core/txpool: allow tx and authority regardless of admission order#31373
Merged
Conversation
Contributor
Author
|
Hi @lightclient. I haven't managed to get CI to run in |
Member
|
@LuisPH3 This is a known timeout/flaky test. We will not block merging PRs on this test not passing |
LuisPH3
force-pushed
the
setcode_changes
branch
3 times, most recently
from
71fc749 to
9d3b06d
Compare
lightclient
force-pushed
the
setcode_changes
branch
from
9d3b06d to
1986308
Compare
lightclient
reviewed
Apr 1, 2025
Member
lightclient
left a comment
lightclient
left a comment
There was a problem hiding this comment.
Generally okay with the idea here. It doesn't seem terribly important though since we shouldn't really expect that a user will be sending both a delegation and tx at the same time. Since the change is small though, I don't see a reason to not do it.
Pushed a small change to simplify the logic for counting the in-flight txs.
Member
|
My concern is that if we also consider the blobPool, the new rule will become even more complex.
|
lightclient
force-pushed
the
setcode_changes
branch
from
b5a6703 to
d28d39e
Compare
jwasinger
reviewed
Apr 8, 2025
lightclient
force-pushed
the
setcode_changes
branch
from
c11a8ee to
42d1156
Compare
lightclient
changed the title
lightclient
reviewed
Apr 8, 2025
Comment on lines
+171
to
+207
| // reserver is a utility struct to sanity check that accounts are | ||
| // properly reserved by the blobpool (no duplicate reserves or unreserves). | ||
| type reserver struct { | ||
| accounts map[common.Address]struct{} | ||
| lock sync.RWMutex | ||
| } | ||
|
|
||
| func newReserver() txpool.Reserver { | ||
| return &reserver{accounts: make(map[common.Address]struct{})} | ||
| } | ||
|
|
||
| func (r *reserver) Hold(addr common.Address) error { | ||
| r.lock.Lock() | ||
| defer r.lock.Unlock() | ||
| if _, exists := r.accounts[addr]; exists { | ||
| panic("already reserved") | ||
| } | ||
| r.accounts[addr] = struct{}{} | ||
| return nil | ||
| } | ||
|
|
||
| func (r *reserver) Release(addr common.Address) error { | ||
| r.lock.Lock() | ||
| defer r.lock.Unlock() | ||
| if _, exists := r.accounts[addr]; !exists { | ||
| panic("not reserved") | ||
| } | ||
| delete(r.accounts, addr) | ||
| return nil | ||
| } | ||
|
|
||
| func (r *reserver) Has(address common.Address) bool { | ||
| r.lock.RLock() | ||
| defer r.lock.RUnlock() | ||
| _, exists := r.accounts[address] | ||
| return exists | ||
| } |
Member
There was a problem hiding this comment.
In #31373 I removed the test-only reserver and in hindsight I think this is a mistake. It's useful to panic when some assumptions about double holds and double releases fail. Adding it back here.
Member
|
I think this change is small enough that it's okay to include. Allowing tx and authority regardless of order doesn't seem that important too me, but considering the change itself is only around 10 lines of code and the reset is fixing up some tests and me refactoring the Reserver object, it's reasonable. The blobpool will still require specific order if the user wants to pool both a delegation and a blob tx. I think this is okay since we expect blob users to generally be EOAs managed by rollups. |
lightclient
previously approved these changes
Apr 8, 2025
lightclient
approved these changes
Apr 9, 2025
sivaratrisrinivas
pushed a commit
to sivaratrisrinivas/go-ethereum
that referenced
this pull request
Apr 21, 2025
…hereum#31373) This PR proposes a change to the authorizations' validation introduced in commit cdb66c8. These changes make the expected behavior independent of the order of admission of authorizations, improving the predictability of the resulting state and the usability of the system with it. The current implementation behavior is dependent on the transaction submission order: This issue is related to authorities and the sender of a transaction, and can be reproduced respecting the normal nonce rules. The issue can be reproduced by the two following cases: **First case** - Given an empty pool. - Submit transaction `{ from: B, auths [ A ] }`: is accepted. - Submit transaction `{ from: A }`: Is accepted: it becomes the one in-flight transaction allowed. **Second case** - Given an empty pool. - Submit transaction `{ from: A }`: is accepted - Submit transaction `{ from: B, auths [ A ] }`: is rejected since there is already a queued/pending transaction from A. The expected behavior is that both sequences of events would lead to the same sets of accepted and rejected transactions. **Proposed changes** The queued/pending transactions issued from any authority of the