A new EVM opcode to read external contract storage data.
|Dominic Letz (@dominicletz), Santiago Palladino (@spalladino)
Table of Contents
This proposal adds a new opcode
0x5c which pops two items from the stack:
<account address> <storage key> and pushes one item:
<storage value>. The gas cost is sum of account access cost and storage read based on EIP-2929 Access Lists.
While any off-chain application can read all contract storage data of all contracts, this is not possible for deployed smart contracts themselves. These are bound to use contract calls for any interaction including reading data from other contracts. This EIP adds an EVM opcode to directly read external contract storage.
The gas cost when reading from registry style contract such as EIP-20s, ENS and other data contracts is very high, because they incur cross contract call cost, cost for ABI encoding, decoding and dispatching and finally loading the data. In many cases the underlying storage that is being queried is though just a simple mapping. On top of that, the view function may SLOAD many other slots which caller may not be interested in, which further adds to the gas costs. In these cases a new
EXTSLOAD call directly accessing the mapping in storage could not only reduce the gas cost of the interaction more than 10x, but also it would make the gas cost predictable for the reading contract.
A new EVM instruction
EXTSLOAD (0x5c) that works like
SLOAD (0x54) but an additional parameter representing the contract that is to be read from.
EXTSLOAD instruction pops 2 values from the stack, first
contract a contract address and then second
slot a storage address within
contract. As result
EXTSLOAD pushes on the stack the value from the contract storage of
contract at the storage
slot address or
0 in case the account
contract does not exist.
Gas to be charged before Verkle Tree change is specified as
ACCOUNT_ACCESS_COST + STORAGE_READ_COST where:
0if the account address is already in
WARM_STORAGE_READ_COSTif storage key is already in
It is important to consider that post Verkle tree change,
ACCOUNT_ACCESS_COST will not be needed since a single account’s storage would be spread across the entire global trie. Hence gas to be charged post Verkle Tree change is just
STORAGE_READ_COST, which is as specified in Gas cost pre-verkle.
- Without this EIP, a contract can still opt-in to make their entire state public, by having a method that simply SLOADs and returns the values (example). The complexity of the gas cost can be seen as
1x CALL cost +
Nx SLOAD cost. Hence, the gas cost specified for using EXTSLOAD opcode on an account for
Ntimes, the charge of
STORAGE_READ_COSTis hereby justified.
- Without this EIP, a contract can still use internal state of other contracts. An external party can supply a value and proof to a contract, which the contract can verify using
BLOCKHASH. This is only possible for the previous blocks and not the latest state (since current blockhash cannot be determined before execution).
- This opcode can be seen as breaking object-oriented (OO) model because it allows to read storage of other contracts. In usual systems using OO is net positive, because there is no limit on machine code and it hardly adds any cost to add more methods or use single method to get a ton of data while the caller needs to just a small portion of data. However on EVM, there are visible costs, i.e. about $0.2 per SLOAD (20 gwei and ETHUSD 2000). Also, OO has caused misleading assumptions for developers where variables marked as “private” in smart contracts are encrypted in some way/impossible to read which has resulted bad designs. Hence, this EIP can be beneficial in terms of making smart contract systems more efficient as well as preventing misconceptions as well.
This change is fully backwards compatible since it adds a new instruction.
- Since the opcode is similar to SLOAD, it should be easy to implement in various clients.
- This opcode allows the callee
Ato re-enter a caller contract
Band read state of
Afrom doing that. Since this does not change any state, it should not be a security issue. Contracts generally use re-entrancy guards, but that is only added to write methods. So even currently without EXTSLOAD,
Band read their state exposed by any view methods and it has not been an issue.
Copyright and related rights waived via CC0.
Please cite this document as:
Dominic Letz (@dominicletz), Santiago Palladino (@spalladino), "EIP-2330: EXTSLOAD opcode [DRAFT]," Ethereum Improvement Proposals, no. 2330, October 2019. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-2330.