hashgraph · Nana-EC · Nov 18, 2024 · Nov 18, 2024 · Dec 7, 2024 · Dec 16, 2024
@@ -0,0 +1,225 @@
+---
+hip: 1082
+title: Allow Setting of EVM Address by EOA
+author: Nana Essilfie-Conduah <@Nana-EC>
+working-group: Richard Bair <@rbair>, Atul Mahamuni <@atul-hedera>, Ty Smith <ty-swirldslabs>,
+Serg Metelin <@sergmetelin>, Ali Nikan <@alinik4n>, Greg Scullard <@gregscullard>
+requested-by: Hedera community
+type: Standards Track
+category: Service
+needs-council-approval: Yes
+status: Draft
+created: 11-18-24
+discussions-to: https://github.com/hashgraph/hedera-improvement-proposal/discussions/1070
+updated: 12-16-24
+replaces: 631
+requires: 583
+---
+
+## Abstract
+
+[HIP 583](https://hips.hedera.com/hip/hip-583) opened the doors for greater account compatibility with EVM flows by
+utilizing the account alias to encompass
+the EVM address. However, given the static nature of the alias and concerns of complexity, existing accounts were not
+allowed to update their alias and set one if it was `null`. This HIP aims to rectify this by allowing EOAs who have no
+alias set to set it to an ECDSA key derived evm address value they own.
+
+This HIP also replaces the need for [HIP 631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) as it
+aimed to resolve this issue as well as provide even greater functionality. A form of HIP 631 could be revisited in the
+future but not with the goal of providing address equivalence with the EVM.
-[HIP 583](https://hips.hedera.com/hip/hip-583) opened the doors for greater account compatibility with EVM flows by
-utilizing the account alias to encompass
-the EVM address. However, given the static nature of the alias and concerns of complexity, existing accounts were not
-allowed to update their alias and set one if it was `null`. This HIP aims to rectify this by allowing EOAs who have no
-alias set to set it to an ECDSA key derived evm address value they own.
-
-This HIP also replaces the need for [HIP 631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) as it
-aimed to resolve this issue as well as provide even greater functionality. A form of HIP 631 could be revisited in the
-future but not with the goal of providing address equivalence with the EVM.
+Permits accounts without an alias to set one.
-[HIP 583](https://hips.hedera.com/hip/hip-583) opened the doors for greater account compatibility with EVM flows by
-utilizing the account alias to encompass
-the EVM address. However, given the static nature of the alias and concerns of complexity, existing accounts were not
-allowed to update their alias and set one if it was `null`. This HIP aims to rectify this by allowing EOAs who have no
-alias set to set it to an ECDSA key derived evm address value they own.
-
-This HIP also replaces the need for [HIP 631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) as it
-aimed to resolve this issue as well as provide even greater functionality. A form of HIP 631 could be revisited in the
-future but not with the goal of providing address equivalence with the EVM.
+Permits accounts without an alias to set one.
+
+## Motivation
+
+The EVM address alias introduced in HIP 583 allowed for ECDSA based accounts to interact with the EVM in the same way
+other EVM chains do. Particularly, functionality like the `ecrecover` that relies on the relationship between key and
+address (pivotal to many DEXs) was unblocked and allowed greater EVM equivalence on the Hedera network.
+However, HIP 583 intentionally provided no solution for accounts with no alias regardless of key type (ED, EC or
+complex keys). Though these accounts were afforded the hedera num account alias (long zero), this format would not
+allow accounts to utilize the `ecrecover` precompile in the expected manner.
+This continued incompatibility has remained and inhibited web3 EVM tooling support.
+
+Providing a solution to this gap is a necessity to make it easy for EVM dApps in the web3 community to come to 
+Hedera without needing to change their smart contracts.
-The EVM address alias introduced in HIP 583 allowed for ECDSA based accounts to interact with the EVM in the same way
-other EVM chains do. Particularly, functionality like the `ecrecover` that relies on the relationship between key and
-address (pivotal to many DEXs) was unblocked and allowed greater EVM equivalence on the Hedera network.
-However, HIP 583 intentionally provided no solution for accounts with no alias regardless of key type (ED, EC or
-complex keys). Though these accounts were afforded the hedera num account alias (long zero), this format would not
-allow accounts to utilize the `ecrecover` precompile in the expected manner.
-This continued incompatibility has remained and inhibited web3 EVM tooling support.
-
-Providing a solution to this gap is a necessity to make it easy for EVM dApps in the web3 community to come to 
-Hedera without needing to change their smart contracts.
+On Ethereum, every account is addressed by an address which is derived from an ECDSA public key. The
+EVM also has a specific instruction, `ecrecover`, that given an ECDSA signature can extract the public key
+and convert that public key into an address. This allows an EVM program to figure out the address of
+transaction signers.
