Transaction Hash:
Block:
22025636 at Mar-11-2025 07:12:35 PM +UTC
Transaction Fee:
0.00056842446829446 ETH
$1.07
Gas Used:
168,858 Gas / 3.36628687 Gwei
Emitted Events:
| 179 |
TransparentUpgradeableProxy.0x7394f4a19a13c7b92b5bb71033245305946ef78452f7b4986ac1390b5df4ebd7( 0x7394f4a19a13c7b92b5bb71033245305946ef78452f7b4986ac1390b5df4ebd7, 0x00000000000000000000000000000000000000000000000000000000000cc23a, 0x1a7ea1d4adabf5dee7dd9968e6815570de95c00f1e2648142ee13b76c4f55dd1, 0x86eb982b19eeca9c8ca01838e47b6077059407cef60da803075c919a6669a944, c6e33978efaeed57bfde5ac9e9c2fa94e3e1ef2546c05e20b0e9e08e8171ffb4, 00000000000000000000000000000000000000000000000000000000001d0142, 0000000000000000000000000000000000000000000000000000000067cf39a3, 0000000000000000000000000000000000000000000000000000000067d08e23, 00000000000000000000000000000000000000000000000000000000014ff984, 00000000000000000000000000000000000000000000000000000000015015e4, 0000000000000000000000000000000000000000000000000000000000000003 )
|
| 180 |
TransparentUpgradeableProxy.0x5e3c1311ea442664e8b1611bfabef659120ea7a0a2cfc0667700bebc69cbffe1( 0x5e3c1311ea442664e8b1611bfabef659120ea7a0a2cfc0667700bebc69cbffe1, 0x00000000000000000000000000000000000000000000000000000000001d014a, 0xad9d9a87f0dc2abb6eb167dd4c94b9f25a1d327182d680581b74205a879e994f, 0000000000000000000000001c479675ad559dc151f6ec7ed3fbf8cee79582b6, 000000000000000000000000000000000000000000000000000000000000000d, 000000000000000000000000c1b634853cb333d3ad8663715b08f41a3aec47cc, bf3158000287b63bff79fc74b58de0a4be961cce42d5a5a587a39e5ac2128d84, 000000000000000000000000000000000000000000000000000000008d0aac16, 0000000000000000000000000000000000000000000000000000000067d08b23 )
|
| 181 |
TransparentUpgradeableProxy.0xff64905f73a67fb594e0f940a8075a860db489ad991e032f48c81123eb52d60b( 0xff64905f73a67fb594e0f940a8075a860db489ad991e032f48c81123eb52d60b, 0x00000000000000000000000000000000000000000000000000000000001d014a, 0000000000000000000000000000000000000000000000000000000000000020, 000000000000000000000000000000000000000000000000000000000000009c, 0000000000000000000000000000000000000000000000000000000067d08b23, c1b634853cb333d3ad8663715b08f41a3aec47cc41df09bb3d1087f22feddfb1, 9a76cfed5dfee7646a59c09dce1fadecfb4187a4000000000000000000000000, 00000000000000000000000000000000000cc23a000000000000000000000000, 000000000000000000000000000000008d0aac1600000000001179a100000000 )
|
| 182 |
GasRefunder.RefundedGasCosts( refundee=[Sender] 0xc1b634853cb333d3ad8663715b08f41a3aec47cc, contractAddress=[Receiver] TransparentUpgradeableProxy, success=True, gas=1357712, gasPrice=3366286870, amountPaid=3291594792330325 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x8315177a...4DBd7ed3a | (Arbitrum: Bridge) | ||||
|
0x95222290...5CC4BAfe5
Miner
| (beaverbuild) | 6.019072565282896728 Eth | 6.019241423282896728 Eth | 0.000168858 | |
| 0xC1b63485...A3Aec47cc | (Arbitrum: Batch Submitter) |
10.000163241878889677 Eth
Nonce: 784940
|
10.00017642372856983 Eth
Nonce: 784941
| 0.000013181849680153 | |
| 0xe64a54E2...80E2E4eb5 | 207.694431089370570736 Eth | 207.691139494578240411 Eth | 0.003291594792330325 |
Execution Trace
TransparentUpgradeableProxy.3e5aa082( )
SequencerInbox.addSequencerL2BatchFromBlobs( sequenceNumber=836154, afterDelayedMessagesRead=1900866, gasRefunder=0xe64a54E2533Fd126C2E452c5fAb544d80E2E4eb5, prevMessageCount=292454533, newMessageCount=292454952 )-
0x15b25e3fb8419da4848a6f193bb9b43519d0d4ca.STATICCALL( ) -
0x15b25e3fb8419da4848a6f193bb9b43519d0d4ca.STATICCALL( ) TransparentUpgradeableProxy.STATICCALL( )-
Bridge.DELEGATECALL( )
-
TransparentUpgradeableProxy.86598a56( )-
Bridge.enqueueSequencerMessage( dataHash=41DF09BB3D1087F22FEDDFB19A76CFED5DFEE7646A59C09DCE1FADECFB4187A4, afterDelayedMessagesRead=1900866, prevMessageCount=292454533, newMessageCount=292454952 ) => ( seqMessageIndex=836154, beforeAcc=1A7EA1D4ADABF5DEE7DD9968E6815570DE95C00F1E2648142EE13B76C4F55DD1, delayedAcc=C6E33978EFAEED57BFDE5AC9E9C2FA94E3E1EF2546C05E20B0E9E08E8171FFB4, acc=86EB982B19EECA9C8CA01838E47B6077059407CEF60DA803075C919A6669A944 )
-
TransparentUpgradeableProxy.7a88b107( )-
Bridge.submitBatchSpendingReport( sender=0xC1b634853Cb333D3aD8663715b08f41A3Aec47cc, messageDataHash=BF3158000287B63BFF79FC74B58DE0A4BE961CCE42D5A5A587A39E5AC2128D84 ) => ( 1900874 )
-
-
0x15b25e3fb8419da4848a6f193bb9b43519d0d4ca.STATICCALL( ) -
0x15b25e3fb8419da4848a6f193bb9b43519d0d4ca.STATICCALL( ) GasRefunder.onGasSpent( refundee=0xC1b634853Cb333D3aD8663715b08f41A3Aec47cc, gasUsed=1231882, calldataSize=164 ) => ( success=True )- ETH 0.003291594792330325
Arbitrum: Batch Submitter.CALL( )
- ETH 0.003291594792330325
-
addSequencerL2BatchFromBlobs[SequencerInbox (ln:1204)]
NotBatchPoster[SequencerInbox (ln:1211)]isDelayProofRequired[SequencerInbox (ln:1212)]isSynced[SequencerInbox (ln:1386)]
DelayProofRequired[SequencerInbox (ln:1212)]addSequencerL2BatchFromBlobsImpl[SequencerInbox (ln:1213)]formBlobDataHash[SequencerInbox (ln:1258)]getDataHashes[SequencerInbox (ln:1465)]MissingDataHashes[SequencerInbox (ln:1466)]packHeader[SequencerInbox (ln:1468)]getTimeBounds[SequencerInbox (ln:1391)]maxTimeVariationInternal[SequencerInbox (ln:1087)]_chainIdChanged[SequencerInbox (ln:1117)]
getBlobBaseFee[SequencerInbox (ln:1469)]concat[SequencerInbox (ln:1471)]
addSequencerL2BatchImpl[SequencerInbox (ln:1263)]DelayedBackwards[SequencerInbox (ln:1516)]delayedMessageCount[SequencerInbox (ln:1517)]DelayedTooFar[SequencerInbox (ln:1517)]enqueueSequencerMessage[SequencerInbox (ln:1518)]submitBatchSpendingReport[SequencerInbox (ln:1524)]getCurrentTxL1GasFees[SequencerInbox (ln:1495)]type[SequencerInbox (ln:1498)]ExtraGasNotUint64[SequencerInbox (ln:1498)]submitBatchSpendingReport[SequencerInbox (ln:1502)]InboxMessageDelivered[SequencerInbox (ln:1504)]
BadSequencerNumber[SequencerInbox (ln:1268)]SequencerBatchDelivered[SequencerInbox (ln:1270)]DataBlobsNotSupported[SequencerInbox (ln:1282)]isCallerCodelessOrigin[SequencerInbox (ln:1286)]submitBatchSpendingReport[SequencerInbox (ln:1287)]getCurrentTxL1GasFees[SequencerInbox (ln:1495)]type[SequencerInbox (ln:1498)]ExtraGasNotUint64[SequencerInbox (ln:1498)]submitBatchSpendingReport[SequencerInbox (ln:1502)]InboxMessageDelivered[SequencerInbox (ln:1504)]
File 1 of 5: TransparentUpgradeableProxy
File 2 of 5: TransparentUpgradeableProxy
File 3 of 5: GasRefunder
File 4 of 5: SequencerInbox
File 5 of 5: Bridge
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/transparent/TransparentUpgradeableProxy.sol)
pragma solidity ^0.8.0;
import "../ERC1967/ERC1967Proxy.sol";
/**
* @dev This contract implements a proxy that is upgradeable by an admin.
*
* To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
* clashing], which can potentially be used in an attack, this contract uses the
* https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
* things that go hand in hand:
*
* 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
* that call matches one of the admin functions exposed by the proxy itself.
* 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
* implementation. If the admin tries to call a function on the implementation it will fail with an error that says
* "admin cannot fallback to proxy target".
*
* These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
* the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
* to sudden errors when trying to call a function from the proxy implementation.
*
* Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
* you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
*/
contract TransparentUpgradeableProxy is ERC1967Proxy {
/**
* @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and
* optionally initialized with `_data` as explained in {ERC1967Proxy-constructor}.
*/
constructor(
address _logic,
address admin_,
bytes memory _data
) payable ERC1967Proxy(_logic, _data) {
assert(_ADMIN_SLOT == bytes32(uint256(keccak256("eip1967.proxy.admin")) - 1));
_changeAdmin(admin_);
}
/**
* @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin.
*/
modifier ifAdmin() {
if (msg.sender == _getAdmin()) {
_;
} else {
_fallback();
}
}
/**
* @dev Returns the current admin.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/
function admin() external ifAdmin returns (address admin_) {
admin_ = _getAdmin();
}
/**
* @dev Returns the current implementation.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
*/
function implementation() external ifAdmin returns (address implementation_) {
implementation_ = _implementation();
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}.
*/
function changeAdmin(address newAdmin) external virtual ifAdmin {
_changeAdmin(newAdmin);
}
/**
* @dev Upgrade the implementation of the proxy.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}.
*/
function upgradeTo(address newImplementation) external ifAdmin {
_upgradeToAndCall(newImplementation, bytes(""), false);
}
/**
* @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
* by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
* proxied contract.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}.
*/
function upgradeToAndCall(address newImplementation, bytes calldata data) external payable ifAdmin {
_upgradeToAndCall(newImplementation, data, true);
}
/**
* @dev Returns the current admin.
*/
function _admin() internal view virtual returns (address) {
return _getAdmin();
}
/**
* @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}.
*/
function _beforeFallback() internal virtual override {
require(msg.sender != _getAdmin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target");
super._beforeFallback();
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/ERC1967/ERC1967Proxy.sol)
pragma solidity ^0.8.0;
import "../Proxy.sol";
import "./ERC1967Upgrade.sol";
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*/
contract ERC1967Proxy is Proxy, ERC1967Upgrade {
/**
* @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
*
* If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
* function call, and allows initializating the storage of the proxy like a Solidity constructor.
*/
constructor(address _logic, bytes memory _data) payable {
assert(_IMPLEMENTATION_SLOT == bytes32(uint256(keccak256("eip1967.proxy.implementation")) - 1));
_upgradeToAndCall(_logic, _data, false);
}
/**
* @dev Returns the current implementation address.
*/
function _implementation() internal view virtual override returns (address impl) {
return ERC1967Upgrade._getImplementation();
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (proxy/Proxy.sol)
pragma solidity ^0.8.0;
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal virtual {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}
}
/**
* @dev This is a virtual function that should be overriden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/
function _implementation() internal view virtual returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/
function _fallback() internal virtual {
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback() external payable virtual {
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/
receive() external payable virtual {
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overriden should call `super._beforeFallback()`.
*/
function _beforeFallback() internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (proxy/ERC1967/ERC1967Upgrade.sol)
pragma solidity ^0.8.2;
import "../beacon/IBeacon.sol";
import "../../interfaces/draft-IERC1822.sol";
import "../../utils/Address.sol";
import "../../utils/StorageSlot.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/
abstract contract ERC1967Upgrade {
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(
address newImplementation,
bytes memory data,
bool forceCall
) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(
address newImplementation,
bytes memory data,
bool forceCall
) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlot.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlot.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlot.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Emitted when the beacon is upgraded.
*/
event BeaconUpgraded(address indexed beacon);
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlot.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(Address.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
Address.isContract(IBeacon(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlot.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(
address newBeacon,
bytes memory data,
bool forceCall
) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeacon {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822Proxiable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
require(isContract(target), "Address: delegate call to non-contract");
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/StorageSlot.sol)
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, and `uint256`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
assembly {
r.slot := slot
}
}
}
File 2 of 5: TransparentUpgradeableProxy
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/transparent/TransparentUpgradeableProxy.sol)
pragma solidity ^0.8.0;
import "../ERC1967/ERC1967Proxy.sol";
/**
* @dev This contract implements a proxy that is upgradeable by an admin.
