Regarding some discussions that has been happening on EIp-1014, Skinny Create2.
I have now performed some benchmarks, and can confirm that the combination of uncapped size of initcode + lack of cost-per-byte is problematic in CREATE2
, and can lead to DoS attacks if not fixed. Therefore, I propose that we accept the change to EIp 1014 which uses the folowing phrasing:
Additionally, an extra
GSHA3WORD * ceil(len(init_code) / 32)
gas is charged.
Furthermore the problem is also present today, with CREATE
, but that is due to internal implementation details in most (all?) clients. Short story: it can be fixed without changing CREATE
. Client implementors can PM me for details and testcases. I have already spoken to Parity members about this.
An alternative change could be to introduce a cap on initcode size. That would also 'fix' the problem in a less 'correct' manner. cc @/all
@holiman :thumbsup: :thumbsup: :thumbsup: That's great! @winsvega is doing a great job on the execution side, to complete the picture it would be great if you could also extend on communication with the new hire, atm it is hard to get e.g. the latest state of the Constantinople implementation or generally a picture what is happening related to tests.
Stuff I would value a lot here:
Just some wishlist. :smile:
CREATE2
. it should be ready by tomorrow. But it turns that we won't be ready to publish a release before Ropsten fork block happens, so, it'll be available only in a Snapshot version. But it doesn't look like a big problem and we're ok on keeping 4_200_000
for Ropsten