Merge branch 'master' into pairings

2025-01-14 00:45:05 +00:00 · 2017-12-04 14:02:55 +01:00 · 2017-12-04 14:02:55 +01:00 · 2d45aa38d5
commit 2d45aa38d5
parent 22afa8088e 3b4501df5b
7 changed files with 79 additions and 7 deletions
--- a/EIPS/eip-1.md
+++ b/EIPS/eip-1.md
@ -254,3 +254,8 @@ February 1, 2016: EIP 1 has added editors, made draft improvements to process, a
  [README.md]: README.md "wikilink"
  [Bitcoin's BIP-0001]: https://github.com/bitcoin/bips
  [Python's PEP-0001]: https://www.python.org/dev/peps/
+
+Copyright
+---------
+
+Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/).
--- a/EIPS/eip-100.md
+++ b/EIPS/eip-100.md
@ -4,7 +4,7 @@ Title: Change difficulty adjustment to target mean block time including uncles
 Author: Vitalik Buterin
 Type: Standard Track
 Category: Core
-Status: Accepted
+Status: Final
 Created: 2016-04-28
 ```

--- a/EIPS/eip-140.md
+++ b/EIPS/eip-140.md
@ -0,0 +1 @@
+Reserved for https://github.com/ethereum/EIPs/pull/206
--- a/EIPS/eip-196.md
+++ b/EIPS/eip-196.md
@ -1,6 +1,6 @@
 ## Preamble

-    EIP: 213
+    EIP: 196
    Title: Precompiled contracts for addition and scalar multiplication
           on the elliptic curve alt_bn128
    Author: Christian Reitwiessner<chris@ethereum.org>
@ -15,7 +15,7 @@ Precompiled contracts for elliptic curve operations are required in order to per

 ## Abstract

-This EIP suggests to add precompiled contracts for addition and scalar multiplication on a specific pairing-friendly elliptic curve. This can in turn be combined with [EIP-212](./eip-212.md) to verify zkSNARKs in Ethereum smart contracts. The general benefit of zkSNARKs for Ethereum is that it will increase the privacy for users (because of the Zero-Knowledge property) and might also be a scalability solution (because of the succinctness and efficient verifiability property).
+This EIP suggests to add precompiled contracts for addition and scalar multiplication on a specific pairing-friendly elliptic curve. This can in turn be combined with [EIP-197](./eip-197.md) to verify zkSNARKs in Ethereum smart contracts. The general benefit of zkSNARKs for Ethereum is that it will increase the privacy for users (because of the Zero-Knowledge property) and might also be a scalability solution (because of the succinctness and efficient verifiability property).

 ## Motivation

--- a/EIPS/eip-211.md
+++ b/EIPS/eip-211.md
@ -0,0 +1,66 @@
+## Preamble
+
+    EIP: 211
+    Title: New opcodes: RETURNDATASIZE and RETURNDATACOPY
+    Author: Christian Reitwiessner <chris@ethereum.org>
+    Type: Standard Track
+    Category Core
+    Status: Final
+    Created: 2017-02-13
+    Requires:
+    Replaces: 5/8
+
+
+## Simple Summary
+
+A mechanism to allow returning arbitrary-length data inside the EVM has been requested for quite a while now. Existing proposals always had very intricate problems associated with charging gas. This proposal solves the same problem while at the same time, it has a very simple gas charging mechanism and requires minimal changes to the call opcodes. Its workings are very similar to the way calldata is handled already; after a call, return data is kept inside a virtual buffer from which the caller can copy it (or parts thereof) into memory. At the next call, the buffer is overwritten. This mechanism is 100% backwards compatible.
+
+## Abstract
+
+Please see summary.
+
+## Motivation
+
+In some situations, it is vital for a function to be able to return data whose length cannot be anticipated before the call. In principle, this can be solved without alterations to the EVM, for example by splitting the call into two calls where the first is used to compute only the size. All of these mechanisms, though, are very expensive in at least some situations. A very useful example of such a worst-case situation is a generic forwarding contract; a contract that takes call data, potentially makes some checks and then forwards it as is to another contract. The return data should of course be transferred in a similar way to the original caller. Since the contract is generic and does not know about the contract it calls, there is no way to determine the size of the output without adapting the called contract accordingly or trying a logarithmic number of calls.
+
+Compiler implementors are advised to reserve a zero-length area for return data if the size of the return data is unknown before the call and then use `RETURNDATACOPY` in conjunction with `RETURNDATASIZE` to actually retrieve the data.
+
+Note that this proposal also makes the EIP that proposes to allow to return data in case of an intentional state reversion ([EIP-140](./eip-140.md)) much more useful. Since the size of the failure data might be larger than the regular return data (or even unknown), it is possible to retrieve the failure data after the CALL opcode has signalled a failure, even if the regular output area is not large enough to hold the data.
