eof: Remove support for EOF Creation Transaction (#1190)

Author: gumb0

lib/evmone/eof.cpp

@@ -16,6 +16,7 @@
 #include <numeric>
 #include <queue>
 #include <unordered_set>
+#include <variant>
 #include <vector>
 
 namespace evmone
@@ -225,14 +226,84 @@ std::variant<EOFSectionHeaders, EOFValidationError> validate_section_headers(byt
         std::accumulate(section_headers.container_sizes.begin(),
             section_headers.container_sizes.end(), uint64_t{0});
     const auto remaining_container_size = static_cast<uint64_t>(container_end - it);
-    // Only data section may be truncated, so remaining_container size must be at least
-    // declared_size_without_data
+    // Only data section may be truncated, so remaining_container size must be in
+    // [declared_size_without_data, declared_size_without_data + declared_data_size]
     if (remaining_container_size < section_bodies_without_data)
         return EOFValidationError::invalid_section_bodies_size;
+    if (remaining_container_size > section_bodies_without_data + section_headers.data_size)
+        return EOFValidationError::invalid_section_bodies_size;
 
     return section_headers;
 }
 
+std::variant<EOF1Header, EOFValidationError> validate_header(
+    evmc_revision rev, bytes_view container) noexcept
+{
+    if (!is_eof_container(container))
+        return EOFValidationError::invalid_prefix;
+
+    const auto version = get_eof_version(container);
+    if (version != 1)
+        return EOFValidationError::eof_version_unknown;
+
+    if (rev < EVMC_OSAKA)
+        return EOFValidationError::eof_version_unknown;
+
+    // `offset` variable handled below is known to not be greater than the container size, as
+    // checked in `validate_section_headers`. Combined with the requirement for the container
+    // size to not exceed MAX_INITCODE_SIZE (checked before `validate-header` is called),
+    // this allows us to cast `offset` to narrower integers.
+    assert(container.size() <= MAX_INITCODE_SIZE);
+
+    auto section_headers_or_error = validate_section_headers(container);
+    if (const auto* error = std::get_if<EOFValidationError>(&section_headers_or_error))
+        return *error;
+
+    auto& section_headers = std::get<EOFSectionHeaders>(section_headers_or_error);
+
+    const auto header_size = eof_header_size(section_headers);
+
+    const auto type_section_offset = header_size;
+
+    if (section_headers.type_size !=
+        section_headers.code_sizes.size() * EOF1Header::TYPE_ENTRY_SIZE)
+        return EOFValidationError::invalid_type_section_size;
+
+    auto offset = header_size + section_headers.type_size;
+
+    std::vector<uint16_t> code_offsets;
+    code_offsets.reserve(section_headers.code_sizes.size());
+    for (const auto code_size : section_headers.code_sizes)
+    {
+        assert(offset <= std::numeric_limits<uint16_t>::max());
+        code_offsets.emplace_back(static_cast<uint16_t>(offset));
+        offset += code_size;
+    }
+
+    std::vector<uint32_t> container_offsets;
+    container_offsets.reserve(section_headers.container_sizes.size());
+    for (const auto container_size : section_headers.container_sizes)
+    {
+        assert(offset <= std::numeric_limits<uint32_t>::max());
+        container_offsets.emplace_back(static_cast<uint32_t>(offset));
+        offset += container_size;
+    }
+
+    assert(offset <= std::numeric_limits<uint32_t>::max());
+    const auto data_offset = static_cast<uint32_t>(offset);
+
+    return EOF1Header{
+        .version = container[2],
+        .type_section_offset = type_section_offset,
+        .code_sizes = std::move(section_headers.code_sizes),
+        .code_offsets = std::move(code_offsets),
+        .data_size = section_headers.data_size,
+        .data_offset = data_offset,
+        .container_sizes = std::move(section_headers.container_sizes),
+        .container_offsets = std::move(container_offsets),
+    };
+}
+
 EOFValidationError validate_types(bytes_view container, const EOF1Header& header) noexcept
 {
     for (size_t i = 0; i < header.get_type_count(); ++i)
@@ -634,9 +705,6 @@ EOFValidationError validate_eof1(
 
         auto& header = std::get<EOF1Header>(error_or_header);
 
