Skip to main content

EIP-7702 Basics For Setting Code For An EOA

The goal of this tutorial is to understand the new functionality of EIP-7702 and its limitations using Foundry. In this guide, we will deploy a basic HelloWorld contract, a Counter contract, a SimpleDelegate contract, and perform cleanup to understand the nuances of setting code for an EOA. EIP-7702 Basics :::danger PLEASE AVOID PRODUCTION: These contracts have not been audited and deploying them would be at your own risk. :::

Requirements

Make sure you have the following installed on your computer before we begin:
  • Foundry Forge & Cast v1.0.0 or greater

Setting HelloWorld Code For EOA

In this first step, we will set specific code for an EOA to a HelloWorld.sol contract to demonstrate what is expected to function and what is not expected to work.

Step 1 - New Forge Project

Step 2 - Create HelloWorld & Deployment Contract

Step 3 - Deploy HelloWorld Contract

Export the contract address as an environment variable:

Step 4 - Verify Deployed Contract Message

Step 5 - Set HelloWorld Code For EOA

You’ll notice that the transaction submitted in this next step sets the code for the EOA, but the transaction must come from another account. This is because if the transaction comes from the original EOA attempting to set its own code, clients like cast will treat it as a normal EOA transaction and never load the bytecode or apply the signed authorization.
Export the transaction hash:

Step 6 - Verify Authorization List

Step 7 - Verify EOA Code Set

Notice the prefix 0xef0100 and the contract address 5FbDB2315678afecb367f032d93F642f64180aa3.

Step 8 - Verify EOA Code Message

Why is it blank, and why didn’t the constructor initialize the message variable? This is because storage initialization normally gets applied during contract deployment. When setting code for an EOA, you’re effectively not deploying or executing a constructor, and no storage allocations have been initialized or set. If you compare the $EOA_ADDRESS to the $CONTRACT_ADDRESS slots, you can see the difference:

Step 9 - Initialize HelloWorld EOA Code

When calling functions on the EOA_ADDRESS, they can be called by any wallet, including the originating EOA_PK. The main consideration is that the owner of the contract is set by whoever calls initialize.

Step 10 - Verify New EOA Message

We can verify that the message has been updated and also verify the storage slot change.

Step 11 - Set New EOA Message

Additional functions can also be triggered, but since the OTHER_ADDRESS initialized the contract, it has been set as the owner and is the only address that can set messages.

Setting Counter Code For EOA

Next, we’ll walk through deploying a simple Counter contract to set as code for an EOA and examine how that affects its storage slots.

Step 1 - Create Counter Contract Code

Step 2 - Deploy Counter Contract

Export the contract address as an environment variable:

Step 3 - Set Counter Code For EOA

Export the transaction hash:

Step 4 - Verify Previous Storage Slots Conflict

Now that we have set our EOA code to another contract code, we will see that the storage slot value has carried over from our initialized HelloWorld contract.
This can also pose a problem, as we noted before that storage slots aren’t initialized and simply carry forward what was there before. :::warning NOTE: When setting code for an EOA, consider examining its storage slots and creating an initialize function that resets these values. :::

Setting SimpleDelegate Code For EOA

As another example, we’ll demonstrate how you can specify any call data for the EOA to execute. :::danger USE ONLY FOR TESTING PURPOSES. This contract essentially provides an open door for anyone to make you process transactions. :::

Step 1 - Create SimpleDelegate Contract Code

Step 2 - Create ERC20Token Contract Code

Step 3 - Deploy SimpleDelegate ERC20Token Contract

Export the contract addresses as an environment variables:

Step 4 - Set SimpleDelegate Code For EOA

Step 5 - Burn BERA

Next, we’ll introduce a transaction to burn some of the balance from the EOA_ADDRESS.

Step 6 - Transfer ERC20 Tokens

Finally, we’ll introduce a transaction to transfer ERC20 tokens to OTHER_ADDRESS.

Clean Up Code For EOA

The last remaining step is to remove any code associated with the EOA_ADDRESS.