AlertSourceDiscuss
Ethereum Improvement Proposals

Appearance

On this page

EIP-5920: PAY opcode

Introduces a new opcode, PAY, to send ether to an address without calling any of its functions

⚠️ ReviewCore

Peer Review Notice

This EIP is in the process of being peer-reviewed. If you are interested in this EIP, and have feedback to share, please participate using this discussion link. Thank you!

AuthorsGavin John (@Pandapip1), Zainan Victor Zhou (@xinbenlv)
Created2022-11-23

Abstract

This EIP introduces a new opcode, PAY, taking two stack parameters, addr and val, that transfers val wei to the address addr without calling any of its functions.

Motivation

Currently, to send ether to an address requires you to call a function of that address, which has a few issues. First of all, it opens a reentrancy attack vector, as the recipient can call back into the sender. Secondly, it opens a DoS vector, so parent functions must be cognizant of the possibility that the recipient will run out of gas or revert. Finally, the CALL opcode is needlessly expensive for simple ether transfers, as it requires the memory and stack to be expanded, the recipient's full data including code and memory to be loaded, and finally needs to execute a call, which might do other unintentional operations. Having a dedicated opcode for ether transfers solves all of these issues, and would be a useful addition to the EVM.

Specification

ParameterValue
PAY_OPCODE0xf9
GAS_COST3000

A new opcode is introduced: PAY (PAY_OPCODE), which:

  • Pops two values from the stack: addr then val.
  • Transfers val wei from the executing address to the address addr. If addr is the zero address, instead, val wei is burned from the executing address.

The cost of this opcode is GAS_COST. If addr is not the zero address, the EIP-2929 account access costs are also incurred.

Rationale

Gas pricing

The gas pricing is that of a CALL with a positive msg.value, but without any memory expansion costs or "gas sent with call" costs, with a gas reduction of 500 to compensate for the reduced amount of computation.

Argument order

The order of arguments mimicks that of CALL, which pops addr before val. Beyond consistency, though, this ordering aids validators pattern-matching MEV opportunities, so PAY always appears immediately after COINBASE.

Backwards Compatibility

This change requires a hard fork.

Security Considerations

Existing contracts should not rely on their balance being under their control, since it is already possible to send ether to an address without calling it, by creating a temporary contract and immediately SELFDESTRUCTing it, sending the ether to an arbitrary address. However, this opcode does make this process cheaper for already-vulnerable contracts.

Copyright and related rights waived via CC0.

Citation

Please cite this document as:

Gavin John, Zainan Victor Zhou, "EIP-5920: PAY opcode[DRAFT]," Ethereum Improvement Proposals, no. 5920, 2022. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-5920.