Releases: eosnetworkfoundation/eos-evm-contract
EOS EVM Contract v1.0.0-rc1
Introduction
The latest release candidate of EOS EVM introduces support for Shanghai and London Hard Fork and their comprised features along with a new dynamic gas fee algorithm to more accurately price transactions for underlying resource costs involved.
This release contains changes to silkworm, eos-evm-contract, eos-evm-node, and eos-evm-miner.
Read on for more details.
New features
London Fork Compatibility
EIP-1559: Transaction Fee Reform
PRs
A critical component of the London Hard Fork is EIP-1559, which introduces a new transaction fee mechanism. This update changes how gas fees are handled on the EOS EVM network with new components including a base fee and priority fee combined to calculate the overall cost of a transaction based on units of gas used.
Base fee
The base fee, implemented as the base_fee_per_gas, is the minimum fee required for a transaction to be included in a block. This fee is burned in the Ethereum implementation, but is instead credited to the contract for EOS EVM. The base_fee_per_gas is now part of the block header information and is returned in both eth_getBlockByNumber and eth_getBlockByHash API calls.
Priority fee
The priority fee, implemented as the inclusion_price, is a fee historically designed so that users can pay to miners to incentivize them to prioritize their transactions over others. In EOS EVM, the priority fee does not prioritize transactions. Instead, it is a fee set by the miner to cover their costs for processing the transaction and pushing it into the network. This fee goes directly to the miner and is not burned.
The priority fee or inclusion_price can be calculated as min(max_priority_fee_per_gas, max_fee_per_gas - base_fee_per_gas).
Max fee
Users may now specify a maximum fee they are willing to pay for the sum of base and priority fees. If the max fee is higher than the sum of the base fee and the priority fee, the difference is refunded to the user. This ensures users don't overpay beyond what is necessary to get their transactions processed.
Overall transaction fee
The overall cost of a transaction fee utilizes a price per gas unit implemented as the effective_gas_price, which can be calculated as
inclusion_price + base_fee_per_gas. The overall cost of any given transaction is then calculated as the product ofeffective_gas_price * gas_used.
Fee distribution
The fees associated with transactions are now distributed to where the contract receives base_fee_per_gas*gas_used and the miner receives inclusion_price*gas_used.
Feature activation for wallet users
The flag for the EIP-1559 network support is cached, so users will have to refresh their network selection by changing the active network to another network and go back to eos-evm in order for many common wallets like Metamask to start sending EIP-1559 transactions.
Shanghai Fork Compatibility
PUSH0 Opcode Support
Support has been added for the PUSH0 opcode as introduced in the Shanghai Hard Fork. This opcode pushes a zero onto the stack, optimizing certain types of smart contract code and potentially reducing gas costs for operations that frequently use zero values.
Gas Fee Algorithm Enhancements
A new gas fee algorithm has been introduced to alleviate challenges with a prior one-size-fits-all gas fee structure. Because the previous method used to calculate gas fees did not account for the varying computational resources required by transactions, many transactions were priced higher than their resource costs for the safety of the network.
To accomplish this, five new parameters are now tracked including:
- Additional gas consumed when creating a new non-contract account due to a message-call transaction that sends positive value to an empty account. This value defaults to 0 and is denoted as
G_txnewaccount. - Additional gas consumed when creating a new non-contract account due to the
CALLorSELFDESTRUCTopcodes. This value defaults to to 25000 and is denoted asG_newaccount. - Static gas consumed in the
CREATEandCREATE2opcodes and also acts as the additional gas consumed in a contract-creating transaction. This value defaults to 32000 and is denotedG_txcreate. - Factor that multiplies the deployed code size within
CREATEandCREATE2opcodes, as well as contract-creating transactions, to determine the code deposit cost. This value defaults to 200 and is denoted asG_codedeposit. - Gas consumed when an
SSTOREopcode causes the storage value to go from zero to non-zero. This value defaults to 20000 and is denoted asG_sset.
These five new parameters can be calculated as follows:
G_txnewaccount=account_bytes * gas_per_byteG_newaccount=account_bytes * gas_per_byteG_txcreate=contract_fixed_bytes * gas_per_byteG_codedeposit=gas_per_byteG_sset= 2900 +storage_slot_bytes * gas_per_byte
Each of these five parameters are accounted for an stored when establishing an updated gas cost.
General Hard Fork Solution
EOS EVM now officially supports multiple versions and the ability to perform a hard forks when required for future versions such as London Hard Fork detailed above.
This release implements a linear versioning system for EOS EVM hard forks, mapping each EOSEVM version to a corresponding EVMC revision:
| EOSEVM Version | EVMC Revision |
|---|---|
| 0 | ISTANBUL |
| 1 | SHANGHAI |
Note: for this release, EOS EVM is moving directly from Instanbul to Shanghai, including all support for London Hard Fork within that version.
Bug fixes
Allow transfer of non-EOS tokens out of contract account
PRs
Previously, only EOS was capable of being moved out of the contract account in order to be utilized for operational costs. Recent updates now allow other token types to be transferred out of the account.
Other changes
Dynamically support different base token via init
The initial work required in the contract to support different base tokens for EOS EVM is introduced in this release. Full support for this feature across other related repos will be part of a future release.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build EOS EVM Contract.
Compatibility and upgrading
EOS EVM Contract can be upgraded from the prior 0.6.0 version by simply deploying the WASM and ABI.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
- (665)[0.6 -> main] Bump 0.6.0 version
- (667) fix unittest compile error, explicitly set inline action size to 4kB
- (675) [0.6] Allow transfer non-EOS tokens out.
