Ethereum’s EIP-3074 ‘upgrade’ could let wallet makers steal your money
With momentum carried over from the relatively smooth hard fork upgrades Shapella (Shanghai+Capella) and Dencun (Deneb+Cancun), Ethereum’s next hard fork was supposed to be a breeze. Nevertheless, several analysts are waving red flags about one of its code changes, EIP-3074.
Through EIP-3074, Pectra will introduce codes that permit users to delegate all of their Ethereum assets to so-called Invokers — externally owned accounts (EOA) that users must trust to not steal their money.
Following the naming convention of ‘star + city portmanteau,’ the upcoming hard fork Pectra (Electra+Prague) will introduce two new operation codes: AUTH and AUTHCALL. Together, these codes make up Ethereum Improvement Proposal number 3074 (EIP-3074).
The two codes are easy to understand. AUTH delegates power to an Invoker to conduct transactions while AUTHCALL callsthat prior authorization to conduct subsequent transactions using that authorization.
Incredibly — and for the first time in Ethereum’s history — these two codes allow a third-party entity to send or transact Ethereum assets, including NFTs and ERC-20 tokens like USDC, inside your wallet forever. Unless developers modify the EIP before Ethereum hard forks later this year, the delegated powers remain with the Invoker permanently.
Read more: Ethereum Foundation ditches ‘warrant canary’
EIP-3074 gives wallet makers even more power
Although further details of the AUTH and AUTHCALL codes are quite technical, a final item of general importance to most crypto participants is EIP-3074’s entrusting of unprecedented powers to wallet makers.
Because Ethereum developers realize the expansive and permanent power of AUTH instructions to the Ethereum Virtual Machine (EVM), they have decided to limit the EOAs to which users may delegate their assets. Specifically, they have proposed limiting EOAs to a whitelist maintained by pre-approved wallet providers like MetaMask.
The solution to this blockchain problem? Trusted third-parties.
EIP-3074: Trust us, bro.
ChainArgos CEO Jonathan Reiter explained Invokers’ newfound powers in EIP-3074 even more explicitly, saying, “I delegate authority over my account to an Invoker — something that can now call code over my assets — and that thing now has the ability to do stuff with my assets. And there’s no way to revoke that delegation… The problem here is, because you can’t revoke it, if I delegate to a contract — even if I think that contract is okay today — if it’s upgradeable, they can steal my tokens in the future.”
Security researchers and auditors have raised similar concerns. Indeed, it’s not enough for the user to simply ensure that they delegate only to presently trustworthy EOAs. If those EOAs are upgradeable smart contracts, the owner of those EOAs’ private keys could swap honest code for malicious code in the future.
Worse, even if an EOA is immutable, if that EOA interacts with additional smart contracts and those third-party smart contracts are upgradeable, EIP-3074 could expose users’ assets to theft via malicious, third-party code upgrades in the future.
Read more: Blast L2 hack prompts debate over centralization of Ethereum rollups
Why are we further empowering the most powerful?
Given all of these risks, what exactly is the point of EIP-3074 in the first place? Mostly, in the opinion of co-author Matt Garnett, the code will save users time and money — assuming Invokers stay honest. Consider a first-timer’s experience using Uniswap. First they must manually sign to authorize Uniswap. Then they need to pay to activate ETH on Uniswap before signing up and paying gas to activate USDC. Then they sign and pay gas to swap ETH for USDC and if more assets are involved, each one must also be activated with a separate signature and gas fee.
In the post-Pectra hard fork world, many of these signatures and gas payments could consolidate. For the user, they would only sign once to AUTH an Invoker with permission to perpetually trade their ETH or USDC on their behalf — without subsequent signatures.
In summary, EIP-3074 adds more trust and power with centralized and already quite powerful corporations like MetaMask by Consensys. Unless developers rethink this software change, the upgrade will entice users to entrust perpetual authority with third-party Invokers. These entities may now control users’ wallets and might, by way of their own or third-party smart contract upgrades, change the rules of the game in the future to simply steal users’ money.