Giters

ethereum / tests

Common tests for all Ethereum implementations

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

EIP3541 abort on invalid 0xef header test vectors

winsvega opened this issue · comments

commented

https://eips.ethereum.org/EIPS/eip-3540#contract-creation-restrictions

EIP3541 (Abort on 0xef bytecode)

Keep in mind that in future new versions will become valid. the filler must be adjustable.

0xef fails (all 0xef followed by not 00 fails)

  • check that transaction creation deploy code having first byte as 0xef aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef aborts as if it was invalid opcode
  • check that if code in the state already has 0xef as first byte it is aborted as if it was invalid opcode
    (above rules does not apply to 0xef00 first bytest combination)
  • check that having 0xef in the middle of contract code leads to abort as if it was invalid opcode
  • check that having 0xef00 in the middle of contract code leads to abort as if it was invalid opcode

0xef0000 (version is 0x00,0x02-0xff fails)

  • check that transaction creation deploy code having first byte as 0xef0000 aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef0000 aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef0000 aborts as if it was invalid opcode
  • check that if code in the state already has 0xef0000 as first byte it is aborted as if it was invalid opcode
  • all of above for version 0x02 - 0xff fails (0xef00--)

The below are the EOFv1 version header format check

Must followed by some reasonable body bytes so not to trigger an error of missing body bytes but the actual value range error.

0xef000100 (subsection version is 0x00,0x02-0xff fails)

  • check that transaction creation deploy code having first byte as 0xef000100 aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef000100 aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef000100 aborts as if it was invalid opcode
  • check that if code in the state already has 0xef000100 as first byte it is aborted as if it was invalid opcode
  • check that having 0xef000100 in the middle of contract code leads to abort as if it was invalid opcode
  • all of above for subversion 0x02 - 0xff fails (0xef0001--)

0xef000101 (subsection header invalid)

type_size field validity (0x0000-0x0001-0x0002 is invalid )

  • check that transaction creation deploy code having first byte as 0xef000101---- aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef000101---- aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef000101---- aborts as if it was invalid opcode
  • check that if code in the state already has 0xef000101---- as first byte it is aborted as if it was invalid opcode
  • check that having 0xef000101---- in the middle of contract code leads to abort as if it was invalid opcode (not sure how long futher we should drug this case. just checking that version parser wont accedentially work in legacy code. perhaps is ok to withdraw it)
    where ---- is [0x0000, 0x0001, 0x0002]

kind_code field validity (0x00,0x01,0x03-0xff is invalid)

  • check that transaction creation deploy code having first byte as 0xef0001010003[--] aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef0001010003[--] aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef0001010003[--] aborts as if it was invalid opcode
  • check that if code in the state already has 0xef0001010003[--] as first byte it is aborted as if it was invalid opcode
    where -- is [0x00,0x01,0x03-0xff]

num_code_sections validity (0x0000 is invalid)

  • check that transaction creation deploy code having first byte as 0xef000101000302[----] aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef000101000302[----] aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef000101000302[----] aborts as if it was invalid opcode
  • check that if code in the state already has 0xef000101000302[----] as first byte it is aborted as if it was invalid opcode
    where ---- is [0x0000]

code_size validity (0x0000 is invalid)

  • check that transaction creation deploy code having first byte as 0xef0001010003020001[----] aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef0001010003020001[----] aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef0001010003020001[----] aborts as if it was invalid opcode
  • check that if code in the state already has 0xef0001010003020001[----] as first byte it is aborted as if it was invalid opcode
    where -- is [0x0000]

kind_data validity (only 0x03 is valid)

  • check that transaction creation deploy code having first byte as 0xef00010100030200010001[--] aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef00010100030200010001[--] aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef00010100030200010001[--] aborts as if it was invalid opcode
  • check that if code in the state already has 0xef00010100030200010001[--] as first byte it is aborted as if it was invalid opcode
    where -- is [0x00-0x02, 0x04-0xff]

terminator validity (only 0x00 is valid)

  • check that transaction creation deploy code having first byte as 0xef00010100030200010001030000[--] aborts as if it was invalid opcode (transaction or create fails)
  • check that CREATE creation deploy code having first byte as 0xef00010100030200010001030000[--] aborts as if it was invalid opcode
  • check that CREATE2 creation deploy code having first byte as 0xef00010100030200010001030000[--] aborts as if it was invalid opcode
  • check that if code in the state already has 0xef00010100030200010001030000[--] as first byte it is aborted as if it was invalid opcode
    where -- is [0x01-0xff]

EIP3540 (EOFV1)

EOF Header verification

  • check

Inside transaction creation
Inside contract
In initcode
Inside contract called by EOF code
Inside contract called by Legacy code

Has restricted opcode (callcode/selfdestruct)

It is treated as invalid.

Check that if valid eof code calls subcontract that is not eof and has restricted opcode it is ok.

Check that EOF code follows static context. (Throws on state change)

Check what rules apply (can call restricted opcodes or not, eof rules if any)
If a legacycall delegatecall eof code
If eof code delegatecall legacy

Eof code creates a contract in init code of which is legacy code. Should not be permited.

Check if eof code follows calldepth rules.
E.g. if eof call calls into legacy or eof and so on check that calldepth limit is ok

Check that eof context remain eof (restricted opcodes not permited) if eof code subcalls(delegatecall too) legacy code that goes oog, revert, suicide. After subcall fails the resumed eof code must remain eof. And vice versa if legacy code subcalls eof code and that one reverts or oog, the legacy code continue execution and restricted opcode still permited

commented

Check eof code deployment collision with existing legacy or eof contracts.

Check that every single bytecode except restricted behaive the same way (gas usage state interaction, if gasusage is changed for inside eof, test it too) inside of eof code. Make this test a template because there will be eofv2 or smth.

Check that invalid opcodes and restricted ones inside eof code lead to execution throw.

commented

actually consider translating all existing tests into eof format that should cover most of the cases above as we have this vectors already.

commented

check that transaction creation deploy code having first byte as 0xef000100 aborts as if it was invalid opcode (transaction or create fails)

Note that both initcode and deployed code must be validated (in creation transaction, CREATE and CREATE2).

type_size field validity (0x0000-0x0001-0x0002 is invalid )

Note the typo in current EIP-3540 - minimum possible type_size is 4. Also it must be divisible by 4 and equal to number of code sections * 4.
(See also EOF Unified spec for more concise expression of all rules)

num_code_sections validity (0x0000 is invalid)

Also max number of code sections is 1024.

EOF Header verification
...
Inside contract called by EOF code
Inside contract called by Legacy code

Not that already deployed contracts are valid and don't need validation before execution.

commented

I think we cover many cases of invalid container format in stEIP3540 tests already.

commented

is there a vector list of cases that we can mark as covered? and point to a test?

commented

ok this is a bit too complicated. created a specific test suite to check with exceptions.