EIP 1051: Overflow checking for the EVM
Author | Nick Johnson |
---|---|
Discussions-To | https://ethereum-magicians.org/t/eip-arithmetic-overflow-detection-for-the-evm/261 |
Status | Draft |
Type | Standards Track |
Category | Core |
Created | 2018-05-02 |
Abstract
This EIP adds overflow checking for EVM arithmetic operations, and two new opcodes that check and clear the overflow flags.
Motivation
The correct functioning of many contracts today is dependent on detecting and preventing overflow of arithmetic operations. Since the EVM operates on mod 2^256 integers and provides no built-in overflow detection or prevention, this requires manual checks on every arithmetic operation.
In the interests of facilitating efficient and secure contracts, we propose new opcodes that permit efficient detection of overflows, which can be checked periodically rather than after each operation.
Specification
Two new flags are added to the EVM state: overflow (ovf
) and signed overflow (sovf
).
The ovf
flag is set in the following circumstances:
- When an
ADD
opcode, with both inputs treated as unsigned integers, produces an ideal output in excess of 2^256 - 1. - When a
SUB
opcode, with both inputs treated as unsigned integers, produces an ideal output less than 0. - When a ‘MUL’ opcode, with both inputs treated as unsigned integers, produces an ideal output in excess of 2^256 - 1.
The sovf
flag is set whenever the ovf
flag is set, and additionally in the following circumstances:
- When an
ADD
opcode with both inputs having the same MSB results in the output having a different MSB (eg,(+a) + (+b) = (-c)
or(-a) + (-b) = (+c)
). - When a
SUB
opcode occurs and the result has the same MSB as the subtractand (second argument) (eg,(+a) - (-b) = (-c)
or(-a) - (+b) = (+c)
. - When a
MUL
opcode with both inputs being positive has a negative output. - When a ‘MUL’ opcode with both inputs being negative has a negative output.
- When a ‘MUL’ opcode with one negative input and one positive input has a positive output.
A new opcode, OFV
is added, with number 0x0C. This opcode takes 0 arguments from the stack. When executed, it pushes 1
if the ovf
flag is set, and 0
otherwise. It then sets the ovf
flag to false.
A new opcode, SOVF
is added, with number 0x0D. This opcode takes 0 arguments from the stack. When executed, it pushes 1
if the sovf
flag is set, and 0
otherwise. It then sets the sovf
flag to false.
Rationale
Any change to implement overflow protection needs to preserve behaviour of existing contracts, which precludes many changes to the arithmetic operations themselves. One option would be to provide an opcode that enables overflow protection, causing a throw or revert if an overflow happens. However, this limits the manner in which overflows can be handled.
Instead, we replicate functionality from real world CPUs, which typically implement ‘carry’ and ‘overflow’ flags.
Separate flags for signed and unsigned overflow are necessary due to the fact that a signed overflow may not result in an unsigned overflow.
Backwards Compatibility
This EIP introduces no backwards compatibility issues.
Test Cases
TBD
Implementation
TBD
Copyright
Copyright and related rights waived via CC0.