*
* To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
* clashing], which can potentially be used in an attack, this contract uses the
* https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
* things that go hand in hand:
*
* 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
* that call matches one of the admin functions exposed by the proxy itself.
* 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
* implementation. If the admin tries to call a function on the implementation it will fail with an error that says
* "admin cannot fallback to proxy target".
*
* These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
* the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
* to sudden errors when trying to call a function from the proxy implementation.
*
* Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
* you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
*/
contract TransparentUpgradeableProxy is ERC1967Proxy {
/**
* @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and
* optionally initialized with `_data` as explained in {ERC1967Proxy-constructor}.
*/
constructor(
address _logic,
address admin_,
bytes memory _data
) payable ERC1967Proxy(_logic, _data) {
assert(_ADMIN_SLOT == bytes32(uint256(keccak256("eip1967.proxy.admin")) - 1));
_changeAdmin(admin_);
}
/**
* @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin.
*/
modifier ifAdmin() {
if (msg.sender == _getAdmin()) {
_;
} else {
_fallback();
}
}
/**
* @dev Returns the current admin.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/
function admin() external ifAdmin returns (address admin_) {
admin_ = _getAdmin();
}
/**
* @dev Returns the current implementation.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
*/
function implementation() external ifAdmin returns (address implementation_) {
implementation_ = _implementation();
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}.
*/
function changeAdmin(address newAdmin) external virtual ifAdmin {
_changeAdmin(newAdmin);
}
/**
* @dev Upgrade the implementation of the proxy.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}.
*/
function upgradeTo(address newImplementation) external ifAdmin {
_upgradeToAndCall(newImplementation, bytes(""), false);
}
/**
* @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
* by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
* proxied contract.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}.
*/
function upgradeToAndCall(address newImplementation, bytes calldata data) external payable ifAdmin {
_upgradeToAndCall(newImplementation, data, true);
}
/**
* @dev Returns the current admin.
*/
function _admin() internal view virtual returns (address) {
return _getAdmin();
}
/**
* @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}.
*/
function _beforeFallback() internal virtual override {
require(msg.sender != _getAdmin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target");
super._beforeFallback();
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/ERC1967/ERC1967Proxy.sol)
pragma solidity ^0.8.0;
import "../Proxy.sol";
import "./ERC1967Upgrade.sol";
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*/
contract ERC1967Proxy is Proxy, ERC1967Upgrade {
/**
* @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
*
* If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
* function call, and allows initializating the storage of the proxy like a Solidity constructor.
*/
constructor(address _logic, bytes memory _data) payable {
assert(_IMPLEMENTATION_SLOT == bytes32(uint256(keccak256("eip1967.proxy.implementation")) - 1));
_upgradeToAndCall(_logic, _data, false);
}
/**
* @dev Returns the current implementation address.
*/
function _implementation() internal view virtual override returns (address impl) {
return ERC1967Upgrade._getImplementation();
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (proxy/Proxy.sol)
pragma solidity ^0.8.0;
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal virtual {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}
}
/**
* @dev This is a virtual function that should be overriden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/
function _implementation() internal view virtual returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/
function _fallback() internal virtual {
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback() external payable virtual {
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/
receive() external payable virtual {
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overriden should call `super._beforeFallback()`.
*/
function _beforeFallback() internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (proxy/ERC1967/ERC1967Upgrade.sol)
pragma solidity ^0.8.2;
import "../beacon/IBeacon.sol";
import "../../interfaces/draft-IERC1822.sol";
import "../../utils/Address.sol";
import "../../utils/StorageSlot.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/
abstract contract ERC1967Upgrade {
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(
address newImplementation,
bytes memory data,
bool forceCall
) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(
address newImplementation,
bytes memory data,
bool forceCall
) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlot.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlot.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlot.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Emitted when the beacon is upgraded.
*/
event BeaconUpgraded(address indexed beacon);
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlot.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(Address.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
Address.isContract(IBeacon(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlot.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(
address newBeacon,
bytes memory data,
bool forceCall
) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeacon {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822Proxiable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
require(isContract(target), "Address: delegate call to non-contract");
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/StorageSlot.sol)
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, and `uint256`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
assembly {
r.slot := slot
}
}
}
File 3 of 5: GasRefunder
// SPDX-License-Identifier: Apache-2.0
/*
* Copyright 2021, Offchain Labs, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
pragma solidity ^0.8.7;
import "./IGasRefunder.sol";
import "@openzeppelin/contracts-0.8/access/Ownable.sol";
contract GasRefunder is IGasRefunder, Ownable {
mapping(address => bool) public allowedContracts;
mapping(address => bool) public allowedRefundees;
address public disallower;
struct CommonParameters {
uint128 maxRefundeeBalance;
uint32 extraGasMargin;
uint8 calldataCost;
uint64 maxGasTip;
uint64 maxGasCost;
uint32 maxSingleGasUsage;
}
CommonParameters public commonParams;
enum CommonParameterKey {
MAX_REFUNDEE_BALANCE,
EXTRA_GAS_MARGIN,
CALLDATA_COST,
MAX_GAS_TIP,
MAX_GAS_COST,
MAX_SINGLE_GAS_USAGE
}
enum RefundDenyReason {
CONTRACT_NOT_ALLOWED,
REFUNDEE_NOT_ALLOWED,
REFUNDEE_ABOVE_MAX_BALANCE,
OUT_OF_FUNDS
}
event RefundedGasCosts(
address indexed refundee,
address indexed contractAddress,
bool indexed success,
uint256 gas,
uint256 gasPrice,
uint256 amountPaid
);
event RefundGasCostsDenied(
address indexed refundee,
address indexed contractAddress,
RefundDenyReason indexed reason,
uint256 gas
);
event Deposited(address sender, uint256 amount);
event Withdrawn(address initiator, address destination, uint256 amount);
event ContractAllowedSet(address indexed addr, bool indexed allowed);
event RefundeeAllowedSet(address indexed addr, bool indexed allowed);
event DisallowerSet(address indexed addr);
event CommonParameterSet(CommonParameterKey indexed parameter, uint256 value);
constructor() Ownable() {
commonParams = CommonParameters({
maxRefundeeBalance: 0, // no limit
extraGasMargin: 4000, // 4k gas
calldataCost: 12, // Between 4 for zero bytes and 16 for non-zero bytes
maxGasTip: 2 gwei,
maxGasCost: 120 gwei,
maxSingleGasUsage: 2e6 // 2 million gas
});
}
function setDisallower(address addr) external onlyOwner {
disallower = addr;
emit DisallowerSet(addr);
}
function allowContracts(address[] calldata addresses) external onlyOwner {
setContractsAllowedImpl(addresses, true);
}
function disallowContracts(address[] calldata addresses) external {
require(msg.sender == owner() || msg.sender == disallower, "NOT_AUTHORIZED");
setContractsAllowedImpl(addresses, false);
}
function setContractsAllowedImpl(address[] calldata addresses, bool allow) internal {
for (uint256 i = 0; i < addresses.length; i++) {
address addr = addresses[i];
allowedContracts[addr] = allow;
emit ContractAllowedSet(addr, allow);
}
}
function allowRefundees(address[] calldata addresses) external onlyOwner {
setRefundeesAllowedImpl(addresses, true);
}
function disallowRefundees(address[] calldata addresses) external {
require(msg.sender == owner() || msg.sender == disallower, "NOT_AUTHORIZED");
setRefundeesAllowedImpl(addresses, false);
}
function setRefundeesAllowedImpl(address[] calldata addresses, bool allow) internal {
for (uint256 i = 0; i < addresses.length; i++) {
address addr = addresses[i];
allowedRefundees[addr] = allow;
emit RefundeeAllowedSet(addr, allow);
}
}
function setMaxRefundeeBalance(uint128 newValue) external onlyOwner {
commonParams.maxRefundeeBalance = newValue;
emit CommonParameterSet(CommonParameterKey.MAX_REFUNDEE_BALANCE, newValue);
}
function setExtraGasMargin(uint32 newValue) external onlyOwner {
commonParams.extraGasMargin = newValue;
emit CommonParameterSet(CommonParameterKey.EXTRA_GAS_MARGIN, newValue);
}
function setCalldataCost(uint8 newValue) external onlyOwner {
commonParams.calldataCost = newValue;
emit CommonParameterSet(CommonParameterKey.CALLDATA_COST, newValue);
}
function setMaxGasTip(uint64 newValue) external onlyOwner {
commonParams.maxGasTip = newValue;
emit CommonParameterSet(CommonParameterKey.MAX_GAS_TIP, newValue);
}
function setMaxGasCost(uint64 newValue) external onlyOwner {
commonParams.maxGasCost = newValue;
emit CommonParameterSet(CommonParameterKey.MAX_GAS_COST, newValue);
}
function setMaxSingleGasUsage(uint32 newValue) external onlyOwner {
commonParams.maxSingleGasUsage = newValue;
emit CommonParameterSet(CommonParameterKey.MAX_SINGLE_GAS_USAGE, newValue);
}
receive() external payable {
emit Deposited(msg.sender, msg.value);
}
function withdraw(address payable destination, uint256 amount) external onlyOwner {
// It's expected that destination is an EOA
(bool success, ) = destination.call{ value: amount }("");
require(success, "WITHDRAW_FAILED");
emit Withdrawn(msg.sender, destination, amount);
}
function onGasSpent(
address payable refundee,
uint256 gasUsed,
uint256 calldataSize
) external override returns (bool success) {
uint256 startGasLeft = gasleft();
uint256 ownBalance = address(this).balance;
if (ownBalance == 0) {
emit RefundGasCostsDenied(refundee, msg.sender, RefundDenyReason.OUT_OF_FUNDS, gasUsed);
return false;
}
if (!allowedContracts[msg.sender]) {
emit RefundGasCostsDenied(
refundee,
msg.sender,
RefundDenyReason.CONTRACT_NOT_ALLOWED,
gasUsed
);
return false;
}
if (!allowedRefundees[refundee]) {
emit RefundGasCostsDenied(
refundee,
msg.sender,
RefundDenyReason.REFUNDEE_NOT_ALLOWED,
gasUsed
);
return false;
}
uint256 estGasPrice = block.basefee + commonParams.maxGasTip;
if (tx.gasprice < estGasPrice) {
estGasPrice = tx.gasprice;
}
if (commonParams.maxGasCost != 0 && estGasPrice > commonParams.maxGasCost) {
estGasPrice = commonParams.maxGasCost;
}
// Retrieve these variables before measuring gasleft()
uint256 refundeeBalance = refundee.balance;
uint256 maxRefundeeBalance = commonParams.maxRefundeeBalance;
uint256 maxSingleGasUsage = commonParams.maxSingleGasUsage;
// Add in a bit of a buffer for the tx costs not measured with gasleft
gasUsed +=
startGasLeft +
commonParams.extraGasMargin +
(calldataSize * commonParams.calldataCost);
// Split this up into two statements so that gasleft() comes after the storage loads
gasUsed -= gasleft();
if (maxSingleGasUsage != 0 && gasUsed > maxSingleGasUsage) {
gasUsed = maxSingleGasUsage;
}
uint256 refundAmount = estGasPrice * gasUsed;
if (maxRefundeeBalance != 0 && refundeeBalance + refundAmount > maxRefundeeBalance) {
if (refundeeBalance > maxRefundeeBalance) {
// The refundee is already above their max balance
emit RefundGasCostsDenied(
refundee,
msg.sender,
RefundDenyReason.REFUNDEE_ABOVE_MAX_BALANCE,
gasUsed
);
return false;
} else {
refundAmount = maxRefundeeBalance - refundeeBalance;
}
}
if (refundAmount > ownBalance) {
refundAmount = ownBalance;
}
// It's expected that refundee is an EOA
(success, ) = refundee.call{ value: refundAmount }("");
emit RefundedGasCosts(refundee, msg.sender, success, gasUsed, estGasPrice, refundAmount);
}
}
// SPDX-License-Identifier: Apache-2.0
/*
* Copyright 2021, Offchain Labs, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
pragma solidity >=0.6.11 <0.7.0 || >=0.8.7 <0.9.0;
interface IGasRefunder {
function onGasSpent(
address payable spender,
uint256 gasUsed,
uint256 calldataSize
) external returns (bool success);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
_;
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
File 4 of 5: SequencerInbox
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./Messages.sol";
import "./DelayBufferTypes.sol";
/**
* @title Manages the delay buffer for the sequencer (SequencerInbox.sol)
* @notice Messages are expected to be delayed up to a threshold, beyond which they are unexpected
* and deplete a delay buffer. Buffer depletion is preveneted from decreasing too quickly by only
* depleting by as many blocks as elapsed in the delayed message queue.
*/
library DelayBuffer {
uint256 public constant BASIS = 10000;
/// @dev Depletion is limited by the elapsed blocks in the delayed message queue to avoid double counting and potential L2 reorgs.
/// Eg. 2 simultaneous batches sequencing multiple delayed messages with the same 100 blocks delay each
/// should count once as a single 100 block delay, not twice as a 200 block delay. This also prevents L2 reorg risk in edge cases.
/// Eg. If the buffer is 300 blocks, decrementing the buffer when processing the first batch would allow the second delay message to be force included before the sequencer could add the second batch.
/// Buffer depletion also saturates at the threshold instead of zero to allow a recovery margin.
/// Eg. when the sequencer recovers from an outage, it is able to wait threshold > finality time before queueing delayed messages to avoid L1 reorgs.
