# Known Limitations Honest documentation of Rome Protocol's current constraints and their implications. ## Execution Limitations **Modexp precompile disabled.** The modular exponentiation precompile (0x05) is disabled by default. Contracts relying on RSA verification or other modexp operations will fail. Can be enabled via feature flag. **SELFDESTRUCT removed.** The SELFDESTRUCT opcode is not supported, following Ethereum's Dencun deprecation. Contracts using SELFDESTRUCT will revert. **256 storage slots per storage account.** Contract storage is partitioned across Solana accounts with 256 slots each. Contracts with large storage footprints will use multiple accounts, which affects CU costs. **CPI depth limit of 4.** Deeply nested CPI calls will fail. Design contracts with shallow call trees. ## Token Limitations **Transfer hooks only fire on `transfer_checked`.** Plain `transfer` calls bypass hooks entirely. All Rome bridge operations use `transfer_checked`, but third-party integrations must be aware of this. **Mint and burn operations are not hooked.** Token-2022 Transfer Hooks do not fire on mint/burn. Controlled via mint authority, not hooks. **Token wrapping escape.** Users can potentially wrap Token-2022 tokens into standard SPL tokens to bypass transfer hooks. Mitigated by wrapper blacklists and PermanentDelegate extension, but not fully eliminated. ## Oracle Limitations **No historical round data.** Oracle Gateway adapters only support `latestRoundData()`. Historical price queries via `getRoundData(roundId)` revert. **Parser offsets are empirically validated.** Pyth and Switchboard account data is parsed using hardcoded byte offsets. If Pyth or Switchboard change their account layout, adapters will return incorrect data until offsets are re-validated. ## Infrastructure Limitations **Single operator model.** Each Rome deployment is operated by a single entity (the payer pool operator). There is no decentralized operator set. **Iterative mode locking.** During iterative execution, accounts are locked for 3-4 seconds. This can cause contention on heavily-used accounts. **OP-Geth divergence risk.** State divergence between Rome EVM and OP-Geth remains a persistent engineering challenge. Footprint validation mitigates but does not eliminate this risk. ## What's Next * [Responsible Disclosure](/security/responsible-disclosure.md) — how to report issues --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.rome.builders/security/known-limitations.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.