EIP-7702 Breaks Two Invariants

Ethereum's Pectra upgrade (Prague + Electra) activated on May 7, 2025 at 6:05 AM ET, with finality achieved 13 minutes later. It was the first major protocol upgrade since Dencun in March 2024, bundling 11 distinct EIPs across account abstraction, staking mechanics, blob throughput, and historical data access.

What Happened: Pectra Goes Live

Pectra activated on May 7, 2025, marking the most feature-dense hard fork since Dencun. The upgrade spanned 11 EIPs across multiple execution and consensus concerns. Two stand out as structurally significant: EIP-7702 (account abstraction for EOAs) and EIP-2935 (extended block hash history).

Beyond these flagship features, the bundle included EIP-7691 (doubled blob throughput from 3 to 6 per block), EIP-7251 (raised maximum validator effective balance to 2,048 ETH), EIP-7002 (enabled execution-layer validator exits), and EIP-2537 (added a BLS12-381 precompile for ZK and signature operations).

EIP-7702: Set Code for EOAs Explained

EIP-7702 introduces a new transaction type, 0x04, that lets EOAs temporarily execute code from a smart contract of their choice. The mechanism is subtle but powerful: it writes a delegation designator—the bytes 0xef0100 concatenated with an address—into the EOA's code field. The delegation persists until the account owner explicitly revokes it or sets a new one.

This design sidesteps the usual contract deployment burden. Rather than migrating to a new smart contract address, users stay on their original EOA and grant execution rights to a stateless delegation contract.

Authorization carries a base cost of 12,500 gas per tuple. This overhead enables four major use patterns:

Gas sponsorship: DApps can pay transaction fees for users, allowing transactions without holding ETH.
Multi-token fee payment: Delegation contracts convert USDC, DAI, or other tokens into ETH for gas fees—transparent to the user.
Atomic batching: Multiple operations—approve + swap, deposit + borrow, stake + claim—execute in a single transaction, eliminating intermediate state risk.
Passwordless recovery: Native passkey authentication and social recovery work without seed phrases.

EIP-7702 reaches the vast majority of Ethereum users without requiring address migration or new contract deployment. It complements ERC-4337 (UserOperation bundlers) rather than replacing it—developers must choose based on multichain needs and economic profiles.

Critical Breaking Changes: Two Invariants Break

Here is where the risk lives. EIP-7702 violates two assumptions embedded in thousands of existing smart contracts.

The first invariant: tx.origin == msg.sender has historically identified external calls. When true, it signals that a user (EOA) initiated the transaction directly, not through a contract intermediary. Smart contracts use this check for authorization—restricting sensitive functions to user-initiated calls only.

With EIP-7702, this no longer works. A delegated account can execute code while tx.origin still points to the original EOA. An attacker who controls the delegation contract can bypass that check entirely.

The second broken invariant: EXTCODESIZE == 0 has been a reliable way to detect EOAs. Contracts use this pattern as a reentrancy guard—assuming that an account with no code is not a smart contract and therefore cannot have a fallback that re-enters.

EIP-7702 defeats this. A delegated EOA temporarily has code, yet it is still an externally owned account. Reentrancy defenses relying on this pattern will fail.

Impact: Any contract that checks either invariant for authorization, reentrancy defense, or privilege separation requires immediate audit. Exploitation is straightforward: an attacker sets up a delegation contract, uses it to call a protected function, bypasses the invariant check, and gains unauthorized access.

User Benefits: Gasless Transactions, Atomic Batching, Token Fees

Despite the breaking changes, EIP-7702 delivers real friction reduction for users.

Gas sponsorship removes the most common barrier to adoption: new users do not need to hold ETH before their first transaction. A DApp can sponsor the transaction fee entirely. This is most valuable for games, social networks, and consumer apps where friction compounds user drop-off.

Multi-token fee payment flips the UX. Instead of users acquiring ETH separately, they pay fees in tokens they already hold—USDC, stablecoins, or project tokens. The delegation contract handles conversion. The user sees a simple confirmation and fee in their native token.

Atomic transactions collapse multi-step interactions. Approve + swap becomes one transaction. Deposit + borrow becomes one. Stake + claim becomes one. No intermediate state. No risk of partial execution. This matters for complex DeFi workflows and complex collateral management.

Passwordless recovery eliminates seed phrase dependency. Passkey authentication and social recovery work natively with EIP-7702 delegation. Users recover their wallets via biometric or social backup, not by writing down and storing a 12-word phrase.

Adoption signal: Over 11,000 EIP-7702 authorizations occurred within one week of Pectra's launch. This is rapid for an infrastructure feature, suggesting genuine product demand.

Phishing Crisis: 97% of Early Delegations Were Malicious

The adoption number masks a darker reality. Ninety-seven percent of early EIP-7702 delegations used 'CrimeEnjoyor' sweeper contracts designed to drain compromised wallets.

The attack vector is straightforward. Attackers targeted users whose private keys had been exposed—either leaked in a breach or sold on dark markets—and convinced them to sign EIP-7702 delegation transactions. Users, unfamiliar with the feature, signed without understanding its scope.

The consequence is permanent. EIP-7702 authorization signatures grant wallet control that does not auto-revoke, unlike token approvals which are per-contract and per-amount. Once a user has signed a delegation to a malicious contract, that contract controls their account until they revoke it—a process most users do not know how to execute.

This gap between token approval mental models and delegation mental models is severe. Users have learned to be cautious with token approvals because each one is limited in scope. Delegation is categorical: the contract can execute any code on behalf of the user. Education has not caught up.

Phishing risk remains high. As EIP-7702 adoption grows, social engineering campaigns will evolve. The fundamental problem—users signing off-chain delegation signatures without understanding their power—will persist until wallets implement clearer warnings and users internalize the difference.

EIP-2935: Extended Block Hash History

EIP-2935 takes a different approach to protocol improvement. It adds a system contract at address 0x0000F90827F1C53a10cb7A02335B175320002935 that stores the last 8,191 block hashes in a ring buffer.

Normally, the BLOCKHASH opcode can only access the last 256 blocks—roughly one hour of history. This was a design constraint from the early Ethereum protocol, intended to limit validator memory.

EIP-2935 expands accessible history to 8,191 blocks, or roughly 27 hours. This eliminates the dependency on centralized RPC providers for randomness, ZK proof validation, and cross-layer messaging.

For rollup and oracle developers, the benefit is direct. Bridges can now reference historical Ethereum blocks trustlessly, on-chain, without querying third-party APIs. ZK systems can build long-range proofs referencing historical blocks (4,000+ blocks back) without external state assumptions. Randomness that depends on block hashes can look further back without RPC dependencies.

More broadly, EIP-2935 prepares Ethereum for stateless execution and future Verkle Tree adoption. By storing historical data in the state tree rather than relying on validators to maintain it, the protocol inches toward a future where execution clients do not need to store full history locally.

Developer Action Items: Audit, Decide, Educate, Monitor

If you operate smart contracts on Ethereum, Pectra obligates four immediate actions.

Audit immediately. Search your codebase for tx.origin == msg.sender checks and EXTCODESIZE == 0 patterns. Prioritize functions that guard fund transfers, approval grants, or sensitive state changes. If your contract relies on either invariant, it requires auditing and remediation now. The attack surface is real and exploitable immediately.

Decide on account abstraction. EIP-7702 is live on Ethereum mainnet for single-chain scenarios. ERC-4337, via UserOperation bundlers, remains the standard for multichain deployments. Evaluate your deployment scope and gas cost tolerances, then choose. Mixing both approaches in one protocol creates technical debt.

Test EIP-2935 if you build infrastructure. Oracle developers, bridge operators, and ZK teams should test BLOCKHASH queries against historical blocks (>256 blocks back). Validate long-range proof scenarios. If your system depends on block history, verify it now.

Educate your users. Warn users that EIP-7702 authorization signatures transfer wallet control to the delegation contract. Recommend hardware wallet signing—a hardware wallet can prompt for confirmation and display the delegated contract address before approving. If your dApp uses EIP-7702, display clear warnings and make the delegation target visible.

Monitor delegation logs. Track delegation events on your chain for accounts you serve. Phishing campaigns targeting your user base will emerge. Early detection and rapid user notification can prevent losses.

Pectra is a protocol upgrade with asymmetric impact: clear benefits for users and infrastructure, but clear risks for smart contracts that made unsafe assumptions. The upgrade is live. Audits cannot wait.