/// @notice Conditionally updates the buffer. Replenishes the buffer and depletes if delay is unexpected.
/// @param start The beginning reference point
/// @param end The ending reference point
/// @param buffer The buffer to be updated
/// @param sequenced The reference point when messages were sequenced
/// @param threshold The threshold to saturate at
/// @param max The maximum buffer
/// @param replenishRateInBasis The amount to replenish the buffer per block in basis points.
function calcBuffer(
uint256 start,
uint256 end,
uint256 buffer,
uint256 sequenced,
uint256 threshold,
uint256 max,
uint256 replenishRateInBasis
) internal pure returns (uint256) {
uint256 elapsed = end > start ? end - start : 0;
uint256 delay = sequenced > start ? sequenced - start : 0;
// replenishment rounds down and will not overflow since all inputs including
// replenishRateInBasis are cast from uint64 in calcPendingBuffer
buffer += (elapsed * replenishRateInBasis) / BASIS;
uint256 unexpectedDelay = delay > threshold ? delay - threshold : 0;
if (unexpectedDelay > elapsed) {
unexpectedDelay = elapsed;
}
// decrease the buffer
if (buffer > unexpectedDelay) {
buffer -= unexpectedDelay;
if (buffer > threshold) {
// saturating above at the max
return buffer > max ? max : buffer;
}
}
// saturating below at the threshold
return threshold;
}
/// @notice Applies update to buffer data
/// @param self The delay buffer data
/// @param blockNumber The update block number
function update(BufferData storage self, uint64 blockNumber) internal {
self.bufferBlocks = calcPendingBuffer(self, blockNumber);
// store a new starting reference point
// any buffer updates will be applied retroactively in the next batch post
self.prevBlockNumber = blockNumber;
self.prevSequencedBlockNumber = uint64(block.number);
}
/// @dev The delay buffer can change due to pending depletion / replenishment due to previous delays.
/// This function applies pending buffer changes to calculate buffer updates.
/// @notice Calculates the buffer changes up to the requested block number
/// @param self The delay buffer data
/// @param blockNumber The block number to process the delay up to
function calcPendingBuffer(
BufferData storage self,
uint64 blockNumber
) internal view returns (uint64) {
// bufferUpdate will not overflow since inputs are uint64
return uint64(
calcBuffer({
start: self.prevBlockNumber,
end: blockNumber,
buffer: self.bufferBlocks,
threshold: self.threshold,
sequenced: self.prevSequencedBlockNumber,
max: self.max,
replenishRateInBasis: self.replenishRateInBasis
})
);
}
/// @dev This is the `sync validity window` during which no proofs are required.
/// @notice Returns true if the inbox is in a synced state (no unexpected delays are possible)
function isSynced(
BufferData storage self
) internal view returns (bool) {
return block.number - self.prevBlockNumber <= self.threshold;
}
function isUpdatable(
BufferData storage self
) internal view returns (bool) {
// if synced, the buffer can't be depleted
// if full, the buffer can't be replenished
// if neither synced nor full, the buffer updatable (depletable / replenishable)
return !isSynced(self) || self.bufferBlocks < self.max;
}
function isValidBufferConfig(
BufferConfig memory config
) internal pure returns (bool) {
return config.threshold != 0 && config.max != 0 && config.replenishRateInBasis <= BASIS
&& config.threshold <= config.max;
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
import "./Messages.sol";
pragma solidity >=0.6.9 <0.9.0;
/// @notice Delay buffer and delay threshold settings
/// @param threshold The maximum amount of blocks that a message is expected to be delayed
/// @param max The maximum buffer in blocks
/// @param replenishRateInBasis The amount to replenish the buffer per block in basis points.
struct BufferConfig {
uint64 threshold;
uint64 max;
uint64 replenishRateInBasis;
}
/// @notice The delay buffer data.
/// @param bufferBlocks The buffer in blocks.
/// @param max The maximum buffer in blocks
/// @param threshold The maximum amount of blocks that a message is expected to be delayed
/// @param prevBlockNumber The blocknumber of the last included delay message.
/// @param replenishRateInBasis The amount to replenish the buffer per block in basis points.
/// @param prevSequencedBlockNumber The blocknumber when last included delay message was sequenced.
struct BufferData {
uint64 bufferBlocks;
uint64 max;
uint64 threshold;
uint64 prevBlockNumber;
uint64 replenishRateInBasis;
uint64 prevSequencedBlockNumber;
}
struct DelayProof {
bytes32 beforeDelayedAcc;
Messages.Message delayedMessage;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
import "./IOwnable.sol";
interface IBridge {
/// @dev This is an instruction to offchain readers to inform them where to look
/// for sequencer inbox batch data. This is not the type of data (eg. das, brotli encoded, or blob versioned hash)
/// and this enum is not used in the state transition function, rather it informs an offchain
/// reader where to find the data so that they can supply it to the replay binary
enum BatchDataLocation {
/// @notice The data can be found in the transaction call data
TxInput,
/// @notice The data can be found in an event emitted during the transaction
SeparateBatchEvent,
/// @notice This batch contains no data
NoData,
/// @notice The data can be found in the 4844 data blobs on this transaction
Blob
}
struct TimeBounds {
uint64 minTimestamp;
uint64 maxTimestamp;
uint64 minBlockNumber;
uint64 maxBlockNumber;
}
event MessageDelivered(
uint256 indexed messageIndex,
bytes32 indexed beforeInboxAcc,
address inbox,
uint8 kind,
address sender,
bytes32 messageDataHash,
uint256 baseFeeL1,
uint64 timestamp
);
event BridgeCallTriggered(
address indexed outbox, address indexed to, uint256 value, bytes data
);
event InboxToggle(address indexed inbox, bool enabled);
event OutboxToggle(address indexed outbox, bool enabled);
event SequencerInboxUpdated(address newSequencerInbox);
event RollupUpdated(address rollup);
function allowedDelayedInboxList(
uint256
) external returns (address);
function allowedOutboxList(
uint256
) external returns (address);
/// @dev Accumulator for delayed inbox messages; tail represents hash of the current state; each element represents the inclusion of a new message.
function delayedInboxAccs(
uint256
) external view returns (bytes32);
/// @dev Accumulator for sequencer inbox messages; tail represents hash of the current state; each element represents the inclusion of a new message.
function sequencerInboxAccs(
uint256
) external view returns (bytes32);
function rollup() external view returns (IOwnable);
function sequencerInbox() external view returns (address);
function activeOutbox() external view returns (address);
function allowedDelayedInboxes(
address inbox
) external view returns (bool);
function allowedOutboxes(
address outbox
) external view returns (bool);
function sequencerReportedSubMessageCount() external view returns (uint256);
function executeCall(
address to,
uint256 value,
bytes calldata data
) external returns (bool success, bytes memory returnData);
function delayedMessageCount() external view returns (uint256);
function sequencerMessageCount() external view returns (uint256);
// ---------- onlySequencerInbox functions ----------
function enqueueSequencerMessage(
bytes32 dataHash,
uint256 afterDelayedMessagesRead,
uint256 prevMessageCount,
uint256 newMessageCount
)
external
returns (uint256 seqMessageIndex, bytes32 beforeAcc, bytes32 delayedAcc, bytes32 acc);
/**
* @dev Allows the sequencer inbox to submit a delayed message of the batchPostingReport type
* This is done through a separate function entrypoint instead of allowing the sequencer inbox
* to call `enqueueDelayedMessage` to avoid the gas overhead of an extra SLOAD in either
* every delayed inbox or every sequencer inbox call.
*/
function submitBatchSpendingReport(
address batchPoster,
bytes32 dataHash
) external returns (uint256 msgNum);
// ---------- onlyRollupOrOwner functions ----------
function setSequencerInbox(
address _sequencerInbox
) external;
function setDelayedInbox(address inbox, bool enabled) external;
function setOutbox(address inbox, bool enabled) external;
function updateRollupAddress(
IOwnable _rollup
) external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
interface IDelayedMessageProvider {
/// @dev event emitted when a inbox message is added to the Bridge's delayed accumulator
event InboxMessageDelivered(uint256 indexed messageNum, bytes data);
/// @dev event emitted when a inbox message is added to the Bridge's delayed accumulator
/// same as InboxMessageDelivered but the batch data is available in tx.input
event InboxMessageDeliveredFromOrigin(uint256 indexed messageNum);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
import "./IOwnable.sol";
import "./IBridge.sol";
interface IERC20Bridge is IBridge {
/**
* @dev token that is escrowed in bridge on L1 side and minted on L2 as native currency.
* Fees are paid in this token. There are certain restrictions on the native token:
* - The token can't be rebasing or have a transfer fee
* - The token must only be transferrable via a call to the token address itself
* - The token must only be able to set allowance via a call to the token address itself
* - The token must not have a callback on transfer, and more generally a user must not be able to make a transfer to themselves revert
*/
function nativeToken() external view returns (address);
/**
* @dev number of decimals used by the native token
* This is set on bridge initialization using nativeToken.decimals()
* If the token does not have decimals() method, we assume it have 0 decimals
*/
function nativeTokenDecimals() external view returns (uint8);
/**
* @dev Enqueue a message in the delayed inbox accumulator.
* These messages are later sequenced in the SequencerInbox, either
* by the sequencer as part of a normal batch, or by force inclusion.
*/
function enqueueDelayedMessage(
uint8 kind,
address sender,
bytes32 messageDataHash,
uint256 tokenFeeAmount
) external returns (uint256);
// ---------- initializer ----------
function initialize(IOwnable rollup_, address nativeToken_) external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
import "./IBridge.sol";
import "./IDelayedMessageProvider.sol";
import "./ISequencerInbox.sol";
interface IInboxBase is IDelayedMessageProvider {
function bridge() external view returns (IBridge);
function sequencerInbox() external view returns (ISequencerInbox);
function maxDataSize() external view returns (uint256);
/**
* @notice Send a generic L2 message to the chain
* @dev This method is an optimization to avoid having to emit the entirety of the messageData in a log. Instead validators are expected to be able to parse the data from the transaction's input
* @param messageData Data of the message being sent
*/
function sendL2MessageFromOrigin(
bytes calldata messageData
) external returns (uint256);
/**
* @notice Send a generic L2 message to the chain
* @dev This method can be used to send any type of message that doesn't require L1 validation
* @param messageData Data of the message being sent
*/
function sendL2Message(
bytes calldata messageData
) external returns (uint256);
function sendUnsignedTransaction(
uint256 gasLimit,
uint256 maxFeePerGas,
uint256 nonce,
address to,
uint256 value,
bytes calldata data
) external returns (uint256);
function sendContractTransaction(
uint256 gasLimit,
uint256 maxFeePerGas,
address to,
uint256 value,
bytes calldata data
) external returns (uint256);
/**
* @notice Get the L1 fee for submitting a retryable
* @dev This fee can be paid by funds already in the L2 aliased address or by the current message value
* @dev This formula may change in the future, to future proof your code query this method instead of inlining!!
* @param dataLength The length of the retryable's calldata, in bytes
* @param baseFee The block basefee when the retryable is included in the chain, if 0 current block.basefee will be used
*/
function calculateRetryableSubmissionFee(
uint256 dataLength,
uint256 baseFee
) external view returns (uint256);
// ---------- onlyRollupOrOwner functions ----------
/// @notice pauses all inbox functionality
function pause() external;
/// @notice unpauses all inbox functionality
function unpause() external;
/// @notice add or remove users from allowList
function setAllowList(address[] memory user, bool[] memory val) external;
/// @notice enable or disable allowList
function setAllowListEnabled(
bool _allowListEnabled
) external;
/// @notice check if user is in allowList
function isAllowed(
address user
) external view returns (bool);
/// @notice check if allowList is enabled
function allowListEnabled() external view returns (bool);
function initialize(IBridge _bridge, ISequencerInbox _sequencerInbox) external;
/// @notice returns the current admin
function getProxyAdmin() external view returns (address);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
import "./IBridge.sol";
interface IOutbox {
event SendRootUpdated(bytes32 indexed outputRoot, bytes32 indexed l2BlockHash);
event OutBoxTransactionExecuted(
address indexed to, address indexed l2Sender, uint256 indexed zero, uint256 transactionIndex
);
function initialize(
IBridge _bridge
) external;
function rollup() external view returns (address); // the rollup contract
function bridge() external view returns (IBridge); // the bridge contract
function spent(
uint256
) external view returns (bytes32); // packed spent bitmap
function roots(
bytes32
) external view returns (bytes32); // maps root hashes => L2 block hash
// solhint-disable-next-line func-name-mixedcase
function OUTBOX_VERSION() external view returns (uint128); // the outbox version
function updateSendRoot(bytes32 sendRoot, bytes32 l2BlockHash) external;
function updateRollupAddress() external;
/// @notice When l2ToL1Sender returns a nonzero address, the message was originated by an L2 account
/// When the return value is zero, that means this is a system message
/// @dev the l2ToL1Sender behaves as the tx.origin, the msg.sender should be validated to protect against reentrancies
function l2ToL1Sender() external view returns (address);
/// @return l2Block return L2 block when the L2 tx was initiated or 0 if no L2 to L1 transaction is active
function l2ToL1Block() external view returns (uint256);
/// @return l1Block return L1 block when the L2 tx was initiated or 0 if no L2 to L1 transaction is active
function l2ToL1EthBlock() external view returns (uint256);
/// @return timestamp return L2 timestamp when the L2 tx was initiated or 0 if no L2 to L1 transaction is active
function l2ToL1Timestamp() external view returns (uint256);
/// @return outputId returns the unique output identifier of the L2 to L1 tx or 0 if no L2 to L1 transaction is active
function l2ToL1OutputId() external view returns (bytes32);
/**
* @notice Executes a messages in an Outbox entry.
