Alert Source Discuss
⚠️ Draft Standards Track: Core

EIP-7778: Prevent Block Gas Smuggling

Exclude Discounts & Refunds for Block GasLimit Enforcement

Authors Ben Adams (@benaadams)
Created 2024-10-01
Discussion Link https://ethereum-magicians.org/t/eip-7778-prevent-block-gas-smuggling/21234

Table of Contents

Prevent the circumvention of the block gas limit by excluding certain gas discounts and refunds from block gas accounting, except for those reflecting actual reductions in computational work.

This proposal aims to align the block gas usage with the Ethereum Virtual Machine’s (EVM) real workload, preventing “block gas smuggling.” It complements EIP-7623 by further reducing the maximum block size and its variance, enhancing network stability and efficiency.

Example block 20878522 “uses” 28.5 MGas, but also in that net figure is 4.01 MGas of refunds for a total of 32.51 MGas gross; which is 2.51MGas above the current mainnet block gaslimit.

Abstract

This EIP modifies the gas accounting mechanism to prevent block gas smuggling — situations where transactions include more gas-consuming operations than the block gas limit intends due to gas discounts and refunds.

By excluding these discounts and refunds from block gas limit calculations, except for those corresponding to actual workload reductions (e.g., warm storage accesses, SSTORE reverting to original values), the proposal ensures that the block gas limit accurately reflects the EVM’s computational and storage workload.

It complements EIP-7623, which increases calldata costs for data availability (DA) transactions, by further reducing maximum block sizes and over-the-wire data.

Motivation

Preventing Block Gas Smuggling

  • Current Issue:
    • Gas discounts and refunds can be exploited to include more operations in a block than the block gas limit permits.
    • This “smuggling” allows for oversized blocks, leading to network instability and potential denial-of-service (DoS) vectors.
  • Need for Change:
    • Align block gas accounting with actual EVM workload.
    • Prevent blocks from exceeding intended computational limits.
    • Preserve user incentives for efficient behavior without compromising network performance.

Complementing EIP-7623

  • EIP-7623 Goals:
    • Increase calldata costs for DA-heavy transactions to reduce maximum block size and variance.
    • Encourage the adoption of more efficient data availability solutions (e.g., blobs from EIP-4844).
  • Complementary Approach:
    • By preventing block gas smuggling, we further reduce maximum block sizes and over-the-wire data.
    • Ensure that block gas usage accurately reflects computational workload, enhancing the effectiveness of EIP-7623.

Specification

Gas Cost Adjustments

  1. User Gas Costs:

    • SSTORE Operations:
      • Users receive gas refunds when resetting storage to zero or reverting to original values.
    • Warm vs. Cold Storage Access Costs:
      • Users benefit from lower gas costs for warm storage accesses.

  2. Block Gas Accounting:

    • SSTORE Operations:
      • Setting Storage to Zero:
        • Charged at full cost in block gas accounting without subtracting refunds.
      • Reverting Storage to Original Value:
        • Receive discounts in block gas accounting, reflecting reduced workload (no actual write to storage).
    • Warm vs. Cold Storage Access:
      • Discounts for warm storage accesses are preserved in block gas accounting, as they correspond to reduced computational effort.
    • Other Discounts and Refunds:
      • Exclude any discounts and refunds not associated with actual reductions in computational workload from block gas accounting.

Transaction Gas Calculation (Adjusted)

With EIP-7623 for transactions, the gas used (tx.gasUsed) is calculated as:

tx.gasUsed = {
    21000 \ 
    + 
    max (
        STANDARD_TOKEN_COST * tokens_in_calldata \
           + evm_gas_used \
           + isContractCreation * (32000 + InitCodeWordGas * words(calldata)),
        TOTAL_COST_FLOOR_PER_TOKEN * tokens_in_calldata
    )

With this eip for evm_gas_used the user tx price the gas used remains the same:


tx.evm_gas_used = evm_gas_used - evm_gas_refund

However when calculating the block gas used, the refund is not considered


block.evm_gas_used += evm_gas_used
  • For User Costs:
    • Users pay according to the above formula, reflecting increased costs for DA-heavy transactions.
  • For Block Gas Accounting:
    • Apply the same calculation but exclude discounts and refunds that do not correspond to actual workload reductions.

Block Gas Limit Enforcement

  • Block Gas Usage:
    • The sum of the gas used by all transactions, calculated using the adjusted rules, must not exceed the block gas limit.

Implementation

  • Client Updates:
    • Adjust gas accounting mechanisms to integrate both EIP-7623 and the modified block gas accounting rules.
  • Transaction Processing:
    • Update transaction validation to apply adjusted calldata costs and block gas accounting.

Rationale

Preventing Block Gas Smuggling

  • Aligning Workload with Block Gas Limit:
    • Excluding certain discounts and refunds ensures the block gas limit reflects actual computational and storage workload.
  • Reducing Maximum Block Size and Variance:
    • Prevents oversized blocks that can burden the network.
  • Maintaining User Incentives:
    • Users continue to benefit from discounts that correspond to real workload reductions.
  • Enhancing Network Stability:
    • Accurate gas accounting reduces the risk of network congestion and DoS attacks.

Complementing EIP-7623

  • Enhanced Reduction of Block Size and Over-the-Wire Data:
    • By combining increased calldata costs with adjusted block gas accounting, we effectively reduce maximum block sizes.
  • Encouraging Efficient Data Usage:
    • DA-heavy transactions face higher costs, incentivizing the adoption of efficient data availability methods (e.g., blobs).
  • Minimal Impact on Regular Users:
    • Regular transactions remain largely unaffected in terms of costs and inclusion.

Backwards Compatibility

  • Hard Fork Required:
    • The changes are not backwards compatible and require a scheduled network upgrade.
  • Impact on Users and Developers:
    • Regular users and developers may need minimal adjustments.
    • DA-heavy applications may need to optimize data usage or adopt alternative solutions.

Test Cases

  1. DA-Heavy Transactions:

    • Transactions with large calldata used for DA are charged higher costs.
    • Verify that such transactions cannot cause the block gas usage to exceed limits.

  2. Regular Transactions:

    • Transactions with typical calldata and EVM usage are processed as usual.
    • Ensure that user costs and block gas accounting reflect minimal changes.

  3. SSTORE Operations:

    • Reset to Zero:
      • User receives refunds, but block gas accounting charges full cost.
      • Verify that inclusion adheres to block gas limit.
    • Revert to Original Value:
      • Discounts apply in both user costs and block gas accounting.
      • Ensure block gas usage reflects reduced workload.

  4. Warm vs. Cold Storage Accesses:

    • Discounts for warm accesses are preserved in both user costs and block gas accounting.
    • Verify accurate representation of computational effort.

  5. Blocks Near Gas Limit:

    • Construct blocks to test the new gas limit enforcement.
    • Ensure correct processing without exceeding limits.

Security Considerations

  • Network Stability:
    • Ensures block gas limits accurately represent the workload, preventing network overload.
  • Mitigating DoS Risks:
    • Reduces attack vectors that exploit gas discounts to overload the network.

Copyright and related rights waived via CC0 1.0 Universal.

Citation

Please cite this document as:

Ben Adams (@benaadams), "EIP-7778: Prevent Block Gas Smuggling [DRAFT]," Ethereum Improvement Proposals, no. 7778, October 2024. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-7778.