1

Let's say I am using a (Gnosis) Safe as my main deployer account (0xD1) to allow for use of CREATE2 calls.

  1. I use my main account, 0xD1, to deploy a "TempCreator" contract (0xC2) using CREATE2.

  2. I use the TempCreator, 0xC2, to deploy the "Target" contract (0xC1) using CREATE.

    0xC1 address is derived from nonce=1 and address=0xC2, right?

  3. I call self destruct on 0xC2 (TempCreator).

  4. I redeploy TempCreator at 0xC2 using CREATE2.

    The nonce of TempCreator, 0xC2, is reset to 1, right?

Question: What happens if I deploy a new contract from TempCreator using CREATE?

  1. Will it overwrite the existing code at the same address of the existing Target contract, 0xC1?
  2. What if the newly deployed byte code isn't the same size, does anything remain (possible overflow code execution)?

Explained again:

  1. Start with SC1 at address 0xD1.

  2. SC1 deploys SC2 using CREATE2 to address 0xC2.

    0xC2 ≈ 0xD1 + bytecode + salt

  3. SC2 deploys SC3, using CREATE to address 0xC1.

    0xC1 ≈ nonce:1 + 0xC2

  4. SC2 calls self destruct.

  5. SC1 re-deploys SC2-new using CREATE2 (to the same address: 0xC2).

    the nonce for SC2-new is reset to 1, correct?

  6. SC2-new deploys SC4 using CREATE.

What happens next?!? Does SC4 overwrite SC3 at address 0xC1?

L Co
  • 113
  • 3

1 Answers1

1

Can you overwrite or override an existing contract?

It's impossible to overwrite an existing contract in Ethereum. From EIP-684:

If a contract creation is attempted, due to either a creation transaction or the CREATE (or future CREATE2) opcode, and the destination address already has either nonzero nonce, or nonempty code, then the creation throws immediately, with exactly the same behavior as would arise if the first byte in the init code were an invalid opcode. This applies retroactively starting from genesis.

This answer essentially from Can CREATE2 with the same salt override existing contract?

So please upvote @Dominic's answer too.

For trivia, the linked EIP-684 was first written in 2017, but it was only spotted "missing" (formally) in 2023.

eth
  • 85,679
  • 53
  • 285
  • 406
  • What if I self destruct SC3 / 0xC1 first? Would I then be able to deploy new code to the same address, given this pattern? – L Co Nov 28 '23 at 17:14
  • 1
    Yes, that looks like it would work. Also, in your question, instead of "is reset to 1", I think you mean "is reset to 0". – eth Dec 01 '23 at 08:33