+
+Hiero accounts are not limited to ECDSA keys, and Hiero accounts can rotate their keys. Both of these
+features are not found in Ethereum Externally Owned Accounts (EOA), and present some conflict with the
+`ecrecover` operation. The EVM address alias introduced in [HIP-583](https://hips.hedera.com/hip/hip-583)
+was added so that accounts could be created that augmented their account administration key (typically
+referred to simply as the "account key" or "key"), with an EVM compatible "alias". This alias could match
+exactly what an address would be on Ethereum. The user could call a smart contract, signed with the
+private key associated with their alias, and the smart contract could use `ecrecover` to recover the public
+key, derive the alias, and lookup the account.
+
+However, not all accounts on Hedera use ECDSA keys or were created after HIP-583 was defined. This HIP
+adds support for specifying an alias on an account, even if it already exists, so long as that account does
+not already have an alias. [HIP-631]((https://hips.hedera.com/hip/hip-631) defines a more complex set of
+rules that would allow multiple aliases to be defined for any given account. This HIP differs from HIP-631 in
+that it supports only a single alias. HIP-631 could be implemented compatibly at a later date if desired.
-The EVM address alias introduced in HIP 583 allowed for ECDSA based accounts to interact with the EVM in the same way
-other EVM chains do. Particularly, functionality like the `ecrecover` that relies on the relationship between key and
-address (pivotal to many DEXs) was unblocked and allowed greater EVM equivalence on the Hedera network.
-However, HIP 583 intentionally provided no solution for accounts with no alias regardless of key type (ED, EC or
-complex keys). Though these accounts were afforded the hedera num account alias (long zero), this format would not
-allow accounts to utilize the `ecrecover` precompile in the expected manner.
-This continued incompatibility has remained and inhibited web3 EVM tooling support.
-
-Providing a solution to this gap is a necessity to make it easy for EVM dApps in the web3 community to come to 
-Hedera without needing to change their smart contracts.
+On Ethereum, every account is addressed by an address which is derived from an ECDSA public key. The
+EVM also has a specific instruction, `ecrecover`, that given an ECDSA signature can extract the public key
+and convert that public key into an address. This allows an EVM program to figure out the address of
+transaction signers.
+
+Hiero accounts are not limited to ECDSA keys, and Hiero accounts can rotate their keys. Both of these
+features are not found in Ethereum Externally Owned Accounts (EOA), and present some conflict with the
+`ecrecover` operation. The EVM address alias introduced in [HIP-583](https://hips.hedera.com/hip/hip-583)
+was added so that accounts could be created that augmented their account administration key (typically
+referred to simply as the "account key" or "key"), with an EVM compatible "alias". This alias could match
+exactly what an address would be on Ethereum. The user could call a smart contract, signed with the
+private key associated with their alias, and the smart contract could use `ecrecover` to recover the public
+key, derive the alias, and lookup the account.
+
+However, not all accounts on Hedera use ECDSA keys or were created after HIP-583 was defined. This HIP
+adds support for specifying an alias on an account, even if it already exists, so long as that account does
+not already have an alias. [HIP-631]((https://hips.hedera.com/hip/hip-631) defines a more complex set of
+rules that would allow multiple aliases to be defined for any given account. This HIP differs from HIP-631 in
+that it supports only a single alias. HIP-631 could be implemented compatibly at a later date if desired.
+
+## Rationale
+
+[HIP 631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) lays out the challenges faced by accounts
+without an ECDSA derived EVM address that want to interact with the EVM in a way that complies with the Hedera native
+model and the EVM model. However, HIP 631 offered feature rich complexity that may be difficult for DApps, wallets and
+users to follow completely.
+
+Instead of the full HIP 631, an intermediate approach i.e. a HIP 631 Lite (this HIP) could unblock users without an
+EVM address. It would enable accounts to interact with the EVM in a compliant manner regardless of the public key on
+its account.
+
+In a sense the current network already supports the ability to set the evm address, it just requires the logic to be 
+done on account creation. Thus by lifting the limit of not being able to set the alias after account creation, whiles
+still requiring that the current alias be unset this HIP ushers in the ability for those previously blocked accounts to
+interact with the EVM as expected.
-[HIP 631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) lays out the challenges faced by accounts
-without an ECDSA derived EVM address that want to interact with the EVM in a way that complies with the Hedera native
-model and the EVM model. However, HIP 631 offered feature rich complexity that may be difficult for DApps, wallets and
-users to follow completely.
-
-Instead of the full HIP 631, an intermediate approach i.e. a HIP 631 Lite (this HIP) could unblock users without an
-EVM address. It would enable accounts to interact with the EVM in a compliant manner regardless of the public key on
-its account.
-
-In a sense the current network already supports the ability to set the evm address, it just requires the logic to be 
-done on account creation. Thus by lifting the limit of not being able to set the alias after account creation, whiles
-still requiring that the current alias be unset this HIP ushers in the ability for those previously blocked accounts to
-interact with the EVM as expected.
+[HIP-631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) lays out the challenges faced by
+accounts without an ECDSA derived EVM address that want to interact with the EVM in a compatible way while still
+supporting key rotation and complex keys. While HIP-631 may be a comprehensive solution to the problem, it
+requires complex user flows in wallets that may cause more pain than it resolves.
