The Shanghai Edition

Shanghai, Capella — Shapella; EIP Account Abstraction; EIP-4895

Mar 10, 2023

Dear Bankless Nation 🏴,

Not far off is Ethereum’s next big upgrade. Imminently launching on the Goerli test-net and now expected hit main-net in early April, Shanghai brings with it the last link in the chain for Ethereum’s new Proof of Stake consensus mechanism — withdrawals. Deposits went live in December 2020, The Merge happened almost six months ago, and now it’s time to let depositors claim their rewards.

First we take a look at what Shanghai, well actually Shanghai and Capella but more on that later, and what this upgrade brings to Ethereum. Second, Jake and Stake gives an explanation of the brand new ERC-4337, “Account Abstraction Using Alt Mempool“, and how it will have a revolutionary impact on how users experience Ethereum.

This week is the first of what might be a recurring theme called Engineering Ethereum, similar to how we do our Security Scares. Focusing on the details of new EIPs. Of course this week we’re talking about EIP-4895 and just how the core devs implemented withdrawals in the protocol.

We are also looking to engage more with our readers to make sure we’re delivering content to you that you find valuable. Below is a poll asking for you input to this question. As always the comments section at the bottom of Substack is open to more constructive feedback than a poll can provide.

This is the DeFi Download ⚡️

Contributors: BanklessDAO Writers Guild (Jake and Stake, Austin Foss)

This is the official newsletter of BanklessDAO. To unsubscribe, edit your settings.

Upgrading Ethereum; Withdrawals & Account Abstraction

Shanghai, Capella — Shapella

By: Austin Foss

More often than not, Ethereans will hear the next imminent upgrade of Ethereum referred to as the Shanghai upgrade, or hard-fork. Specifically, Shanghai is just the one hard-fork on the execution layer out of two making up the whole upgrade, the other is a hard-fork on the consensus layer named Capella; hence Shapella. Going forward we will use Shanghai as a general reference to the whole upgrade due to familiarity.

Last week, the date for when the Goerli test-net will make the upgrade was set, March 14, the last step before main-net which, if all goes well, should arrive around early April.

Making the Cut

Originally, Shanghai was intended to be a much larger upgrade, but since December, several of the more complex features were not going to make the cut. Most notable is EIP-4844, more commonly known as proto-danksharding.

As reported by Cointelegraph on December 9, Ethereum core developer Tim Beiko said the team agreed on two points; "(1) seeing Shanghai happen quickly, ideally around March and (2) following this with a fork centered around EIP-4844." Back then, there were several other EIPs still to be included in Shanghai that would implement something called the EVM Object Format (EOF), but these were also cut and postponed to the next execution layer hard-fork, Cancun.

There are now a total of 5 EIPs to be included in the Shanghai hard-fork:

EIP-3651: Warm COINBASE
EIP-3855: PUSH0 instruction
EIP-3860: Limit and meter initcode
EIP-4895: Beacon chain push withdrawals as operations
EIP-6049: Deprecate SELFDESTRUCT

Upgrade Highlights

Outside of deprecating the SELFDESTRUCT opcode and the star EIP of this upgrade, 4895, the other three offer various efficiency upgrades to the EVM's gas usage.

Regarding Capella, there are three main points:

Automatic withdrawals of withdrawable validators.
Partial withdrawals sweep for validators with 0x01 withdrawal credentials and balances in excess of MAX_EFFECTIVE_BALANCE.
Operation to change from BLS_WITHDRAWAL_PREFIX to ETH1_ADDRESS_WITHDRAWAL_PREFIX versioned withdrawal credentials to enable withdrawals for a validator.

First on the list simply facilitates a full exit, or full withdrawal, of a validator from the set. Withdrawing their full balance to a withdrawal address once their turn in the withdrawal queue has arrived.

The second allows validators to automatically withdraw ETH above the minimum required 32 ETH to the same withdrawal address mentioned above.

Thirdly, if a validator didn't set a withdrawal address when making their deposit they will now be able to set one so they can make use of partial and full withdrawals. Testing how to do this can be done on the Zhejiang Testnet Launchpad.