- (676) [0.6->main] Allow transfer non-EOS tokens out
- (665) [0.6 -> main] Bump 0.6.0 version
- (667) fix unittest compile error, explicitly set inline action size to 4kB
- (675) [0.6] Allow transfer non-EOS tokens out.
- (676) [0.6->main] Allow transfer non-EOS tokens out
- (677) Add support for EOSEVM version
- (681) use libtester 5.0 in CI; use ubuntu 22.04 for CI...
Contributors
Assets 2
EOS EVM Contract v0.6.0
This release rearranges how EOS EVM components are organized within the eos-evm repository. This repository now only contains the EOS EVM Contract which has been upgraded to provide new functionality in support of an enhanced Trustless Bridge.
New features
Enhancements to the Trustless Bridge
Prior to this release, the Trustless Bridge of the EOS EVM only supporting the EOS token between the EVM and EOS environments.
This release adds two new mechanism which provide the foundation necessary for other components to expand the Trustless Bridge far beyond its initial capabilities:
callaction- Bridge messages
The release of EOS EVM Bridge Contracts demonstrates how these mechanisms can be used to enable other tokens on EOS such as USDT to be moved across the Trustless Bridge to the EOS EVM side and then back to to the EOS Native side.
call action
The EOS EVM Contract now has a new action named call which is similar to a pushtx except that it can be called by an EOS account under the authority of that account. For example, an EOS account test could use the call action to send an EVM transaction that came from the reserved address that maps to the test account. The funds to pay for the gas and any value of the EVM transaction comes from the open balance of the test account within the EOS EVM Contract.
Bridge messages
This release of EOS EVM Contract also introduces the mechanism of bridge messages.
Calls to the reserved address mapped to the eosio.evm account with non-empty call data will now be treated with stricter validation. They must match a function signature that is used to emit new bridge messages on the EOS Native side. If the call data does not appropriately encode the expected function call, the EOS transaction will abort.
Assuming the encoding is correct, further validation is done by the EOS EVM Contract. The receiver account specified in the function call must be registered as a receiver in the EOS EVM Contract. Furthermore, if it enforces a minimum fee, the value transferred alongside the call to the reserved address mapped to the eosio.evm account must be no less than minimum fee specified by the registered receiver. If these conditions are not met, the EOS transaction will abort.
If the conditions are met, a onbridgemsg inline action is sent by EOS EVM Contract to the handler account specified by the registered receiver which contains the data relevant to the emitted bridge message.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build EOS EVM Contract.
Compatibility and upgrading
EOS EVM Contract can be upgraded from the prior 0.5.2 version by simply deploying the WASM and ABI.
Feature lifecycle updates
Removals
TX-Wrapper removed
TX-Wrapper was deprecated in the 0.5.2 release and has now been removed. Users are recommended to switch to eos-evm-miner instead.
EOS EVM Node and EOS EVM RPC moved
EOS EVM Node and EOS EVM RPC have been removed from this repository. They are still supported but now live in their own eos-evm-node repository.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
- (564) Remove SSH URL for git submodules
- (520) update contract unit tests to work with libtester from leap's main branch
- (561) Update nonce description in deployment docs
- (380) Add scripts to measure EVM contract performance
- (595) [0.5 -> main] EstimateGasOracle: fix estimate_gas; Return better result when accessed by GET
- (599) [0.5->main]Handle transfers from reserved address in the same way as other places
- (580) Fix documentation
- (623) [0.5 -> main] Enforce chain-id in transactions pushed to the contract
- (628) Repository refactor
- (639) Reduce artifact size remove obj
- (634) Add call actions
- (641) Update silkworm submodule
- (643) Bridge basic message emission (2)
- (646) Add assertnonce action.
- (647) Add handler option to bridge message feature.
- (652) [0.5 -> main] Change account id generation logic
- (654) [0.5 -> main] Add admin actions
- (656) [0.5 -> main] Correct processing of pushtx actions in ship_receiver_plugin
- (658) [0.5 -> main] bump version 0.5.2
- (659) Update silkworm
- (660) Bump 0.6.0-rc1 version
- (664) [0.6] Bump 0.6.0 version
Full Changelog: v0.5.2...v0.6.0
Contributors
Assets 2
EOS EVM Contract v0.6.0-rc1
This release rearranges how EOS EVM components are organized within the eos-evm repository. This repository now only contains the EOS EVM Contract which has been upgraded to provide new functionality in support of an enhanced Trustless Bridge.
New features
Enhancements to the Trustless Bridge
Prior to this release, the Trustless Bridge of the EOS EVM only supporting the EOS token between the EVM and EOS environments.
This release adds two new mechanism which provide the foundation necessary for other components to expand the Trustless Bridge far beyond its initial capabilities:
callaction- Bridge messages
The release of EOS EVM Bridge Contracts demonstrates how these mechanisms can be used to enable other tokens on EOS such as USDT to be moved across the Trustless Bridge to the EOS EVM side and then back to to the EOS Native side.
call action
The EOS EVM Contract now has a new action named call which is similar to a pushtx except that it can be called by an EOS account under the authority of that account. For example, an EOS account test could use the call action to send an EVM transaction that came from the reserved address that maps to the test account. The funds to pay for the gas and any value of the EVM transaction comes from the open balance of the test account within the EOS EVM Contract.