-        if (container.size() > static_cast<size_t>(header.data_offset) + header.data_size)
-            return EOFValidationError::invalid_section_bodies_size;
-
         if (const auto err = validate_types(container, header); err != EOFValidationError::success)
             return err;
 
@@ -756,74 +824,6 @@ bool is_eof_container(bytes_view container) noexcept
     return container.starts_with(EOF_MAGIC);
 }
 
-std::variant<EOF1Header, EOFValidationError> validate_header(
-    evmc_revision rev, bytes_view container) noexcept
-{
-    if (!is_eof_container(container))
-        return EOFValidationError::invalid_prefix;
-
-    const auto version = get_eof_version(container);
-    if (version != 1)
-        return EOFValidationError::eof_version_unknown;
-
-    if (rev < EVMC_OSAKA)
-        return EOFValidationError::eof_version_unknown;
-
-    // `offset` variable handled below is known to not be greater than the container size, as
-    // checked in `validate_section_headers`. Combined with the requirement for the container
-    // size to not exceed MAX_INITCODE_SIZE (checked before `validate-header` is called),
-    // this allows us to cast `offset` to narrower integers.
-    assert(container.size() <= MAX_INITCODE_SIZE);
-
-    auto section_headers_or_error = validate_section_headers(container);
-    if (const auto* error = std::get_if<EOFValidationError>(&section_headers_or_error))
-        return *error;
-
-    auto& section_headers = std::get<EOFSectionHeaders>(section_headers_or_error);
-
-    const auto header_size = eof_header_size(section_headers);
-
-    const auto type_section_offset = header_size;
-
-    if (section_headers.type_size !=
-        section_headers.code_sizes.size() * EOF1Header::TYPE_ENTRY_SIZE)
-        return EOFValidationError::invalid_type_section_size;
-
-    auto offset = header_size + section_headers.type_size;
-
-    std::vector<uint16_t> code_offsets;
-    code_offsets.reserve(section_headers.code_sizes.size());
-    for (const auto code_size : section_headers.code_sizes)
-    {
-        assert(offset <= std::numeric_limits<uint16_t>::max());
-        code_offsets.emplace_back(static_cast<uint16_t>(offset));
-        offset += code_size;
-    }
-
-    std::vector<uint32_t> container_offsets;
-    container_offsets.reserve(section_headers.container_sizes.size());
-    for (const auto container_size : section_headers.container_sizes)
-    {
-        assert(offset <= std::numeric_limits<uint32_t>::max());
-        container_offsets.emplace_back(static_cast<uint32_t>(offset));
-        offset += container_size;
-    }
-
-    assert(offset <= std::numeric_limits<uint32_t>::max());
-    const auto data_offset = static_cast<uint32_t>(offset);
-
-    return EOF1Header{
-        .version = container[2],
-        .type_section_offset = type_section_offset,
-        .code_sizes = std::move(section_headers.code_sizes),
-        .code_offsets = std::move(code_offsets),
-        .data_size = section_headers.data_size,
-        .data_offset = data_offset,
-        .container_sizes = std::move(section_headers.container_sizes),
-        .container_offsets = std::move(container_offsets),
-    };
-}
-
 /// This function expects the prefix and version to be valid, as it ignores it.
 EOF1Header read_valid_eof1_header(bytes_view container)
 {

lib/evmone/eof.hpp

@@ -10,7 +10,6 @@
 #include <cstddef>
 #include <cstdint>
 #include <string_view>
-#include <variant>
 #include <vector>
 
 namespace evmone
@@ -203,7 +202,7 @@ enum class EOFValidationError
 
 enum class ContainerKind : uint8_t
 {
-    /// Container that uses RETURNCODE. Can be used by EOFCREATE/TXCREATE/Creation transaction.
+    /// Container that uses RETURNCODE. Can be used by EOFCREATE/TXCREATE.
     initcode,
     /// Container that uses STOP/RETURN. Can be returned by RETURNCODE.
     runtime,
@@ -213,10 +212,6 @@ enum class ContainerKind : uint8_t
 /// If the prefix is missing or invalid, 0 is returned meaning legacy code.
 [[nodiscard]] uint8_t get_eof_version(bytes_view container) noexcept;
 
-/// Validates the header and returns its representation if successful.
-[[nodiscard]] EVMC_EXPORT std::variant<EOF1Header, EOFValidationError> validate_header(
-    evmc_revision rev, bytes_view container) noexcept;
-
 /// Validates whether given container is a valid EOF according to the rules of given revision.
 [[nodiscard]] EVMC_EXPORT EOFValidationError validate_eof(
     evmc_revision rev, ContainerKind kind, bytes_view container) noexcept;

lib/evmone/instructions_calls.cpp

@@ -5,6 +5,7 @@
 #include "delegation.hpp"
 #include "eof.hpp"
 #include "instructions.hpp"
+#include <variant>
 
 constexpr int64_t MIN_RETAINED_GAS = 5000;
 constexpr int64_t MIN_CALLEE_GAS = 2300;

test/state/errors.hpp

@@ -28,6 +28,7 @@ enum ErrorCode : int
     EMPTY_BLOB_HASHES_LIST,
     INVALID_BLOB_HASH_VERSION,
     BLOB_GAS_LIMIT_EXCEEDED,
+    EOF_CREATION_TRANSACTION,
     CREATE_SET_CODE_TX,
     EMPTY_AUTHORIZATION_LIST,
     INIT_CODE_EMPTY,
@@ -81,6 +82,8 @@ inline const std::error_category& evmone_category() noexcept
                 return "invalid blob hash version";
             case BLOB_GAS_LIMIT_EXCEEDED:
                 return "blob gas limit exceeded";
+            case EOF_CREATION_TRANSACTION:
+                return "EOF initcode in creation transaction";
             case CREATE_SET_CODE_TX:
                 return "set code transaction must not be a create transaction";
             case EMPTY_AUTHORIZATION_LIST:

test/state/host.cpp

@@ -277,42 +277,9 @@ std::optional<evmc_message> Host::prepare_message(evmc_message msg) noexcept
             }
             else
             {
-                assert(msg.kind == EVMC_EOFCREATE);
-                const bytes_view input = {msg.input_data, msg.input_size};
-
-                // Indicator of an EOF creation tx - EVMC_EOFCREATE at depth 0.
-                if (msg.depth == 0)
-                {
-                    // Assert this is a legacy EOF creation tx.
-                    assert(is_eof_container(input));
-                    const auto header_or_error = validate_header(m_rev, input);
-
-                    const auto* header = std::get_if<EOF1Header>(&header_or_error);
-                    if (header == nullptr)
-                        return {};  // Light early exception.
-
-                    if (!header->has_full_data(msg.input_size))
-                        return {};  // Light early exception.
-
-                    const auto container_size =
-                        static_cast<size_t>(header->data_offset) + header->data_size;
-                    // Follows from the header->can_init condition above.
-                    assert(container_size <= msg.input_size);
-
-                    msg.code = msg.input_data;
-                    msg.code_size = container_size;
-                    msg.input_data = msg.input_data + container_size;
-                    msg.input_size = msg.input_size - container_size;
-
-                    if (validate_eof(m_rev, ContainerKind::initcode, {msg.code, msg.code_size}) !=
-                        EOFValidationError::success)
-                        return {};  // Light early exception.
-
-                    msg.recipient = compute_create_address(msg.sender, creation_sender_nonce);
-                }
                 // EOFCREATE or TXCREATE
-                else
-                    msg.recipient = compute_eofcreate_address(msg.sender, msg.create2_salt);
+                assert(msg.kind == EVMC_EOFCREATE);
+                msg.recipient = compute_eofcreate_address(msg.sender, msg.create2_salt);
             }
 
             // By EIP-2929, the access to new created address is never reverted.
@@ -395,7 +362,7 @@ evmc::Result Host::create(const evmc_message& msg) noexcept
         {
             if (m_rev >= EVMC_OSAKA)
             {
-                // Only EOFCREATE/TXCREATE/EOF-creation-tx is allowed to deploy code starting with
+                // Only EOFCREATE/TXCREATE is allowed to deploy code starting with
                 // EF. It must be valid EOF, which was validated before execution.
                 if (msg.kind != EVMC_EOFCREATE)
                     return evmc::Result{EVMC_CONTRACT_VALIDATION_FAILURE};

test/state/state.cpp

@@ -75,7 +75,7 @@ TransactionCost compute_tx_intrinsic_cost(evmc_revision rev, const Transaction&
     static constexpr auto INITCODE_WORD_COST = 2;
     static constexpr auto TOTAL_COST_FLOOR_PER_TOKEN = 10;
 
-    const auto is_create = !tx.to.has_value();  // Covers also EOF creation transactions.
+    const auto is_create = !tx.to.has_value();
 
     const auto create_cost = (is_create && rev >= EVMC_HOMESTEAD) ? TX_CREATE_COST : 0;
 
@@ -186,17 +186,12 @@ int64_t process_authorization_list(
     return delegation_refund;
 }
 
-evmc_message build_message(
-    const Transaction& tx, int64_t execution_gas_limit, evmc_revision rev) noexcept
+evmc_message build_message(const Transaction& tx, int64_t execution_gas_limit) noexcept
 {
     const auto recipient = tx.to.has_value() ? *tx.to : evmc::address{};
 
-    const auto is_legacy_eof_create =
-        rev >= EVMC_OSAKA && !tx.to.has_value() && is_eof_container(tx.data);
-
-    return {.kind = is_legacy_eof_create ? EVMC_EOFCREATE :
-                    tx.to.has_value()    ? EVMC_CALL : // NOLINT(readability-avoid-nested-conditional-operator)
-                                           EVMC_CREATE,
+    return {
+        .kind = tx.to.has_value() ? EVMC_CALL : EVMC_CREATE,
         .flags = 0,
         .depth = 0,
         .gas = execution_gas_limit,
@@ -208,7 +203,8 @@ evmc_message build_message(
         .create2_salt = {},
         .code_address = recipient,
         .code = nullptr,
-        .code_size = 0};
+        .code_size = 0,
+    };
 }
 }  // namespace
 
@@ -531,6 +527,9 @@ std::variant<TransactionProperties, std::error_code> validate_transaction(
     if (rev >= EVMC_SHANGHAI && !tx.to.has_value() && tx.data.size() > MAX_INITCODE_SIZE)
         return make_error_code(INIT_CODE_SIZE_LIMIT_EXCEEDED);
 
+    if (rev >= EVMC_OSAKA && !tx.to.has_value() && is_eof_container(tx.data))
+        return make_error_code(EOF_CREATION_TRANSACTION);
+
     // Compute and check if sender has enough balance for the theoretical maximum transaction cost.
     // Note this is different from tx_max_cost computed with effective gas price later.
     // The computation cannot overflow if done with 512-bit precision.
@@ -634,7 +633,7 @@ TransactionReceipt transition(const StateView& state_view, const BlockInfo& bloc
     if (rev >= EVMC_SHANGHAI)
         host.access_account(block.coinbase);
 
-    auto message = build_message(tx, tx_props.execution_gas_limit, rev);
+    auto message = build_message(tx, tx_props.execution_gas_limit);
     if (tx.to.has_value())
     {
         if (const auto delegate = get_delegate_address(host, *tx.to))

test/statetest/statetest_export.cpp

@@ -49,6 +49,8 @@ namespace evmone::test
         return "TR_BLOBVERSION_INVALID";
     case BLOB_GAS_LIMIT_EXCEEDED:
         return "TR_BLOBLIST_OVERSIZE";
+    case EOF_CREATION_TRANSACTION:
+        return "EOFException.EOFCreationTransaction";
     case UNKNOWN_ERROR:
         return "Unknown error";
     default: