Hi everyone!
We would like to present you our new Rollup Improvement Proposal RIP-7614, which suggests implementing a call stack that contains opcodes, addresses and function selectors, and exposing through a precompiled contract interface.
Here is the original Ethereum Magicians thread in case you would like catch up with our community discussions so far:
- This improvement is rooted in the authors’ common goal to prevent smart contract exploits.
- Transaction screening is an emerging and promising exploit prevention approach. Here’s an example - a DeFi protocol may screen incoming transactions against a negative reputation list and/or for anomalous activity outside of normal user behavior, and revert transactions deemed malicious.
- Unfortunately, transaction screening techniques are susceptible to evasion. DeFi protocols only have visibility into
msg.sender
andtx.origin
fields of a transaction, meaning hackers can hide behind various proxies. - The call stack precompile levels protocols’ transaction visibility with attackers, exposes hidden attack contracts and helps reason better about the patterns.
We believe that this is a critical leap forward in implementing effective screening solutions and protecting protocols from attacks on L2 chains, and for this reason we find Arbitrum’s adoption of this proposal very valuable.
We are curious to know what you think of this proposal and discuss!