transaction being validated have to be counted, allowing one transaction from accounts submitting an authorization. - Notice that the expected behavior was explicitly forbidden in the case "reject-delegation-from-pending-account", I believe that this behavior conflicts to the definition of the limitation, and it is removed in this PR. The expected behavior is tested in "accept-authorization-from-sender-of-one-inflight-tx". - Replacement tests have been separated to improve readability of the acceptance test. - The test "allow-more-than-one-tx-from-replaced-authority" has been extended with one extra transaction, since the system would always have accepted one transaction (but not two). - The test "accept-one-inflight-tx-of-delegated-account" is extended to clean-up state, avoiding leaking the delegation used into the other tests. Additionally, replacement check is removed to be tested in its own test case. **Expected behavior** The expected behavior of the authorizations' validation shall be as follows:  Notice that replacement shall be allowed, and behavior shall remain coherent with the table, according to the replaced transaction. --------- Co-authored-by: lightclient <lightclient@protonmail.com>
3 tasks
jakub-freebit
pushed a commit
to fblch/go-ethereum
that referenced
this pull request
Jul 3, 2025
…hereum#31373) This PR proposes a change to the authorizations' validation introduced in commit cdb66c8. These changes make the expected behavior independent of the order of admission of authorizations, improving the predictability of the resulting state and the usability of the system with it. The current implementation behavior is dependent on the transaction submission order: This issue is related to authorities and the sender of a transaction, and can be reproduced respecting the normal nonce rules. The issue can be reproduced by the two following cases: **First case** - Given an empty pool. - Submit transaction `{ from: B, auths [ A ] }`: is accepted. - Submit transaction `{ from: A }`: Is accepted: it becomes the one in-flight transaction allowed. **Second case** - Given an empty pool. - Submit transaction `{ from: A }`: is accepted - Submit transaction `{ from: B, auths [ A ] }`: is rejected since there is already a queued/pending transaction from A. The expected behavior is that both sequences of events would lead to the same sets of accepted and rejected transactions. **Proposed changes** The queued/pending transactions issued from any authority of the transaction being validated have to be counted, allowing one transaction from accounts submitting an authorization. - Notice that the expected behavior was explicitly forbidden in the case "reject-delegation-from-pending-account", I believe that this behavior conflicts to the definition of the limitation, and it is removed in this PR. The expected behavior is tested in "accept-authorization-from-sender-of-one-inflight-tx". - Replacement tests have been separated to improve readability of the acceptance test. - The test "allow-more-than-one-tx-from-replaced-authority" has been extended with one extra transaction, since the system would always have accepted one transaction (but not two). - The test "accept-one-inflight-tx-of-delegated-account" is extended to clean-up state, avoiding leaking the delegation used into the other tests. Additionally, replacement check is removed to be tested in its own test case. **Expected behavior** The expected behavior of the authorizations' validation shall be as follows:  Notice that replacement shall be allowed, and behavior shall remain coherent with the table, according to the replaced transaction. --------- Co-authored-by: lightclient <lightclient@protonmail.com>
howjmay
pushed a commit
to iotaledger/go-ethereum
that referenced
this pull request
Aug 27, 2025
…hereum#31373) This PR proposes a change to the authorizations' validation introduced in commit cdb66c8. These changes make the expected behavior independent of the order of admission of authorizations, improving the predictability of the resulting state and the usability of the system with it. The current implementation behavior is dependent on the transaction submission order: This issue is related to authorities and the sender of a transaction, and can be reproduced respecting the normal nonce rules. The issue can be reproduced by the two following cases: **First case** - Given an empty pool. - Submit transaction `{ from: B, auths [ A ] }`: is accepted. - Submit transaction `{ from: A }`: Is accepted: it becomes the one in-flight transaction allowed. **Second case** - Given