# EIP draft: SET_INDESTRUCTIBLE ``` --- eip: <to be assigned> title: SET_INDESTRUCTIBLE opcode author: Vitalik Buterin (@vbuterin) discussions-to: <URL> status: Draft type: Standards Track category: Core created: 2020-08-30 --- ``` ## Simple Summary Add a `SET_INDESTRUCTIBLE` opcode that prevents the contract from calling `SELFDESTRUCT`. ## Specification Add a context-wide variable `locals.indestructible` (ie. a variable that lives in the same "space" as memory, stack, PC...), initialized to `False`. Add a `SET_INDESTRUCTIBLE` opcode at `0xA8`, with gas cost 2 (`G_base`) , that sets `locals.indestructible` to `True`. If in the current execution context `locals.indestructible` is `True`, the `SELFDESTRUCT` opcode throws an exception. ## Motivation The intended use case would be for contracts to make their first byte of code be the `SET_INDESTRUCTIBLE` opcode if they wish to serve as libraries that guarantee to users that their code will exist unmodified forever. This is useful in account abstraction as well as other contexts. Unlike EIPs that disable the `SELFDESTRUCT` opcode entirely, this EIP does not modify behavior of any existing contracts. ## Forwards Compatibility and Security This breaks forward compatibility with _some_ forms of state rent, which would simply delete contracts that get too old without paying some maintenance fee. However, this is not the case with all state size control schemes; for example this is not an issue if we use [ReGenesis](https://ledgerwatch.github.io/regenesis_plan.html). If `SELFDESTRUCT` is ever removed in the future, this EIP would simply become a no-op. ## Copyright Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/).