Bridge messages
This release of EOS EVM Contract also introduces the mechanism of bridge messages.
Calls to the reserved address mapped to the eosio.evm account with non-empty call data will now be treated with stricter validation. They must match a function signature that is used to emit new bridge messages on the EOS Native side. If the call data does not appropriately encode the expected function call, the EOS transaction will abort.
Assuming the encoding is correct, further validation is done by the EOS EVM Contract. The receiver account specified in the function call must be registered as a receiver in the EOS EVM Contract. Furthermore, if it enforces a minimum fee, the value transferred alongside the call to the reserved address mapped to the eosio.evm account must be no less than minimum fee specified by the registered receiver. If these conditions are not met, the EOS transaction will abort.
If the conditions are met, a onbridgemsg inline action is sent by EOS EVM Contract to the handler account specified by the registered receiver which contains the data relevant to the emitted bridge message.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build EOS EVM Contract.
Compatibility and upgrading
EOS EVM Contract can be upgraded from the prior 0.5.2 version by simply deploying the WASM and ABI.
Feature lifecycle updates
Removals
TX-Wrapper removed
TX-Wrapper was deprecated in the 0.5.2 release and has now been removed. Users are recommended to switch to eos-evm-miner instead.
EOS EVM Node and EOS EVM RPC moved
EOS EVM Node and EOS EVM RPC have been removed from this repository. They are still supported but now live in their own eos-evm-node repository.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
- (564) Remove SSH URL for git submodules
- (520) update contract unit tests to work with libtester from leap's main branch
- (561) Update nonce description in deployment docs
- (380) Add scripts to measure EVM contract performance
- (595) [0.5 -> main] EstimateGasOracle: fix estimate_gas; Return better result when accessed by GET
- (599) [0.5->main]Handle transfers from reserved address in the same way as other places
- (580) Fix documentation
- (623) [0.5 -> main] Enforce chain-id in transactions pushed to the contract
- (628) Repository refactor
- (639) Reduce artifact size remove obj
- (634) Add call actions
- (641) Update silkworm submodule
- (643) Bridge basic message emission (2)
- (646) Add assertnonce action.
- (647) Add handler option to bridge message feature.
- (652) [0.5 -> main] Change account id generation logic
- (654) [0.5 -> main] Add admin actions
- (656) [0.5 -> main] Correct processing of pushtx actions in ship_receiver_plugin
- (658) [0.5 -> main] bump version 0.5.2
- (659) Update silkworm
- (660) Bump 0.6.0-rc1 version
Full Changelog: v0.5.2...v0.6.0-rc1
Contributors
Assets 2
EOS EVM v0.5.2 Release Notes
This release fixes several security vulnerabilities discovered in EOS EVM Contract and EOS EVM Node.
Components
EOS EVM Contract
Prevent account ID reuse
The use of available_primary_key from multi_index to determine the internal account ID of a new EVM account was undesirable because that internal account ID would be reused by new EVM account after the previous account that was using that ID destroyed itself via the SELFDESTRUCT EVM opcode.
But this undesired behavior actually was a security issue due to another design decision in EOS EVM Contract to delay clean up of contract account state to later calls of the gc action; this design decision needed to be made due to the limitation that EOS transaction execution time is tightly bounded but the same is not true for the number of storage slots that an EVM contract may have accumulated over time. The design of delaying garbage collection of a self-destructed contract storage for later was safe under the assumption that internal account IDs would never be reused. Unfortunately, due to the way internal account IDs for new accounts were generated, that assumption did not hold.
The fix to the security issue is actually very simple: keep track of the next internal account ID to use and increment it after create a new account. This change fixes the security issue for the EOS EVM Contract going forward.
However, the bug could easily be triggered (even inadvertently) causing a newly deployed EVM contract to inherit the state of an unrelated EVM contract that self-destructed earlier. One caveat is that no new externally-owned accounts would need to be created between the self-destruction of one contract and the creation of a new contract account. Unfortunately, both mainnet and testnet had at least one account that triggered the undesired state inheritance side-effect which led to deviations in EVM state from what was intended y the EVM protocol.
So, this security release also includes new administrative actions to correct aspects of the EVM state.
Note: The administrative actions have already been used to correct unwanted state differences on both testnet and mainnet. Additionally, the account ID reuse bug has already been patched on both testnet and mainnet.
Admin actions to correct state in EOS EVM
It is always possible for issues to arise due to bugs within the EOS EVM Contract that causes it to deviate from the intended behavior of the EVM protocol. This can lead to the state in the contract deviating from what it should be and deviating from what the state in the EOS EVM Node. So, it is desirable to have administrative actions, which can only be used by the same authority that can change the code of the EOS EVM Contract, to correct faulty state.
This deviation of state already occurred on both testnet and mainnet from transactions that inadvertently triggered the undesired state inheritance side-effect due to the account ID reuse bug mentioned above. So some of the admin actions introduced in this release were essential for properly resolving the impact due to security bug on both testnet and mainnet. This is also why these admin actions were introduced in the security patch despite technically being a new feature and not a bug fix.
EOS EVM Node and RPC
Correct processing of pushtx actions in ship_receiver_plugin
A bug was identified in EOS EVM Node which could cause it to process a different sequence of EVM transactions than the one processed by the EOS EVM Contract.