an empty pool. - Submit transaction `{ from: A }`: is accepted - Submit transaction `{ from: B, auths [ A ] }`: is rejected since there is already a queued/pending transaction from A. The expected behavior is that both sequences of events would lead to the same sets of accepted and rejected transactions. **Proposed changes** The queued/pending transactions issued from any authority of the transaction being validated have to be counted, allowing one transaction from accounts submitting an authorization. - Notice that the expected behavior was explicitly forbidden in the case "reject-delegation-from-pending-account", I believe that this behavior conflicts to the definition of the limitation, and it is removed in this PR. The expected behavior is tested in "accept-authorization-from-sender-of-one-inflight-tx". - Replacement tests have been separated to improve readability of the acceptance test. - The test "allow-more-than-one-tx-from-replaced-authority" has been extended with one extra transaction, since the system would always have accepted one transaction (but not two). - The test "accept-one-inflight-tx-of-delegated-account" is extended to clean-up state, avoiding leaking the delegation used into the other tests. Additionally, replacement check is removed to be tested in its own test case. **Expected behavior** The expected behavior of the authorizations' validation shall be as follows:  Notice that replacement shall be allowed, and behavior shall remain coherent with the table, according to the replaced transaction. --------- Co-authored-by: lightclient <lightclient@protonmail.com>
4 tasks
gballet
pushed a commit
to gballet/go-ethereum
that referenced
this pull request
Sep 11, 2025
…hereum#31373) This PR proposes a change to the authorizations' validation introduced in commit cdb66c8. These changes make the expected behavior independent of the order of admission of authorizations, improving the predictability of the resulting state and the usability of the system with it. The current implementation behavior is dependent on the transaction submission order: This issue is related to authorities and the sender of a transaction, and can be reproduced respecting the normal nonce rules. The issue can be reproduced by the two following cases: **First case** - Given an empty pool. - Submit transaction `{ from: B, auths [ A ] }`: is accepted. - Submit transaction `{ from: A }`: Is accepted: it becomes the one in-flight transaction allowed. **Second case** - Given an empty pool. - Submit transaction `{ from: A }`: is accepted - Submit transaction `{ from: B, auths [ A ] }`: is rejected since there is already a queued/pending transaction from A. The expected behavior is that both sequences of events would lead to the same sets of accepted and rejected transactions. **Proposed changes** The queued/pending transactions issued from any authority of the transaction being validated have to be counted, allowing one transaction from accounts submitting an authorization. - Notice that the expected behavior was explicitly forbidden in the case "reject-delegation-from-pending-account", I believe that this behavior conflicts to the definition of the limitation, and it is removed in this PR. The expected behavior is tested in "accept-authorization-from-sender-of-one-inflight-tx". - Replacement tests have been separated to improve readability of the acceptance test. - The test "allow-more-than-one-tx-from-replaced-authority" has been extended with one extra transaction, since the system would always have accepted one transaction (but not two). - The test "accept-one-inflight-tx-of-delegated-account" is extended to clean-up state, avoiding leaking the delegation used into the other tests. Additionally, replacement check is removed to be tested in its own test case. **Expected behavior** The expected behavior of the authorizations' validation shall be as follows:  Notice that replacement shall be allowed, and behavior shall remain coherent with the table, according to the replaced transaction. --------- Co-authored-by: lightclient <lightclient@protonmail.com>
eomti-wm
added a commit
to stable-net/go-stablenet
that referenced
this pull request
Jan 5, 2026
Check reserver for authority conflicts to make authorization validation independent of admission order. Authorities must not conflict with addresses reserved by other subpools. Based on ethereum/go-ethereum#31373
eomti-wm
added a commit
to stable-net/go-stablenet
that referenced
this pull request
Jan 14, 2026
