Introducing EIP-6366: A new standard to secure your smart contracts

Table of Contents

As the world of blockchain technology continues to evolve, developers are constantly seeking new ways to improve the security, efficiency, and usability of decentralized ecosystems. One major challenge that many projects face is managing permissions within their network, which can be a complex and time-consuming task. That's why Orochi Network have created a new proposal that simplifies the process of granting and revoking permissions within an ecosystem. The EIP-6366 is poised to revolutionize the way we think about ecosystem permissions, offering a more secure, efficient, and user-friendly solution that can be easily integrated into any decentralized application. In this article, we'll take a closer look at the benefits of the EIP-6366 and explore how it can help developers streamline their permission management processes.

What is EIP?

EIP, stands for Ethereum Improvement Proposal, is a standard format that outlines the technical specifications, changes, or enhancements proposed for the Ethereum blockchain network. It serves as a way for the community to suggest, discuss, and implement new features or changes to the network, making it more efficient and secure. EIPs can range from simple bug fixes to complex upgrades that require a hard fork or a new release of the software. The process for creating and implementing EIPs is open and transparent, allowing for collaboration and feedback from developers and users. Ultimately, the goal of EIPs is to improve the Ethereum ecosystem and provide a better experience for users and developers.

How are Ethereum Improvement Proposals (EIPs) created?

Ethereum Improvement Proposals (EIPs) can be submitted by anyone within the Ethereum community, including developers, researchers, and other stakeholders. The EIP process consists of several stages, including Idea, Draft, Review, Last Call, and Final.

The first stage, Idea, involves vetting the proposed idea by initiating a discussion thread on the Fellowship of Ethereum Magicians to avoid any overlap with existing proposals or standards. If the concept is original and worth pursuing, the next stage is to present and document feedback on it as an EIP proposal, which must include concise technical specifications of features and the rationale behind them.
The Draft stage involves creating a pull request on the Ethereum Github repository to submit the proposal and invite editors, reviewers, and any interested party to provide feedback. For new ERC proposals, the editor(s) will guide the author to follow the standard process and merge the proposal to draft status if or when it adheres to the guidelines.
During the Review stage, the author is recommended to continue auditing their draft proposal and document any foreseeable insights for future use cases. An author can mark the draft as open to community feedback by moving it to the review stage.
Once the author is confident that no further changes are needed, they can create another pull request to move the document to "Last Call," which is the final process in the review stage. If approved, the proposal will be assigned by the editor as a last call. The editor will set a final date (within a minimum of two weeks) for the community to suggest any further changes. If any significant changes are needed, the document moves back to the review stage.
The Final stage occurs following the Last Call period, where the author may create a pull request to move the proposal to a final status, representing the final or implemented standard. A list of all final ERC proposals can be found on https://eips.ethereum.org/erc.

If the review process for draft proposals takes longer than six months or there is no activity, the documents are considered "stagnant." Nonetheless, an ERC proposal can be revitalized if the author or editor brings it back to the draft stage. Authors can also choose to withdraw their proposals, but they can still be reconsidered as new proposals at a later time. EIPs can also be labeled as "living," a unique status for proposals that are continuously updated and not intended to reach a final state, such as EIP-1.

Examples of Ethereum Improvement Proposals (EIPs)

There have been many successful Ethereum Improvement Proposals (EIPs) that have been implemented into the Ethereum protocol, including:

EIP-1559: This proposal aims to reduce the complexity and costs of Ethereum transactions by introducing a new fee structure.
EIP-196: This proposal introduced a new set of precompiled contracts to the Ethereum Virtual Machine (EVM), allowing for more efficient cryptographic operations.
EIP-721: This proposal introduced the ERC-721 standard for non-fungible tokens (NFTs), which has become a popular standard for creating unique digital assets.

EIP-6366: A Permission Token Proposed by Orochi Network

EIP-6366 is a proposal designed to tackle the problems of permission management. Currently, smart contracts often include special roles such as Owner, Operator, Manager, and Validator that are assigned to specific addresses for administering and managing the contract. However, managing these permissions across multiple contracts can be challenging and complex.

To address this issue, EIP-6366 (permission tokens) can be used to represent permissions and roles in a given ecosystem, simplifying cross-interactivity between different ecosystems. By reflecting permission tokens in the balance of relevant accounts, managing permissions can be more streamlined and efficient. Moreover, permission tokens can also be divided into smaller parts and delegated to the individuals that are responsible for the role within the ecosystem, which consequently offer more flexibility in managing smart contracts.

Technically-wise, this Ethereum Improvement Proposal presents a substitute to Access Control Lists (ACLs) for providing authorization and strengthening security. Authorization is denoted by an individual bit in uint256, which allows for up to 256 authorizations and 2²⁵⁶ roles to be established. This methodology uses bitwise operators and bitmask for determining access rights, which is more efficient and adaptable than string comparison or keccak(). By organizing permissions based on bit order, we can indicate their level of importance.

The EIP-6366 proposal is currently in Draft stage and being developed further by our founder Chiro Hiro and his co-author Victor Dusart.

You can take a look at the discussion here: https://ethereum-magicians.org/t/eip-6366-a-standard-for-permission-token/9105

What does this proposal mean for the community?

EIP-6366 is a groundbreaking proposal created by Chiro Hiro, the founder of Orochi Network. This innovative proposal is a significant step towards improving the access control and authorization of smart contracts on the Ethereum network. The proposal is a non-profit initiative that aims to contribute to the development of the Ethereum community as a whole. By utilizing a unique approach to access control through the use of single-bit permissions represented in uint256, this proposal enhances security and flexibility, making it a valuable addition to the Ethereum ecosystem. The implementation of this proposal would result in more efficient and effective management of permissions, making smart contracts more secure and transparent for all users.

At Orochi Network, we are incredibly proud to have proposed EIP-6366 to the Ethereum community. We believe that this proposal has the potential to improve the access control system for smart contracts and enhance the overall security of the Ethereum ecosystem. Our team has worked tirelessly to research and develop this proposal, and we are excited to see it receive positive feedback from the community. Finally, our mission is to contribute to the growth and development of the Ethereum community, and we feel that EIP-6366 is a significant step towards achieving that goal. We look forward to collaborating with other members of the community to further refine and implement this proposal for the benefit of all users.

Conclusion

In conclusion, EIP-6366 presents a promising solution to address the current limitations of access control in the Ethereum ecosystem. This proposal, created by Orochi Network, introduces a new type of token that grants permission to access specific functions within a smart contract or dApp. This innovation has the potential to streamline and simplify the management of permissions, improving security and efficiency for developers and users alike. We are excited to see how the Ethereum community responds to this proposal and look forward to its potential implementation in the future.

About Orochi Network

Orochi Network is a cutting-edge zkOS (An operating system based on zero-knowledge proof) designed to tackle the challenges of computation limitation, data correctness, and data availability in the Web3 industry. With the well-rounded solutions for Web3 Applications, Orochi Network omits the current performance-related barriers and makes ways for more comprehensive dApps hence, becoming the backbone of Web3's infrastructure landscape.