Because the state computed by EOS EVM Node is used by EOS EVM RPC to process read requests for the EOS EVM state (e.g. executing view functions), it is possible that vulnerable EOS EVM Nodes could provide responses that deviate from the intended result that would be computed by EOS EVM Contract (e.g. via its exec function).
It is critical that operators of EOS EVM Node upgrade their software to avoid returning incorrect responses to read requests. A proper upgrade to fix this issue requires that EOS EVM Node replay the virtual blockchain generated from genesis of EOS EVM.
Note: The EOS EVM Nodes operated by the ENF which serve the RPC requests to the https://api.evm.eosnetwork.com/ (for mainnet) and https://api.testnet.evm.eosnetwork.com/ (for testnet) endpoints have already been upgraded.
Feature lifecycle updates
Deprecations
TX-Wrapper
TX-Wrapper has been deprecated with plans to remove and replace with eos-evm-miner for the release of EOS EVM v0.6.0.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build the components.
Compatibility and upgrading
The components can be upgraded from the 0.5.0 and 0.5.1 releases.
EOS EVM Node binaries should be replaced and relaunched with a full replay from the EOS EVM genesis.
Assuming the state inheritance side-effect has not been triggered on the target network, the EOS EVM Contract can be upgraded by deploying the new WASM and ABI and then creating a new account. On a fresh network, simply deploying the contract with the fix is sufficient and there is no need to even create the new account.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
Full Changelog: v0.5.1...v0.5.2
Contributors
Assets 2
EOS EVM v0.5.1 Release Notes
This release fixes a security vulnerability discovered in EOS EVM Contract. EOS EVM RPC has also been updated with an unrelated bug fix.
Components
EOS EVM Contract
Enforce ChainID in transactions
According to EIP-155, a transaction must have a (matched) ChainID for replay protection. However, prior to this release, the ChainID in a transaction was only checked if it was provided.
This release of EOS EVM Contract enforces that the transaction pushed to the EOS EVM includes a valid ChainID. Exceptions are only made for transactions that are internally generated by the EOS EVM Contract itself since there is no concern of replay attacks for such transactions (they do not even contain valid signatures).
EOS EVM Node and RPC
Handle transfers to reserved addresses consistently in EOS EVM RPC
EOS EVM RPC processed transactions involving a transfer from a reserved address differently than the other components which could lead to several trace functions to fail. This release fixes that bug as well.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build the components.
Compatibility and upgrading
The components can be upgraded from the 0.5.0 release.
The EOS EVM Contract is simply upgrading by deploying the WASM and ABI.
EOS EVM Node and EOS EVM RPC binaries can be replaced and relaunched (no replay required). There is also no need to upgrade the EOS EVM Node since the only change to it is the reported version number.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
Full Changelog: v0.5.0...v0.5.1
Contributors
Assets 2
EOS EVM v0.5.0 Release Notes
This release contains changes to all major components of the EOS EVM.
Components
EOS EVM Contract
Action to execute read-only transactions
The EOS EVM contract now has a new action called exec which allows the caller to execute EVM code and get the return value. No side-effects will be committed to state and this action is intended to be used for read-only executions, e.g. calling Solidity view functions.
There are two ways of getting the return value. If no callback is specified in the arguments of the exec action, then the EVM contract message call return value will be included as part of the return value of the exec action. Otherwise, if a callback (of the form of a contract account name and action name) is specified, the EOS EVM Contract will deliver the return value as an inline action call made to contract specified in the callback.
This feature is a necesssary component for Yield+ integration with the EOS EVM.
Increased stack size to allow deeper nested calls
The EOS EVM Contact has a limit on the stack used within WASM linear memory. This puts a limit to how deeply nested EVM contract calls can get within the EVM implementation before it runs out of stack.
The stack limit in prior releases allow nested calls to get to a depth of 5. Optimizations in the EOS EVM Contract implementation have allowed for almost doubling the stack size which has correspondingly increased the EVM call depth limit by a significant amount thus enabling contract use cases that may have been rejected before.
Other improvements to the EOS EVM Contract
PRs
The inevm table now shows up in the ABI which should allow for easy exploration of the total sum of the EOS balances within the EVM environment using an EOS block explorer. Note that this balance does not include any of the other balances held by the EOS EVM Contract on the EOS side, e.g. the accumulated gas fees in the eosio.evm balances or the balances of miners who have explicitly opened an account in the contract using the open action.
The withdraw action has been modified to take an optional extra argument called to. Normally, when to is not specified, the funds beloging to the owner are withdraw to the balance within the eosio.token contract belonging to owner. If to is specified, then the funds are instead sent to the to account.
The EOS EVM Contract will now reject any non-EOS tokens, e.g. USDT, that are sent to it. As a reminder, the trustless bridge does not yet support any tokens other than EOS.
A more descriptive error message is now returned if validation of a pushed EVM transaction fails.
EOS EVM Node and RPC
Various bug fixes
PRs
A bug in the history index of EOS EVM Node was fixed. This bug caused the block explorer to show incorrect records. To resolve this issue in an already deployed instance, it is necessary to replay the EOS EVM Node and then it is necessary to re-index the block explorer that used data from the buggy EOS EVM Node.
Additional bugs in EOS EVM RPC were fixed. An eth_call request without an explicit from value specified now works correctly. Gas estimation now returns expected responses under certain error conditions, and other fixes were made to gas estimation in EOS EVM RPC.