* chore: update Go version to 1.21 * feat: implement EIP-7702 set code transaction type Add support for EIP-7702 (SetCodeTx) which allows EOAs to temporarily delegate their code execution to another account. Changes include: - Add SetCodeTx (type 0x04) transaction type and Authorization struct - Add anzeonSigner for EIP-7702 transaction signing - Implement delegation designator resolution in EVM - Add EIP-7702 specific gas calculation for CALL variants - Update EXTCODE* opcodes to handle delegation designators - Add prestate tracer support for authorization list - Update t8n tool and tests for SetCodeTx Based on ethereum/go-ethereum#30078 * fix: complete EIP-7702 authorization marshaling and eth_call support Based on ethereum/go-ethereum#30926 * refactor: improve EIP-7702 API naming - Rename Authorization to SetCodeAuthorization - Rename SignAuth to SignSetCode with key-first parameter order Based on ethereum/go-ethereum#30933 * fix: rename SetCodeAuthorization 'v' to 'yParity' The API spec requires the name yParity. Based on: - ethereum/go-ethereum@73a4ecf - ethereum/go-ethereum#30936 * refactor: rename AuthList to SetCodeAuthorizations Use SetCode prefix consistently in internal APIs for the authorization list, as a follow-up to SetCodeAuthorization type renaming. Based on ethereum/go-ethereum#30935 * refactor: change SetCodeTx.ChainID to uint256 Change ChainID field type from uint64 to uint256.Int in SetCodeTx and SetCodeAuthorization for consistency with other chain ID handling. Also removes unused json/gencodec tags from signature value fields in DynamicFeeTx, BlobTx, SetCodeTx, and FeeDelegateDynamicFeeTx. Based on ethereum/go-ethereum#30982 * fix: correct chainId check for anzeonSigner Use zero value check for SetCodeTx chainId validation. This aligns with cancunSigner and londonSigner as well. Based on ethereum/go-ethereum#31032 * fix: initialize ChainID in SetCodeTx copy method ChainID should be properly initialized and copied in the copy() method to prevent nil pointer issues during transaction processing. Based on ethereum/go-ethereum#31054 * refactor: remove EXTCODE* special handling for EIP-7702 EXTCODE* opcodes no longer need special overrides for EIP-7702 delegation designators. The delegation designator is now returned as-is. Implements EIPs#9248. Based on ethereum/go-ethereum#31089 * feat: add EIP-7702 SetCode transaction pool support Add SetCode transaction handling to legacypool: - SetCodeTxType validation with Anzeon fork check - Empty authorization rejection - Authority tracking and conflict prevention - Account slot limit for delegated accounts and pending authorizations Note: tx replacement is not supported in go-stablenet. Tests are adjusted to expect ErrAccountLimitExceeded instead of successful replacement. Based on ethereum/go-ethereum#31073 * test: add setCodeTx reorg test Based on ethereum/go-ethereum#31206 * refactor: move setcode tx validation into legacyPool Move authorization-related validations from common validation to legacyPool since these checks are specific to SetCode transactions. Based on ethereum/go-ethereum#31209 * fix: fix error logs flood caused by removeAuthorities Fix removeAuthorities to only iterate tx's authorities instead of all authorities in the pool. Based on ethereum/go-ethereum#31249 * refactor: reduce allocs in transaction signing Add sigHash method to TxData interface and move hash computation into each tx type, reducing allocations during signature operations. Based on ethereum/go-ethereum#31258 * fix: reject gapped tx from delegated account Add checkDelegationLimit to reject transactions with gapped nonces from delegated accounts. Only one in-flight executable transaction is allowed for senders with delegation or pending delegation. Based on ethereum/go-ethereum#31430 * fix: exclude 7702 authorities from eth_createAccessList result Exclude valid EIP-7702 authorities from access list generation result. Based on ethereum/go-ethereum#31336 (which resolves ethereum/go-ethereum#31335) * fix: data race in checkDelegationLimit Add delegationTxsCount method with proper lock to fix data race when accessing auths map in checkDelegationLimit. Based on ethereum/go-ethereum#31475 * feat: add EIP-7702 protection to blobpool Add delegation limit checks to blobpool: - Limit senders with delegation/pending auth to one in-flight tx - Check reserver for authority conflicts - Refactor AddressReserver to Reserver struct with Hold/Release/Has Based on ethereum/go-ethereum#31526 * fix: slot limit check and update comments - Skip slot limit validation for tx replacements (same nonce reuses slot) - Clarify cumulative balance validation skip reason: fee delegation compatibility * fix: allow tx and authority regardless of admission order Check reserver for authority conflicts to make authorization validation independent of admission order. Authorities must not conflict with addresses reserved by other subpools. Based on ethereum/go-ethereum#31373 * fix: fix data race of txlookup access in test Reset txlookup fields directly with proper locking instead of assigning a new lookup object to avoid data race. Based on ethereum/go-ethereum#31641 * feat: allow passing AuthorizationList to eth_call and eth_estimateGas Add AuthorizationList field to CallMsg and toCallArg to support SetCodeTx in eth_call and eth_estimateGas APIs. Based on ethereum/go-ethereum#31198 * fix: fix data race of pricedList access Use Reheap() instead of assigning a new pricedList to avoid data race when clearing pool state. Based on ethereum/go-ethereum#31758 * fix: resolve incorrect prestate for EIP-7702 authority accounts Before: Authority accounts' prestate showed post-authorization code/storage and incorrect balance/nonce due to wrong capture timing After: Authority accounts' prestate correctly reflects state before SetCodeAuthorization is applied - Refactor EVMLogger to pass env in CaptureTxStart instead of CaptureStart - Capture authority accounts before delegation code (0xef0100...) is set - Preserve original code/storage while restoring only gas from balance * feat: prestate tracer lookup EIP-7702 delegation account Parse and lookup the delegation account if EIP-7702 is enabled in prestate tracer. Implements ethereum/go-ethereum#32078 Based on ethereum/go-ethereum#32080 * refactor: expose sigHash as SigHash for SetCodeAuthorization Rename the private sigHash() method to public SigHash() method to enable external signing (e.g., MPC signing). Based on ethereum/go-ethereum#32298 (which resolves ethereum/go-ethereum#32297) * fix: resolve test failures in tracer and blobpool - Add tracer lifecycle calls in runtime package - Fix EIP-7702 and blobpool test configs * Revert "chore: update Go version to 1.21" This reverts commit 71e90d7. * fix: support AuthorizationList in simulated backend gas estimation
eomti-wm
added a commit
to wemixarchive/go-wbft
that referenced
this pull request
Mar 4, 2026
* chore: update Go version to 1.21 * feat: implement EIP-7702 set code transaction type Add support for EIP-7702 (SetCodeTx) which allows EOAs to temporarily delegate their code execution to another account. Changes include: - Add SetCodeTx (type 0x04) transaction type and Authorization struct - Add anzeonSigner for EIP-7702 transaction signing - Implement delegation designator resolution in EVM - Add EIP-7702 specific gas calculation for CALL variants - Update EXTCODE* opcodes to handle delegation designators - Add prestate tracer support for authorization list - Update t8n tool and tests for SetCodeTx Based on ethereum/go-ethereum#30078 * fix: complete EIP-7702 authorization marshaling and eth_call support Based on ethereum/go-ethereum#30926 * refactor: improve EIP-7702 API naming - Rename Authorization to SetCodeAuthorization - Rename SignAuth to SignSetCode with key-first parameter order Based on ethereum/go-ethereum#30933 * fix: rename SetCodeAuthorization 'v' to 'yParity' The API spec requires the name yParity. Based on: - ethereum/go-ethereum@73a4ecf - ethereum/go-ethereum#30936 * refactor: rename AuthList to SetCodeAuthorizations Use SetCode prefix consistently in internal APIs for the authorization list, as a follow-up to SetCodeAuthorization type renaming. Based on ethereum/go-ethereum#30935 * refactor: change SetCodeTx.ChainID to uint256 Change ChainID field type from uint64 to uint256.Int in SetCodeTx and SetCodeAuthorization for consistency with other chain ID handling. Also removes unused json/gencodec tags from signature value fields in DynamicFeeTx, BlobTx, SetCodeTx, and FeeDelegateDynamicFeeTx. Based on ethereum/go-ethereum#30982 * fix: correct chainId check for anzeonSigner Use zero value check for SetCodeTx chainId validation. This aligns with cancunSigner and londonSigner as well. Based on ethereum/go-ethereum#31032 * fix: initialize ChainID in SetCodeTx copy method ChainID should be properly initialized and copied in the copy() method to prevent nil pointer issues during transaction processing. Based on ethereum/go-ethereum#31054 * refactor: remove EXTCODE* special handling for EIP-7702 EXTCODE* opcodes no longer need special overrides for EIP-7702 delegation designators. The delegation designator is now returned as-is. Implements EIPs#9248. Based on ethereum/go-ethereum#31089 * feat: add EIP-7702 SetCode