AA-217: Charge a penalty payment for unused execution gas limit of a UserOp

contracts/core/EntryPoint.sol

@@ -33,6 +33,7 @@ contract EntryPoint is IEntryPoint, StakeManager, NonceManager, ReentrancyGuard,
     bytes32 private constant INNER_OUT_OF_GAS = hex"deaddead";
 
     uint256 private constant REVERT_REASON_MAX_LEN = 2048;
+    uint256 private constant PENALTY_PERCENT = 10;
 
     /**
      * For simulation purposes, validateUserOp (and validatePaymasterUserOp)
@@ -668,6 +669,23 @@ contract EntryPoint is IEntryPoint, StakeManager, NonceManager, ReentrancyGuard,
                 }
             }
             actualGas += preGas - gasleft();
+
+            // Calculating a penalty for unused execution gas
+            {
+                uint256 executionGasLimit = mUserOp.callGasLimit;
+                // Note that 'verificationGasLimit' here is the limit given to the 'postOp' which is part of execution
+                if (context.length > 0){
+                    executionGasLimit += mUserOp.verificationGasLimit;
+                }
+                uint256 executionGasUsed = actualGas - opInfo.preOpGas;
+                // this check is required for the gas used within EntryPoint and not covered by explicit gas limits
+                if (executionGasLimit > executionGasUsed) {
+                    uint256 unusedGas = executionGasLimit - executionGasUsed;
+                    uint256 unusedGasPenalty = (unusedGas * PENALTY_PERCENT) / 100;
+                    actualGas += unusedGasPenalty;
+                }
+            }
+
             actualGasCost = actualGas * gasPrice;
             if (opInfo.prefund < actualGasCost) {
                 revert FailedOp(opIndex, "AA51 prefund below actualGasCost");

eip/EIPS/eip-4337.md

@@ -233,7 +233,9 @@ The entry point's `handleOps` function must perform the following steps (we firs
 In the execution loop, the `handleOps` call must perform the following steps for each `UserOperation`:
 
 * **Call the account with the `UserOperation`'s calldata**. It's up to the account to choose how to parse the calldata; an expected workflow is for the account to have an `execute` function that parses the remaining calldata as a series of one or more calls that the account should make.
-* After the call, refund the account's deposit with the excess gas price that was pre-charged.
+* After the call, refund the account's deposit with the excess gas cost that was pre-charged.\
+ A penalty of `10%` (`UNUSED_GAS_PENALTY_PERCENT`) is applied on the amount of gas that is refunded.\
+ This penalty is necessary to prevent the UserOps from reserving large parts of the gas space in the bundle but leaving it unused and preventing the bundler from including other UserOperations.
 * After the execution of all calls, pay the collected fees from all UserOperations to the bundler's provided address
 
 ![](../assets/eip-4337/bundle-seq.svg)

eip/EIPS/eip-aa-rules.md

@@ -193,6 +193,8 @@ To help make sense of these params, note that a malicious paymaster can at most
     * **[OP-062]** Precompiles:
         * Only allowed the core 9 precompiles.\
           Specifically the computation precompiles that do not access anything in the blockchain state or environment.
+* **[OP-070] Transient Storage slots defined in [EIP-1153](./eip-1153.md) and accessed using `TLOAD` (`0x5c`) and `TSTORE` (`0x5d`) opcodes
+    are treated exactly like persistent storage (SLOAD/SSTORE)
 
 ### Code Rules
 
@@ -210,7 +212,8 @@ The permanent storage access with `SLOAD` and `SSTORE` instructions within each
     * **[STO-022]**  There is an `initCode` and the `factory` contract is staked.
 * If the entity (`paymaster`, `factory`) is staked, then it is also allowed:
     * **[STO-031]** Access the entity's own storage.
-    * **[STO-032]** Access a storage slot in any non-entity contract that is associated with the entity.
+    * **[STO-032]** Read/Write Access to storage slots that is associated with the entity, in any non-entity contract.
+    * **[STO-033]** Read-only access to any storage in non-entity contract.
 * **[STO-040]** `UserOperation` may not use an entity address (`factory`/`paymaster`/`aggregator`) that is used as an "account" in another `UserOperation` in the mempool. \
 This means that a `Paymaster` and `Factory` contracts cannot practically be an "account" contract as well.
 * **[STO-041]** A contract whose Associated Storage slot is accessed during a `UserOperation` may not be an address of a "sender" in another `UserOperation` in the mempool.

