Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Breaking Change to eth_call Behaviour In 1.10.7 #23408

Closed
nlordell opened this issue Aug 17, 2021 · 7 comments
Closed

Breaking Change to eth_call Behaviour In 1.10.7 #23408

nlordell opened this issue Aug 17, 2021 · 7 comments
Labels
type:bug

Comments

@nlordell
Copy link

System information

Geth version: 1.10.7
OS & Version: Windows/Linux/OSX

Expected behaviour

With the release of 1.10.7 which includes #23303, the behaviour of eth_call has changed in non-backwards compatible ways.

Specifically, it was previously possible to use eth_call with a from address that was an account with code. This was useful to simulate a transaction sent from that contract, for example simulating a transaction from a SC wallet. This appears to no longer be possible.

Steps to reproduce the behaviour

Perform an eth_call where the from address is an account with code:

{"jsonrpc":"2.0","method":"eth_call","params":[{"from":"$CONTRACT_ADDRESS","other":"parameters..."},"latest"],"id":0}

And receive an error response:

{"jsonrpc":"2.0","id":0,"error":{"code":-32000,"message":"err: sender not an eoa: address $CONTRACT_ADDRESS, codehash: ... (supplied gas ...)"}}
@rmeissner
Copy link

Same limitation started to apply to the eth_estimateGas rpc, which was not the case before (and is not the case for other nodes)

@MariusVanDerWijden
Copy link
Member

Yes, this is due to EIP-3607 which makes sending transactions from accounts with contract code illegal

@nlordell
Copy link
Author

nlordell commented Aug 17, 2021
edited
Loading

Yes, this is due to EIP-3607

Makes sense. Out of curiosity, once the EIP lands, can the reverse attack also be done? Where a malicious party could search for a CREATE2 address that is an existing EOA to lock it out?

edit: It looks like this was already thought of:

Specifically, if nonce or code is nonzero, then the create-operation fails.

In general the issue was not really a comment about the change in itself, and more that it was included from 1.10.6 to 1.10.7 which was, AFAIU meant a maintenance release and surprised me that a more significant change such as this one was included.

@MicahZoltu
Copy link
Contributor

Yes, this is due to EIP-3607 which makes sending transactions from accounts with contract code illegal

A. 3607 is still in dForraft, not final.
B. 3607 is for executing transactions on chain, the error reported here is for eth_call, eth_estimateGas.
C. I tend to agree with the others, this should have been a major version bump per semver, or at least minor.

@MariusVanDerWijden
Copy link
Member

Yes, we'll fix eth_call and eth_estimateGas to be able to still create transactions from contracts.

@karalabe
Copy link
Member

C. I tend to agree with the others, this should have been a major version bump per semver, or at least minor.

Geth does not follow semver.

@MariusVanDerWijden MariusVanDerWijden mentioned this issue Aug 19, 2021
Closed
@karalabe
Copy link
Member

Fixed in #23424.

@cp0k cp0k mentioned this issue Feb 17, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type:bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

core: only check sendernoeoa in non fake mode ethereum/go-ethereum
6 participants
@ligi @karalabe @MicahZoltu @rmeissner @nlordell @MariusVanDerWijden