transaction pool support Add SetCode transaction handling to legacypool: - SetCodeTxType validation with Anzeon fork check - Empty authorization rejection - Authority tracking and conflict prevention - Account slot limit for delegated accounts and pending authorizations Note: tx replacement is not supported in go-stablenet. Tests are adjusted to expect ErrAccountLimitExceeded instead of successful replacement. Based on ethereum/go-ethereum#31073 * test: add setCodeTx reorg test Based on ethereum/go-ethereum#31206 * refactor: move setcode tx validation into legacyPool Move authorization-related validations from common validation to legacyPool since these checks are specific to SetCode transactions. Based on ethereum/go-ethereum#31209 * fix: fix error logs flood caused by removeAuthorities Fix removeAuthorities to only iterate tx's authorities instead of all authorities in the pool. Based on ethereum/go-ethereum#31249 * refactor: reduce allocs in transaction signing Add sigHash method to TxData interface and move hash computation into each tx type, reducing allocations during signature operations. Based on ethereum/go-ethereum#31258 * fix: reject gapped tx from delegated account Add checkDelegationLimit to reject transactions with gapped nonces from delegated accounts. Only one in-flight executable transaction is allowed for senders with delegation or pending delegation. Based on ethereum/go-ethereum#31430 * fix: exclude 7702 authorities from eth_createAccessList result Exclude valid EIP-7702 authorities from access list generation result. Based on ethereum/go-ethereum#31336 (which resolves ethereum/go-ethereum#31335) * fix: data race in checkDelegationLimit Add delegationTxsCount method with proper lock to fix data race when accessing auths map in checkDelegationLimit. Based on ethereum/go-ethereum#31475 * feat: add EIP-7702 protection to blobpool Add delegation limit checks to blobpool: - Limit senders with delegation/pending auth to one in-flight tx - Check reserver for authority conflicts - Refactor AddressReserver to Reserver struct with Hold/Release/Has Based on ethereum/go-ethereum#31526 * fix: slot limit check and update comments - Skip slot limit validation for tx replacements (same nonce reuses slot) - Clarify cumulative balance validation skip reason: fee delegation compatibility * fix: allow tx and authority regardless of admission order Check reserver for authority conflicts to make authorization validation independent of admission order. Authorities must not conflict with addresses reserved by other subpools. Based on ethereum/go-ethereum#31373 * fix: fix data race of txlookup access in test Reset txlookup fields directly with proper locking instead of assigning a new lookup object to avoid data race. Based on ethereum/go-ethereum#31641 * feat: allow passing AuthorizationList to eth_call and eth_estimateGas Add AuthorizationList field to CallMsg and toCallArg to support SetCodeTx in eth_call and eth_estimateGas APIs. Based on ethereum/go-ethereum#31198 * fix: fix data race of pricedList access Use Reheap() instead of assigning a new pricedList to avoid data race when clearing pool state. Based on ethereum/go-ethereum#31758 * fix: resolve incorrect prestate for EIP-7702 authority accounts Before: Authority accounts' prestate showed post-authorization code/storage and incorrect balance/nonce due to wrong capture timing After: Authority accounts' prestate correctly reflects state before SetCodeAuthorization is applied - Refactor EVMLogger to pass env in CaptureTxStart instead of CaptureStart - Capture authority accounts before delegation code (0xef0100...) is set - Preserve original code/storage while restoring only gas from balance * feat: prestate tracer lookup EIP-7702 delegation account Parse and lookup the delegation account if EIP-7702 is enabled in prestate tracer. Implements ethereum/go-ethereum#32078 Based on ethereum/go-ethereum#32080 * refactor: expose sigHash as SigHash for SetCodeAuthorization Rename the private sigHash() method to public SigHash() method to enable external signing (e.g., MPC signing). Based on ethereum/go-ethereum#32298 (which resolves ethereum/go-ethereum#32297) * fix: resolve test failures in tracer and blobpool - Add tracer lifecycle calls in runtime package - Fix EIP-7702 and blobpool test configs * Revert "chore: update Go version to 1.21" This reverts commit 71e90d700023db9fc1e0a272d7ffb9207ede738f. * fix: support AuthorizationList in simulated backend gas estimation
eomti-wm
added a commit
to wemixarchive/go-wbft
that referenced
this pull request
Mar 5, 2026