* @dev Reverts if dispute period hasn't expired, since the outbox entry
* is only created once the rollup confirms the respective assertion.
* @dev it is not possible to execute any L2-to-L1 transaction which contains data
* to a contract address without any code (as enforced by the Bridge contract).
* @param proof Merkle proof of message inclusion in send root
* @param index Merkle path to message
* @param l2Sender sender if original message (i.e., caller of ArbSys.sendTxToL1)
* @param to destination address for L1 contract call
* @param l2Block l2 block number at which sendTxToL1 call was made
* @param l1Block l1 block number at which sendTxToL1 call was made
* @param l2Timestamp l2 Timestamp at which sendTxToL1 call was made
* @param value wei in L1 message
* @param data abi-encoded L1 message data
*/
function executeTransaction(
bytes32[] calldata proof,
uint256 index,
address l2Sender,
address to,
uint256 l2Block,
uint256 l1Block,
uint256 l2Timestamp,
uint256 value,
bytes calldata data
) external;
/**
* @dev function used to simulate the result of a particular function call from the outbox
* it is useful for things such as gas estimates. This function includes all costs except for
* proof validation (which can be considered offchain as a somewhat of a fixed cost - it's
* not really a fixed cost, but can be treated as so with a fixed overhead for gas estimation).
* We can't include the cost of proof validation since this is intended to be used to simulate txs
* that are included in yet-to-be confirmed merkle roots. The simulation entrypoint could instead pretend
* to confirm a pending merkle root, but that would be less practical for integrating with tooling.
* It is only possible to trigger it when the msg sender is address zero, which should be impossible
* unless under simulation in an eth_call or eth_estimateGas
*/
function executeTransactionSimulation(
uint256 index,
address l2Sender,
address to,
uint256 l2Block,
uint256 l1Block,
uint256 l2Timestamp,
uint256 value,
bytes calldata data
) external;
/**
* @param index Merkle path to message
* @return true if the message has been spent
*/
function isSpent(
uint256 index
) external view returns (bool);
function calculateItemHash(
address l2Sender,
address to,
uint256 l2Block,
uint256 l1Block,
uint256 l2Timestamp,
uint256 value,
bytes calldata data
) external pure returns (bytes32);
function calculateMerkleRoot(
bytes32[] memory proof,
uint256 path,
bytes32 item
) external pure returns (bytes32);
/**
* @dev function to be called one time during the outbox upgrade process
* this is used to fix the storage slots
*/
function postUpgradeInit() external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.4.21 <0.9.0;
interface IOwnable {
function owner() external view returns (address);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
pragma experimental ABIEncoderV2;
import "../libraries/IGasRefunder.sol";
import "./IDelayedMessageProvider.sol";
import "./IBridge.sol";
import "./Messages.sol";
import "./DelayBufferTypes.sol";
interface ISequencerInbox is IDelayedMessageProvider {
/// @notice The maximum amount of time variatin between a message being posted on the L1 and being executed on the L2
/// @param delayBlocks The max amount of blocks in the past that a message can be received on L2
/// @param futureBlocks The max amount of blocks in the future that a message can be received on L2
/// @param delaySeconds The max amount of seconds in the past that a message can be received on L2
/// @param futureSeconds The max amount of seconds in the future that a message can be received on L2
struct MaxTimeVariation {
uint256 delayBlocks;
uint256 futureBlocks;
uint256 delaySeconds;
uint256 futureSeconds;
}
event SequencerBatchDelivered(
uint256 indexed batchSequenceNumber,
bytes32 indexed beforeAcc,
bytes32 indexed afterAcc,
bytes32 delayedAcc,
uint256 afterDelayedMessagesRead,
IBridge.TimeBounds timeBounds,
IBridge.BatchDataLocation dataLocation
);
event OwnerFunctionCalled(uint256 indexed id);
/// @dev a separate event that emits batch data when this isn't easily accessible in the tx.input
event SequencerBatchData(uint256 indexed batchSequenceNumber, bytes data);
/// @dev a valid keyset was added
event SetValidKeyset(bytes32 indexed keysetHash, bytes keysetBytes);
/// @dev a keyset was invalidated
event InvalidateKeyset(bytes32 indexed keysetHash);
/// @dev Owner set max time variation.
/// This event may have been introduced in an upgrade and therefore might not give the full history.
/// To get the full history, search for `OwnerFunctionCalled(0)` events.
event MaxTimeVariationSet(MaxTimeVariation maxTimeVariation);
/// @dev Owner set a batch poster.
/// This event may have been introduced in an upgrade and therefore might not give the full history.
/// To get the full history, search for `OwnerFunctionCalled(1)` events.
event BatchPosterSet(address batchPoster, bool isBatchPoster);
/// @dev Owner or batch poster manager set a sequencer.
/// This event may have been introduced in an upgrade and therefore might not give the full history.
/// To get the full history, search for `OwnerFunctionCalled(4)` events.
event SequencerSet(address addr, bool isSequencer);
/// @dev Owner set the batch poster manager.
/// This event may have been introduced in an upgrade and therefore might not give the full history.
/// To get the full history, search for `OwnerFunctionCalled(5)` events.
event BatchPosterManagerSet(address newBatchPosterManager);
/// @dev Owner set the buffer config.
event BufferConfigSet(BufferConfig bufferConfig);
function totalDelayedMessagesRead() external view returns (uint256);
function bridge() external view returns (IBridge);
/// @dev The size of the batch header
// solhint-disable-next-line func-name-mixedcase
function HEADER_LENGTH() external view returns (uint256);
/// @dev If the first batch data byte after the header has this bit set,
/// the sequencer inbox has authenticated the data. Currently only used for 4844 blob support.
/// See: https://github.com/OffchainLabs/nitro/blob/69de0603abf6f900a4128cab7933df60cad54ded/arbstate/das_reader.go
// solhint-disable-next-line func-name-mixedcase
function DATA_AUTHENTICATED_FLAG() external view returns (bytes1);
/// @dev If the first data byte after the header has this bit set,
/// then the batch data is to be found in 4844 data blobs
/// See: https://github.com/OffchainLabs/nitro/blob/69de0603abf6f900a4128cab7933df60cad54ded/arbstate/das_reader.go
// solhint-disable-next-line func-name-mixedcase
function DATA_BLOB_HEADER_FLAG() external view returns (bytes1);
/// @dev If the first data byte after the header has this bit set,
/// then the batch data is a das message
/// See: https://github.com/OffchainLabs/nitro/blob/69de0603abf6f900a4128cab7933df60cad54ded/arbstate/das_reader.go
// solhint-disable-next-line func-name-mixedcase
function DAS_MESSAGE_HEADER_FLAG() external view returns (bytes1);
/// @dev If the first data byte after the header has this bit set,
/// then the batch data is a das message that employs a merklesization strategy
/// See: https://github.com/OffchainLabs/nitro/blob/69de0603abf6f900a4128cab7933df60cad54ded/arbstate/das_reader.go
// solhint-disable-next-line func-name-mixedcase
function TREE_DAS_MESSAGE_HEADER_FLAG() external view returns (bytes1);
/// @dev If the first data byte after the header has this bit set,
/// then the batch data has been brotli compressed
/// See: https://github.com/OffchainLabs/nitro/blob/69de0603abf6f900a4128cab7933df60cad54ded/arbstate/das_reader.go
// solhint-disable-next-line func-name-mixedcase
function BROTLI_MESSAGE_HEADER_FLAG() external view returns (bytes1);
/// @dev If the first data byte after the header has this bit set,
/// then the batch data uses a zero heavy encoding
/// See: https://github.com/OffchainLabs/nitro/blob/69de0603abf6f900a4128cab7933df60cad54ded/arbstate/das_reader.go
// solhint-disable-next-line func-name-mixedcase
function ZERO_HEAVY_MESSAGE_HEADER_FLAG() external view returns (bytes1);
function rollup() external view returns (IOwnable);
function isBatchPoster(
address
) external view returns (bool);
function isSequencer(
address
) external view returns (bool);
/// @notice True is the sequencer inbox is delay bufferable
function isDelayBufferable() external view returns (bool);
function maxDataSize() external view returns (uint256);
/// @notice The batch poster manager has the ability to change the batch poster addresses
/// This enables the batch poster to do key rotation
function batchPosterManager() external view returns (address);
struct DasKeySetInfo {
bool isValidKeyset;
uint64 creationBlock;
}
/// @dev returns 4 uint256 to be compatible with older version
function maxTimeVariation()
external
view
returns (
uint256 delayBlocks,
uint256 futureBlocks,
uint256 delaySeconds,
uint256 futureSeconds
);
function dasKeySetInfo(
bytes32
) external view returns (bool, uint64);
/// @notice Remove force inclusion delay after a L1 chainId fork
function removeDelayAfterFork() external;
/// @notice Force messages from the delayed inbox to be included in the chain
/// Callable by any address, but message can only be force-included after maxTimeVariation.delayBlocks
/// has elapsed. As part of normal behaviour the sequencer will include these
/// messages so it's only necessary to call this if the sequencer is down, or not including any delayed messages.
/// @param _totalDelayedMessagesRead The total number of messages to read up to
/// @param kind The kind of the last message to be included
/// @param l1BlockAndTime The l1 block and the l1 timestamp of the last message to be included
/// @param baseFeeL1 The l1 gas price of the last message to be included
/// @param sender The sender of the last message to be included
/// @param messageDataHash The messageDataHash of the last message to be included
function forceInclusion(
uint256 _totalDelayedMessagesRead,
uint8 kind,
uint64[2] calldata l1BlockAndTime,
uint256 baseFeeL1,
address sender,
bytes32 messageDataHash
) external;
function inboxAccs(
uint256 index
) external view returns (bytes32);
function batchCount() external view returns (uint256);
function isValidKeysetHash(
bytes32 ksHash
) external view returns (bool);
/// @notice the creation block is intended to still be available after a keyset is deleted
function getKeysetCreationBlock(
bytes32 ksHash
) external view returns (uint256);
/// @dev The delay buffer can change due to pending depletion/replenishment.
/// This function applies pending buffer changes to proactively calculate the force inclusion deadline.
/// This is only relevant when the buffer is less than the delayBlocks (unhappy case), otherwise force inclusion deadline is fixed at delayBlocks.
/// @notice Calculates the upper bounds of the delay buffer
/// @param blockNumber The block number when a delayed message was created
/// @return blockNumberDeadline The block number at when the message can be force included
function forceInclusionDeadline(
uint64 blockNumber
) external view returns (uint64 blockNumberDeadline);
// ---------- BatchPoster functions ----------
/// @dev Deprecated, kept for abi generation and will be removed in the future
function addSequencerL2BatchFromOrigin(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder
) external;
/// @dev Will be deprecated due to EIP-3074, use `addSequencerL2Batch` instead
function addSequencerL2BatchFromOrigin(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount
) external;
function addSequencerL2Batch(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount
) external;
function addSequencerL2BatchFromBlobs(
uint256 sequenceNumber,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount
) external;
/// @dev Proves message delays, updates delay buffers, and posts an L2 batch with blob data.
/// DelayProof proves the delay of the message and syncs the delay buffer.
function addSequencerL2BatchFromBlobsDelayProof(
uint256 sequenceNumber,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount,
DelayProof calldata delayProof
) external;
/// @dev Proves message delays, updates delay buffers, and posts an L2 batch with calldata posted from an EOA.
/// DelayProof proves the delay of the message and syncs the delay buffer.
/// Will be deprecated due to EIP-3074, use `addSequencerL2BatchDelayProof` instead
function addSequencerL2BatchFromOriginDelayProof(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount,
DelayProof calldata delayProof
) external;
/// @dev Proves message delays, updates delay buffers, and posts an L2 batch with calldata.
/// delayProof is used to prove the delay of the message and syncs the delay buffer.
function addSequencerL2BatchDelayProof(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount,
DelayProof calldata delayProof
) external;
// ---------- onlyRollupOrOwner functions ----------
/**
* @notice Set max delay for sequencer inbox
* @param maxTimeVariation_ the maximum time variation parameters
*/
function setMaxTimeVariation(
MaxTimeVariation memory maxTimeVariation_
) external;
/**
* @notice Updates whether an address is authorized to be a batch poster at the sequencer inbox
* @param addr the address
* @param isBatchPoster_ if the specified address should be authorized as a batch poster
*/
function setIsBatchPoster(address addr, bool isBatchPoster_) external;
/**
* @notice Makes Data Availability Service keyset valid
* @param keysetBytes bytes of the serialized keyset
*/
function setValidKeyset(
bytes calldata keysetBytes
) external;
/**
* @notice Invalidates a Data Availability Service keyset
* @param ksHash hash of the keyset
*/
function invalidateKeysetHash(
bytes32 ksHash
) external;
/**
* @notice Updates whether an address is authorized to be a sequencer.
* @dev The IsSequencer information is used only off-chain by the nitro node to validate sequencer feed signer.
