Add a SET_INDESTRUCTIBLE
opcode that prevents the contract from calling SELFDESTRUCT
.
Add a context-wide variable locals.indestructible
(ie. a variable that lives in the same "space" as memory, stack, PC…), initialized to False
.
Add a SET_INDESTRUCTIBLE
opcode at 0xA8
, with gas cost 2 (G_base
) , that sets locals.indestructible
to True
. If in the current execution context locals.indestructible
is True
, the SELFDESTRUCT
opcode throws an exception.
The intended use case would be for contracts to make their first byte of code be the SET_INDESTRUCTIBLE
opcode if they wish to serve as libraries that guarantee to users that their code will exist unmodified forever. This is useful in account abstraction as well as other contexts.
Unlike EIPs that disable the SELFDESTRUCT
opcode entirely, this EIP does not modify behavior of any existing contracts.
This breaks forward compatibility with some forms of state rent, which would simply delete contracts that get too old without paying some maintenance fee. However, this is not the case with all state size control schemes; for example this is not an issue if we use ReGenesis.
If SELFDESTRUCT
is ever removed in the future, this EIP would simply become a no-op.
Copyright and related rights waived via CC0.