+
+Instead, an intermediate approach i.e. a HIP 631 Lite (this HIP) could help users without an EVM address. It would
+enable accounts to interact with the EVM, even contracts using `ecrecover`, regardless of the public key on its account.
+
+In a sense, the current network already supports the ability to set the EVM address, it just only works during account creation. Thus, this HIP allows those previously created accounts to be updated and interact with the
+EVM as one would expect.
-[HIP 631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) lays out the challenges faced by accounts
-without an ECDSA derived EVM address that want to interact with the EVM in a way that complies with the Hedera native
-model and the EVM model. However, HIP 631 offered feature rich complexity that may be difficult for DApps, wallets and
-users to follow completely.
-
-Instead of the full HIP 631, an intermediate approach i.e. a HIP 631 Lite (this HIP) could unblock users without an
-EVM address. It would enable accounts to interact with the EVM in a compliant manner regardless of the public key on
-its account.
-
-In a sense the current network already supports the ability to set the evm address, it just requires the logic to be 
-done on account creation. Thus by lifting the limit of not being able to set the alias after account creation, whiles
-still requiring that the current alias be unset this HIP ushers in the ability for those previously blocked accounts to
-interact with the EVM as expected.
+[HIP-631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) lays out the challenges faced by
+accounts without an ECDSA derived EVM address that want to interact with the EVM in a compatible way while still
+supporting key rotation and complex keys. While HIP-631 may be a comprehensive solution to the problem, it
+requires complex user flows in wallets that may cause more pain than it resolves.
+
+Instead, an intermediate approach i.e. a HIP 631 Lite (this HIP) could help users without an EVM address. It would
+enable accounts to interact with the EVM, even contracts using `ecrecover`, regardless of the public key on its account.
+
+In a sense, the current network already supports the ability to set the EVM address, it just only works during account creation. Thus, this HIP allows those previously created accounts to be updated and interact with the
+EVM as one would expect.
+
+### Foundational Concepts
+
+The following are some clarifying concepts to increase clarity around aliases
+- Every account on the network has 1 or 2 evm addresses. Either only the Hedera num alias (long zero) or the Hedera num
+    alias (long zero) and an EVM address alias (standard ECDSA derived EVM address).
+- When a user interacts with the EVM the network will utilize the ECDSA derived EVM address alias on an account if
+    present. If not it will utilize the long zero.
+- Accounts with an ECDSA derived EVM address are fully compatible with expectations of contracts that utilize the
+    ecrecover precompile.
+- Accounts without an ECDSA derived EVM address alias will not match the expectation of the ecrecover precompile
+    calculations. This has effects on certain DApp behaviour.
+- Smart contracts can and do cache the evm address of an account and often use it to assign attributes such as access
+    and ownership. As a result it was important to maintain a static alias to avoid unintended differences in
+    expectation
+- Account key rotation has no impact on the evm address utilized when an account interacts with the EVM
-The following are some clarifying concepts to increase clarity around aliases
- Every account on the network has 1 or 2 evm addresses. Either only the Hedera num alias (long zero) or the Hedera num
-    alias (long zero) and an EVM address alias (standard ECDSA derived EVM address).
- When a user interacts with the EVM the network will utilize the ECDSA derived EVM address alias on an account if
-    present. If not it will utilize the long zero.
- Accounts with an ECDSA derived EVM address are fully compatible with expectations of contracts that utilize the
-    ecrecover precompile.
- Accounts without an ECDSA derived EVM address alias will not match the expectation of the ecrecover precompile
-    calculations. This has effects on certain DApp behaviour.
- Smart contracts can and do cache the evm address of an account and often use it to assign attributes such as access
-    and ownership. As a result it was important to maintain a static alias to avoid unintended differences in
-    expectation
- Account key rotation has no impact on the evm address utilized when an account interacts with the EVM
+Every account in Hiero has a 20-byte EVM alias by default. It is created **not** by using the key on the account,
+which may change, but by computing a "long-zero" alias by taking the account ID (such as 0.0.1234) and
+converting it into a 20-byte representation.
+
+Given any account, you can send HBAR, or Tokens, to any other account by using either its Account ID, or by using
+its built-in long-zero alias.
+
+A user may specify an alias **in addition to** the long-zero alias. This additional alias is typically based on an
+ECDSA key, exactly the same way as it is done in Ethereum. This key may, or may not, be the admin key on the
+account. But to use this alias, the user must assert they own the key by signing the transaction that sets the alias
+with the corresponding private key of that alias, to prevent "alias squatting" by malicious actors.
+
+When a user interacts with a smart contract, if a user-defined alias based on ECDSA is present, it will be used as
+the address by which the smart contract interacts with the account. The smart contract will not be able to use
+the long-zero address. If the account does not have a user-defined alias based on ECDSA, then the long-zero
+alias will be used to represent the account in the smart contract system.
+
+Accounts with user-defined aliases based on ECDSA work with smart contracts that make use of `ecrecover`.
