EIP-6493: SSZ Transaction Signature Scheme
Signature scheme for native SSZ transactions
Abstract
This EIP defines a signature scheme for native Simple Serialize (SSZ) encoded transactions.
Motivation
EIP-6404 introduces SSZ transactions by converting from RLP transactions. Defining a signature scheme for native SSZ transactions further reduces required conversions and unlocks the forward compatibility benefits of SSZ StableContainer
.
Specification
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 and RFC 8174.
Transaction signature scheme
Native SSZ transactions are based on the TransactionPayload
and Transaction
types defined in EIP-6404 and emit an EIP-6466 Receipt
. To distinguish native SSZ transactions from those converted from RLP, native SSZ transactions do not set an RLP TransactionType
in their TransactionPayload
.
All native SSZ transactions follow an identical scheme based on hash_tree_root
to compute their signing hash (sig_hash
) and unique identifier (tx_hash
).
Additional information is mixed into sig_hash
to uniquely identify the underlying specification and avoid hash collisions across different signature kinds. Vendor-defined networks MUST use a different DomainType
for signing custom transaction types.
Name | Value | Description |
---|---|---|
DOMAIN_TX_SSZ | DomainType('0x00000080) | DomainType for signing native SSZ transactions compatible with this EIP |
JSON-RPC
Certain JSON-RPC endpoints such as eth_getTransactionByHash
indicate the corresponding EIP-2718 envelope type prefix in a type
field.
When representing SSZ transactions on such endpoints, SSZ_TX_TYPE
SHOULD be indicated as their type
, as defined in EIP-6404. Omitting the type
is NOT RECOMMENDED as certain client applications could confuse the omission with untyped LegacyTransaction
.
Transaction
profiles
New EIP-7495 Profile
definitions are introduced to represent native SSZ transactions:
BasicTransaction
shares the functionality of EIP-1559 fee market transactionsBlobTransaction
shares the functionality of EIP-4844 blob transactions
The identify_transaction_profile
helper from EIP-6404 is updated to support native SSZ transactions.
Rationale
The SSZ signature scheme reduces hashing overhead and ensures that tx_hash
commitments are available on-chain. It also provides a flexible basis for future transaction functionality.
Backwards Compatibility
The new transaction signature scheme is solely used for SSZ transactions and is represented using a different EIP-2718 envelope type prefix as existing RLP transactions.
Security Considerations
SSZ signatures MUST NOT collide with RLP transaction and message hashes.
As RLP messages are hashed using keccak256, and all SSZ objects are hashed using SHA256. These two hashing algorithms are both considered cryptographically secure and are based on fundamentally different approaches, minimizing the risk of hash collision between those two hashing algorithms.
Furthermore, RLP messages are hashed linearly across their serialization, while SSZ objects are hashed using a recursive Merkle tree. Having a different mechanism further reduce the risk of hash collisions.
Copyright
Copyright and related rights waived via CC0.