Peep an EIP - Native Sponsored Transactions

slides: https://tinyurl.com/peep-an-eip-3074

Who am I?

Sam Wilson�developer for quilt @ consensys ag

twitter: _SamWilsn_�github: SamWilsn

Who Else?

• EIP-3074 is heavily based on work done by any.sender
• Several people have been critical in getting EIP-3074 this far:
• Ansgar Dietrichs
• Christian Reitwiessner
• Martin Holst Swende
• Matt Garnett
• Micah Zoltu
• Patrick McCorry
• Ryan Schneider
• Others I have probably forgotten (sorry!)

What are Sponsored Transactions?

the account paying for gas

!=

the account performing the action

Use Cases

Paying for Gas with Tokens

using non-eth assets like dai or weth to pay for gas

Subsidized dApps

dapps paying for transactions on behalf of their users

Off-Chain Fee Payment

paying for transactions in fiat or other cryptocurrencies

Automated Gas Pricing

resubmitting transactions with optimal gas price

Current Situation

• Sponsored transactions exist, but are emulated:
• Infura Transactions
• any.sender
• OpenGSN�
• No way to set msg.sender so every contract must implement support:
• EIP-2612: extends ERC-20 with permit() which approves via a secp256k1 signature
• EIP-3009: similar, but transfers based on an ERC-712 signature
• EIP-2771: creates a trusted forwarder, to fake msg.sender in supporting contracts�
• Many contracts don’t

EIP-3074: Summary

• Let’s create an EVM instruction CALLFROM
• That works as closely to CALL as we can
• Except it recovers an address from a secp256k1 signature
• And sets msg.sender to that address

that’s all!�thanks for coming.

really?

no, but i love cliché jokes

the details are a bit messier

but not by much!

EIP-3074: Definitions

Sponsor

pays for gas & submits transaction

Sponsee

wants to get a transaction on-chain

Invoker

uses the CALLFROM instruction to call the callee

Callee

what the sponsee ultimately wants to interact with

Externally Owned Accounts

Contracts

off to the eip!

EIP-3074: depthLeft

• The EVM limits the number of nested calls to 1024.
• For every CALL, STATICCALL, etc., the remaining depth is reduced by one.
• CALLFROM ensures that there are at least depthLeft nested calls available to the callee.
• Without depthLeft a malicious sponsor could cause CALLFROM to fail by manipulating the call stack, costing the sponsee their transaction fees (i.e. griefing)
• Recent addition to the EIP

writing an ungriefable invoker has a lot of these edge cases

back to the eip!

EIP-3074: Arguments

CALLFROM

• yParity
• r
• s
• sponsee
• depthLeft
• extra
• gas
• callee
• value
• argsOffset
• argsLength
• retOffset
• retLength

Package�

• type
• invoker
• extra

EIP-3074: Invoker

• Must be trusted
• Enforces The Rules:
• Replay protection
• Gas provided for the callee
• depthLeft
• Value passed to the callee
• callee itself
• Calldata passed to the callee
• Hashes everything together and packs it into extra, to be signed by the sponsee

poorly written or malicious invokers can do pretty much anything with an EOA

back again

EIP-3074: valid vs. success

Valid

sponsor attributable faults

• Recovered address doesn’t match sponsee�
• Insufficient gas left to cover CALLFROM�
• Call stack is too deep to cover depthLeft

Success

sponsee attributable faults

• Callee reverted�
• Out of gas�
• Call depth limit exceeded

sponsor is not reimbursed

sponsor is reimbursed

one more time

EIP-3074: Status

• Nearly ready to move to Review state, though it has received a decent amount of peer review to date.�
• Will be ready before next AllCoreDevs call on March 19^th

Questions?

Relevant Links

• EIP-3074 https://eips.ethereum.org/EIPS/eip-3074
• This Presentation https://tinyurl.com/peep-an-eip-3074

​