TX-Wrapper
Configurable permission and expiration
Prior to this release, TX-Wrapper had a hard-coded expiration for the EOS wrapped transaction set to 50 minutes in the future. In this release, the expiration time is configurable with the optional EXPIRE_SEC parameter (takes the expiration duration in seconds). If not specified, the expiration time will default to 5 minutes.
TX-Wrapper also now requires an additional parameter EOS_PERMISSION to set the permission to use for the miner's authorization of the pushtx action. To maintain existing behavior, ensure this parameter is set to "active". The permission can be changed to a custom permission on the account specified by EOS_SENDER. However, ensure that linkauth is used to allow that custom permission to satisfy the pushtx action of the EOS EVM Contract, otherwise TX-Wrapper will not function correctly.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build the components.
Compatibility and upgrading
The components can be upgraded from any prior 0.4.x release.
The EOS EVM Contract is simply upgrading by deploying the WASM and ABI.
EOS EVM Node needs to replay from genesis. Block explorers leveraging data from EOS EVM Node are recommended to re-index.
The .env file used by TX-Wrapper should first ensure the line EOS_PERMISSION="active" is added before starting the new TX-Wrapper to ensure it can start up and behave the same way as before.
Deprecations, removals, and dropped support
TX-Wrapper deprecated
TX-Wrapper has been deprecated and will be removed in a future release. Users are recommended to switch to eos-evm-miner instead.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
- (505) [0.4 -> main] Bring recent 0.4.x changes into main. Bump version to 0.5.0
- (508) [0.4 -> main] add missing nginx log settings
- (511) Update README to include links to EOS EVM docs and evm-public-docs
- (503) configurable permission in tx_wrapper
- (522) Remove flask_proxy
- (532) evmone version
- (534) [0.4 -> main] Enable keep alive to read and test endpoint
- (538) [0.4 -> main] fix silkworm stability
- (521) fix #465 #451 extra param for withdraw, inevm table abi
- (544) Reject non eos token in bridging
- (546) add some additional tests for invalid addresses in EOS->EVM bridge memos
- (550) more briging tests
- (474) Remove advanced execution to increase nested call level
- (553) eth_call: use default from address when not specified
- (555) Fix Wrong History Index
- (557) Fix gas estimation return value
- (541) Return error number and more descriptive message when validation failed
- (547) Add read-only transaction execution support to EVM contract
- (593) [0.5] EstimateGasOracle: fix estimate_gas
- (594) [0.5] Return better result when accessed by GET
Full Changelog: v0.4.2...v0.5.0
Contributors
Assets 2
EOS EVM v0.5.0-rc1 Release Notes
This release contains changes to all major components of the EOS EVM.
Components
EOS EVM Contract
Action to execute read-only transactions
The EOS EVM contract now has a new action called exec which allows the caller to execute EVM code and get the return value. No side-effects will be committed to state and this action is intended to be used for read-only executions, e.g. calling Solidity view functions.
There are two ways of getting the return value. If no callback is specified in the arguments of the exec action, then the EVM contract message call return value will be included as part of the return value of the exec action. Otherwise, if a callback (of the form of a contract account name and action name) is specified, the EOS EVM Contract will deliver the return value as an inline action call made to contract specified in the callback.
This feature is a necesssary component for Yield+ integration with the EOS EVM.
Increased stack size to allow deeper nested calls
The EOS EVM Contact has a limit on the stack used within WASM linear memory. This puts a limit to how deeply nested EVM contract calls can get within the EVM implementation before it runs out of stack.
The stack limit in prior releases allow nested calls to get to a depth of 5. Optimizations in the EOS EVM Contract implementation have allowed for almost doubling the stack size which has correspondingly increased the EVM call depth limit by a significant amount thus enabling contract use cases that may have been rejected before.
Other improvements to the EOS EVM Contract
PRs
The inevm table now shows up in the ABI which should allow for easy exploration of the total sum of the EOS balances within the EVM environment using an EOS block explorer. Note that this balance does not include any of the other balances held by the EOS EVM Contract on the EOS side, e.g. the accumulated gas fees in the eosio.evm balances or the balances of miners who have explicitly opened an account in the contract using the open action.
The withdraw action has been modified to take an optional extra argument called to. Normally, when to is not specified, the funds beloging to the owner are withdraw to the balance within the eosio.token contract belonging to owner. If to is specified, then the funds are instead sent to the to account.
The EOS EVM Contract will now reject any non-EOS tokens, e.g. USDT, that are sent to it. As a reminder, the trustless bridge does not yet support any tokens other than EOS.
A more descriptive error message is now returned if validation of a pushed EVM transaction fails.
EOS EVM Node and RPC
Various bug fixes
PRs
A bug in the history index of EOS EVM Node was fixed. This bug caused the block explorer to show incorrect records. To resolve this issue in an already deployed instance, it is necessary to replay the EOS EVM Node and then it is necessary to re-index the block explorer that used data from the buggy EOS EVM Node.
Additional bugs in EOS EVM RPC were fixed. An eth_call request without an explicit from value specified now works correctly. Gas estimation now returns expected responses under certain error conditions.
TX-Wrapper
Configurable permission and expiration
Prior to this release, TX-Wrapper had a hard-coded expiration for the EOS wrapped transaction set to 50 minutes in the future. In this release, the expiration time is configurable with the optional EXPIRE_SEC parameter (takes the expiration duration in seconds). If not specified, the expiration time will default to 5 minutes.
