Appearance
Abstract ​
Add a new instruction that transfers ether to a destination address without handing over the flow of execution to it. It should work similarly to how SELFDESTRUCT (0xFF)
transfers ether to the destination without making a call to it.
Motivation ​
From an architectural point of view, execution flow should never be handed over to an untrusted contract. Ethereum currently does not have any ideal way to transfer ether without transferring the flow of execution. People have come up with reentrancy guards and similar solutions to prevent some types of attacks but it's not an ideal solution. The only way to transfer ether from smart contracts without triggering a call is to create a dummy contract, send the precise amount of ether to it and then call SELFDESTRUCT (0xFF)
from it.
Specification ​
Introduce a new instruction, AIRDROP
(0xFG
) that transfers ether to the destination without making a call to it.
Stack input ​
address: the account to send ether to. value: value in wei to send to the account.
Gas ​
The total gas cost should be the sum of a static cost + address_access_cost + value_to_empty_account_cost.
- Static cost: 6700
- Dynamic cost:
- address_access_cost: If the target is not in
accessed_addresses
, chargeCOLD_ACCOUNT_ACCESS_COST
gas, and add the address toaccessed_addresses
. Otherwise, chargeWARM_STORAGE_READ_COST
gas. Currently,COLD_ACCOUNT_ACCESS_COST
is 2600 whileWARM_STORAGE_READ_COST
is 100. - value_to_empty_account_cost: If value is not 0 and the address given points to an empty account, then value_to_empty_account_cost is the account creation gas cost which currently is 25000. An account is empty if its balance is 0, its nonce is 0 and it has no code.
- address_access_cost: If the target is not in
Rationale ​
This behavior is already possible by deploying a new contract that does SELFDESTRUCT (0xFF)
but it is prohibitively expensive. In most scenarios, the contract author only wants to transfer ether rather than transferring control of the execution. ERC20 can be used as a case study for this where most users transfer funds without a post-transfer hook.
This instruction allows contracts to safely pass ether to an untrusted address without worrying about reentrancy or other malicious things an untrusted contract can do on.
The static gas cost is derived by subtracting the gas stipend (2300) from the positive_value_cost of CALL (0xF1)
opcode which is currently set to 9000.
Backwards Compatibility ​
No known issues as this is a new instruction that does not affect any old instructions and does not break any valid assumptions since it make not anything impossible possible.
Test Cases ​
TODO
Security Considerations ​
No known security risks.
Copyright ​
Copyright and related rights waived via CC0.