Withdrawal Delay Division

Although this upgrade is now expected to arrive on main-net in early April, just over six months since the merge, there was heated discussion over just how long enabling withdrawals would take.

In November, Cointelegraph reported on the different perspectives. In one of the referenced screenshots a core developer, Micah Zoltu, is shown to be setting the expectation in September before The Merge that withdrawals could come even as late as 2024. He is later quoted by Decrypt, from an article published this January, during an all core devs call saying that “It feels like we’re not thinking about the long-term health of Ethereum... We’re thinking, ‘How do we do what the public wants, today?’”

Decrypt explains that part of the reason rushing withdrawals could have a negative impact on future Ethereum upgrades has to do with the encoding method used to perform this EVM action. Currently this will use "recursive-length prefix serialization" (RPL), but in the future, possibly as early as the next execution layer upgrade called Cancun, this will change to "simple serialization" (SSZ).

Knowing that this change is somewhere down the road, but opting to implement withdrawals using a, possibly soon to be legacy, method is one thing that could raise unnecessary problems. All just to satisfy public perception.

Staking Services & Protocols

Once Ethereum main-net makes the Shanghai hard-fork, all of the staked ETH can't just be withdrawn all at once, leaving the network with no security guarantees. There are several limits built into Capella to prevent this, creating the withdrawal queue:

"Maximum amount of withdrawals allowed in each payload" = 16
Maximum partial withdrawals per sweep = 16384

This may or may not affect institutional liquid staking products, like Coinbase's cbETH, from being redeemed instantly. This would depend if they have backed each cbETH 1:1 with ETH in their reserves if there was a wave of mass customer cbETH redemptions.

Rocket Pool

On March 3rd Rocket Pool announced their Atlas upgrade. Analogous to their Redstone upgrade just before The Merge and introduced their smoothing pool, Atlas will as such make Rocket Pool compatible with this upgrade as well as introduce minipools; pools that can be started with just 8 ETH instead of 16 ETH.

"We are targeting a mainnet Atlas release for [the] end of March / early April."

Lido

On February 13 Lido announced their v2 upgrade. On top of enabling withdrawals through stETH redemptions it also addresses one of the largest criticisms of the protocol -- centralization.

Since inception Lido’s validators have been approved through the DAO and an approval process. Despite this being done by DAO governance this has resulted in the Lido validator set being limited to just over a couple dozen unique operators. In this upgrade Lido will introduce their staking router which will "modularize the protocol by essentially treating the various modules as sets of validator pools that can act as potential supply for the protocol."

Similar to Rocket Pool, Lido is targeting a March/April ETA for Lido v2.

Smart Contract Risk

While the implementation for ordinary withdrawals is simple by design, withdrawing from a staking protocol always comes with its own risks. On March 6, Lido's Polygon stMATIC had to be paused due to a reported bug.

Lido @LidoFinance

Lido on Polygon staking + withdrawal functionality has been temporarily paused for troubleshooting due to the discovery of a bug affecting stMATIC withdrawals. TLDR: All funds are safe and deposits and withdrawals will resume in the next few days.

Thankfully not a hack, but let's not forget that last year we saw record amounts of crypto-assets hacked and stolen. With withdrawals soon to be available both staking protocols will be prime targets for attackers looking for any vulnerability.

Ethereum Will Never...

Before The Merge, doubting that Ethereum would ever implement PoS was in fashion. A few months ago it was the trend to doubt withdrawals. Next it will be sharding.

Thank you to the core developers and every contributor who has played a part in this near decade long project. Through all the doubt and harsh criticism, everything we enjoy in DeFi and the broader Ethereum ecosystem wouldn't be possible without those efforts.

Looking forward to Cancun. 🏝

ERC-4337 Account Abstraction

By: Jake and Stake

Account abstraction is available on an EVM near you now that ERC-4337’s “Entry Point” contract is live on mainnet after a recent audit by OpenZeppelin.

erc4337 @erc4337

The rumors are true... ERC-4337 has been deployed on mainnet 🚀 🔍 Security audit by @OpenZeppelin 🛠️ Bundlers and paymasters by @stackup_fi, @AlchemyPlatform, @biconomy , @etherspot, @candidewallet, @blocknative & more 🏗️ $300K in grants by @ethereum

But what is account abstraction? And why does it matter?

First, a little background. Today, there are two kinds of accounts on Ethereum:

Externally Owned Accounts. These are accounts that Ethereum users are most familiar with as they are used to send transactions, interact with DeFi applications, or buy and sell NFTs. Products like MetaMask, CoinBase, and other wallet applications give users an EOA to use. These accounts initiate transactions and have private keys to authorize them (by producing an ECDSA signature).
Contract Accounts. These are the accounts of smart contracts that aren’t controlled by a private key. They have code associated with them, and when users send valid transactions, this code is executed. Contract accounts cannot initiate transactions on their own. In order to write to the blockchain, a transaction must be signed, which contract accounts can’t do because they don’t have a private key.

The goal of account abstraction is to remove the need to have an EOA to initiate transactions and instead allow users to perform transactions using contract accounts, opening up the design space and customizability of your account.

Users can implement whatever authorization logic they want for their abstracted account.

Multi-sigs
Non-ECDSA verification
Improved privacy solutions

Want withdrawal limits? You got it!

Want account recovery in case you lose your private key? You got it!

Want to pay for transactions using an ERC20 token of your choice? You got it!

Account abstraction has been around as a concept since at least 2017, and there have been a few attempts to implement it.

However, each of these proposals required a consensus change, and several existing consensus layer updates regarding scalability are taking priority (Danksharding). As a result, we wouldn’t see protocol level Account Abstraction until further down the road.

However, EIP-4337 (now ERC-4337) has no consensus layer change. Instead, 4337 introduces a system of smart contracts and a pseudo-transaction called “UserOperations”.

UserOperations

UserOperations are submitted by users to a UserOperation Mempool and collected by “Bundlers” into a “Bundle Transaction”. These Bundlers can be block proposers or block builders that opt-in to process these transactions. Entities like Stackup, Alchemy, Biconomy, Blocknative, Etherspot, and Candide Wallet have built and deployed bundlers.

Jake and Stake

Bundle Transactions are sent to a smart-contract called “EntryPoint” that validates each UserOperation via the specified smart contract wallet. These wallets must implement two functions:

validateUserOps
execute

The EntryPoint contract will call each smart contract wallet’s validateUserOps to determine whether the transaction is valid. The smart contract is free to implement this function however they like, allowing some customizability described earlier.

Alternatively, the EntryPoint contact could use a signature aggregator. This is a contract that the Abstracted Account trusts to create UserOperation signatures and is used by bundlers to create an “aggregateSignature” which is a signature over several UserOperations. This turns what would be many signatures into a single value, condensing the data necessary for validation. This is especially useful for rollups, which have majority data costs.

Vitalik

The EntryPoint contract will use this Aggregator contract to validate an Aggregated Signature during the “handleOps()” procedure.

If the UserOperation is valid, EntryPoint will call execute on the Abstracted Account to perform the desired action. Note that these “Abstracted Accounts” are smart contracts.

Jake and Stake

The Entry Point Contract

There will only be one entry point contract, which is why the audits by Openzepplin are big news. This contract will serve as a central trust point for all of these Abstracted Accounts.

The Entry Point contract separates the process of transaction (UserOp) validation and execution. The contract uses two paths to validate user operations

handleOPs
handleAggregatedOps

Both of the above functions will create an account if it doesn’t exist, using the arguments provided by the UserOp and validate the UserOp using the specified Abstracted Account.

Finally, the Entry Point contract will execute UserOps by calling “execute” on the account and passing in the UserOp’s calldata as arguments. The account then performs whatever actions are programmed using the parameters given.

Jake and Stake

The entry point-based approach cleanly separates the processes of verification and execution, allowing accounts to handle execution. All this together gives users the ability to interact with accounts in a predictable yet sophisticated way without needing the account owner to initiate transactions.

Paymasters

The ERC also introduces the idea of a “paymaster”. This is a contract that will sponsor transactions for users by paying ETH to have them run. In exchange, users pay for their transactions by sending the Paymaster a pre-specified ERC-20 token.

ERC-4337

This is a high-level overview of the specifics of ERC-4337. There are plenty of cool details that we didn’t have time to cover like: simulation, bundling specifications, and first-time account creation. Dig into the ERC spec for more details, and if you’re interested in learning more about this topic, let us know in the comments.

So What?

This is a huge UX improvement for Ethereum users. dApps can pay for users’ gas fees, a great onboarding tool for non-crypto-natives, transactions can be batched together (no more “10 clicks to trade”), and “payment sessions” so you no longer have to approve every transaction.

Account abstraction can improve the usability of privacy tools, allow users to pay for transactions using any token they want, and let users interact with the blockchain without handling private keys. Where losing your private keys today means you’re SoL and lost your funds.

Losing them in a world of account abstraction means that not all is lost.

In all honesty, the design space is pretty freakin’ huge. Take particular note of Visa’s excitement. Their team released a design for automatic payments by using pull-based transactions and self-custodial wallets. This has been a huge problem for companies that want to use blockchains for recurring payments to compensate for services.

Before, payments had to be issued by the payer, but with account abstraction, service providers can charge for their services without you having to make the transaction yourself. Just like automatic payments on your credit card bill. Accounts can even be programmed to accept invoices for any amount of time, so you can set a limit to how long you subscribe to a service.

Wallets can be configured so you have back-up accounts and allow certain services to make changes. Users can even interact with the blockchain without knowing it. Account creation can be handled by the account issuer and all the user has to do is use web2 style UX to manage their wallet.

In short, account abstraction adds usability to Ethereum’s security and decentralization. It’s a big deal, and we’re still very early.

Action Steps

📖 Read Ethereum Shanghai Upgrade

⛏️ Dig into Visa Auto Payments for Self-custodial Wallets

🎧 Listen Why EIP-4337 Changes Web3 Forever

Project Releases 🎉

Hand-picked articles to understand the current state of the DeFi ecosystem

Coinbase launches Ethereum L2 “Base”

There will be no token
Built on Optimism’s OP stack, it is interoperable with Optimism
Intended to be the on-chain home for Coinbase
Some percentage of fees will go to the OP collective

Base @BuildOnBase

0/ 🔵 Hello world. Meet Base, an Ethereum L2 that offers a secure, low-cost, developer-friendly way for anyone, anywhere, to build decentralized apps. Our goal with Base is to make onchain the next online and onboard 1B+ users into the cryptoeconomy. base.mirror.xyz/jjQnUq_UNTQOk7…

base.mirror.xyzMeet BaseToday, we’re excited to announce the testnet launch of Base, an Ethereum Layer 2 (L2) network offering a secure, low-cost, developer-friendly way for anyone, anywhere, to build decentralized apps onchain. Our goal with Base is to make onchain the next online and onboard one billion users into the cr…

Spotify releases pilot program for token-gated playlists

Piloting this program is the band Kingship
Feature that makes playlists unlockable through NFTs
iPhone users can’t access the feature

Apoorv Lathey @apoorvlathey

Spotify rolling out token gating 👀

Flashbots announces MEV-Share

Users will be paid for their transactions by MEV searchers
Described as an early-stage implementation of SUAVE
Transactions are kept private save a few details for calculating MEV extraction
A “Matchmaker” facilitates this market by matching bundles and user transactions and ensures users get paid

@bertcmiller ⚡️🤖 @bertcmiller

Introducing MEV-Share: programmably private orderflow that empowers users, redistributes MEV, and takes a step towards decentralized block building MEV-Share is where transactions and bundles find their perfect match collective.flashbots.net/t/mev-share-pr…

Collab.Land Launches COLLAB token and DAO

Tokens are available for claim (February 23, 2023 - May 23, 2023)
Presumably it will be used for governance
If you have a Patron NFT or Membership NFT, you can claim your role in the Collab.Land Discord Server

🦾 Collab.Land 🤖 @Collab_Land_

Today, we are excited to announce the next phase of the Collab.Land ecosystem with the COLLAB token and DAO! 🤖🦾 ✅ Feb. 23 token claim ✅ +2MM eligible ✅ No wallet signing, no gas! 👇 Get ready to #COLABL 👇 wagmi.collab.land

Scroll releases ZK-Rollup on Goerli Testnet

Scroll 📜 @Scroll_ZKP

For nearly two years, we've built our zkEVM in the open alongside @PrivacyScaling and other contributors, and today, we're taking the next step to Goerli, the final stage before mainnet. Our testnet on Goerli is 100% permissionless. Here are the details:

Chirping Birds

🔥 and 🧊 tweets from across the DeFi ecosystem

RYAN SΞAN ADAMS - rsa.eth 🏴🦇🔊 @RyanSAdams

The secret to success in any bear market: 1) Learn 2) Build 3) Accumulate That's it.

Ane Olsson 🦇🔊 ane.eth @anajolsson

May 2016 #Ethereum launches on #Coinbase May 2023 #Coinbase launches on #Ethereum

frankdegods.eth @frankdegods

“what problem do nfts solve?” people want to buy digital goods

nick.eth @nicksdjohnson

@Fiddyten @garypalmerjr @ensdomains @ENS_DAO Neither ENS Labs nor (to my knowledge) anyone at the DAO is working on something like that. A transfer blocklist is impossible on a technical level; the closest you could get is a list that's voluntarily observed by marketplaces.

Erik Voorhees @ErikVoorhees

Tradfi is like the One Ring. Important to the progression of the story, and while powerful and sometimes convenient in the moment, still fundamentally demonic and corrupting and needing to be cast into the fires of Mt Doom.

rliriano 🦇🔊🌪️🦜 @rliriano

If you want to a get glimpse of what @zapper_fi is building check out beta.zapper.xyz You can follow/create lists, share and more. In time you will be able to bundle lists, import and export them. 🤐

beta.zapper.xyzZapper - Your Home to Web3Your home to web3. Explore wallets, NFTs, DeFi, Daos and more...

foobar @0xfoobar

THE BITCOIN DUMPSTER GUY FINALLY FOUND HIS HARD DRIVE AFTER A DECADE OF SEARCHING AND IT WAS BCH INSTEAD OF BTC

smolting (wassie, verse) @inversebrah

all is well

Matthew Green @matthew_d_green

So we went over DeFi today in class. I figured I needed to give the students some kind of legal disclaimer.

Engineering Ethereum: EIP-4895

By: Austin Foss

Ethereum's next major upgrade, Shanghai, is currently scheduled for some time in late March. Among the other Ethereum Improvement Proposals (EIPs) present in this upgrade is the eagerly anticipated "EIP-4895: Beacon chain push withdrawals as operations''. In early February, the Zhejiang public testnet went live allowing users to simulate the withdrawal process. On February 28 the permissioned test-net Sepolia hard-forked, soon to be followed by the Goerli public test-net on March 14, should everything go according to plan.

GaetanSemp.eth🦇🔊 @GaetanSemp

"Withdrawals" is the next big #Ethereum upgrade. Here is the planning : - Zhejiang testnet ✅ - Sepolia testnet (23rd February) - Goerli testnet (early March) - Mainnet (mid-March) Once activated, validators can : - withdraw their entire 32 $ETH - OR only withdraw their rewards

Barring any unexpected complications, within about a month, Ethereum's main-net will make the Shanghai upgrade.

Implementing Withdrawals

Authored by Alex Stokes and Danny Ryan, they describe their proposed approach to facilitating withdrawals as follows:

"Introduce a system-level “operation” to support validator withdrawals that are “pushed” from the beacon chain to the EVM."

When a withdrawal is made the amount of ETH from the consensus layer, the beacon chain, must be moved back to the execution layer. Meaning that a "pull" method would require withdrawals "to be processed in the execution layer as soon as they are dequeued from the consensus layer." Requiring a second action from the withdrawer in the form of a new type of user-level transaction.

Using EIP-4895's "push" method, once the withdrawal is "dequeued" from the consensus layer it is immediately processed at the execution layer gas-free in the form of "a new type of object in the execution payload..." It's still part of the block, just isolated from all the user-level transactions.

Rational

"Why not a new transaction type?"

Firewalling off withdrawals from executing any EVM operation simplifies the potential security risks.

"Why no (gas) costs for the withdrawal type?"

By limiting the amount of withdrawals at a time that can be processed has resulted in a potential overhead increase of only "~1% of current average payload size..."

