⚠️ Review Standards Track: Core

EIP-6465: SSZ Withdrawals Root

Migration of withdrawals MPT commitment to SSZ

Authors	Etan Kissling (@etan-status), Mikhail Kalinin (@mkalinin)
Created	2023-02-08
Requires	EIP-2718, EIP-4895, EIP-6493

This EIP is in the process of being peer-reviewed. If you are interested in this EIP, please participate using this discussion link.

Abstract
Motivation
Specification
Rationale
- Why typed withdrawal envelopes?
Backwards Compatibility
Security Considerations
Copyright

Abstract

This EIP defines a migration process of the existing Merkle-Patricia Trie (MPT) commitment for withdrawals to Simple Serialize (SSZ).

Motivation

While the consensus ExecutionPayloadHeader and the execution block header map to each other conceptually, they are encoded differently. This EIP aims to align the encoding of the withdrawals_root, taking advantage of the more modern SSZ format. This brings several advantages:

Reducing complexity: The proposed design reduces the number of use cases that require support for Merkle-Patricia Trie (MPT).
Reducing ambiguity: The name withdrawals_root is currently used to refer to different roots. While the execution block header refers to a Merkle Patricia Trie (MPT) root, the consensus ExecutionPayloadHeader instead refers to an SSZ root. With these changes, withdrawals_root consistently refers to the same SSZ root.

Specification

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119 and RFC 8174.

Existing definitions

Definitions from existing specifications that are used throughout this document are replicated here for reference.

Name	SSZ equivalent
`ValidatorIndex`	`uint64`
`Gwei`	`uint64`
`ExecutionAddress`	`Bytes20`
`WithdrawalIndex`	`uint64`

Name	Value
`MAX_WITHDRAWALS_PER_PAYLOAD`	`uint64(2**4)` (= 16)
`TRANSACTION_TYPE_SSZ`	`0x04`

SSZ `Withdrawal` container

The existing consensus Withdrawal SSZ container is used to represent withdrawals.

class Withdrawal(Container):
    index: WithdrawalIndex
    validator_index: ValidatorIndex
    address: ExecutionAddress
    amount: Gwei

Execution block header changes

The execution block header’s withdrawals-root is updated to match the consensus ExecutionPayloadHeader.withdrawals_root.

withdrawals = List[Withdrawal, MAX_WITHDRAWALS_PER_PAYLOAD](
    withdrawal_0, withdrawal_1, withdrawal_2, ...)

block_header.withdrawals_root == withdrawals.hash_tree_root()

Typed withdrawal envelope

A typed withdrawal envelope similar to EIP-2718 is introduced for exchanging withdrawals via the Ethereum Wire Protocol.

withdrawal = {legacy-withdrawal, typed-withdrawal}

Untyped, legacy withdrawals are given as an RLP list as defined in EIP-4895.

legacy-withdrawal = [
    index: P,
    validator-index: P,
    address: B_20,
    amount: P,
]

Typed withdrawals are encoded as RLP byte arrays where the first byte is a withdrawal type (withdrawal-type) and the remaining bytes are opaque type-specific data.

typed-withdrawal = withdrawal-type || withdrawal-data

Networking

When exchanging SSZ withdrawals via the Ethereum Wire Protocol, the following withdrawal envelope is used:

Withdrawal: TRANSACTION_TYPE_SSZ || snappyFramed(ssz(Withdrawal))

Objects are encoded using SSZ and compressed using the Snappy framing format, matching the encoding of consensus objects as defined in the consensus networking specification. As part of the encoding, the uncompressed object length is emitted; the RECOMMENDED limit to enforce per object is 8 + 8 + 20 + 8 (= 44) bytes.

Rationale

This change was originally a candidate for inclusion in Shanghai, but was postponed to accelerate the rollout of withdrawals.

Why typed withdrawal envelopes?

The RLPx serialization layer may not be aware of the fork schedule and the block timestamp when withdrawals are exchanged. The typed withdrawal envelope assists when syncing historical blocks based on RLP and the MPT withdrawals_root.

Backwards Compatibility

Applications that rely on the replaced MPT withdrawals_root in the block header require migration to the SSZ withdrawals_root.

Clients can differentiate between the legacy withdrawals and typed withdrawals by looking at the first byte. If it starts with a value in the range [0, 0x7f] then it is a new withdrawal type, if it starts with a value in the range [0xc0, 0xfe] then it is a legacy withdrawal type. 0xff is not realistic for an RLP encoded withdrawal, so it is reserved for future use as an extension sentinel value.

Security Considerations

None

Copyright

Citation

Please cite this document as:

Etan Kissling (@etan-status), Mikhail Kalinin (@mkalinin), "EIP-6465: SSZ Withdrawals Root [DRAFT]," Ethereum Improvement Proposals, no. 6465, February 2023. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-6465.