certik

Security Analysis. Pectra’s EIP-7702 and Its Security Implications Across EVM Chains
Skynet Certik Quest 2025.05.23

What new capability does EIP-7702 give to an EOA?
1: It can execute code by delegating to a smart contract.

After EIP-7702, how does the check require(tx.origin == msg.sender) behave?
3: It can be bypassed by a delegated EOA (i.e. no longer safe)

What happens to extcodesize(address) for an EOA that has set delegation code?
2: It returns >0, since the EOA now has code

Under EIP-7702, what can happen if you send ETH to a delegated EOA?
2: It can invoke the delegate’s fallback function, potentially using extra gas or reverting

Security Analysis. Pectra’s EIP-7702 and Its Security Implications Across EVM Chains
Skynet Certik Quest 2025.05.23

What new capability does EIP-7702 give to an EOA?
1: It can execute code by delegating to a smart contract.

After EIP-7702, how does the check require(tx.origin == msg.sender) behave?
3: It can be bypassed by a delegated EOA (i.e. no longer safe)

What happens to extcodesize(address) for an EOA that has set delegation code?
2: It returns >0, since the EOA now has code

Under EIP-7702, what can happen if you send ETH to a delegated EOA?
2: It can invoke the delegate’s fallback function, potentially using extra gas or reverting
https://skynet.certik.com/quest/pectras-eip-7702-and-its-security-implications-across-evm-chains

Explore the EIPs / ERCs mentioned in this cast:

Diy enthusiast interested in networking, PC's, NAS. Hardware repairing engineer.