* @param addr the address
* @param isSequencer_ if the specified address should be authorized as a sequencer
*/
function setIsSequencer(address addr, bool isSequencer_) external;
/**
* @notice Updates the batch poster manager, the address which has the ability to rotate batch poster keys
* @param newBatchPosterManager The new batch poster manager to be set
*/
function setBatchPosterManager(
address newBatchPosterManager
) external;
/// @notice Allows the rollup owner to sync the rollup address
function updateRollupAddress() external;
// ---------- initializer ----------
function initialize(
IBridge bridge_,
MaxTimeVariation calldata maxTimeVariation_,
BufferConfig calldata bufferConfig_
) external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
pragma experimental ABIEncoderV2;
library Messages {
struct Message {
uint8 kind;
address sender;
uint64 blockNumber;
uint64 timestamp;
uint256 inboxSeqNum;
uint256 baseFeeL1;
bytes32 messageDataHash;
}
function messageHash(
Message memory message
) internal pure returns (bytes32) {
return messageHash(
message.kind,
message.sender,
message.blockNumber,
message.timestamp,
message.inboxSeqNum,
message.baseFeeL1,
message.messageDataHash
);
}
function messageHash(
uint8 kind,
address sender,
uint64 blockNumber,
uint64 timestamp,
uint256 inboxSeqNum,
uint256 baseFeeL1,
bytes32 messageDataHash
) internal pure returns (bytes32) {
return keccak256(
abi.encodePacked(
kind, sender, blockNumber, timestamp, inboxSeqNum, baseFeeL1, messageDataHash
)
);
}
function accumulateInboxMessage(
bytes32 prevAcc,
bytes32 message
) internal pure returns (bytes32) {
return keccak256(abi.encodePacked(prevAcc, message));
}
/// @dev Validates a delayed accumulator preimage
/// @param delayedAcc The delayed accumulator to validate against
/// @param beforeDelayedAcc The previous delayed accumulator
/// @param message The message to validate
function isValidDelayedAccPreimage(
bytes32 delayedAcc,
bytes32 beforeDelayedAcc,
Message memory message
) internal pure returns (bool) {
return delayedAcc == accumulateInboxMessage(beforeDelayedAcc, messageHash(message));
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import {
AlreadyInit,
HadZeroInit,
NotOrigin,
DataTooLarge,
DelayedBackwards,
DelayedTooFar,
ForceIncludeBlockTooSoon,
IncorrectMessagePreimage,
NotBatchPoster,
BadSequencerNumber,
AlreadyValidDASKeyset,
NoSuchKeyset,
NotForked,
NotBatchPosterManager,
NotCodelessOrigin,
RollupNotChanged,
DataBlobsNotSupported,
InitParamZero,
MissingDataHashes,
NotOwner,
InvalidHeaderFlag,
NativeTokenMismatch,
BadMaxTimeVariation,
Deprecated,
NotDelayBufferable,
InvalidDelayedAccPreimage,
DelayProofRequired,
BadBufferConfig,
ExtraGasNotUint64,
KeysetTooLarge
} from "../libraries/Error.sol";
import "./IBridge.sol";
import "./IInboxBase.sol";
import "./ISequencerInbox.sol";
import "../rollup/IRollupLogic.sol";
import "./Messages.sol";
import "../precompiles/ArbGasInfo.sol";
import "../precompiles/ArbSys.sol";
import "../libraries/CallerChecker.sol";
import "../libraries/IReader4844.sol";
import "../libraries/DelegateCallAware.sol";
import {IGasRefunder} from "../libraries/IGasRefunder.sol";
import {GasRefundEnabled} from "../libraries/GasRefundEnabled.sol";
import "../libraries/ArbitrumChecker.sol";
import {IERC20Bridge} from "./IERC20Bridge.sol";
import "./DelayBuffer.sol";
/**
* @title Accepts batches from the sequencer and adds them to the rollup inbox.
* @notice Contains the inbox accumulator which is the ordering of all data and transactions to be processed by the rollup.
* As part of submitting a batch the sequencer is also expected to include items enqueued
* in the delayed inbox (Bridge.sol). If items in the delayed inbox are not included by a
* sequencer within a time limit they can be force included into the rollup inbox by anyone.
*/
contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox {
uint256 public totalDelayedMessagesRead;
IBridge public bridge;
/// @inheritdoc ISequencerInbox
uint256 public constant HEADER_LENGTH = 40;
/// @inheritdoc ISequencerInbox
bytes1 public constant DATA_AUTHENTICATED_FLAG = 0x40;
/// @inheritdoc ISequencerInbox
bytes1 public constant DATA_BLOB_HEADER_FLAG = DATA_AUTHENTICATED_FLAG | 0x10;
/// @inheritdoc ISequencerInbox
bytes1 public constant DAS_MESSAGE_HEADER_FLAG = 0x80;
/// @inheritdoc ISequencerInbox
bytes1 public constant TREE_DAS_MESSAGE_HEADER_FLAG = 0x08;
/// @inheritdoc ISequencerInbox
bytes1 public constant BROTLI_MESSAGE_HEADER_FLAG = 0x00;
/// @inheritdoc ISequencerInbox
bytes1 public constant ZERO_HEAVY_MESSAGE_HEADER_FLAG = 0x20;
// GAS_PER_BLOB from EIP-4844
uint256 internal constant GAS_PER_BLOB = 1 << 17;
IOwnable public rollup;
mapping(address => bool) public isBatchPoster;
// we previously stored the max time variation in a (uint,uint,uint,uint) struct here
// solhint-disable-next-line var-name-mixedcase
ISequencerInbox.MaxTimeVariation private __LEGACY_MAX_TIME_VARIATION;
mapping(bytes32 => DasKeySetInfo) public dasKeySetInfo;
modifier onlyRollupOwner() {
if (msg.sender != rollup.owner()) revert NotOwner(msg.sender, rollup.owner());
_;
}
modifier onlyRollupOwnerOrBatchPosterManager() {
if (msg.sender != rollup.owner() && msg.sender != batchPosterManager) {
revert NotBatchPosterManager(msg.sender);
}
_;
}
mapping(address => bool) public isSequencer;
IReader4844 public immutable reader4844;
// see ISequencerInbox.MaxTimeVariation
uint64 internal delayBlocks;
uint64 internal futureBlocks;
uint64 internal delaySeconds;
uint64 internal futureSeconds;
/// @inheritdoc ISequencerInbox
address public batchPosterManager;
// On L1 this should be set to 117964: 90% of Geth's 128KB tx size limit, leaving ~13KB for proving
uint256 public immutable maxDataSize;
uint256 internal immutable deployTimeChainId = block.chainid;
// If the chain this SequencerInbox is deployed on is an Arbitrum chain.
bool internal immutable hostChainIsArbitrum = ArbitrumChecker.runningOnArbitrum();
// True if the chain this SequencerInbox is deployed on uses custom fee token
bool public immutable isUsingFeeToken;
// True if the SequencerInbox is delay bufferable
bool public immutable isDelayBufferable;
using DelayBuffer for BufferData;
BufferData public buffer;
constructor(
uint256 _maxDataSize,
IReader4844 reader4844_,
bool _isUsingFeeToken,
bool _isDelayBufferable
) {
maxDataSize = _maxDataSize;
if (hostChainIsArbitrum) {
if (reader4844_ != IReader4844(address(0))) revert DataBlobsNotSupported();
} else {
if (reader4844_ == IReader4844(address(0))) revert InitParamZero("Reader4844");
}
reader4844 = reader4844_;
isUsingFeeToken = _isUsingFeeToken;
isDelayBufferable = _isDelayBufferable;
}
function _chainIdChanged() internal view returns (bool) {
return deployTimeChainId != block.chainid;
}
function postUpgradeInit(
BufferConfig memory bufferConfig_
) external onlyDelegated onlyProxyOwner {
if (!isDelayBufferable) revert NotDelayBufferable();
// Assuming we would not upgrade from a version that does not have the buffer initialized
// If that is the case, postUpgradeInit do not need to be called
if (buffer.bufferBlocks != 0) {
revert AlreadyInit();
}
_setBufferConfig(bufferConfig_);
}
function initialize(
IBridge bridge_,
ISequencerInbox.MaxTimeVariation calldata maxTimeVariation_,
BufferConfig memory bufferConfig_
) external onlyDelegated {
if (bridge != IBridge(address(0))) revert AlreadyInit();
if (bridge_ == IBridge(address(0))) revert HadZeroInit();
// Make sure logic contract was created by proper value for 'isUsingFeeToken'.
// Bridge in ETH based chains doesn't implement nativeToken(). In future it might implement it and return address(0)
bool actualIsUsingFeeToken = false;
try IERC20Bridge(address(bridge_)).nativeToken() returns (address feeToken) {
if (feeToken != address(0)) {
actualIsUsingFeeToken = true;
}
} catch {}
if (isUsingFeeToken != actualIsUsingFeeToken) {
revert NativeTokenMismatch();
}
bridge = bridge_;
rollup = bridge_.rollup();
_setMaxTimeVariation(maxTimeVariation_);
if (isDelayBufferable) {
_setBufferConfig(bufferConfig_);
}
}
/// @notice Allows the rollup owner to sync the rollup address
function updateRollupAddress() external {
if (msg.sender != IOwnable(rollup).owner()) {
revert NotOwner(msg.sender, IOwnable(rollup).owner());
}
IOwnable newRollup = bridge.rollup();
if (rollup == newRollup) revert RollupNotChanged();
rollup = newRollup;
}
function getTimeBounds() internal view virtual returns (IBridge.TimeBounds memory) {
IBridge.TimeBounds memory bounds;
(uint64 delayBlocks_, uint64 futureBlocks_, uint64 delaySeconds_, uint64 futureSeconds_) =
maxTimeVariationInternal();
if (block.timestamp > delaySeconds_) {
bounds.minTimestamp = uint64(block.timestamp) - delaySeconds_;
}
bounds.maxTimestamp = uint64(block.timestamp) + futureSeconds_;
if (block.number > delayBlocks_) {
bounds.minBlockNumber = uint64(block.number) - delayBlocks_;
}
bounds.maxBlockNumber = uint64(block.number) + futureBlocks_;
return bounds;
}
/// @inheritdoc ISequencerInbox
function removeDelayAfterFork() external {
if (!_chainIdChanged()) revert NotForked();
delayBlocks = 1;
futureBlocks = 1;
delaySeconds = 1;
futureSeconds = 1;
}
function maxTimeVariation() external view returns (uint256, uint256, uint256, uint256) {
(uint64 delayBlocks_, uint64 futureBlocks_, uint64 delaySeconds_, uint64 futureSeconds_) =
maxTimeVariationInternal();
return (
uint256(delayBlocks_),
uint256(futureBlocks_),
uint256(delaySeconds_),
uint256(futureSeconds_)
);
}
function maxTimeVariationInternal() internal view returns (uint64, uint64, uint64, uint64) {
if (_chainIdChanged()) {
return (1, 1, 1, 1);
} else {
return (delayBlocks, futureBlocks, delaySeconds, futureSeconds);
}
}
/// @inheritdoc ISequencerInbox
function forceInclusion(
uint256 _totalDelayedMessagesRead,
uint8 kind,
uint64[2] calldata l1BlockAndTime,
uint256 baseFeeL1,
address sender,
bytes32 messageDataHash
) external {
if (_totalDelayedMessagesRead <= totalDelayedMessagesRead) revert DelayedBackwards();
bytes32 messageHash = Messages.messageHash(
kind,
sender,
l1BlockAndTime[0],
l1BlockAndTime[1],
_totalDelayedMessagesRead - 1,
baseFeeL1,
messageDataHash
);
uint256 delayBlocks_ = delayBlocks;
if (isDelayBufferable) {
// proactively apply any pending delay buffer updates before the force included message l1BlockAndTime
buffer.update(l1BlockAndTime[0]);
delayBlocks_ = delayBufferableBlocks(buffer.bufferBlocks);
}
// Can only force-include after the Sequencer-only window has expired.
