# 0x01 receive payable Investigation as to which 0x01 credentials deployed *today* are relying on critical `payable` functionality (if any). The [spec](https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/validator.md#eth1_address_withdrawal_prefix) is written such that it *would* hit EVM execution, but "push" designs are opened up if we bypass that. All eth1 withdrawal addrs as of 22/2/22 -- https://gist.github.com/djrtwo/6c77383c3321372b3166b615d6bb2766 Non-rocketpool deployed code -- https://gist.github.com/djrtwo/f3deb53873862daa216d897c6e64b918 [toc] ## Investigation ### Method On 22/2/22 steps: * pull down all `validators` from lighthouse node * filter `0x01` withdrawal credential addresses * `sort` and `uniq` the set * use `geth` node to call `getCode` on each * identify the majority use same code -- RocketPoolMiniPool -- remove this code and addrs from the set * manually review remaining ### Results **The 0x01 addrs deployed today consist of the following:** * Most (~3k) are rocketpool minipool's with the following [bytecode](https://etherscan.io/address/0xfc47978daaf266f8c4bcec37e775bf7522496722#code): ``` 0x6080604052600436106100745760003560e01c80638dfe8b2d1161004e5780638dfe8b2d1461034f5780638ee7d0cb14610364578063bc7f3b501461038d578063be1d1d32146103a2576100b4565b80631dcef0bf146102ce57806326d1c0681461030c57806352def61d14610323576100b4565b366100b45760408051348152426020820152815133927f1d57945c1033a96907a78f6e0ebf6a03815725dac25f33cc806558670344ac88928290030190a2005b600c546000903690606090839060ff166100eb57600c54610100900473ffffffffffffffffffffffffffffffffffffffff16610129565b6101296040518060400160405280601681526020017f726f636b65744d696e69706f6f6c44656c6567617465000000000000000000008152506103b7565b905061013481610596565b61019f57604080517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820181905260248201527f44656c656761746520636f6e747261637420646f6573206e6f74206578697374604482015290519081900360640190fd5b6000808273ffffffffffffffffffffffffffffffffffffffff1686866040518083838082843760405192019450600093509091505080830381855af49150503d806000811461020a576040519150601f19603f3d011682016040523d82523d6000602084013e61020f565b606091505b5091509150816102c057610222816105a2565b6040517f08c379a00000000000000000000000000000000000000000000000000000000081526004018080602001828103825283818151815260200191508051906020019080838360005b8381101561028557818101518382015260200161026d565b50505050905090810190601f1680156102b25780820380516001836020036101000a031916815260200191505b509250505060405180910390fd5b805195506020019350505050f35b3480156102da57600080fd5b506102e36106b9565b6040805173ffffffffffffffffffffffffffffffffffffffff9092168252519081900360200190f35b34801561031857600080fd5b5061032161072c565b005b34801561032f57600080fd5b506103216004803603602081101561034657600080fd5b50351515610a09565b34801561035b57600080fd5b50610321610b7c565b34801561037057600080fd5b50610379610dee565b604080519115158252519081900360200190f35b34801561039957600080fd5b506102e3610df7565b3480156103ae57600080fd5b506102e3610e18565b60008060008054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff166321f8a7218460405160200180807f636f6e74726163742e616464726573730000000000000000000000000000000081525060100182805190602001908083835b6020831061046f57805182527fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe09092019160209182019101610432565b6001836020036101000a038019825116818451168082178552505050505050905001915050604051602081830303815290604052805190602001206040518263ffffffff1660e01b81526004018082815260200191505060206040518083038186803b1580156104de57600080fd5b505afa1580156104f2573d6000803e3d6000fd5b505050506040513d602081101561050857600080fd5b5051905073ffffffffffffffffffffffffffffffffffffffff811661058e57604080517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601260248201527f436f6e7472616374206e6f7420666f756e640000000000000000000000000000604482015290519081900360640190fd5b90505b919050565b3b63ffffffff16151590565b60606044825110156105e8575060408051808201909152601d81527f5472616e73616374696f6e2072657665727465642073696c656e746c790000006020820152610591565b600482018051909260240190602081101561060257600080fd5b810190808051604051939291908464010000000082111561062257600080fd5b90830190602082018581111561063757600080fd5b825164010000000081118282018810171561065157600080fd5b82525081516020918201929091019080838360005b8381101561067e578181015183820152602001610666565b50505050905090810190601f1680156106ab5780820380516001836020036101000a031916815260200191505b506040525050509050919050565b600c5460009060ff166106e957600c54610100900473ffffffffffffffffffffffffffffffffffffffff16610727565b6107276040518060400160405280601681526020017f726f636b65744d696e69706f6f6c44656c6567617465