Skip to content

reject empty SetCode auth list#3528

Merged
codchen merged 1 commit into
mainfrom
codex/reject-empty-setcode-auth-list
Jun 17, 2026
Merged

reject empty SetCode auth list#3528
codchen merged 1 commit into
mainfrom
codex/reject-empty-setcode-auth-list

Conversation

@codchen

@codchen codchen commented Jun 1, 2026

Copy link
Copy Markdown
Collaborator

Summary

Reject SetCode transactions with nil or empty authorization lists during Sei EVM tx validation, so CheckTx no longer accepts transactions that DeliverTx later rejects through Geth's EIP-7702 stateless checks.

The same guard is mirrored in the Giga EVM tx-type copy to keep validation behavior aligned.

Root Cause

SetCodeTx.Validate() delegated to validateAuthList(), which iterated over the list but treated nil and empty lists as valid. CheckTx runs Sei's stateless validation path without Geth StateTransition.StatelessChecks(), preserving pending-nonce mempool behavior, so the empty auth-list invariant was missed before mempool admission. DeliverTx invokes the Geth stateless check and rejects the same tx with ErrEmptyAuthList, wrapped as ErrWrongSequence.

Tests

go test ./x/evm/types ./x/evm/types/ethtx ./app/ante ./giga/deps/xevm/types/ethtx

@github-actions

github-actions Bot commented Jun 1, 2026

Copy link
Copy Markdown

The latest Buf updates on your PR. Results from workflow Buf / buf (pull_request).

BuildFormatLintBreakingUpdated (UTC)
✅ passed✅ passed✅ passed✅ passedJun 17, 2026, 9:25 AM

@codchen codchen changed the title [codex] reject empty SetCode auth list reject empty SetCode auth list Jun 1, 2026
@codchen codchen marked this pull request as ready for review June 1, 2026 04:01
@cursor

cursor Bot commented Jun 1, 2026

Copy link
Copy Markdown

PR Summary

Low Risk
Tightens tx validation only; invalid SetCode txs are rejected earlier with no change to execution paths for valid transactions.

Overview
SetCode (EIP-7702) transactions with nil or empty AuthList are now rejected during Sei EVM semantic validation, with error auth list cannot be empty. The guard is added at the start of validateAuthList in both x/evm/types/ethtx and the mirrored giga/deps/xevm/types/ethtx copy, so SetCodeTx.Validate() (and thus EvmStatelessChecks on CheckTx) matches Geth’s expectation instead of admitting txs that DeliverTx later fails.

Tests cover SetCodeTx.Validate for nil/empty vs valid lists, EvmStatelessChecks for empty auth list, and a broader SetCodeTx behavior test using a non-empty auth list.

Reviewed by Cursor Bugbot for commit 33f7713. Bugbot is set up for automated code reviews on this repo. Configure here.

@codecov

codecov Bot commented Jun 1, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 50.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 58.14%. Comparing base (368f6be) to head (33f7713).

Files with missing lines Patch % Lines
giga/deps/xevm/types/ethtx/semantic_validation.go 0.00% 2 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #3528      +/-   ##
==========================================
- Coverage   58.97%   58.14%   -0.83%     
==========================================
  Files        2211     2137      -74     
  Lines      182172   173629    -8543     
==========================================
- Hits       107434   100964    -6470     
+ Misses      65120    63720    -1400     
+ Partials     9618     8945     -673     
Flag Coverage Δ
sei-chain-pr 62.57% <50.00%> (?)
sei-db 70.41% <ø> (ø)
sei-db-state-db ?

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
x/evm/types/ethtx/semantic_validation.go 42.22% <100.00%> (+9.66%) ⬆️
giga/deps/xevm/types/ethtx/semantic_validation.go 31.11% <0.00%> (-1.45%) ⬇️

... and 76 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@codchen codchen force-pushed the codex/reject-empty-setcode-auth-list branch from 8e60340 to 33f7713 Compare June 17, 2026 09:23
@codchen codchen added this pull request to the merge queue Jun 17, 2026
Merged via the queue into main with commit 8123ff3 Jun 17, 2026
60 checks passed
@codchen codchen deleted the codex/reject-empty-setcode-auth-list branch June 17, 2026 10:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants