add: resetNonce cheatcode

[joaquinlpereyra]

Motivation

Right now, it is impossible to reset the nonce of an account to zero. Surprisingly, this is the only thing missing to be able to mimic SELFDESTRUCT almost to the letter. This has been a complaint in the past and it is also giving us trouble when trying to reproduce some advanced attacks on learn-evm-attacks.

Solution

Add a very simple resetNonce cheatcode to Foundry. This cheatcode simply resets an account nonce to zero. There are already other cheatcodes that modify the nonce of an account, so this one should not be particularly controversial. A new cheatcode resetNonce is added instead of modifying the requirement of setNonce to be only incremental to maintain backwards compatibility and also to make the new behavior explicit.

There's a companion PR on Forge-std which adds a destroyAccount cheatcode.

[mattsse]

Right now, it is impossible to reset the nonce of an account to zero.

why does setNonce(addr, 0) not work here?

or is this for convenience?

[joaquinlpereyra]

@MATTSE setNonce cannot decrement the nonce, see:

        HEVMCalls::SetNonce(inner) => {
            with_journaled_account(
                &mut data.journaled_state,
                data.db,
                inner.0,
                |account| -> Result {
                    // nonce must increment only
                    let current = account.info.nonce;
                    let new = inner.1;
                    ensure!(
                        new >= current,
                        "New nonce ({new}) must be strictly equal to or higher than the \
                         account's current nonce ({current})."
                    );
                    account.info.nonce = new;
                    Ok(Bytes::new())
                },
            )??
        }

[mds1]

A new cheatcode resetNonce is added instead of modifying the requirement of setNonce to be only incremental to maintain backwards compatibility and also to make the new behavior explicit.

I like this approach: most users will only need setNonce so having the safety check to avoid footguns is nice, and for the less common selfdestruct case a dedicated resetNonce can be used. An alternative that I'd also support is setNonceUnsafe(address,uint64) which just lets you decrease the value, and of course 0 is a valid input there. This might be more flexible than a resetNonce cheat, though I don't know when you'd want to decrement without making it zero, so maybe it's not beneficial

[joaquinlpereyra]

@mds1 I thought about setNonceUnsafe but:

1. I personally dislike safe/unsafe options generally speaking
2. Couldn't find an usecase to set an arbitrary nonoce
3. I wanted the PR to be as uncontroversial as possible :)

Honestly (3) was the biggest factor here. As for (2)... well, evidently no one saw an usecase for setting the nonce to zero before either so 🤷 not a big factor there. (1) is of course not really important.

[mds1]

@joaquinlpereyra yea that's all fair, I'm down to move forward with resetNonce then as long as @mattsse and @Evalir are onboard

edit: ah I see @mattsse just commented about preferring the other approach 😅 ultimately I'm pretty indifferent here so up to you all

[mattsse]

I see,

I'd like to go with @mds1 suggestion:

Add a new cheatcode that "unsafely" sets the nonce, this is basically decreasing the nonce, so perhaps the name should reflect this; like downgradeNonceTo or something and resetNonce just calls this with a 0

[joaquinlpereyra]

@mattsse OK. I'm with @mds1 on this, pretty indifferent. So I have no problems with the new approach. So I will:

• keep resetNonce with hardcoded zero
• add setNonceUnsafe with arbirtrary values

[joaquinlpereyra]

OK! Done. There are a few tests failing (they come and go 👀 ) but I don't think they are related to this functionality. Lemme know if they are.

Edit: found some issues, already pushing a new commit :)

[mattsse]

lgtm!

ty for the tests!

[Evalir]

Looks good! Just some comments on the comments.

Might also need to run cargo +nightly fmt & cargo +nightly clippy and fix linting warnings to make tests pass

[joaquinlpereyra]

@Evalir Awesome, thanks for spotting those. I've fixed the comments and ran the nightly linters ✔️

[mattsse]

failing test unrelated

@joaquinlpereyra mind adding them to forge-std next: foundry-rs/forge-std#390

[mds1]

One thing I just thought of is that contract nonces start at 1, so we probably need to check if the account has code and then set it to 1 or 0 based on that: https://eips.ethereum.org/EIPS/eip-161

[mds1]

Pulled into #5043 to track