if (l1BlockAndTime[0] + delayBlocks_ >= block.number) revert ForceIncludeBlockTooSoon();
// Verify that message hash represents the last message sequence of delayed message to be included
bytes32 prevDelayedAcc = 0;
if (_totalDelayedMessagesRead > 1) {
prevDelayedAcc = bridge.delayedInboxAccs(_totalDelayedMessagesRead - 2);
}
if (
bridge.delayedInboxAccs(_totalDelayedMessagesRead - 1)
!= Messages.accumulateInboxMessage(prevDelayedAcc, messageHash)
) revert IncorrectMessagePreimage();
(bytes32 dataHash, IBridge.TimeBounds memory timeBounds) =
formEmptyDataHash(_totalDelayedMessagesRead);
uint256 __totalDelayedMessagesRead = _totalDelayedMessagesRead;
uint256 prevSeqMsgCount = bridge.sequencerReportedSubMessageCount();
uint256 newSeqMsgCount = prevSeqMsgCount; // force inclusion should not modify sequencer message count
(uint256 seqMessageIndex, bytes32 beforeAcc, bytes32 delayedAcc, bytes32 afterAcc) =
addSequencerL2BatchImpl(
dataHash, __totalDelayedMessagesRead, 0, prevSeqMsgCount, newSeqMsgCount
);
emit SequencerBatchDelivered(
seqMessageIndex,
beforeAcc,
afterAcc,
delayedAcc,
totalDelayedMessagesRead,
timeBounds,
IBridge.BatchDataLocation.NoData
);
}
/// @inheritdoc ISequencerInbox
function addSequencerL2BatchFromOrigin(
uint256,
bytes calldata,
uint256,
IGasRefunder
) external pure {
revert Deprecated();
}
/// @inheritdoc ISequencerInbox
function addSequencerL2BatchFromOrigin(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount
) external refundsGas(gasRefunder, IReader4844(address(0))) {
if (!CallerChecker.isCallerCodelessOrigin()) revert NotCodelessOrigin();
if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
if (isDelayProofRequired(afterDelayedMessagesRead)) revert DelayProofRequired();
addSequencerL2BatchFromCalldataImpl(
sequenceNumber, data, afterDelayedMessagesRead, prevMessageCount, newMessageCount, true
);
}
/// @inheritdoc ISequencerInbox
function addSequencerL2BatchFromBlobs(
uint256 sequenceNumber,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount
) external refundsGas(gasRefunder, reader4844) {
if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
if (isDelayProofRequired(afterDelayedMessagesRead)) revert DelayProofRequired();
addSequencerL2BatchFromBlobsImpl(
sequenceNumber, afterDelayedMessagesRead, prevMessageCount, newMessageCount
);
}
/// @inheritdoc ISequencerInbox
function addSequencerL2BatchFromBlobsDelayProof(
uint256 sequenceNumber,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount,
DelayProof calldata delayProof
) external refundsGas(gasRefunder, reader4844) {
if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
if (!isDelayBufferable) revert NotDelayBufferable();
delayProofImpl(afterDelayedMessagesRead, delayProof);
addSequencerL2BatchFromBlobsImpl(
sequenceNumber, afterDelayedMessagesRead, prevMessageCount, newMessageCount
);
}
/// @inheritdoc ISequencerInbox
function addSequencerL2BatchFromOriginDelayProof(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount,
DelayProof calldata delayProof
) external refundsGas(gasRefunder, IReader4844(address(0))) {
if (!CallerChecker.isCallerCodelessOrigin()) revert NotCodelessOrigin();
if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
if (!isDelayBufferable) revert NotDelayBufferable();
delayProofImpl(afterDelayedMessagesRead, delayProof);
addSequencerL2BatchFromCalldataImpl(
sequenceNumber, data, afterDelayedMessagesRead, prevMessageCount, newMessageCount, true
);
}
function addSequencerL2BatchFromBlobsImpl(
uint256 sequenceNumber,
uint256 afterDelayedMessagesRead,
uint256 prevMessageCount,
uint256 newMessageCount
) internal {
(bytes32 dataHash, IBridge.TimeBounds memory timeBounds, uint256 blobGas) =
formBlobDataHash(afterDelayedMessagesRead);
// we use addSequencerL2BatchImpl for submitting the message
// normally this would also submit a batch spending report but that is skipped if we pass
// an empty call data size, then we submit a separate batch spending report later
(uint256 seqMessageIndex, bytes32 beforeAcc, bytes32 delayedAcc, bytes32 afterAcc) =
addSequencerL2BatchImpl(
dataHash, afterDelayedMessagesRead, 0, prevMessageCount, newMessageCount
);
// ~uint256(0) is type(uint256).max, but ever so slightly cheaper
if (seqMessageIndex != sequenceNumber && sequenceNumber != ~uint256(0)) {
revert BadSequencerNumber(seqMessageIndex, sequenceNumber);
}
emit SequencerBatchDelivered(
sequenceNumber,
beforeAcc,
afterAcc,
delayedAcc,
totalDelayedMessagesRead,
timeBounds,
IBridge.BatchDataLocation.Blob
);
// blobs are currently not supported on host arbitrum chains, when support is added it may
// consume gas in a different way to L1, so explicitly block host arb chains so that if support for blobs
// on arb is added it will need to explicitly turned on in the sequencer inbox
if (hostChainIsArbitrum) revert DataBlobsNotSupported();
// submit a batch spending report to refund the entity that produced the blob batch data
// same as using calldata, we only submit spending report if the caller is the origin and is codeless
// such that one cannot "double-claim" batch posting refund in the same tx
if (CallerChecker.isCallerCodelessOrigin() && !isUsingFeeToken) {
submitBatchSpendingReport(dataHash, seqMessageIndex, block.basefee, blobGas);
}
}
function addSequencerL2BatchFromCalldataImpl(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
uint256 prevMessageCount,
uint256 newMessageCount,
bool isFromCodelessOrigin
) internal {
(bytes32 dataHash, IBridge.TimeBounds memory timeBounds) =
formCallDataHash(data, afterDelayedMessagesRead);
(uint256 seqMessageIndex, bytes32 beforeAcc, bytes32 delayedAcc, bytes32 afterAcc) =
addSequencerL2BatchImpl(
dataHash,
afterDelayedMessagesRead,
isFromCodelessOrigin ? data.length : 0,
prevMessageCount,
newMessageCount
);
// ~uint256(0) is type(uint256).max, but ever so slightly cheaper
if (seqMessageIndex != sequenceNumber && sequenceNumber != ~uint256(0)) {
revert BadSequencerNumber(seqMessageIndex, sequenceNumber);
}
emit SequencerBatchDelivered(
seqMessageIndex,
beforeAcc,
afterAcc,
delayedAcc,
totalDelayedMessagesRead,
timeBounds,
isFromCodelessOrigin
? IBridge.BatchDataLocation.TxInput
: IBridge.BatchDataLocation.SeparateBatchEvent
);
if (!isFromCodelessOrigin) {
emit SequencerBatchData(seqMessageIndex, data);
}
}
/// @inheritdoc ISequencerInbox
function addSequencerL2Batch(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount
) external override refundsGas(gasRefunder, IReader4844(address(0))) {
if (!isBatchPoster[msg.sender] && msg.sender != address(rollup)) revert NotBatchPoster();
if (isDelayProofRequired(afterDelayedMessagesRead)) revert DelayProofRequired();
addSequencerL2BatchFromCalldataImpl(
sequenceNumber, data, afterDelayedMessagesRead, prevMessageCount, newMessageCount, false
);
}
/// @inheritdoc ISequencerInbox
function addSequencerL2BatchDelayProof(
uint256 sequenceNumber,
bytes calldata data,
uint256 afterDelayedMessagesRead,
IGasRefunder gasRefunder,
uint256 prevMessageCount,
uint256 newMessageCount,
DelayProof calldata delayProof
) external refundsGas(gasRefunder, IReader4844(address(0))) {
if (!isBatchPoster[msg.sender] && msg.sender != address(rollup)) revert NotBatchPoster();
if (!isDelayBufferable) revert NotDelayBufferable();
delayProofImpl(afterDelayedMessagesRead, delayProof);
addSequencerL2BatchFromCalldataImpl(
sequenceNumber, data, afterDelayedMessagesRead, prevMessageCount, newMessageCount, false
);
}
function delayProofImpl(
uint256 afterDelayedMessagesRead,
DelayProof memory delayProof
) internal {
// buffer update depends on new delayed messages. if none are read, no buffer update is proccessed
if (afterDelayedMessagesRead > totalDelayedMessagesRead) {
if (buffer.isUpdatable()) {
// delayedAcc of the 1st new delayed message
bytes32 delayedAcc = bridge.delayedInboxAccs(totalDelayedMessagesRead);
// validate delayProof against the delayed accumulator
if (
!Messages.isValidDelayedAccPreimage(
delayedAcc, delayProof.beforeDelayedAcc, delayProof.delayedMessage
)
) {
revert InvalidDelayedAccPreimage();
}
buffer.update(delayProof.delayedMessage.blockNumber);
}
}
}
function isDelayProofRequired(
uint256 afterDelayedMessagesRead
) internal view returns (bool) {
// if no new delayed messages are read, no buffer updates can be applied, so no proof required
// if the buffer is synced, the buffer cannot be depleted, so no proof is required
return isDelayBufferable && afterDelayedMessagesRead > totalDelayedMessagesRead
&& !buffer.isSynced();
}
function packHeader(
uint256 afterDelayedMessagesRead
) internal view returns (bytes memory, IBridge.TimeBounds memory) {
IBridge.TimeBounds memory timeBounds = getTimeBounds();
bytes memory header = abi.encodePacked(
timeBounds.minTimestamp,
timeBounds.maxTimestamp,
timeBounds.minBlockNumber,
timeBounds.maxBlockNumber,
uint64(afterDelayedMessagesRead)
);
// This must always be true from the packed encoding
assert(header.length == HEADER_LENGTH);
return (header, timeBounds);
}
/// @dev Form a hash for a sequencer message with no batch data
/// @param afterDelayedMessagesRead The delayed messages count read up to
/// @return The data hash
/// @return The timebounds within which the message should be processed
function formEmptyDataHash(
uint256 afterDelayedMessagesRead
) internal view returns (bytes32, IBridge.TimeBounds memory) {
(bytes memory header, IBridge.TimeBounds memory timeBounds) =
packHeader(afterDelayedMessagesRead);
return (keccak256(header), timeBounds);
}
/// @dev Since the data is supplied from calldata, the batch poster can choose the data type
/// We need to ensure that this data cannot cause a collision with data supplied via another method (eg blobs)
/// therefore we restrict which flags can be provided as a header in this field
/// This also safe guards unused flags for future use, as we know they would have been disallowed up until this point
/// @param headerByte The first byte in the calldata
function isValidCallDataFlag(
bytes1 headerByte
) internal pure returns (bool) {
return headerByte == BROTLI_MESSAGE_HEADER_FLAG || headerByte == DAS_MESSAGE_HEADER_FLAG
|| (headerByte == (DAS_MESSAGE_HEADER_FLAG | TREE_DAS_MESSAGE_HEADER_FLAG))
|| headerByte == ZERO_HEAVY_MESSAGE_HEADER_FLAG;
}
/// @dev Form a hash of the data taken from the calldata
/// @param data The calldata to be hashed
/// @param afterDelayedMessagesRead The delayed messages count read up to
/// @return The data hash
/// @return The timebounds within which the message should be processed
function formCallDataHash(
bytes calldata data,
uint256 afterDelayedMessagesRead
) internal view returns (bytes32, IBridge.TimeBounds memory) {
uint256 fullDataLen = HEADER_LENGTH + data.length;
if (fullDataLen > maxDataSize) revert DataTooLarge(fullDataLen, maxDataSize);
(bytes memory header, IBridge.TimeBounds memory timeBounds) =
packHeader(afterDelayedMessagesRead);
// the batch poster is allowed to submit an empty batch, they can use this to progress the
// delayed inbox without providing extra batch data
if (data.length > 0) {
// The first data byte cannot be the same as any that have been set via other methods (eg 4844 blob header) as this
// would allow the supplier of the data to spoof an incorrect 4844 data batch
if (!isValidCallDataFlag(data[0])) revert InvalidHeaderFlag(data[0]);
// the first byte is used to identify the type of batch data
// das batches expect to have the type byte set, followed by the keyset (so they should have at least 33 bytes)
// if invalid data is supplied here the state transition function will process it as an empty block
// however we can provide a nice additional check here for the batch poster
if (data[0] & DAS_MESSAGE_HEADER_FLAG != 0 && data.length >= 33) {
// we skip the first byte, then read the next 32 bytes for the keyset
bytes32 dasKeysetHash = bytes32(data[1:33]);
if (!dasKeySetInfo[dasKeysetHash].isValidKeyset) revert NoSuchKeyset(dasKeysetHash);
}
}
return (keccak256(bytes.concat(header, data)), timeBounds);
}
/// @dev Form a hash of the data being provided in 4844 data blobs
/// @param afterDelayedMessagesRead The delayed messages count read up to
/// @return The data hash
/// @return The timebounds within which the message should be processed
/// @return The normalized amount of gas used for blob posting
function formBlobDataHash(
uint256 afterDelayedMessagesRead
) internal view virtual returns (bytes32, IBridge.TimeBounds memory, uint256) {
bytes32[] memory dataHashes = reader4844.getDataHashes();
if (dataHashes.length == 0) revert MissingDataHashes();
(bytes memory header, IBridge.TimeBounds memory timeBounds) =
packHeader(afterDelayedMessagesRead);
uint256 blobCost = reader4844.getBlobBaseFee() * GAS_PER_BLOB * dataHashes.length;
return (
keccak256(bytes.concat(header, DATA_BLOB_HEADER_FLAG, abi.encodePacked(dataHashes))),
timeBounds,
block.basefee > 0 ? blobCost / block.basefee : 0
);
}
/// @dev Submit a batch spending report message so that the batch poster can be reimbursed on the rollup
/// This function expect msg.sender is tx.origin, and will always record tx.origin as the spender
/// @param dataHash The hash of the message the spending report is being submitted for
/// @param seqMessageIndex The index of the message to submit the spending report for
/// @param gasPrice The gas price that was paid for the data (standard gas or data gas)
function submitBatchSpendingReport(
bytes32 dataHash,