+Accounts that work with smart contracts using their long-zero address will not work with smart contracts that
+use `ecrecover`.
+
+Smart contracts can, and frequently do, store in state the EVM address of accounts that use the smart contract.
+For this reason, smart contracts **will not work** with accounts whose EVM address changes. This is why
+the user-defined alias cannot be changed after it has been set, since this has become the address by which
+contracts will refer to the account.
+
+Due to this fact, the user must always sign contract calls with the key associated with the user-defined ECDSA
+alias, and must never lose that key. If for any reason the key must be rotated, all value in the account must be
+transferred to a new account, possibly incurring custom fees for HTS tokens. This is the same as how it works
+on Ethereum.
-The following are some clarifying concepts to increase clarity around aliases
- Every account on the network has 1 or 2 evm addresses. Either only the Hedera num alias (long zero) or the Hedera num
-    alias (long zero) and an EVM address alias (standard ECDSA derived EVM address).
- When a user interacts with the EVM the network will utilize the ECDSA derived EVM address alias on an account if
-    present. If not it will utilize the long zero.
- Accounts with an ECDSA derived EVM address are fully compatible with expectations of contracts that utilize the
-    ecrecover precompile.
- Accounts without an ECDSA derived EVM address alias will not match the expectation of the ecrecover precompile
-    calculations. This has effects on certain DApp behaviour.
- Smart contracts can and do cache the evm address of an account and often use it to assign attributes such as access
-    and ownership. As a result it was important to maintain a static alias to avoid unintended differences in
-    expectation
- Account key rotation has no impact on the evm address utilized when an account interacts with the EVM
+Every account in Hiero has a 20-byte EVM alias by default. It is created **not** by using the key on the account,
+which may change, but by computing a "long-zero" alias by taking the account ID (such as 0.0.1234) and
+converting it into a 20-byte representation.
+
+Given any account, you can send HBAR, or Tokens, to any other account by using either its Account ID, or by using
+its built-in long-zero alias.
+
+A user may specify an alias **in addition to** the long-zero alias. This additional alias is typically based on an
+ECDSA key, exactly the same way as it is done in Ethereum. This key may, or may not, be the admin key on the
+account. But to use this alias, the user must assert they own the key by signing the transaction that sets the alias
+with the corresponding private key of that alias, to prevent "alias squatting" by malicious actors.
+
+When a user interacts with a smart contract, if a user-defined alias based on ECDSA is present, it will be used as
+the address by which the smart contract interacts with the account. The smart contract will not be able to use
+the long-zero address. If the account does not have a user-defined alias based on ECDSA, then the long-zero
+alias will be used to represent the account in the smart contract system.
+
+Accounts with user-defined aliases based on ECDSA work with smart contracts that make use of `ecrecover`.
+Accounts that work with smart contracts using their long-zero address will not work with smart contracts that
+use `ecrecover`.
+
+Smart contracts can, and frequently do, store in state the EVM address of accounts that use the smart contract.
+For this reason, smart contracts **will not work** with accounts whose EVM address changes. This is why
+the user-defined alias cannot be changed after it has been set, since this has become the address by which
+contracts will refer to the account.
+
+Due to this fact, the user must always sign contract calls with the key associated with the user-defined ECDSA
+alias, and must never lose that key. If for any reason the key must be rotated, all value in the account must be
+transferred to a new account, possibly incurring custom fees for HTS tokens. This is the same as how it works
+on Ethereum.
+
+<aside>
+🚨 **Open Task:** : Add account, address key relationship diagram for clarity
+</aside>
+
+## User stories
+
+1. As an existing account with an ED key but no EVM address alias, I would like to set an ECDSA derived EVM address
+    alias on my account that will identify my account on the EVM.
+2. As an existing account with an EC key but no EVM address alias, I would like to set an ECDSA derived EVM address
+    alias on my account that will identify my account on the EVM.
+3. As an existing account with a complex key but no EVM address alias, I would like to set an ECDSA derived EVM address
+    alias on my account that will identify my account on the EVM.
+5. As an existing account with a newly set ECDSA derived EVM address, I want my account to conform with `ecrecover`
+    expectations as long as I sign the transaction with the ECDSA key that corresponds to the EVM address alias.
+    This key may or may not be the key currently on my account.
+5. As an account with an EVM address alias set after creation, I would like to set an evm address override to my
+    previous long zero address for a `ContractCreate` transaction.
+6. As an account with an EVM address alias set after creation, I would like to set an evm address override to my
+    previous long zero address for a `ContractCall` transaction.
-5. As an account with an EVM address alias set after creation, I would like to set an evm address override to my
-    previous long zero address for a `ContractCreate` transaction.
-6. As an account with an EVM address alias set after creation, I would like to set an evm address override to my
-    previous long zero address for a `ContractCall` transaction.
+5. As an account owner with an EVM address alias set after creation, I have already made some smart contract calls
+using my long-zero EVM address, and I would like to continue using the long-zero address for specific
+`ContractCall` transactions.
-5. As an account with an EVM address alias set after creation, I would like to set an evm address override to my
-    previous long zero address for a `ContractCreate` transaction.
-6. As an account with an EVM address alias set after creation, I would like to set an evm address override to my
-    previous long zero address for a `ContractCall` transaction.
+5. As an account owner with an EVM address alias set after creation, I have already made some smart contract calls
+using my long-zero EVM address, and I would like to continue using the long-zero address for specific
+`ContractCall` transactions.
+
-  
+  6. As a wallet provider, I want to create accounts ahead of time with no alias, and then when the user takes
+  possession of the account, they can set the key and alias to an ECDSA key for full EVM compatibility
+  7. As a wallet provider, I want to track which alias an account has used with which smart contract, so that
+  accounts that had previously used a smart contract with a long-zero address will continue to use the long-zero
+  address, even if they have a new EVM friendly alias that they use with other accounts.
-  
+  6. As a wallet provider, I want to create accounts ahead of time with no alias, and then when the user takes
+  possession of the account, they can set the key and alias to an ECDSA key for full EVM compatibility
+  7. As a wallet provider, I want to track which alias an account has used with which smart contract, so that
+  accounts that had previously used a smart contract with a long-zero address will continue to use the long-zero
+  address, even if they have a new EVM friendly alias that they use with other accounts.
+## Specification
+
+The main change to the network is simple - `CryptoUpdate` transactions will support setting a new ECDSA derived
+`evm_address` if the current value is unset.
+
+### Protobuf
+```protobuf
+message CryptoUpdateTransactionBody {
+    ...
+
+    /**
+     * EOA 20-byte address to create that is derived from the keccak-256 hash of a ECDSA_SECP256K1 primitive key.
+     */
+    bytes evm_address = 19;
-    /**
-     * EOA 20-byte address to create that is derived from the keccak-256 hash of a ECDSA_SECP256K1 primitive key.
-     */
-    bytes evm_address = 19;
+    /**
+     * An EVM-compatible 20-byte address derived the keccak-256 hash of a ECDSA_SECP256K1 primitive key.
+     * The transaction MUST be signed by the corresponding private key, and the `alias` on the account MUST
+     * be unset prior to this call. Once set, this value cannot be changed.
+     */
+    bytes alias = 19;
-    /**
-     * EOA 20-byte address to create that is derived from the keccak-256 hash of a ECDSA_SECP256K1 primitive key.
-     */
-    bytes evm_address = 19;
+    /**
+     * An EVM-compatible 20-byte address derived the keccak-256 hash of a ECDSA_SECP256K1 primitive key.
+     * The transaction MUST be signed by the corresponding private key, and the `alias` on the account MUST
+     * be unset prior to this call. Once set, this value cannot be changed.
+     */
+    bytes alias = 19;
+}
+```
+
+Additionally, `ContractCreate` and `ContractCall` EVM transactions will need to support the ability to specify the
+Hedera Num Alias address to use on the transaction. This is because on the HAPI side all aliases are applicable and
+thus the flexibility of the API is important to maintain.
+Also, accounts that previously had no ECDSA derived EVM address were likely created via the HAPI flow and it may
+be important for an EOA to utilize the long zero address even after setting a new ECDSA derived EVM address.
+For transactions that utilize the `EthereumTransaction` a compliant ECDSA derived EVM address is provided by default
+when using EVM tools.
+
+```protobuf
+message ContractCreateTransactionBody {
+    ...
+    /**
+    * The 20-byte EVM address to use for the given transaction. This address must be the Hedera num alias of the account.
+    */
+    bytes evm_address_override = 21;
+}
+
+message ContractCallTransactionBody {
+	...
+    /**
+    * The 20-byte EVM address to use for the given transaction. This address must be the Hedera num alias of the account.
+    */
+    bytes evm_address_override = 5;
+}
+```
-Additionally, `ContractCreate` and `ContractCall` EVM transactions will need to support the ability to specify the
-Hedera Num Alias address to use on the transaction. This is because on the HAPI side all aliases are applicable and
-thus the flexibility of the API is important to maintain.
-Also, accounts that previously had no ECDSA derived EVM address were likely created via the HAPI flow and it may
-be important for an EOA to utilize the long zero address even after setting a new ECDSA derived EVM address.
-For transactions that utilize the `EthereumTransaction` a compliant ECDSA derived EVM address is provided by default
-when using EVM tools.
-
-```protobuf
-message ContractCreateTransactionBody {
-    ...
-    /**
-    * The 20-byte EVM address to use for the given transaction. This address must be the Hedera num alias of the account.
-    */
-    bytes evm_address_override = 21;
-}
-
-message ContractCallTransactionBody {
-	...
-    /**
-    * The 20-byte EVM address to use for the given transaction. This address must be the Hedera num alias of the account.
-    */
-    bytes evm_address_override = 5;
-}
-```
+The `ContractCall` transaction will allow the user to specify an `evm_address_override` to explicitly specify
+the use of the long-zero EVM address to represent the account in the transaction.
+
+```protobuf
+message ContractCallTransactionBody {
+	...
+    /**
+     * The 20-byte EVM address to use for the given transaction. This address must be the Hedera "long-zero" alias
+     *  of the account making this call.
+     */
+    bytes evm_address_override = 5;
+}
-Additionally, `ContractCreate` and `ContractCall` EVM transactions will need to support the ability to specify the
-Hedera Num Alias address to use on the transaction. This is because on the HAPI side all aliases are applicable and
-thus the flexibility of the API is important to maintain.
-Also, accounts that previously had no ECDSA derived EVM address were likely created via the HAPI flow and it may
-be important for an EOA to utilize the long zero address even after setting a new ECDSA derived EVM address.
-For transactions that utilize the `EthereumTransaction` a compliant ECDSA derived EVM address is provided by default
-when using EVM tools.
-
-```protobuf
-message ContractCreateTransactionBody {
-    ...
-    /**
-    * The 20-byte EVM address to use for the given transaction. This address must be the Hedera num alias of the account.
-    */
-    bytes evm_address_override = 21;
-}
-
-message ContractCallTransactionBody {
-	...
-    /**
-    * The 20-byte EVM address to use for the given transaction. This address must be the Hedera num alias of the account.
-    */
-    bytes evm_address_override = 5;
-}
-```
+The `ContractCall` transaction will allow the user to specify an `evm_address_override` to explicitly specify
+the use of the long-zero EVM address to represent the account in the transaction.
+
+```protobuf
+message ContractCallTransactionBody {
+	...
+    /**
+     * The 20-byte EVM address to use for the given transaction. This address must be the Hedera "long-zero" alias
+     *  of the account making this call.
+     */
+    bytes evm_address_override = 5;
+}
+
+No change is needed to expose the evm address as it is covered by the `evm_address` property on `TransactionRecord`
+
+### HSCS System Contract API
+The HAS system contract will need to be updated to add support for a `setEVmAddressAlias()` function to expose the
+`CryptoUpdate` HAPI functionality and allow EOAs to call this logic directly from dApps.
+
-The HAS system contract will need to be updated to add support for a `setEVmAddressAlias()` function to expose the
-`CryptoUpdate` HAPI functionality and allow EOAs to call this logic directly from dApps.
+The Hedera Account Service (HAS) system contract will need to be updated to add support for a `setEvmAddressAlias()` function to expose the
+`CryptoUpdate` HAPI functionality and allow EOAs to call this logic directly from dApps.
+
-The HAS system contract will need to be updated to add support for a `setEVmAddressAlias()` function to expose the
-`CryptoUpdate` HAPI functionality and allow EOAs to call this logic directly from dApps.
+The Hedera Account Service (HAS) system contract will need to be updated to add support for a `setEvmAddressAlias()` function to expose the
+`CryptoUpdate` HAPI functionality and allow EOAs to call this logic directly from dApps.
+
+### SDK
+
+SDKs will need to update the `AccountUpdateTransaction` to support the `setAlias()` function as it does on
+`AccountCreateTransaction`. This will populate the `evm_address` in the `CryptoUpdateTransactionBody`to be submitted.
+
+`ContractCreateTransaction` and `ContractExecuteTransaction` will need to support a new `setEVmAddressOverride()`
+function to set the `evm_address_override` property on the respective `ContractCreate` and `ContractCall` transactions. 
+
+In addition to updated `AccountUpdateTransaction` functionality the SDK will want to add new methods to streamline
+account key specifications by developers with considerations for alias
+
+- `setKeyWithAlias(ECDSAKey)` - Explicitly calls out the alias set and converts public key to address in the background
+- `setKeyWithAlias(Key, ECDSAKey)` - Allows for setting the account key and a separate key that the evmAddress should
+    be derived from. A user must sign the transaction with both keys for this flow to be successful.
+- `setKeyWithoutAlias(Key)` - Explicitly calls out that the alias is not set. This is useful for wallets that create
+    accounts with default keys and rotate keys later.
-SDKs will need to update the `AccountUpdateTransaction` to support the `setAlias()` function as it does on
-`AccountCreateTransaction`. This will populate the `evm_address` in the `CryptoUpdateTransactionBody`to be submitted.
-
-`ContractCreateTransaction` and `ContractExecuteTransaction` will need to support a new `setEVmAddressOverride()`
-function to set the `evm_address_override` property on the respective `ContractCreate` and `ContractCall` transactions. 
-
-In addition to updated `AccountUpdateTransaction` functionality the SDK will want to add new methods to streamline
-account key specifications by developers with considerations for alias
-
- `setKeyWithAlias(ECDSAKey)` - Explicitly calls out the alias set and converts public key to address in the background
- `setKeyWithAlias(Key, ECDSAKey)` - Allows for setting the account key and a separate key that the evmAddress should
-    be derived from. A user must sign the transaction with both keys for this flow to be successful.
