Following the introduction of EIP-3074, an erroneous signature has the potential to deplete the balance of your Ethereum account. Indeed, this concern is real. Before things get more out of hand, let's address this worry temporarily.
Firstly, I am not aware of any wallet currently supporting the signing of unsuffixed data, which means no wallet currently supports EIP-3074. No matter how many dashboards you browse or advanced features you activate, signing messages for EIP-3074 is currently not possible.
The messages you sign to log into dapps are based on EIP-191, a standard completely different from EIP-3074. This standard adds the following data to your signed messages:
0x19 <0x45 (E)>
This is why it is impossible to trick someone into signing a valid Ethereum transaction while logging into a dapp. Transactions use the following byte values as prefixes:
0x01 – 2930 tx 0x02 – 1559 tx 0x03 – 4844 tx
For more information, see: Ethereum Execution Specs
EIP-3074 plans to use the prefix 0x04. This will eliminate its ambiguity with all other types of signable data in Ethereum. Wallets must choose to allow users to sign these messages actively.
Depending on how wallets integrate EIP-3074, it may make users more susceptible to exploitation. To understand this, we need to ensure we understand the workings of EIP-3074 signatures.
The authentication message for building signatures includes a caller address. Importantly, this is the only address that AUTH deems the signature valid for.
For accounts that are to deplete their balance, the following two conditions must simultaneously be met:
This means that performing either of these actions will not cause an issue by itself.
We hope wallet software understands that EIP-3074 callers are more like extensions of the wallet software code rather than contracts. Wallets do not allow users to freely execute arbitrary code and access their private keys (pk); similarly, they should not allow users to delegate their Ethereum accounts arbitrarily.
Therefore, if wallet software integrates EIP-3074 insecurely and users do not verify the callers they interact with, they might delegate to a malicious caller. However, it is still possible to undo this by sending a single transaction from an EOA, which will revoke any ongoing AUTH signatures.
At a minimum, wallet software should make signing EIP-3074 messages as significant as exporting your private key. Assuming a wallet integrates 3074 securely, accounts can still be compromised. This is a fundamental property of batch transactions. It allows you to easily send multiple operations, just as it allows attackers to trick you into sending a batch of assets to their controlled address.
Wallet software must clearly display each operation you are signing. This way, it is easy to notice, "I intended to make one transaction, but this signing request has led to several transactions." If processing is done through blind signing, this cannot be detected.
Yes, EIP-3074 places significant trust in wallets. However, we have already securely trusted them with our private keys—there is no higher level of trust.
EIP-3074 can be safely integrated and used. If any wallet has questions about how to implement this, please feel free to contact us. As the authors of EIP-3074, we are currently considering how best to assist in the next stages of the standard's development.
Over the past few years, we have spent considerable time developing scenarios on how to use and abuse it. We are excited that these ideas are starting to be implemented in production. But we also recognize this is the most challenging part.
In summary, after EIP-3074, a single erroneous signature could deplete your Ethereum account balance:
EIP-3074 and EIP-4337: EIP-3074 is very beneficial for account abstraction providers, as it is highly beneficial to our clients.
ERC-4337 is the best way to bring new users into the crypto space. EIP-3074 is the best way to introduce existing users to smart accounts.
The ERC-4337 community expressed opposition to the EIP-3074 proposal, mainly on the grounds that EIP-3047 may increase centralization risks and is inconsistent with the Ethereum account abstraction roadmap, the core of which is EIP-4337 and its close relative EIP-7560.
JinseFinanceEIP-3074 enables EOA to have the same rich execution capabilities as contracts, opening up many new application scenarios.
JinseFinanceEIP-3074, Vitalik Buterin, Thoughts on Ethereum governance after the EIP-3074 incident Golden Finance, What role does Vitalik play in Ethereum governance?
JinseFinanceAdd a new transaction type that adds a contract_code field and a signature and converts the signing account to a smart contract wallet during that transaction, with the goal of providing similar functionality to EIP-3074.
JinseFinanceEIP-3074 aims to enhance Ethereum wallet usability by making EOAs more programmable, allowing for batch transactions and third-party fee sponsorship. While supported by some, security concerns persist, emphasizing the need for clear pathways to address vulnerabilities.
EdmundEIP-3074, Ethereum 2.0, Bankless: Why is EIP-3074 important? Golden Finance, Ethereum's latest hot improvement proposal may change the way you trade.
JinseFinanceAfter many proposals and improvements, the ultimate solution for Ethereum wallets seems to be within reach.
JinseFinanceEthereum core developers have agreed to include EIP-3074 in the upcoming hard fork upgrade Prague/Electra (expected in Q4 2024/early 2025).
JinseFinanceEIP-3074 was approved to go live in the next Ethereum hard fork (Prague). This EIP will forever change the way users interact on the EVM chain, making the wallet user experience simpler, cheaper, and more powerful.
JinseFinanceOne sentence description: EIP-3074 gives EOA wallet smart contract functions, changing the way users interact on the EVM chain
JinseFinance