* feat: EIP-7702 Set Code Transaction support (#42) * chore: update Go version to 1.21 * feat: implement EIP-7702 set code transaction type Add support for EIP-7702 (SetCodeTx) which allows EOAs to temporarily delegate their code execution to another account. Changes include: - Add SetCodeTx (type 0x04) transaction type and Authorization struct - Add anzeonSigner for EIP-7702 transaction signing - Implement delegation designator resolution in EVM - Add EIP-7702 specific gas calculation for CALL variants - Update EXTCODE* opcodes to handle delegation designators - Add prestate tracer support for authorization list - Update t8n tool and tests for SetCodeTx Based on ethereum/go-ethereum#30078 * fix: complete EIP-7702 authorization marshaling and eth_call support Based on ethereum/go-ethereum#30926 * refactor: improve EIP-7702 API naming - Rename Authorization to SetCodeAuthorization - Rename SignAuth to SignSetCode with key-first parameter order Based on ethereum/go-ethereum#30933 * fix: rename SetCodeAuthorization 'v' to 'yParity' The API spec requires the name yParity. Based on: - ethereum/go-ethereum@73a4ecf - ethereum/go-ethereum#30936 * refactor: rename AuthList to SetCodeAuthorizations Use SetCode prefix consistently in internal APIs for the authorization list, as a follow-up to SetCodeAuthorization type renaming. Based on ethereum/go-ethereum#30935 * refactor: change SetCodeTx.ChainID to uint256 Change ChainID field type from uint64 to uint256.Int in SetCodeTx and SetCodeAuthorization for consistency with other chain ID handling. Also removes unused json/gencodec tags from signature value fields in DynamicFeeTx, BlobTx, SetCodeTx, and FeeDelegateDynamicFeeTx. Based on ethereum/go-ethereum#30982 * fix: correct chainId check for anzeonSigner Use zero value check for SetCodeTx chainId validation. This aligns with cancunSigner and londonSigner as well. Based on ethereum/go-ethereum#31032 * fix: initialize ChainID in SetCodeTx copy method ChainID should be properly initialized and copied in the copy() method to prevent nil pointer issues during transaction processing. Based on ethereum/go-ethereum#31054 * refactor: remove EXTCODE* special handling for EIP-7702 EXTCODE* opcodes no longer need special overrides for EIP-7702 delegation designators. The delegation designator is now returned as-is. Implements EIPs#9248. Based on ethereum/go-ethereum#31089 * feat: add EIP-7702 SetCode transaction pool support Add SetCode transaction handling to legacypool: - SetCodeTxType validation with Anzeon fork check - Empty authorization rejection - Authority tracking and conflict prevention - Account slot limit for delegated accounts and pending authorizations Note: tx replacement is not supported in go-stablenet. Tests are adjusted to expect ErrAccountLimitExceeded instead of successful replacement. Based on ethereum/go-ethereum#31073 * test: add setCodeTx reorg test Based on ethereum/go-ethereum#31206 * refactor: move setcode tx validation into legacyPool Move authorization-related validations from common validation to legacyPool since these checks are specific to SetCode transactions. Based on ethereum/go-ethereum#31209 * fix: fix error logs flood caused by removeAuthorities Fix removeAuthorities to only iterate tx's authorities instead of all authorities in the pool. Based on ethereum/go-ethereum#31249 * refactor: reduce allocs in transaction signing Add sigHash method to TxData interface and move hash computation into each tx type, reducing allocations during signature operations. Based on ethereum/go-ethereum#31258 * fix: reject gapped tx from delegated account Add checkDelegationLimit to reject transactions with gapped nonces from delegated accounts. Only one in-flight executable transaction is allowed for senders with delegation or pending delegation. Based on ethereum/go-ethereum#31430 * fix: exclude 7702 authorities from eth_createAccessList result Exclude valid EIP-7702 authorities from access list generation result. Based on ethereum/go-ethereum#31336 (which resolves ethereum/go-ethereum#31335) * fix: data race in checkDelegationLimit Add delegationTxsCount method with proper lock to fix data race when accessing auths map in checkDelegationLimit. Based on ethereum/go-ethereum#31475 * feat: add EIP-7702 protection to blobpool Add delegation limit checks to blobpool: - Limit senders with delegation/pending auth to one in-flight tx - Check reserver for authority conflicts - Refactor AddressReserver to Reserver struct with Hold/Release/Has Based on ethereum/go-ethereum#31526 * fix: slot limit check and update comments - Skip slot limit