- `setKeyWithoutAlias(Key)` - Explicitly calls out that the alias is not set. This is useful for wallets that create
-    accounts with default keys and rotate keys later.
+SDKs will need to update the `AccountUpdateTransaction` to support the `setAlias()` function as it does on
+`AccountCreateTransaction`. This will populate the `evm_address` in the `CryptoUpdateTransactionBody`to be submitted.
+
+`ContractExecuteTransaction` will need to support a new `setEVmAddressOverride()`
+function to set the `evm_address_override` property on the `ContractCall` transaction. 
+
+In addition to updated `AccountUpdateTransaction` functionality the SDK will want to add new methods to
+streamline account key specifications by developers with considerations for alias:
+
+- `setKeyWithAlias(ECDSAKey)` - Explicitly calls out the alias will be set and converts the public key to an
+   address in the background
+- `setKeyWithAlias(Key, ECDSAKey)` - Allows for setting the account key and a separate key that the evmAddress
+   should be derived from. A user must sign the transaction with both keys for this flow to be successful.
+- `setKeyWithoutAlias(Key)` - Explicitly calls out that the alias is not set. This is useful for wallets that create
+    accounts with default keys and rotate keys later.
-SDKs will need to update the `AccountUpdateTransaction` to support the `setAlias()` function as it does on
-`AccountCreateTransaction`. This will populate the `evm_address` in the `CryptoUpdateTransactionBody`to be submitted.
-
-`ContractCreateTransaction` and `ContractExecuteTransaction` will need to support a new `setEVmAddressOverride()`
-function to set the `evm_address_override` property on the respective `ContractCreate` and `ContractCall` transactions. 
-
-In addition to updated `AccountUpdateTransaction` functionality the SDK will want to add new methods to streamline
-account key specifications by developers with considerations for alias
-
- `setKeyWithAlias(ECDSAKey)` - Explicitly calls out the alias set and converts public key to address in the background
- `setKeyWithAlias(Key, ECDSAKey)` - Allows for setting the account key and a separate key that the evmAddress should
-    be derived from. A user must sign the transaction with both keys for this flow to be successful.
- `setKeyWithoutAlias(Key)` - Explicitly calls out that the alias is not set. This is useful for wallets that create
-    accounts with default keys and rotate keys later.
+SDKs will need to update the `AccountUpdateTransaction` to support the `setAlias()` function as it does on
+`AccountCreateTransaction`. This will populate the `evm_address` in the `CryptoUpdateTransactionBody`to be submitted.
+
+`ContractExecuteTransaction` will need to support a new `setEVmAddressOverride()`
+function to set the `evm_address_override` property on the `ContractCall` transaction. 
+
+In addition to updated `AccountUpdateTransaction` functionality the SDK will want to add new methods to
+streamline account key specifications by developers with considerations for alias:
+
+- `setKeyWithAlias(ECDSAKey)` - Explicitly calls out the alias will be set and converts the public key to an
+   address in the background
+- `setKeyWithAlias(Key, ECDSAKey)` - Allows for setting the account key and a separate key that the evmAddress
+   should be derived from. A user must sign the transaction with both keys for this flow to be successful.
+- `setKeyWithoutAlias(Key)` - Explicitly calls out that the alias is not set. This is useful for wallets that create
+    accounts with default keys and rotate keys later.
+
+### Mirror Node
+
+Mirror Nodes should be sure to support the setting of the evm address value on an account when processing a
+`CryptoUpdate` transaction. As in the case of a `CryptoCreate` the new value can be retrieved from the `evm_address`
+property on `TransactionRecord`.
+If no custom logic already exists to ignore this Mirror Nodes will be unimpaired by the change
-Mirror Nodes should be sure to support the setting of the evm address value on an account when processing a
-`CryptoUpdate` transaction. As in the case of a `CryptoCreate` the new value can be retrieved from the `evm_address`
-property on `TransactionRecord`.
-If no custom logic already exists to ignore this Mirror Nodes will be unimpaired by the change
+Mirror Nodes should be sure to support the setting of the evm address / alias value on an account when processing
+a `CryptoUpdate` transaction. As in the case of a `CryptoCreate` the new value can be retrieved from the `evm_address` property on `TransactionRecord`.
+If no custom logic already exists to ignore this Mirror Nodes will be unimpaired by the change
-Mirror Nodes should be sure to support the setting of the evm address value on an account when processing a
-`CryptoUpdate` transaction. As in the case of a `CryptoCreate` the new value can be retrieved from the `evm_address`
-property on `TransactionRecord`.
-If no custom logic already exists to ignore this Mirror Nodes will be unimpaired by the change
+Mirror Nodes should be sure to support the setting of the evm address / alias value on an account when processing
+a `CryptoUpdate` transaction. As in the case of a `CryptoCreate` the new value can be retrieved from the `evm_address` property on `TransactionRecord`.
+If no custom logic already exists to ignore this Mirror Nodes will be unimpaired by the change
+
+### Wallets
+
+The HIP provides opportunities for increased user functionality.
+- Wallets are encouraged to create accounts with an ECDSA derived address alias
+- Wallets are encouraged to support the ability for users to set an ECDSA derived alias in the future. This may require
+wallets to support multiple keys for users that may decide to interchange between addresses.
+
+## Backwards Compatibility
+
+This does not break previous functionality but rather adds new scoped support for a change that is possible at account
+creation time. However, it may be said that there is a behaviour change here that is important to note. This change
+is accepted as the benefits of unblocking existing accounts outweighs the cons. The ability to override the address
+also ensure there's a pathway for EOA to set their long zero address if needed.
+Finally, it is appropriate for clients to query mirror node for accurate account details. Clients that do this will
+avoid not be impacted by this change.
-This does not break previous functionality but rather adds new scoped support for a change that is possible at account
-creation time. However, it may be said that there is a behaviour change here that is important to note. This change
-is accepted as the benefits of unblocking existing accounts outweighs the cons. The ability to override the address
-also ensure there's a pathway for EOA to set their long zero address if needed.
-Finally, it is appropriate for clients to query mirror node for accurate account details. Clients that do this will
-avoid not be impacted by this change.
+Any account interacting with a smart contract using its long-zero address, that subsequently sets an ECDSA derived alias, MAY need to use the `evm_address_override` when working with that smart contract,
+if the smart contract maintained a reference to the account. Alternatively, the user may call the smart
+contract using the `evm_address_override` to move assets or data contained within the smart contract
+from the long-zero address to their new ECDSA-derived address.
-This does not break previous functionality but rather adds new scoped support for a change that is possible at account
-creation time. However, it may be said that there is a behaviour change here that is important to note. This change
-is accepted as the benefits of unblocking existing accounts outweighs the cons. The ability to override the address
-also ensure there's a pathway for EOA to set their long zero address if needed.
-Finally, it is appropriate for clients to query mirror node for accurate account details. Clients that do this will
-avoid not be impacted by this change.
+Any account interacting with a smart contract using its long-zero address, that subsequently sets an ECDSA derived alias, MAY need to use the `evm_address_override` when working with that smart contract,
+if the smart contract maintained a reference to the account. Alternatively, the user may call the smart
+contract using the `evm_address_override` to move assets or data contained within the smart contract
+from the long-zero address to their new ECDSA-derived address.
+
+## Security Implications
+
+Smart contracts have their logic self contained in byte code. Therefore, the implications of address changes are
+dictated by each smart contract and not the network. A smart contract may cache an EOA address on first interaction and
+utilize that to identify them in future. The cached address could dictate balance access or other privileged access.
+
+As such, an EOA that has interacted with a smart contract using their long zero address and then sets an ECDSA derived
+EVM address after will be responsible for any unexpected interactions with the smart contract.
+It is advised that an EOA in this case first transfer all in contract storage assets to the EVM address prior to
+setting their alias.
-Smart contracts have their logic self contained in byte code. Therefore, the implications of address changes are
-dictated by each smart contract and not the network. A smart contract may cache an EOA address on first interaction and
-utilize that to identify them in future. The cached address could dictate balance access or other privileged access.
-
-As such, an EOA that has interacted with a smart contract using their long zero address and then sets an ECDSA derived
-EVM address after will be responsible for any unexpected interactions with the smart contract.
-It is advised that an EOA in this case first transfer all in contract storage assets to the EVM address prior to
-setting their alias.
+None.
-Smart contracts have their logic self contained in byte code. Therefore, the implications of address changes are
-dictated by each smart contract and not the network. A smart contract may cache an EOA address on first interaction and
-utilize that to identify them in future. The cached address could dictate balance access or other privileged access.
-
-As such, an EOA that has interacted with a smart contract using their long zero address and then sets an ECDSA derived
-EVM address after will be responsible for any unexpected interactions with the smart contract.
-It is advised that an EOA in this case first transfer all in contract storage assets to the EVM address prior to
-setting their alias.
+None.
+
+## How to Teach This
+
+SDK examples, blogs and tutorials on docs.hedera.com
+
+## Reference Implementation
+
+
+## Rejected Ideas
+
+### Implement HIP 631
+[HIP 631: Account Virtual Addresses](https://hips.hedera.com/hip/hip-631) would have added the ability add evm address
+and specify any one of them as the desired address for use. However, this didn't unblock existing account and offered
+likely complex UX that would overcomplicated the issue at this time. Focusing on setting aliases that were already null
+and supporting evm address only for accounts that migrated themselves provides a solution that is focused and less
+complex.
+
+## Open Issues
+
+While a HIP is in draft, ideas can come up which warrant further discussion. Those ideas should be recorded so people
+know that they are being thought about but do not have a concrete resolution. This helps make sure all issues required
+for the HIP to be ready for consideration are complete and reduces people duplicating prior discussions.
+
+## References
+
+
+
+## Copyright/license
+
+This document is licensed under the Apache License, Version 2.0 -- see [LICENSE](../LICENSE) or
+(https://www.apache.org/licenses/LICENSE-2.0)