TX-Wrapper also now requires an additional parameter EOS_PERMISSION to set the permission to use for the miner's authorization of the pushtx action. To maintain existing behavior, ensure this parameter is set to "active". The permission can be changed to a custom permission on the account specified by EOS_SENDER. However, ensure that linkauth is used to allow that custom permission to satisfy the pushtx action of the EOS EVM Contract, otherwise TX-Wrapper will not function correctly.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build the components.
Compatibility and upgrading
The components can be upgraded from any prior 0.4.x release.
The EOS EVM Contract is simply upgrading by deploying the WASM and ABI.
EOS EVM Node needs to replay from genesis. Block explorers leveraging data from EOS EVM Node are recommended to re-index.
The .env file used by TX-Wrapper should first ensure the line EOS_PERMISSION="active" is added before starting the new TX-Wrapper to ensure it can start up and behave the same way as before.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
- (505) [0.4 -> main] Bring recent 0.4.x changes into main. Bump version to 0.5.0
- (508) [0.4 -> main] add missing nginx log settings
- (511) Update README to include links to EOS EVM docs and evm-public-docs
- (503) configurable permission in tx_wrapper
- (522) Remove flask_proxy
- (532) evmone version
- (534) [0.4 -> main] Enable keep alive to read and test endpoint
- (538) [0.4 -> main] fix silkworm stability
- (521) fix #465 #451 extra param for withdraw, inevm table abi
- (544) Reject non eos token in bridging
- (546) add some additional tests for invalid addresses in EOS->EVM bridge memos
- (550) more briging tests
- (474) Remove advanced execution to increase nested call level
- (553) eth_call: use default from address when not specified
- (555) Fix Wrong History Index
- (557) Fix gas estimation return value
- (541) Return error number and more descriptive message when validation failed
- (547) Add read-only transaction execution support to EVM contract
Full Changelog: v0.4.2...v0.5.0-rc1
Contributors
Assets 2
EOS EVM v0.4.2 Release Notes
This release fixes a critical security vulnerability discovered in EOS EVM. The components EOS EVM Contract, EOS EVM Node, and EOS EVM RPC must all be upgraded.
Components
EOS EVM Contract
The security vulnerability is related to the state objects tracking the reserved addresses of the trustless bridge and how they were not properly being undone in the case of an EVM execution context being reverted. If exploited, it could potentially allow an attacker to illegitimately drain all of the EOS stored by the EOS EVM Contract across the trustless bridge.
This vulnerability has already been patched in the deployment of EOS EVM on the EOS mainnet. It has also been patched in the deployment of EOS EVM on the Jungle4 testnet.
EOS EVM Node and RPC
The patch to the security vulnerability is in the silkworm engine shared by both the EOS EVM Contract and the EOS EVM Node. So the patched EOS EVM Node must also be deployed alongside the updated EOS EVM Contract to ensure consistency between the two components.
While it is sufficient to update the EOS EVM Contract to prevent any loss of funds, it is important to also update the EOS EVM Node otherwise the exploit could be used to take down the EOS EVM Node and EOS EVM RPC.
An additional stability improvement to EOS EVM Node is also included as part of this same release.
Building, compatibility, and upgrading
Compatibility
The fix to the security vulnerability is technically a breaking change to EOS EVM. However, the vulnerability does not appear to have been exploited on either the EOS EVM testnet or mainnet. Therefore, it becomes possible to treat the fix as simpler retroactive change of the EVM.
Upgrading
Upgrading EOS EVM Contract from v0.4.1 simply requires a setcode of the v0.4.2 contract. There are no changes to the ABI.
Upgrading EOS EVM Node and EOS EVM RPC from v0.4.1 only requires restarting the services with the updated binaries.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
PRs
Full Changelog: v0.4.1...v0.4.2
Contributors
Assets 2
EOS EVM v0.4.1 Release Notes
This release contains changes to all major components of the EOS EVM, however no functional changes have been introduced to the EOS EVM Contract. Relative to deployments of v0.4.0-rc1, a significant bug fix to the fork handling logic of EOS EVM Node means that historical block hashes may change.
Components
EOS EVM Contract
There have been no functional changes to the EOS EVM Contract, however, due to the version bump, the compiled contract is not expected to be exactly the same as the v0.4.0 version of the contract.
EOS EVM Node and RPC
Fixes to fork handling in EOS EVM Node
Bugs were found in the fork handling logic of EOS EVM Node that could be triggered by microforks of the underlying Antelope blockchains. Additionally, the fork handling logic had an additional issue that caused it to calculate incorrect block hashes. These identified problems have been fixed as of this release.
Note that block hashes accessible from contracts are not impacted by these changes. In fact, these changes to not introduce any functional differences to the EOS EVM Contract. The fixes are localized to the behavior of the EOS EVM Node and also the EOS EVM RPC that depends on the state generated by the EOS EVM Node. However, due to changes to historical block hashes that could be introduced by this bug fix, any clients that depended on block hash values retrieved from the EOS EVM RPC prior to this release will need to investigate how changes to the block hashes may impact their operations.
Improvements to EOS EVM RPC
PRs
The results of eth_getLogs will now return correct results if the null topic is specified. There is still a known issue remaining with the results of eth_getLogs when a non-null topic is specified. That issue is tracked in #394.
EOS EVM RPC will reject eth_sendRawTransaction and eth_sendTransaction requests since these mutating requests and EOS EVM RPC is only designed to handle read requests for now. The eth_sendRawTransaction request is instead handled by TX-Wrapper. EOS EVM RPC will additionally reject eth_gasPrice requests since it does not currently support it; the eth_gasPrice requests should instead go to TX-Wrapper which is built to properly handle those requests for the EOS EVM network.
TX-Wrapper
Support multiple Leap endpoints
The EOS_RPC variable in the .env file which configures TX-Wrapper can now support multiple Leap endpoints separated by |. This allows for a deployment to have higher availability by falling back to other Leap nodes if the primary one becomes unavailable.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build the components.
Compatibility and upgrading
Since there were no functional changes introduced to the EOS EVM Contract with this release, there is no need to upgrade the contract from v0.4.0 (or even v0.4.0-rc1) to v0.4.1. However, if an upgrade is desired, it is as simple as doing a setcode and setabi with the new WASM and ABI files, respectively.
If this version is replacing an existing v0.4.0-rc1 deployment, then reindexing of the EOS EVM Node and RPC is required to resolve a bug with the fork handling which may have caused invalid block hashes to be reported by the RPC. If this version is replacing an existing v0.4.0 deployment, then EOS EVM Node and EOS EVM RPC programs can simply be replaced and restarted.
Further details on changes since last release
Contributors
Special thanks to the contributors that submitted patches for this release:
Full list of changes since last release
Due to a late tag of the official v0.4.0 release which was waiting on some renaming within the repository prior to open sourcing, and the fact that v0.4.0-rc1 was the version of the Contract and other components that was initially deployed to the EOS mainnet, the list below also includes PRs that were merged in after the v0.4.0-rc1 tag but before the v0.4.0 tag. This is an exceptional situation and going forward only one changelog comparison should be necessary for each release.
PRs
- (390) health_helper initial commit
- (388) Fix eth_getLogs result for null topic
- (385) Nginx proxy update
- (441) Fix leap fork handling in block_conversion_plugin
- (430) Prevent calls to eth_sendRawTransaction and eth_gasPrice
- (412) update flask_proxy
- (431) Implement graceful shutdown for tx_wrapper
- (414) Remove debug access_log
- (443) remove unused (and removed in Leap's
main) WAVM header from contract tests - (446) script tweaks
- (447) support multiple endpoints in tx_wrapper
- (459) Update README.md
- (485) Update silkworm
- (489) Bump version to 0.4.1
- (491) proxy cors
- (490) Repo cleanup and EOS EVM rename
- (500) Add MIT license for contract
- (502) Bring changes from 0.4-hotfix into release/0.4 branch
- (506) add missing nginx log settings
Full Changelog from v0.4.0: v0.4.0...v0.4.1
Full Changelog from v0.4.0-rc1: v0.4.0-rc1...v0.4.1
Contributors
Assets 2
EOS EVM v0.4.0 Release Notes
EOS EVM is a compatibility layer that can be deployed on top of the EOS blockchain which implements the Ethereum Virtual Machine (EVM). It enables developers to deploy and run their applications on top of the EOS blockchain infrastructure but to build, test, and debug those applications using the common languages and tools they are used to using with other EVM compatible blockchains. It also enables users of such applications to interact with the applications in ways they are familiar with (e.g. using a MetaMask wallet).
The EOS EVM consists of multiple components that are tracked across different repositories. The eos-evm repository includes three significant components of EOS EVM which are now officially being introduced as part of this release:
- EOS EVM Contract
- EOS EVM Node and RPC
- TX-Wrapper
The EOS EVM Contract is an Antelope contract that implements the main runtime for the EVM. The EOS EVM Node and RPC are two programs based on Silkworm and SilkRPC, eos-evm-node and eos-evm-rpc, that work together to service most of the read RPC methods within the Ethereum JSON-RPC. TX-Wrapper is a Node.js application which specifically services the eth_sendRawTransaction and eth_gasPrice RPC methods of the Ethereum JSON-RPC.
Components
EOS EVM Contract
The EOS EVM Contract implements the main runtime for the EVM and it operates as a contract deployed on the EOS blockchain. It is actually designed to be compatible with any Antelope blockchain assuming all recent protocol features have been activated; however, the contract source code does have a hard-coded, yet easily changeable, assumption that EOS is the native token of the EVM and is the token used by the trustless bridge.
The EOS EVM runtime enabled by the EOS EVM Contract is fully compatible with the Ethereum EVM except for some small differences captured in https://docs.eosnetwork.com/docs/latest/eos-evm/compatibility/evm-compatibility.
Trustless bridge
One of those differences between EOS EVM and the Ethereum EVM are a reserved range of addresses that start with a prefix of 12 bytes of 0xbb (this means externally owned account and contract accounts with addresses start with that prefix cannot be created in the EVM). The reserved addresses enable the EOS EVM trustless bridge which facilitates a way to move EOS tokens between EVM accounts in the internal EVM environment and EOS accounts in the external EOS environment.
The EOS tokens held externally by the EOS accounts can conveniently be kept in the eosio.token balances as EOS users are accustomed to. Users can seamlessly move EOS tokens to an internal EVM account by transferring tokens to the eosio.evm account with the EVM account address specified as the memo; note that a small ingress bridge fee will be deducted from the transfered amount to cover resource costs. Users can seamlessly move EOS tokens back from an internal EVM account to an external EOS account by pushing an EVM transaction that transfers the EOS tokens to a particular EVM address within the reserved address range that maps to the particular EOS account that is intended as the destination of those EOS tokens. The seamless bridge transfer from the EVM environment to the EOS environment comes with the limitation that at most one external EOS account can be the destination of the seamless bridge transfer per each EVM transaction and that external EOS account cannot have a contract deployed on it (unless it is on a special egress allow list).
