Add secure RPC server (sufficiently compatible to work with Metamask)

[shresthagrawal]

No description provided.

[shresthagrawal]

• I did a quick test where I created a simple RPC proxy which would intercept, log the requests and then forward them to the Infura RPC. I added this RPC to my Metamask and performed simple actions (open Metamask to check balance, transfer eth, swap ERC20 using UniswapV3, etc.)
• I found that the following methods were used (ordered by frequency, the most number of calls on the top)
  1. eth_call
  2. eth_blockNumber
  3. eth_getBlockByNumber
  4. eth_chainId
  5. eth_getTransactionReceipt
  6. eth_getTransactionCount
  7. net_version
  8. eth_estimateGas
  9. eth_getCode
  10. eth_sendRawTransaction
  11. eth_getBlockByHash
• Out of these methods, it is relatively straightforward to build verified RPC for the following methods
  2. eth_blockNumber (we know the latest block number by sync)
  3. eth_getBlockByNumber (Merkle inclusion to historical block header)
  4. eth_chainId (constant for RPC)
  6. eth_getTransactionCount (can be verified using eth_getProof)
  7. net_version (constant for RPC)
  9. eth_getCode (can be verified using eth_getProof)
  11. eth_getBlockByHash (sufficient to verify the hash matches the hash of the block)
• Following are rather tricky to build
  1. eth_call
  2. eth_getTransactionReceipt
  3. eth_estimateGas
  4. eth_sendRawTransaction
• We can build verified RPC for eth_call and eth_estimateGas by running the VM locally and providing it with verified storage access. This can be done using EthereumJsVM and creating a custom StateManager. The actual usage of VM would be very similar to the way it was used originally in the RPC code (eth_call, eth_estimateGas).
• For eth_sendRawTransaction, I don't know if there is anything that has to be verified. For eth_getTransactionReceipt, we would need to verify the Merkle inclusion of the receipt to the receipt root in the execution block. I couldn't find any easy way to access the Merkle proof for the receipt trie. For the first version, we can ignore eth_sendRawTransaction and eth_getTransactionReceipt, limiting the RPC to read-only operations.