uint256 seqMessageIndex,
uint256 gasPrice,
uint256 extraGas
) internal {
// report the account who paid the gas (tx.origin) for the tx as batch poster
// if msg.sender is used and is a contract, it might not be able to spend the refund on l2
// solhint-disable-next-line avoid-tx-origin
address batchPoster = tx.origin;
// this msg isn't included in the current sequencer batch, but instead added to
// the delayed messages queue that is yet to be included
if (hostChainIsArbitrum) {
// Include extra gas for the host chain's L1 gas charging
uint256 l1Fees = ArbGasInfo(address(0x6c)).getCurrentTxL1GasFees();
extraGas += l1Fees / block.basefee;
}
if (extraGas > type(uint64).max) revert ExtraGasNotUint64();
bytes memory spendingReportMsg = abi.encodePacked(
block.timestamp, batchPoster, dataHash, seqMessageIndex, gasPrice, uint64(extraGas)
);
uint256 msgNum = bridge.submitBatchSpendingReport(batchPoster, keccak256(spendingReportMsg));
// this is the same event used by Inbox.sol after including a message to the delayed message accumulator
emit InboxMessageDelivered(msgNum, spendingReportMsg);
}
function addSequencerL2BatchImpl(
bytes32 dataHash,
uint256 afterDelayedMessagesRead,
uint256 calldataLengthPosted,
uint256 prevMessageCount,
uint256 newMessageCount
)
internal
returns (uint256 seqMessageIndex, bytes32 beforeAcc, bytes32 delayedAcc, bytes32 acc)
{
if (afterDelayedMessagesRead < totalDelayedMessagesRead) revert DelayedBackwards();
if (afterDelayedMessagesRead > bridge.delayedMessageCount()) revert DelayedTooFar();
(seqMessageIndex, beforeAcc, delayedAcc, acc) = bridge.enqueueSequencerMessage(
dataHash, afterDelayedMessagesRead, prevMessageCount, newMessageCount
);
totalDelayedMessagesRead = afterDelayedMessagesRead;
if (calldataLengthPosted > 0 && !isUsingFeeToken) {
// only report batch poster spendings if chain is using ETH as native currency
submitBatchSpendingReport(dataHash, seqMessageIndex, block.basefee, 0);
}
}
function inboxAccs(
uint256 index
) external view returns (bytes32) {
return bridge.sequencerInboxAccs(index);
}
function batchCount() external view returns (uint256) {
return bridge.sequencerMessageCount();
}
/// @inheritdoc ISequencerInbox
function forceInclusionDeadline(
uint64 blockNumber
) external view returns (uint64) {
uint64 _delayBlocks = delayBlocks;
if (isDelayBufferable) {
uint64 _buffer = buffer.calcPendingBuffer(blockNumber);
_delayBlocks = delayBufferableBlocks(_buffer);
}
return blockNumber + _delayBlocks;
}
/// @notice Calculates the buffer dependent delay blocks
function delayBufferableBlocks(
uint64 _buffer
) internal view returns (uint64) {
return _buffer < delayBlocks ? _buffer : delayBlocks;
}
function _setBufferConfig(
BufferConfig memory bufferConfig_
) internal {
if (!isDelayBufferable) revert NotDelayBufferable();
if (!DelayBuffer.isValidBufferConfig(bufferConfig_)) revert BadBufferConfig();
if (buffer.bufferBlocks == 0 || buffer.bufferBlocks > bufferConfig_.max) {
buffer.bufferBlocks = bufferConfig_.max;
}
if (buffer.bufferBlocks < bufferConfig_.threshold) {
buffer.bufferBlocks = bufferConfig_.threshold;
}
buffer.max = bufferConfig_.max;
buffer.threshold = bufferConfig_.threshold;
buffer.replenishRateInBasis = bufferConfig_.replenishRateInBasis;
// if all delayed messages are read, the buffer is considered synced
if (bridge.delayedMessageCount() == totalDelayedMessagesRead) {
buffer.update(uint64(block.number));
}
}
function _setMaxTimeVariation(
ISequencerInbox.MaxTimeVariation memory maxTimeVariation_
) internal {
if (
maxTimeVariation_.delayBlocks > type(uint64).max
|| maxTimeVariation_.futureBlocks > type(uint64).max
|| maxTimeVariation_.delaySeconds > type(uint64).max
|| maxTimeVariation_.futureSeconds > type(uint64).max
) {
revert BadMaxTimeVariation();
}
delayBlocks = uint64(maxTimeVariation_.delayBlocks);
futureBlocks = uint64(maxTimeVariation_.futureBlocks);
delaySeconds = uint64(maxTimeVariation_.delaySeconds);
futureSeconds = uint64(maxTimeVariation_.futureSeconds);
}
/// @inheritdoc ISequencerInbox
function setMaxTimeVariation(
ISequencerInbox.MaxTimeVariation memory maxTimeVariation_
) external onlyRollupOwner {
_setMaxTimeVariation(maxTimeVariation_);
emit MaxTimeVariationSet(maxTimeVariation_);
emit OwnerFunctionCalled(0);
}
/// @inheritdoc ISequencerInbox
function setIsBatchPoster(
address addr,
bool isBatchPoster_
) external onlyRollupOwnerOrBatchPosterManager {
isBatchPoster[addr] = isBatchPoster_;
emit BatchPosterSet(addr, isBatchPoster_);
emit OwnerFunctionCalled(1);
}
/// @inheritdoc ISequencerInbox
function setValidKeyset(
bytes calldata keysetBytes
) external onlyRollupOwner {
uint256 ksWord = uint256(keccak256(bytes.concat(hex"fe", keccak256(keysetBytes))));
bytes32 ksHash = bytes32(ksWord ^ (1 << 255));
if (keysetBytes.length >= 64 * 1024) revert KeysetTooLarge();
if (dasKeySetInfo[ksHash].isValidKeyset) revert AlreadyValidDASKeyset(ksHash);
uint256 creationBlock = block.number;
if (hostChainIsArbitrum) {
creationBlock = ArbSys(address(100)).arbBlockNumber();
}
dasKeySetInfo[ksHash] =
DasKeySetInfo({isValidKeyset: true, creationBlock: uint64(creationBlock)});
emit SetValidKeyset(ksHash, keysetBytes);
emit OwnerFunctionCalled(2);
}
/// @inheritdoc ISequencerInbox
function invalidateKeysetHash(
bytes32 ksHash
) external onlyRollupOwner {
if (!dasKeySetInfo[ksHash].isValidKeyset) revert NoSuchKeyset(ksHash);
// we don't delete the block creation value since its used to fetch the SetValidKeyset
// event efficiently. The event provides the hash preimage of the key.
// this is still needed when syncing the chain after a keyset is invalidated.
dasKeySetInfo[ksHash].isValidKeyset = false;
emit InvalidateKeyset(ksHash);
emit OwnerFunctionCalled(3);
}
/// @inheritdoc ISequencerInbox
function setIsSequencer(
address addr,
bool isSequencer_
) external onlyRollupOwnerOrBatchPosterManager {
isSequencer[addr] = isSequencer_;
emit SequencerSet(addr, isSequencer_);
emit OwnerFunctionCalled(4);
}
/// @inheritdoc ISequencerInbox
function setBatchPosterManager(
address newBatchPosterManager
) external onlyRollupOwner {
batchPosterManager = newBatchPosterManager;
emit BatchPosterManagerSet(newBatchPosterManager);
emit OwnerFunctionCalled(5);
}
function setBufferConfig(
BufferConfig memory bufferConfig_
) external onlyRollupOwner {
_setBufferConfig(bufferConfig_);
emit BufferConfigSet(bufferConfig_);
}
function isValidKeysetHash(
bytes32 ksHash
) external view returns (bool) {
return dasKeySetInfo[ksHash].isValidKeyset;
}
/// @inheritdoc ISequencerInbox
function getKeysetCreationBlock(
bytes32 ksHash
) external view returns (uint256) {
DasKeySetInfo memory ksInfo = dasKeySetInfo[ksHash];
if (ksInfo.creationBlock == 0) revert NoSuchKeyset(ksHash);
return uint256(ksInfo.creationBlock);
}
}
// Copyright 2023, Offchain Labs, Inc.
// For license information, see https://github.com/offchainlabs/bold/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
//
pragma solidity ^0.8.0;
import "../bridge/IBridge.sol";
import "../osp/IOneStepProofEntry.sol";
import "../rollup/Assertion.sol";
/// @title Assertion chain interface
/// @notice The interface required by the EdgeChallengeManager for requesting assertion data from the AssertionChain
interface IAssertionChain {
function bridge() external view returns (IBridge);
function validateAssertionHash(
bytes32 assertionHash,
AssertionState calldata state,
bytes32 prevAssertionHash,
bytes32 inboxAcc
) external view;
function validateConfig(bytes32 assertionHash, ConfigData calldata configData) external view;
function getFirstChildCreationBlock(
bytes32 assertionHash
) external view returns (uint64);
function getSecondChildCreationBlock(
bytes32 assertionHash
) external view returns (uint64);
function isFirstChild(
bytes32 assertionHash
) external view returns (bool);
function isPending(
bytes32 assertionHash
) external view returns (bool);
function isValidator(
address
) external view returns (bool);
function getValidators() external view returns (address[] memory);
function validatorWhitelistDisabled() external view returns (bool);
}
// Copyright 2023, Offchain Labs, Inc.
// For license information, see https://github.com/offchainlabs/bold/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
//
pragma solidity ^0.8.0;
import "./IAssertionChain.sol";
import "./libraries/Structs.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
/// @title EdgeChallengeManager interface
interface IEdgeChallengeManager {
/// @notice Initialize the EdgeChallengeManager. EdgeChallengeManagers are upgradeable
/// so use the initializer paradigm
/// @param _assertionChain The assertion chain contract
/// @param _challengePeriodBlocks The amount of cumulative time an edge must spend unrivaled before it can be confirmed
/// This should be the censorship period + the cumulative amount of time needed to do any
/// offchain calculation. We currently estimate around 10 mins for each layer zero edge and 1
/// one minute for each other edge.
/// @param _oneStepProofEntry The one step proof logic
/// @param layerZeroBlockEdgeHeight The end height of layer zero edges of type Block
/// @param layerZeroBigStepEdgeHeight The end height of layer zero edges of type BigStep
/// @param layerZeroSmallStepEdgeHeight The end height of layer zero edges of type SmallStep
/// @param _stakeToken The token that stake will be provided in when creating zero layer block edges
/// @param _excessStakeReceiver The address that excess stake will be sent to when 2nd+ block edge is created
/// @param _numBigStepLevel The number of bigstep levels
/// @param _stakeAmounts The stake amount for each level. (first element is for block level)
function initialize(
IAssertionChain _assertionChain,
uint64 _challengePeriodBlocks,
IOneStepProofEntry _oneStepProofEntry,
uint256 layerZeroBlockEdgeHeight,
uint256 layerZeroBigStepEdgeHeight,
uint256 layerZeroSmallStepEdgeHeight,
IERC20 _stakeToken,
address _excessStakeReceiver,
uint8 _numBigStepLevel,
uint256[] calldata _stakeAmounts
) external;
function stakeToken() external view returns (IERC20);
function stakeAmounts(
uint256
) external view returns (uint256);
function challengePeriodBlocks() external view returns (uint64);
/// @notice The one step proof resolver used to decide between rival SmallStep edges of length 1
function oneStepProofEntry() external view returns (IOneStepProofEntry);
/// @notice Performs necessary checks and creates a new layer zero edge
/// @param args Edge creation args
function createLayerZeroEdge(
CreateEdgeArgs calldata args
) external returns (bytes32);
/// @notice Bisect an edge. This creates two child edges:
/// lowerChild: has the same start root and height as this edge, but a different end root and height
/// upperChild: has the same end root and height as this edge, but a different start root and height
/// The lower child end root and height are equal to the upper child start root and height. This height
/// is the mandatoryBisectionHeight.
/// The lower child may already exist, however it's not possible for the upper child to exist as that would
/// mean that the edge has already been bisected
/// @param edgeId Edge to bisect
/// @param bisectionHistoryRoot The new history root to be used in the lower and upper children
/// @param prefixProof A proof to show that the bisectionHistoryRoot commits to a prefix of the current endHistoryRoot
/// @return lowerChildId The id of the newly created lower child edge
/// @return upperChildId The id of the newly created upper child edge
function bisectEdge(
bytes32 edgeId,
bytes32 bisectionHistoryRoot,
bytes calldata prefixProof
) external returns (bytes32, bytes32);
/// @notice An edge can be confirmed if the total amount of time it and a single chain of its direct ancestors
/// has spent unrivaled is greater than the challenge period.
/// @dev Edges inherit time from their parents, so the sum of unrivaled timers is compared against the threshold.
/// Given that an edge cannot become unrivaled after becoming rivaled, once the threshold is passed
/// it will always remain passed. The direct ancestors of an edge are linked by parent-child links for edges
/// of the same level, and claimId-edgeId links for zero layer edges that claim an edge in the level below.
/// This method also includes the amount of time the assertion being claimed spent without a sibling
/// @param edgeId The id of the edge to confirm
function confirmEdgeByTime(
bytes32 edgeId,
AssertionStateData calldata claimStateData
) external;
/// @notice Update multiple edges' timer cache by their children. Equivalent to calling updateTimerCacheByChildren for each edge.
/// May update timer cache above maximum if the last edge's timer cache was below maximumCachedTime.
/// Revert when the last edge's timer cache is already equal to or above maximumCachedTime.
/// @param edgeIds The ids of the edges to update
/// @param maximumCachedTime The maximum amount of cached time allowed on the last edge (β∗)
function multiUpdateTimeCacheByChildren(
bytes32[] calldata edgeIds,
uint256 maximumCachedTime
) external;
/// @notice Update an edge's timer cache by its children.
/// Sets the edge's timer cache to its timeUnrivaled + (minimum timer cache of its children).
/// May update timer cache above maximum if the last edge's timer cache was below maximumCachedTime.
/// Revert when the edge's timer cache is already equal to or above maximumCachedTime.