+
+## Specification
+
+If `block.number >= BYZANTIUM_FORK_BLKNUM`, add two new opcodes and amend the semantics of any opcode that creates a new call frame (like `CALL`, `CREATE`, `DELEGATECALL`, ...) called call-like opcodes in the following. It is assumed that the EVM (to be more specific: an EVM call frame) has a new internal buffer of variable size, called the return data buffer. This buffer is created empty for each new call frame. Upon executing any call-like opcode, the buffer is cleared (its size is set to zero). After executing a call-like opcode, the complete return data (or failure data, see [EIP-140](./eip-140.md)) of the call is stored in the return data buffer (of the caller), and its size changed accordingly. As an exception, `CREATE` and `CREATE2` are considered to return the empty buffer in the success case and the failure data in the failure case. If the call-like opcode is executed but does not really instantiate a call frame (for example due to insufficient funds for a value transfer or if the called contract does not exist), the return data buffer is empty.
+
+As an optimization, it is possible to share the return data buffer across call frames because at most one will be non-empty at any time.
+
+`RETURNDATASIZE`: `0x3d`
+
+Pushes the size of the return data buffer onto the stack.
+Gas costs: 2 (same as `CALLDATASIZE`)
+
+`RETURNDATACOPY`: `0x3e`
+
+This opcode has similar semantics to `CALLDATACOPY`, but instead of copying data from the call data, it copies data from the return data buffer. Furthermore, accessing the return data buffer beyond its size results in a failure; i.e. if `start + length` overflows or results in a value larger than `RETURNDATASIZE`, the current call stops in an out-of-gas condition. In particular, reading 0 bytes from the end of the buffer will read 0 bytes; reading 0 bytes from one-byte out of the buffer causes an exception.
+
+Gas costs: `3 + 3 * ceil(amount / 32)` (same as `CALLDATACOPY`)
+
+## Rationale
+
+Other solutions that would allow returning dynamic data were considered, but they all had to deduct the gas from the call opcode and thus were both complicated to implement and specify ([5/8](https://github.com/ethereum/EIPs/issues/8)). Since this proposal is very similar to the way calldata is handled, it fits nicely into the concept. Furthermore, the eWASM architecture already handles return data in exactly the same way.
+
+Note that the EVM implementation needs to keep the return data until the next call or the return from the current call. Since this resource was already paid for as part of the memory of the callee, it should not be a problem. Implementations may either choose to keep the full memory of the callee alive until the next call or copy only the return data to a special memory area.
+
+Keeping the memory of the callee until the next call-like opcode does not increase the peak memory usage in the following sense; any memory allocation in the caller's frame that happens after the return from the call can be moved before the call without a change in gas costs, but will add this allocation to the peak allocation.
+
+The number values of the opcodes were allocated in the same nibble block that also contains `CALLDATASIZE` and `CALLDATACOPY`.
+
+## Backwards Compatibility
+
+This proposal introduces two new opcodes and stays fully backwards compatible apart from that.
+
+## Test Cases
+
+## Implementation
+
+## Copyright
+Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/).
--- a/EIPS/eip-55.md
+++ b/EIPS/eip-55.md
@ -26,7 +26,7 @@ def checksum_encode(addr): # Takes a 20-byte binary address as input
    return '0x'+o

 def test(addrstr):
-    assert(addrstr == checksum_encode2(bytes.fromhex(addrstr[2:])))
+    assert(addrstr == checksum_encode(bytes.fromhex(addrstr[2:])))

 test('0x5aAeb6053F3E94C9b9A09f33669435E7Ef1BeAed')
 test('0xfB6916095ca1df60bB79Ce92cE3Ea74c37c5d359')
--- a/EIPS/eip-609.md
+++ b/EIPS/eip-609.md
@ -21,15 +21,15 @@ This specifies the changes included in the hard fork named Byzantium.
  - Block >= 4,370,000 on Mainnet
  - Block >= 1,700,000 on Ropsten testnet
 - Included EIPs:
-  - EIP 100 (Change difficulty adjustment to target mean block time including uncles)
+  - [EIP 100](./eip-100.md) (Change difficulty adjustment to target mean block time including uncles)
  - EIP 140 (REVERT instruction in the Ethereum Virtual Machine)
  - EIP 196 (Precompiled contracts for addition and scalar multiplication on the elliptic curve alt_bn128)
  - [EIP 197](./eip-197.md) (Precompiled contracts for optimal ate pairing check on the elliptic curve alt_bn128)
  - EIP 198 (Precompiled contract for bigint modular exponentiation)
  - EIP 211 (New opcodes: RETURNDATASIZE and RETURNDATACOPY)
  - EIP 214 (New opcode STATICCALL)
-  - EIP 649 (Difficulty Bomb Delay and Block Reward Reduction)
-  - EIP 658 (Embedding transaction return data in receipts)
+  - [EIP 649](./eip-649.md) (Difficulty Bomb Delay and Block Reward Reduction)
+  - [EIP 658](./eip-658.md) (Embedding transaction status code in receipts)
  
 ## References
				`@ -0,0 +1 @@`
				`Reserved for https://github.com/ethereum/EIPs/pull/206`