EIP-6780 restricts SELFDESTRUCT to same-transaction contracts eliminating metamorphic contract patterns

# EIP-6780 restricts SELFDESTRUCT to same-transaction contracts eliminating metamorphic contract patterns EIP-6780 (Dencun upgrade) changes SELFDESTRUCT semantics: the opcode now only destroys contracts created within the same transaction. Contracts deployed in prior transactions can call SELFDESTRUCT, but it no longer clears code, nonce, or storage; only ETH transfer to the beneficiary occurs (sending the contract's balance to the designated address). The primary security consequence is eliminating metamorphic contracts: CREATE2 (deterministic address) combined with SELFDESTRUCT (clears bytecode) allowed a contract address to change its code between deployments, enabling bait-and-switch attacks where audited code is replaced with malicious code at the same address. Since [[selfdestruct in implementation contracts can permanently brick proxy systems]] and [[selfdestruct was deprecated in solidity 0.8.18 via eip-6049]], EIP-6780 is Ethereum's operational culmination of multi-year SELFDESTRUCT removal. The Parity Wallet incident (2017, 513,774 ETH permanently locked when a user accidentally destroyed the library contract) provided the motivating catastrophe. EIP-6780 does not fully remove the opcode (backward compatibility for ETH sweeping) but neutralizes its most dangerous properties. --- Relevant Notes: - [[selfdestruct in implementation contracts can permanently brick proxy systems]]: the proxy-specific danger that EIP-6780 reduces - [[selfdestruct was deprecated in solidity 0.8.18 via eip-6049]]: the language-level deprecation preceding this EVM-level restriction - [[CREATE2 enables contract recreation at the same address with different bytecode when the constructor queries external state]]: the metamorphic pattern EIP-6780 prevents - [[malicious governance proposal injection via CREATE2 and SELFDESTRUCT allows attackers to swap approved code with malicious code between proposal approval and execution]]: the Tornado Cash (May 2023) governance exploit is the highest-profile real-world instance of the metamorphic contract pattern EIP-6780 eliminates for post-Dencun contracts - [[governance systems must verify proposal code integrity at execution time not only at approval time because contract metamorphism can change the code between votes]]: EIP-6780 mitigates the attack but execution-time bytecode hash verification remains necessary for legacy governance systems predating Dencun Topics: - [[solidity-behaviors]] - [[evm-internals]] - [[security-patterns]]