"Why only balance updates? No general EVM execution?"

Having a withdrawal processed on the consensus and execution layers "complicates accounting on the beacon chain." A possible 2 ETH vs 1.9999999 ETH withdrawal conflict for instance.

Withdrawal Process

EIP-4895 enables validator operators to make two kinds of withdrawals; partial and full.

Partial withdrawals are any request that will leave at least the minimum required 32 ETH remaining to continue validating the network. These "are automatic and round-robin averaging 1 sweep/week in the current design."

A full withdrawal does exactly what it sounds like, everything will be sent to the operator's withdrawal address and their validator will cease contributing to consensus. These withdrawals are then placed in the exit queue "to regulate the rate of exit and entry into the beacon chain validator set."

DeFi Relevance

How this EIP will affect the wider DeFi ecosystem is hard to predict and none of the following is a prediction, just some simple observations to keep in mind.

Bearing in mind that users who made deposits within the last two years likely did so when the price was higher than it is now (though they may have used ETH that was bought much earlier, at prices less than what ETH is now), this could mean that some exits may be taken to cover some losses.

Source: https://dune.com/queries/12783/25578

Since the deposit contract went live to kick off the beacon chain, when ETH was at about $600 USD, deposits have remained steady, even throughout 2022. So this could also mean that market sentiment still believes that locking up ETH for a medium to long-term period of time will be worthwhile.

Perhaps another angle to look at this has less to do with how the circulating supply of ETH will be affected, but has more to do with the perception of Ethereum's technology. Simply proving that there has been one more step in Ethereum's roadmap taken without the system collapsing could have its own positive effect on DeFi.

EIP-4895 Citation: Alex Stokes (@ralexstokes), Danny Ryan (@djrtwo), "EIP-4895: Beacon chain push withdrawals as operations [DRAFT]," Ethereum Improvement Proposals, no. 4895, March 2022. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-4895.

BANK utility (BanklessDAO token)

With over 5,000 holders, BANK is one of the most widely held social tokens in crypto. So it bears asking, where are the best places to put our BANK to use? The five protocols below will allow you to deposit BANK in a liquidity pool and earn rewards. To get going, just click on the name, connect to the app, filter by BANK, and start earning passive income.

BanklessDAO 🏴 @banklessDAO

Resident tokenomist @ffstrauf turns inward, analyzing BanklessDAO's $BANK token and showing us how a movement becomes an incentivized community of buidlers (Cov @dippudo)

medium.comTokenomics 101: BanklessDAOHow a Movement Becomes a Tokenized Start-up Incubator

⚖️ Balancer

Balancer has two 80/20 liquidity pools, meaning that you are required to deposit 80% BANK and 20% ETH in the pool. There is one pool on Ethereum and another on Polygon. Once you’ve provided liquidity, you’ll receive LP tokens. Keep an eye out for opportunities to stake these LP tokens. There is nearly 500,000 USD in the two Balancer liquidity pools.

🍣 SushiSwap

SushiSwap has a 50/50 BANK/ETH pool. As with Balancer, you will receive LP tokens, and while you can’t stake them on SushiSwap’s Onsen Farm yet, you may be able to in the future. Liquidity providers earn a .25% fee on all trades proportional to their pool share. The SushiSwap pool has a little over 100,000 USD in liquidity.

⏛ Rari Fuse PoolDeprecated Soon

This will be deprecated soon. The Rari Fuse Pool allows you to borrow against your BANK or earn huge APY by providing assets like DAI to the pool. At present, all borrowing is paused for this pool. There is over 450,000 USD deposited in the Pool

🦄 Uniswap

The Uniswap V3 liquidity pool is 50/50 BANK/ETH, and provides a price oracle for the Rari Fuse Pool. By depositing in the Uniswap pool, you can earn fees and help enable borrowing on Rari. This pool currently has over 500,000 USD in liquidity.

🪐 Arrakis

You can also provide liquidity to the Arrakis Uniswap V3 pool. The ratio is about 2/1 BANK/ETH. This pool is new, and only has a bit more than $6,000 in liquidity. In the future, you may be able to stake your BANK/ETH LP tokens within the protocol to earn additional rewards.