validation for tx replacements (same nonce reuses slot) - Clarify cumulative balance validation skip reason: fee delegation compatibility * fix: allow tx and authority regardless of admission order Check reserver for authority conflicts to make authorization validation independent of admission order. Authorities must not conflict with addresses reserved by other subpools. Based on ethereum/go-ethereum#31373 * fix: fix data race of txlookup access in test Reset txlookup fields directly with proper locking instead of assigning a new lookup object to avoid data race. Based on ethereum/go-ethereum#31641 * feat: allow passing AuthorizationList to eth_call and eth_estimateGas Add AuthorizationList field to CallMsg and toCallArg to support SetCodeTx in eth_call and eth_estimateGas APIs. Based on ethereum/go-ethereum#31198 * fix: fix data race of pricedList access Use Reheap() instead of assigning a new pricedList to avoid data race when clearing pool state. Based on ethereum/go-ethereum#31758 * fix: resolve incorrect prestate for EIP-7702 authority accounts Before: Authority accounts' prestate showed post-authorization code/storage and incorrect balance/nonce due to wrong capture timing After: Authority accounts' prestate correctly reflects state before SetCodeAuthorization is applied - Refactor EVMLogger to pass env in CaptureTxStart instead of CaptureStart - Capture authority accounts before delegation code (0xef0100...) is set - Preserve original code/storage while restoring only gas from balance * feat: prestate tracer lookup EIP-7702 delegation account Parse and lookup the delegation account if EIP-7702 is enabled in prestate tracer. Implements ethereum/go-ethereum#32078 Based on ethereum/go-ethereum#32080 * refactor: expose sigHash as SigHash for SetCodeAuthorization Rename the private sigHash() method to public SigHash() method to enable external signing (e.g., MPC signing). Based on ethereum/go-ethereum#32298 (which resolves ethereum/go-ethereum#32297) * fix: resolve test failures in tracer and blobpool - Add tracer lifecycle calls in runtime package - Fix EIP-7702 and blobpool test configs * Revert "chore: update Go version to 1.21" This reverts commit 71e90d700023db9fc1e0a272d7ffb9207ede738f. * fix: support AuthorizationList in simulated backend gas estimation * internal/ethapi: include AuthorizationList in gas estimation (#33849) Fixes an issue where AuthorizationList wasn't copied over when estimating gas for a user-provided transaction. * test: fix EIP-7702 t8n test expected output * refactor: remove redundant nil check --------- Co-authored-by: vickkkkkyy <vickyaviles847@gmail.com>
gzliudan
added a commit
to gzliudan/XDPoSChain
that referenced
this pull request
Mar 13, 2026
25 tasks
gzliudan
added a commit
to gzliudan/XDPoSChain
that referenced
this pull request
Mar 13, 2026
gzliudan
added a commit
to gzliudan/XDPoSChain
that referenced
this pull request
Mar 17, 2026
gzliudan
added a commit
to gzliudan/XDPoSChain
that referenced
this pull request
Mar 17, 2026
gzliudan
added a commit
to gzliudan/XDPoSChain
that referenced
this pull request
Mar 18, 2026
AnilChinchawale
pushed a commit
to XinFinOrg/XDPoSChain
that referenced
this pull request
Mar 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR proposes a change to the authorizations' validation introduced in commit cdb66c8. These changes make the expected behavior independent of the order of admission of authorizations, improving the predictability of the resulting state and the usability of the system with it.
The current implementation behavior is dependent on the transaction submission order: This issue is related to authorities and the sender of a transaction, and can be reproduced respecting the normal nonce rules.
The issue can be reproduced by the two following cases:
First case
{ from: B, auths [ A ] }: is accepted.{ from: A }: Is accepted: it becomes the one in-flight transaction allowed.Second case
{ from: A }: is accepted{ from: B, auths [ A ] }: is rejected since there is already a queued/pending transaction from A.The expected behavior is that both sequences of events would lead to the same sets of accepted and rejected transactions.
Proposed changes
The queued/pending transactions issued from any authority of the transaction being validated have to be counted, allowing one transaction from accounts submitting an authorization.
Expected behavior
The expected behavior of the authorizations' validation shall be as follows:
Notice that replacement shall be allowed, and behavior shall remain coherent with the table, according to the replaced transaction.