reports/gas-checker.txt

@@ -12,28 +12,28 @@
 ║                                │       │               │     (delta for │        (compared to ║
 ║                                │       │               │    one UserOp) │     account.exec()) ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple                         │     1 │         81838 │                │                     ║
+║ simple                         │     1 │         81945 │                │                     ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple - diff from previous    │     2 │               │          44095 │               15081 ║
+║ simple - diff from previous    │     2 │               │          44226 │               15212 ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple                         │    10 │        478810 │                │                     ║
+║ simple                         │    10 │        480000 │                │                     ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple - diff from previous    │    11 │               │          44131 │               15117 ║
+║ simple - diff from previous    │    11 │               │          44238 │               15224 ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple paymaster               │     1 │         88109 │                │                     ║
+║ simple paymaster               │     1 │         88255 │                │                     ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple paymaster with diff     │     2 │               │          43096 │               14082 ║
+║ simple paymaster with diff     │     2 │               │          43206 │               14192 ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple paymaster               │    10 │        476022 │                │                     ║
+║ simple paymaster               │    10 │        477410 │                │                     ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ simple paymaster with diff     │    11 │               │          43155 │               14141 ║
+║ simple paymaster with diff     │    11 │               │          43241 │               14227 ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ big tx 5k                      │     1 │        182895 │                │                     ║
+║ big tx 5k                      │     1 │        183014 │                │                     ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ big tx - diff from previous    │     2 │               │         144594 │               19334 ║
+║ big tx - diff from previous    │     2 │               │         144725 │               19465 ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ big tx 5k                      │    10 │       1484454 │                │                     ║
+║ big tx 5k                      │    10 │       1485632 │                │                     ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ big tx - diff from previous    │    11 │               │         144619 │               19359 ║
+║ big tx - diff from previous    │    11 │               │         144786 │               19526 ║
 ╚════════════════════════════════╧═══════╧═══════════════╧════════════════╧═════════════════════╝
 

test/entrypoint.test.ts

@@ -543,6 +543,64 @@ describe('EntryPoint', function () {
         expect(await getBalance(account.address)).to.eq(inititalAccountBalance)
       })
 
+      it('account should pay a penalty for requiring too much gas and leaving it unused', async function () {
+        if (process.env.COVERAGE != null) {
+          return
+        }
+        const iterations = 10
+        const count = await counter.populateTransaction.gasWaster(iterations, '')
+        const accountExec = await account.populateTransaction.execute(counter.address, 0, count.data!)
+        const callGasLimit = await ethersSigner.provider.estimateGas({
+          from: entryPoint.address,
+          to: account.address,
+          data: accountExec.data
+        })
+        // expect(callGasLimit.toNumber()).to.be.closeTo(270000, 10000)
+        const beneficiaryAddress = createAddress()
+
+        // "warmup" userop, for better gas calculation, below
+        await entryPoint.handleOps([await fillAndSign({ sender: account.address, callData: accountExec.data }, accountOwner, entryPoint)], beneficiaryAddress)
+        await entryPoint.handleOps([await fillAndSign({ sender: account.address, callData: accountExec.data }, accountOwner, entryPoint)], beneficiaryAddress)
+
+        const op1 = await fillAndSign({
+          sender: account.address,
+          callData: accountExec.data,
+          verificationGasLimit: 1e5,
+          callGasLimit: callGasLimit
+        }, accountOwner, entryPoint)
+
+        const rcpt1 = await entryPoint.handleOps([op1], beneficiaryAddress, {
+          maxFeePerGas: 1e9,
+          gasLimit: 20000000
+        }).then(async t => await t.wait())
+        const logs1 = await entryPoint.queryFilter(entryPoint.filters.UserOperationEvent(), rcpt1.blockHash)
+        expect(logs1[0].args.success).to.be.true
+
+        const gasUsed1 = logs1[0].args.actualGasUsed.toNumber()
+        const veryBigCallGasLimit = 10000000
+        const op2 = await fillAndSign({
+          sender: account.address,
+          callData: accountExec.data,
+          verificationGasLimit: 1e5,
+          callGasLimit: veryBigCallGasLimit
+        }, accountOwner, entryPoint)
+        const rcpt2 = await entryPoint.handleOps([op2], beneficiaryAddress, {
+          maxFeePerGas: 1e9,
+          gasLimit: 20000000
+        }).then(async t => await t.wait())
+        const logs2 = await entryPoint.queryFilter(entryPoint.filters.UserOperationEvent(), rcpt2.blockHash)
+
+        const gasUsed2 = logs2[0].args.actualGasUsed.toNumber()
+
+        // we cannot access internal transaction state, so we have to rely on two separate transactions for estimation
+        // assuming 10% penalty is charged
+        const expectedGasPenalty = (veryBigCallGasLimit - callGasLimit.toNumber()) * 0.1
+        const actualGasPenalty = gasUsed2 - gasUsed1
+
+        console.log(actualGasPenalty / expectedGasPenalty)
+        expect(actualGasPenalty).to.be.closeTo(expectedGasPenalty, expectedGasPenalty * 0.001)
+      })
+
       it('legacy mode (maxPriorityFee==maxFeePerGas) should not use "basefee" opcode', async function () {
         const op = await fillAndSign({
           sender: account.address,