The EOS tokens held externally by an EOS account can alternatively be kept in a balance tracked within the EOS EVM Contract that is controlled by that EOS account. This is an advanced mode that allows users to bypass some of the limitations of the easier seamless mode described earlier. It first requires the EOS account to explicitly open the balance. The balance must also be opened before an EOS account is allowed to act as a "miner" for pushing an EVM transaction.
Miners and collecting gas fees for pushing EVM transactions
The pushtx action allows an EVM transaction (in rlp encoding) to be pushed into the virtual EVM blockchain managed by the EOS EVM Contract. The pushtx action also has an parameter called miner which takes an EOS account name. The specified account acts as the "miner" for the pushed EVM transaction which means it collects a portion of the gas fees collected from that transaction. The purpose of this is to compensate the miner who is expected to be covering the CPU and NET costs of the Antelope transaction including the pushtx action.
The gas calculations for EVM transactions processed by EOS EVM are exactly the same as those of Ethereum prior to the London hardfork which included the changes of EIP-1559. This means none of the gas fees are immediately burned by the EVM and instead those gas fees are first collected by the EOS EVM Contract. Additionally, the EOS EVM Contract will reject the EVM transaction if the gas price specified within it is less than some minimum gas price which is a parameter (called gas_price) that is configurable within the EOS EVM Contract.
Though the EOS EVM Contract first collects all of the gas fees of any processed transaction as an intermediate step, it does not indefinitely hold on to all of those collected fees. It immediately sends a portion of the collect gas fee (percentage determined by another parameter called miner_cut that is configurable within the EOS EVM Contract) to the specified miner's balance within the EOS EVM Contract. The portion of gas fees automatically accumulate over time in that miner's balance and can be withdrawn out by the miner at any time to their eosio.token balance using the withdraw action.
EOS EVM Node and RPC
The EOS EVM Contract does not implement support for the Ethereum JSON-RPC that is expected by developers building on EVM-compatible blockchains. That RPC is instead supported by other software included as part of the overall EOS EVM project.
In particular the eos-evm-rpc program, which is a fork of SilkRPC, is a daemon that supports nearly all of the Ethereum JSON-RPC for the virtual EVM blockchain managed by the EOS EVM Contract. Two of the RPC methods, eth_sendRawTransaction and eth_gasPrice are intentionally disabled on this daemon because it is not appropriate for this daemon to handle those methods; instead requests for two of those methods should be routed to the TX-Wrapper which is designed specifically to support those two RPC methods.
The eos-evm-rpc program does not work by itself. To do its job, it relies on the database managed by an execution client for (virtual) EVM blockchain. In the case of the EOS EVM project, this execution client is the eos-evm-node program, which is a fork of Silkworm modified to work with the changes to the EVM runtime that were needed to support the EOS EVM, such as the trustless bridge.
The eos-evm-node needs to exactly reproduce the EVM transaction execution that was first done by the EOS EVM Contract. It needs to reconstruct the virtual EVM blockchain that is managed by the EOS EVM Contract using data extracted from the EOS blockchain. To faciliate this, eos-evm-node must connect to a state history plugin (SHiP) endpoint of a Leap node connected to the EOS blockchain.
TX-Wrapper
As mentioned earlier, the two RPC methods, eth_sendRawTransaction and eth_gasPrice, that are not implemented by eos-evm-rpc are instead implemented by the TX-Wrapper.
The primary purpose of the TX-wrapper is to take raw EVM transactions via eth_sendRawTransaction and push them to the EOS EVM Contract. It does this by: constructing an Antelope transaction containng the pushtx action of the EOS EVM Contract which includes the rlp-encoded EVM transaction; signing the Antelope transaction with the key of an EOS account that acts as the miner of the pushtx action and pays the CPU/NET costs of the Antelope transaction; and, sends the signed Antelope transaction to the EOS blockchain via the chain API of a Leap node connected to teh EOS network.
TX-wrapper also supports the eth_gasPrice RPC method, despite the fact that it is a read method, because its implementation also depends on access to the chain API of a Leap node. In particular, it simply grabs the minimum gas price configured in the EOS EVM Contract from the appropriate table and returns it to the caller.
Building, compatibility, and upgrading
Building
The README in the eos-evm repository contains instructions on how to build the components.
Compatibility and upgrading
Version 0.3.0 of EOS EVM introduced significant incompatible changes compared to prior versions with the introduction of the trustless bridge. That version of the EOS EVM Contract was deployed to the Jungle4 test network on a fresh new account, eosio.evm, so there were no compatibility or upgrade concerns to consider regarding that component.
Going forward upgrades to the deployment of EOS EVM on the test network will need to consider compatibility and upgrading.
Version 0.4.0 has minimal changes relative v0.3.0 that should not impact the upgrade of the EOS EVM Contract to v0.4.0. It will require redeployment and reindexing of the EOS EVM Node and RPC to reflect bug fixes made to those components.
Upgrading the EOS EVM Contract from v0.3.0 to v0.4.0 is as simple as doing a setcode and setabi with the new WASM and ABI files, respectively. The only functional difference in the contract is the removal of the ChainConfig for an old and now obsolete test network (with chain ID of 15556) and the addition of the ChainConfig for mainnet deployment of EOS EVM on the EOS blockchain (chain ID of 17777).
Additionally, ther...