000000000000000000008152506103b7565b905090565b6000805460048054604080517f5b49ff6200000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff61010090930483169381019390935251921691635b49ff6291602480820192602092909190829003018186803b1580156107a957600080fd5b505afa1580156107bd573d6000803e3d6000fd5b505050506040513d60208110156107d357600080fd5b5051600454909150610100900473ffffffffffffffffffffffffffffffffffffffff1633148061081857503373ffffffffffffffffffffffffffffffffffffffff8216145b61086d576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602d815260200180610e86602d913960400191505060405180910390fd5b600c54600d805461010090920473ffffffffffffffffffffffffffffffffffffffff167fffffffffffffffffffffffff000000000000000000000000000000000000000090921691909117905560408051808201909152601681527f726f636b65744d696e69706f6f6c44656c65676174650000000000000000000060208201526108f7906103b7565b600c80547fffffffffffffffffffffff0000000000000000000000000000000000000000ff1661010073ffffffffffffffffffffffffffffffffffffffff93841681029190911791829055600d548316910490911614156109a3576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602c815260200180610e5a602c913960400191505060405180910390fd5b600d54600c546040805173ffffffffffffffffffffffffffffffffffffffff93841681526101009092049092166020820152428183015290517f720d539b7abaee498c7536b8bf9f854bcd839fb4db9dc00e7494c219b3a20d459181900360600190a150565b6000805460048054604080517f5b49ff6200000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff61010090930483169381019390935251921691635b49ff6291602480820192602092909190829003018186803b158015610a8657600080fd5b505afa158015610a9a573d6000803e3d6000fd5b505050506040513d6020811015610ab057600080fd5b5051600454909150610100900473ffffffffffffffffffffffffffffffffffffffff16331480610af557503373ffffffffffffffffffffffffffffffffffffffff8216145b610b4a576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602d815260200180610e86602d913960400191505060405180910390fd5b50600c80547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016911515919091179055565b6000805460048054604080517f5b49ff6200000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff61010090930483169381019390935251921691635b49ff6291602480820192602092909190829003018186803b158015610bf957600080fd5b505afa158015610c0d573d6000803e3d6000fd5b505050506040513d6020811015610c2357600080fd5b5051600454909150610100900473ffffffffffffffffffffffffffffffffffffffff16331480610c6857503373ffffffffffffffffffffffffffffffffffffffff8216145b610cbd576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040180806020018281038252602d815260200180610e86602d913960400191505060405180910390fd5b600d5473ffffffffffffffffffffffffffffffffffffffff16610d2b576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401808060200182810382526025815260200180610e356025913960400191505060405180910390fd5b600c8054600d805473ffffffffffffffffffffffffffffffffffffffff8181166101009081027fffffffffffffffffffffff0000000000000000000000000000000000000000ff861617958690557fffffffffffffffffffffffff000000000000000000000000000000000000000090921690925560408051938290048316808552919094049091166020830152428284015291517f01d12a47982bd695d9fa134134fa172f56f650d817bb4fb0bd4ae3754d2fdca69181900360600190a15050565b600c5460ff1690565b600c54610100900473ffffffffffffffffffffffffffffffffffffffff1690565b600d5473ffffffffffffffffffffffffffffffffffffffff169056fe50726576696f75732064656c656761746520636f6e7472616374206973206e6f74207365744e65772064656c6567617465206973207468652073616d6520617320746865206578697374696e67206f6e654f6e6c7920746865206e6f6465206f70657261746f722063616e206163636573732074686973206d6574686f64a26469706673582212209a6daedd83e54e66fbfbf927322718b812db513528d0b0bf4667b671d50dbd5364736f6c63430007060033 ``` * Some are stakefish contracts which seem to not have special logic on `receive` -- https://etherscan.io/address/0xb89fb4ffc1fc926e13c4ce9c895d1df81428388d#code * One is a gnosis safe -- https://etherscan.io/address/0xfe80804d2e3ab78a13ce90f45b2803cf9bbd1f51#code * The rest are EOAs (or counterfactual contracts that we can't see) ## Project investigation ### Lido Discussed with some Lido leadership that they don't yet have any 0x01 credentials deployed. > We can work with that. it'll be harder to track exact validators that do withdrawals but I expect we'll have to move this kind of tracking off L1 anyway so it's not a huge consideration ### RocketPool [sample contract](https://etherscan.io/address/0xfc47978daaf266f8c4bcec37e775bf7522496722#code) ![](https://storage.googleapis.com/ethereum-hackmd/upload_b9e0fe044768440a6c1fdc1a281b03c5.jpg) Has receive() logic to emit a receipt but doesn't seem critical and this contract is fully upgradeable
Published on HackMD
722