    • The simulation restricts access to the storage in the following ways:

      1. Direct access to the self storage of the entity (factory or paymaster) is allowed, but the entity needs to be staked.

      2. Access to the account storage is permitted.

      3. Storage that's used by another UserOp sender in the same bundle is forbidden.

  6. Limitations on Call Opcodes:

    • For the CALL opcodes (CALL, DELEGATECALL, CALLCODE, STATICCALL):

      1. They mustn't use any value unless it's from the account to the entry point.

      2. The destination address must have some code.

      3. Calls to EntryPoint’s methods are restricted.

  7. Other Restrictions:

    • Address checks using EXTCODEHASH, EXTCODELENGTH, and EXTCODECOPY opcodes have specific limitations.

    • If transient storage is enabled, any storage slots defined in EIP-1153 must adhere to the same rules as persistent storage.

In essence, the simulation process ensures that every UserOperation is validated against a set of strict rules before it gets executed. This process is crucial for maintaining the integrity, security, and efficiency of the Ethereum network.

PreviousHandling UserOperationNextAlternative Mempools

Last updated