Alert Source Discuss
⚠️ Review Standards Track: Core

EIP-6404: SSZ Transactions Root

Migration of transactions MPT commitment to SSZ

Authors Etan Kissling (@etan-status), Vitalik Buterin (@vbuterin)
Created 2023-01-30
Requires EIP-6493, EIP-7495


This EIP defines a migration process of existing Merkle-Patricia Trie (MPT) commitments for transactions to Simple Serialize (SSZ).


While the consensus ExecutionPayloadHeader and the execution block header map to each other conceptually, they are encoded differently. This EIP aims to align the encoding of the transactions_root, taking advantage of the more modern SSZ format. This brings several advantages:

  1. Transaction inclusion proofs: Changing the transaction representation to EIP-6493 Transaction commits to the transaction root hash on-chain, allowing verification of the list of all transaction hashes within a block, and allowing compact transaction inclusion proofs.

  2. Reducing complexity: The proposed design reduces the number of use cases that require support for Merkle-Patricia Trie (MPT), RLP encoding, keccak hashing, and secp256k1 public key recovery.

  3. Reducing ambiguity: The name transactions_root is currently used to refer to different roots. While the execution block header refers to a Merkle Patricia Trie (MPT) root, the consensus ExecutionPayloadHeader instead refers to an SSZ root. With these changes, transactions_root consistently refers to the same SSZ root.


The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119 and RFC 8174.

Consensus ExecutionPayload changes

When building a consensus ExecutionPayload, the transactions list is now based on the Transaction SSZ container. EIP-6493 defines how RLP transactions can be converted to SSZ.

Name Value
MAX_TRANSACTIONS_PER_PAYLOAD uint64(2**20) (= 1,048,576)
class ExecutionPayload(Container):
    transactions: List[Transaction, MAX_TRANSACTIONS_PER_PAYLOAD]

Consensus ExecutionPayloadHeader changes

The consensus ExecutionPayloadHeader is updated for the new ExecutionPayload.transactions definition.

payload_header.transactions_root = payload.transactions.hash_tree_root()

Execution block header changes

The execution block header’s txs-root is updated to match the consensus ExecutionPayloadHeader.transactions_root.

Transaction indexing

While a unique transaction identifier tx_hash is defined for each transaction, there is no on-chain commitment to this identifier for RLP transactions. Instead, transactions are “summarized” by their hash_tree_root.

def compute_tx_root(tx: Transaction) -> Root:
    return tx.hash_tree_root()

Note that for SSZ transactions with tx.signature.type_ == TRANSACTION_TYPE_SSZ, the tx_hash is equivalent to the tx_root. Like the tx_hash, the tx_root remains perpetually stable across future upgrades.

It is RECOMMENDED that implementations introduce indices for tracking transactions by tx_root.


This change enables the use of SSZ transactions as defined in EIP-6493.

Backwards Compatibility

Applications that rely on the replaced MPT transactions_root in the block header require migration to the SSZ transactions_root.

While there is no on-chain commitment of the tx_hash, it is widely used in JSON-RPC and the Ethereum Wire Protocol to uniquely identify transactions. The tx_root is a different identifier and will be required for use cases such as transaction inclusion proofs where an on-chain commitment is required.

Security Considerations


Copyright and related rights waived via CC0.


Please cite this document as:

Etan Kissling (@etan-status), Vitalik Buterin (@vbuterin), "EIP-6404: SSZ Transactions Root [DRAFT]," Ethereum Improvement Proposals, no. 6404, January 2023. [Online serial]. Available: