Updates and examples

holiman · holiman · commit 6985e8cc2827 · 2018-09-28T11:05:13.000+02:00
diff --git a/EIPS/eip-1014.md b/EIPS/eip-1014.md
@@ -10,30 +10,69 @@ created: 2018-04-20
 
 ### Specification
 
-Adds a new opcode at 0xf5, which takes 4 stack arguments: endowment, memory_start, memory_length, salt. Behaves identically to CREATE, except using `keccak256(msg.sender ++ salt ++ init_code)[12:]` instead of the usual sender-and-nonce-hash as the address where the contract is initialized at.
+Adds a new opcode at 0xf5, which takes 4 stack arguments: endowment, memory_start, memory_length, salt. Behaves identically to CREATE, except using `keccak256( 0xff ++ address ++ salt ++ keccak256(init_code)))` instead of the usual sender-and-nonce-hash as the address where the contract is initialized at.
 
-The coredev-call at 2018-08-10 decided to use option 3. 
+The coredev-call at 2018-08-10 decided to use the formula above. 
 
 ### Motivation
 
 Allows interactions to (actually or counterfactually in channels) be made with addresses that do not exist yet on-chain but can be relied on to only possibly eventually contain code that has been created by a particular piece of init code. Important for state-channel use cases that involve counterfactual interactions with contracts.
 
-#### Option 2
+### Rationale about address formula 
 
-Use `keccak256(0xff ++ msg.sender ++ salt ++ init_code)[12:]`
+* Ensures that addresses created with this scheme cannot collide with addresses created using the traditional `keccak256(rlp([sender, nonce]))` formula, as `0xff` can only be a starting byte for RLP for data many petabytes long.
+* Ensures that the hash preimage has a fixed size,
 
-Rationale: ensures that addresses created with this scheme cannot collide with addresses created using the traditional `keccak256(rlp([sender, nonce]))` formula, as 0xff can only be a starting byte for RLP for data many petabytes long.
+This also has the side-effect of being able to possibly reuse the `keccak256(init_code)` from earlier calculation, either within a client or via `EXTCODEHASH` if the init-code is deployed on-chain. 
 
-#### Option 3
+### Clarifications
 
-Use `sha3( 0xff ++ msg.sender ++ salt ++ sha3(init_code)))`
+The `initcode` is the code that, when executed, produces the runtime bytecode that will be placed into the state, and which typically is used by high level languages to implement a 'constructor'.
 
-Rationale: 
+This EIP makes collisions possible. The behaviour at collisions is specified by [EIP 684](https://github.com/ethereum/EIPs/issues/684):
 
-* Ensures that addresses created with this scheme cannot collide with addresses created using the traditional `keccak256(rlp([sender, nonce]))` formula, as `0xff` can only be a starting byte for RLP for data many petabytes long.
-* Ensures that the hash preimage has a fixed size,
+> If a contract creation is attempted, due to either a creation transaction or the CREATE (or future CREATE2) opcode, and the destination address already has either nonzero nonce, or nonempty code, then the creation throws immediately, with exactly the same behavior as would arise if the first byte in the init code were an invalid opcode. This applies retroactively starting from genesis.
+
+Specifically, if `nonce` or `code` is nonzero, then the create-operation fails. 
+
+With [EIP 161](https://eips.ethereum.org/EIPS/eip-161) 
+
+> Account creation transactions and the CREATE operation SHALL, prior to the execution of the initialisation code, increment the nonce over and above its normal starting value by one
+
+This means that if a contract is created in a transaction, the `nonce` is immediately non-zero, with the side-effect that a collision within the same transaction will always fail -- even if it's carried out from the `init_code` itself/ 
+
+It should also be noted that `SELFDESTRUCT` has no immediate effect on `nonce` or `code`, thus a contract cannot be destroyed and recreated within one transaction. 
+
+### Examples
+
+ * address `0x0000000000000000000000000000000000000000`
+ * salt `0x0000000000000000000000000000000000000000000000000000000000000000`
+ * code `0x00`
+ * result: `0x4D1A2e2bB4F88F0250f26Ffff098B0b30B26BF38`
+
+ * address `0xdeadbeef00000000000000000000000000000000`
+ * salt `0x0000000000000000000000000000000000000000000000000000000000000000`
+ * code `0x00`
+ * result: `0xB928f69Bb1D91Cd65274e3c79d8986362984fDA3`
+
+ * address `0xdeadbeef00000000000000000000000000000000`
+ * salt `0x000000000000000000000000feed000000000000000000000000000000000000`
+ * code `0x00`
+ * result: `0xD04116cDd17beBE565EB2422F2497E06cC1C9833`
+
+ * address `0x0000000000000000000000000000000000000000`
+ * salt `0x0000000000000000000000000000000000000000000000000000000000000000`
+ * code `0xdeadbeef`
+ * result: `0x70f2b2914A2a4b783FaEFb75f459A580616Fcb5e`
 
+ * address `0x00000000000000000000000000000000deadbeef`
+ * salt `0x00000000000000000000000000000000000000000000000000000000cafebabe`
+ * code `0xdeadbeef`
+ * result: `0x60f3f640a8508fC6a86d45DF051962668E1e8AC7`
 
-This also has the side-effect of being able to possibly reuse the `sha3(init_code)` from earlier calculation, either within a client or via `EXTCODEHASH` if the init-code is deployed on-chain. 
+ * address `0x00000000000000000000000000000000deadbeef`
+ * salt `0x00000000000000000000000000000000000000000000000000000000cafebabe`
+ * code `0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef`
+ * result: `0x1d8bfDC5D46DC4f61D6b6115972536eBE6A8854C`
 
 
