Today, we are thrilled to unveil the Pectra Audit Contest, commencing on Cantina! This month-long competition will take place from February 21 to March 24, and we eagerly anticipate the challenges that the security community will identify.
Why Pectra Is Important
Below are some of the significant EIPs related to Pectra
Transitioning from EOAs to Smart Accounts (EIP-7702)
- Augments Externally Owned Accounts (EOAs) with smart contract capabilities.
Main Advantages
- Transaction Aggregation: Merge several actions into one transaction.
- Gas Subsidization: Other entities can cover costs for the account.
- Alternative Validation: Utilize hardware security modules or passkeys for authentication.
- Expenditure Controls: Limit the use of tokens/outflows for enhanced security.
- Restoration Processes: Safer asset safeguarding without altering the principal account.
Security Verifications
- Chain-Specific: Delegations are valid solely on one chain ID.
- Nonce-Bound: Linked to the current nonce of the account, automatically invalidated upon change.
- Revocability: The owner of the EOA can annul/replace existing delegations at any time.
Improvements to Validator User Experience
EIP-7251
- Raises Maximum Validator Balance from 32 ETH to 2048 ETH.
- Facilitates automatic reward compounding and validator merging (combine multiple validators with shared withdrawal credentials).
EIP-7002
- Execution Layer Triggerable Withdrawals: Permits an Ethereum address (beyond just the validator signing key) to initiate exits.
- Decreases Reliance on Delegation: The account owner (individual, DAO, etc.) can enforce exits independently of the validator.
EIP-6110
- Accelerates Deposit Processing: Reduces wait time from ~9 hours to ~13 minutes.
- Eliminates the pre-merge buffer for deposit processing (now deemed unnecessary post-merge).
Blob Scaling (EIP-7691)
- Augments Ethereum’s Blob Capacity by 50% (average from 3 to 6, maximum from 6 to 9).
- Blobs are ephemeral data for L2 proofs, diminishing L1 expenses by 10–100×.
- EIP-7623 limits the worst-case block size to accommodate greater bandwidth.
- Future scaling will entail data sampling to allow nodes to retain only subsets of blob data.
For a more extensive summary, check out the Pectra page on ethereum.org.
Audit Scope
This contest focuses solely on Pectra code. Any vulnerabilities discovered that are not directly related to Pectra should be reported through the Ethereum Foundation Bounty Program. By centering the competition around Pectra, we aim to uncover potential concerns before the mainnet hard fork.
Recap of the Ethereum Protocol Attackathon
The Ethereum Protocol Attackathon, recently held on Immunefi, has also wrapped up. Collaborating with Immunefi and the Ecosystem Funding Initiative, significant ecosystem contributors — Bybit, Wormhole, Arbitrum Foundation, The Graph, GMX, and Base — generously contributed matching funds alongside the Ethereum Foundation. This joint initiative highlighted the community’s commitment to creating a more secure and robust blockchain ecosystem.
Prepared to Start?
Visit Cantina’s competition page to commence.
For additional details on reporting vulnerabilities outside the contest, please consult the Ethereum Foundation’s Bug Bounty Program.
We are eager for your findings. Best of luck, and happy auditing!