RIP-7614: Expose call stack to contracts

[canercidam]

https://ethereum-magicians.org/t/rip-7614-expose-call-stack-to-contracts/18535

[miohtama]

MIM degenbox exploiter worked around smart contract detectors by running the payload directly in the init code (I read this - did not verify myself).

As far as I understand to detect the exploits, the call stack is unwinded and addresses are check against the on-chain blacklist. To make sure that any detectors have enough time to flag malicious smart contracts, would it also make sense to store the contract age (deploy block number) accessible in the smart contract state? It might not be work for this proposal, but as far I understand, it would be quite easy to pass detectors by just deploying the exploit smart contract in the same block as the exploit is run. By having the on-chain call stack detector knowing about the smart contract age, this could be delayed enough, so that on-chain blacklists have enough time to update.

[canercidam]

@miohtama Great observations! We have discussed that point a few times before with the authors and the early reviewers of this proposal. We agree that a complementary solution should exist. It looks like this can arrive either in the form of a whitelist check or a contract age check and a blacklist check combination. However, we are considering this problem outside of this proposal. We think that the call stack visibility has a fundamental role in enabling transparent on-chain threat prevention mechanisms, regardless of how the complementary checks could be made.