feat(core): add read only protection for opcodes #33637

[gzliudan]

Proposed changes

This PR reverts a part of changes brought by the PR #1960.

Specifically, read-only protection should always be enforced at the opcode level,
regardless of whether the check has already been performed during gas metering.

It should act as a gatekeeper, otherwise, it is easy to introduce errors by adding
new gas measurement logic without consistently applying the read-only protection.

Ref: ethereum#33637

Types of changes

What types of changes does your code introduce to XDC network?
Put an ✅ in the boxes that apply

• Bugfix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation Update (if none of the other choices apply)
• Regular KTLO or any of the maintaince work. e.g code style
• CICD Improvement

Impacted Components

Which part of the codebase this PR will touch base on,

Put an ✅ in the boxes that apply

• Consensus
• Account
• Network
• Geth
• Smart Contract
• External components
• Not sure (Please specify below)

Checklist

Put an ✅ in the boxes once you have confirmed below actions (or provide reasons on not doing so) that

• This PR has sufficient test coverage (unit/integration test) OR I have provided reason in the PR description for not having test coverage
• Provide an end-to-end test plan in the PR description on how to manually test it on the devnet/testnet.
• Tested the backwards compatibility.
• Tested with XDC nodes running this version co-exist with those running the previous version.
• Relevant documentation has been updated as part of this PR
• N/A

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR reverts a portion of changes introduced in PR #1960 by restoring read-only protection checks at the opcode level for state-modifying operations. The change ensures that read-only validation acts as a defensive gatekeeper, preventing potential bugs from future gas measurement logic modifications that might omit these critical checks.

Changes:

• Restored read-only checks in opSstore, opCall, opSelfdestruct, and opSelfdestruct6780 opcodes
• Modified makeSelfdestructGasFn to return ErrOutOfGas instead of the gas value when insufficient gas remains

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
core/vm/instructions.go	Re-added read-only protection checks to SSTORE, CALL (when transferring value), SELFDESTRUCT, and SELFDESTRUCT6780 opcodes as defensive programming
core/vm/operations_acl.go	Changed error handling in selfdestruct gas function to return ErrOutOfGas immediately when gas is insufficient, preventing state access

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.