/// @param edgeId The id of the edge to update
/// @param maximumCachedTime The maximum amount of cached time allowed on the edge (β∗)
function updateTimerCacheByChildren(bytes32 edgeId, uint256 maximumCachedTime) external;
/// @notice Given a one step fork edge and an edge with matching claim id,
/// set the one step fork edge's timer cache to its timeUnrivaled + claiming edge's timer cache.
/// May update timer cache above maximum if the last edge's timer cache was below maximumCachedTime.
/// Revert when the edge's timer cache is already equal to or above maximumCachedTime.
/// @param edgeId The id of the edge to update
/// @param claimingEdgeId The id of the edge which has a claimId equal to edgeId
/// @param maximumCachedTime The maximum amount of cached time allowed on the edge (β∗)
function updateTimerCacheByClaim(
bytes32 edgeId,
bytes32 claimingEdgeId,
uint256 maximumCachedTime
) external;
/// @notice Confirm an edge by executing a one step proof
/// @dev One step proofs can only be executed against edges that have length one and of type SmallStep
/// @param edgeId The id of the edge to confirm
/// @param oneStepData Input data to the one step proof
/// @param prevConfig Data about the config set in prev
/// @param beforeHistoryInclusionProof Proof that the state which is the start of the edge is committed to by the startHistoryRoot
/// @param afterHistoryInclusionProof Proof that the state which is the end of the edge is committed to by the endHistoryRoot
function confirmEdgeByOneStepProof(
bytes32 edgeId,
OneStepData calldata oneStepData,
ConfigData calldata prevConfig,
bytes32[] calldata beforeHistoryInclusionProof,
bytes32[] calldata afterHistoryInclusionProof
) external;
/// @notice When zero layer block edges are created a stake is also provided
/// The stake on this edge can be refunded if the edge is confirme
function refundStake(
bytes32 edgeId
) external;
/// @notice Zero layer edges have to be a fixed height.
/// This function returns the end height for a given edge type
function getLayerZeroEndHeight(
EdgeType eType
) external view returns (uint256);
/// @notice Calculate the unique id of an edge
/// @param level The level of the edge
/// @param originId The origin id of the edge
/// @param startHeight The start height of the edge
/// @param startHistoryRoot The start history root of the edge
/// @param endHeight The end height of the edge
/// @param endHistoryRoot The end history root of the edge
function calculateEdgeId(
uint8 level,
bytes32 originId,
uint256 startHeight,
bytes32 startHistoryRoot,
uint256 endHeight,
bytes32 endHistoryRoot
) external pure returns (bytes32);
/// @notice Calculate the mutual id of the edge
/// Edges that are rivals share the same mutual id
/// @param level The level of the edge
/// @param originId The origin id of the edge
/// @param startHeight The start height of the edge
/// @param startHistoryRoot The start history root of the edge
/// @param endHeight The end height of the edge
function calculateMutualId(
uint8 level,
bytes32 originId,
uint256 startHeight,
bytes32 startHistoryRoot,
uint256 endHeight
) external pure returns (bytes32);
/// @notice Has the edge already been stored in the manager
function edgeExists(
bytes32 edgeId
) external view returns (bool);
/// @notice Get full edge data for an edge
function getEdge(
bytes32 edgeId
) external view returns (ChallengeEdge memory);
/// @notice The length of the edge, from start height to end height
function edgeLength(
bytes32 edgeId
) external view returns (uint256);
/// @notice Does this edge currently have one or more rivals
/// Rival edges share the same mutual id
function hasRival(
bytes32 edgeId
) external view returns (bool);
/// @notice The confirmed rival of this mutual id
/// Returns 0 if one does not exist
function confirmedRival(
bytes32 mutualId
) external view returns (bytes32);
/// @notice Does the edge have at least one rival, and it has length one
function hasLengthOneRival(
bytes32 edgeId
) external view returns (bool);
/// @notice The amount of time this edge has spent without rivals
/// This value is increasing whilst an edge is unrivaled, once a rival is created
/// it is fixed. If an edge has rivals from the moment it is created then it will have
/// a zero time unrivaled
function timeUnrivaled(
bytes32 edgeId
) external view returns (uint256);
/// @notice Get the id of the prev assertion that this edge is originates from
/// @dev Uses the parent chain to traverse upwards SmallStep->BigStep->Block->Assertion
/// until it gets to the origin assertion
function getPrevAssertionHash(
bytes32 edgeId
) external view returns (bytes32);
/// @notice Fetch the raw first rival record for the given mutual id
/// @dev Returns 0 if there is no edge with the given mutual id
/// Returns a magic value if there is one edge but it is unrivaled
/// Returns the id of the second edge created with the mutual id, if > 1 exists
function firstRival(
bytes32 mutualId
) external view returns (bytes32);
/// @notice True if an account has made a layer zero edge with the given mutual id.
/// This is only tracked when the validator whitelist is enabled
function hasMadeLayerZeroRival(
address account,
bytes32 mutualId
) external view returns (bool);
}
// Copyright 2023, Offchain Labs, Inc.
// For license information, see https://github.com/offchainlabs/bold/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
//
pragma solidity ^0.8.17;
/// @notice The status of the edge
/// - Pending: Yet to be confirmed. Not all edges can be confirmed.
/// - Confirmed: Once confirmed it cannot transition back to pending
enum EdgeStatus {
Pending,
Confirmed
}
/// @notice The type of the edge. Challenges are decomposed into 3 types of subchallenge
/// represented here by the edge type. Edges are initially created of type Block
/// and are then bisected until they have length one. After that new BigStep edges are
/// added that claim a Block type edge, and are then bisected until they have length one.
/// Then a SmallStep edge is added that claims a length one BigStep edge, and these
/// SmallStep edges are bisected until they reach length one. A length one small step edge
/// can then be directly executed using a one-step proof.
enum EdgeType {
Block,
BigStep,
SmallStep
}
// Copyright 2023, Offchain Labs, Inc.
// For license information, see https://github.com/offchainlabs/bold/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
//
pragma solidity ^0.8.0;
import "./Enums.sol";
import "../../rollup/AssertionState.sol";
/// @notice An execution state and proof to show that it's valid
struct AssertionStateData {
/// @notice An execution state
AssertionState assertionState;
/// @notice assertion Hash of the prev assertion
bytes32 prevAssertionHash;
/// @notice Inbox accumulator of the assertion
bytes32 inboxAcc;
}
/// @notice Data for creating a layer zero edge
struct CreateEdgeArgs {
/// @notice The level of edge to be created. Challenges are decomposed into multiple levels.
/// The first (level 0) being of type Block, followed by n (set by NUM_BIGSTEP_LEVEL) levels of type BigStep, and finally
/// followed by a single level of type SmallStep. Each level is bisected until an edge
/// of length one is reached before proceeding to the next level. The first edge in each level (the layer zero edge)
/// makes a claim about an assertion or assertion in the lower level.
/// Finally in the last level, a SmallStep edge is added that claims a lower level length one BigStep edge, and these
/// SmallStep edges are bisected until they reach length one. A length one small step edge
/// can then be directly executed using a one-step proof.
uint8 level;
/// @notice The end history root of the edge to be created
bytes32 endHistoryRoot;
/// @notice The end height of the edge to be created.
/// @dev End height is deterministic for different levels but supplying it here gives the
/// caller a bit of extra security that they are supplying data for the correct level of edge
uint256 endHeight;
/// @notice The edge, or assertion, that is being claimed correct by the newly created edge.
bytes32 claimId;
/// @notice Proof that the start history root commits to a prefix of the states that
/// end history root commits to
bytes prefixProof;
/// @notice Edge type specific data
/// For Block type edges this is the abi encoding of:
/// bytes32[]: Inclusion proof - proof to show that the end state is the last state in the end history root
/// AssertionStateData: the before state of the edge
/// AssertionStateData: the after state of the edge
/// bytes32 predecessorId: id of the prev assertion
/// bytes32 inboxAcc: the inbox accumulator of the assertion
/// For BigStep and SmallStep edges this is the abi encoding of:
/// bytes32: Start state - first state the edge commits to
/// bytes32: End state - last state the edge commits to
/// bytes32[]: Claim start inclusion proof - proof to show the start state is the first state in the claim edge
/// bytes32[]: Claim end inclusion proof - proof to show the end state is the last state in the claim edge
/// bytes32[]: Inclusion proof - proof to show that the end state is the last state in the end history root
bytes proof;
}
/// @notice Data parsed raw proof data
struct ProofData {
/// @notice The first state being committed to by an edge
bytes32 startState;
/// @notice The last state being committed to by an edge
bytes32 endState;
/// @notice A proof that the end state is included in the edge
bytes32[] inclusionProof;
}
/// @notice Stores all edges and their rival status
struct EdgeStore {
/// @notice A mapping of edge id to edges. Edges are never deleted, only created, and potentially confirmed.
mapping(bytes32 => ChallengeEdge) edges;
/// @notice A mapping of mutualId to edge id. Rivals share the same mutual id, and here we
/// store the edge id of the second edge that was created with the same mutual id - the first rival
/// When only one edge exists for a specific mutual id then a special magic string hash is stored instead
/// of the first rival id, to signify that a single edge does exist with this mutual id
mapping(bytes32 => bytes32) firstRivals;
/// @notice A mapping of mutualId to the edge id of the confirmed rival with that mutualId
/// @dev Each group of rivals (edges sharing mutual id) can only have at most one confirmed edge
mapping(bytes32 => bytes32) confirmedRivals;
/// @notice A mapping of account -> mutualId -> bool indicating if the account has created a layer zero edge with a mutual id
mapping(address => mapping(bytes32 => bool)) hasMadeLayerZeroRival;
}
/// @notice Input data to a one step proof
struct OneStepData {
/// @notice The hash of the state that's being executed from
bytes32 beforeHash;
/// @notice Proof data to accompany the execution context
bytes proof;
}
/// @notice Data about a recently added edge
struct EdgeAddedData {
bytes32 edgeId;
bytes32 mutualId;
bytes32 originId;
bytes32 claimId;
uint256 length;
uint8 level;
bool hasRival;
bool isLayerZero;
}
/// @notice Data about an assertion that is being claimed by an edge
/// @dev This extra information that is needed in order to verify that a block edge can be created
struct AssertionReferenceData {
/// @notice The id of the assertion - will be used in a sanity check
bytes32 assertionHash;
/// @notice The predecessor of the assertion
bytes32 predecessorId;
/// @notice Is the assertion pending
bool isPending;
/// @notice Does the assertion have a sibling
bool hasSibling;
/// @notice The execution state of the predecessor assertion
AssertionState startState;
/// @notice The execution state of the assertion being claimed
AssertionState endState;
}
/// @notice An edge committing to a range of states. These edges will be bisected, slowly
/// reducing them in length until they reach length one. At that point new edges of a different
/// level will be added that claim the result of this edge, or a one step proof will be calculated
/// if the edge level is already of type SmallStep.
struct ChallengeEdge {
/// @notice The origin id is a link from the edge to an edge or assertion at a lower level.
/// Intuitively all edges with the same origin id agree on the information committed to in the origin id
/// For a SmallStep edge the origin id is the 'mutual' id of the length one BigStep edge being claimed by the zero layer ancestors of this edge
/// For a BigStep edge the origin id is the 'mutual' id of the length one Block edge being claimed by the zero layer ancestors of this edge
/// For a Block edge the origin id is the assertion hash of the assertion that is the root of the challenge - all edges in this challenge agree
/// that that assertion hash is valid.
/// The purpose of the origin id is to ensure that only edges that agree on a common start position
/// are being compared against one another.
bytes32 originId;
/// @notice A root of all the states in the history up to the startHeight
bytes32 startHistoryRoot;
/// @notice The height of the start history root
uint256 startHeight;
/// @notice A root of all the states in the history up to the endHeight. Since endHeight > startHeight, the startHistoryRoot must
/// commit to a prefix of the states committed to by the endHistoryRoot
bytes32 endHistoryRoot;
/// @notice The height of the end history root
uint256 endHeight;
/// @notice Edges can be bisected into two children. If this edge has been bisected the id of the
/// lower child is populated here, until that time this value is 0. The lower child has startHistoryRoot and startHeight
/// equal to this edge, but endHistoryRoot and endHeight equal to some prefix of the endHistoryRoot of this edge
bytes32 lowerChildId;
/// @notice Edges can be bisected into two children. If this edge has been bisected the id of the
/// upper child is populated here, until that time this value is 0. The upper child has startHistoryRoot and startHeight
/// equal to some prefix of the endHistoryRoot of this edge, and endHistoryRoot and endHeight equal to this edge
bytes32 upperChildId;
/// @notice The edge or assertion in the upper level that this edge claims to be true.
/// Only populated on zero layer edges
bytes32 claimId;
/// @notice The entity that supplied a mini-stake accompanying this edge
/// Only populated on zero layer edges
address staker;
/// @notice The block number when this edge was created
uint64 createdAtBlock;
/// @notice The block number at which this edge was confirmed
/// Zero if not confirmed
uint64 confirmedAtBlock;
/// @notice Current status of this edge. All edges are created Pending, and may be updated to Confirmed
/// Once Confirmed they cannot transition back to Pending
EdgeStatus status;
/// @notice The level of this edge.
/// Level 0 is type Block
/// Last level (defined by NUM_BIGSTEP_LEVEL + 1) is type SmallStep
/// All levels in between are of type BigStep
uint8 level;
/// @notice Set to true when the staker has been refunded. Can only be set to true if the status is Confirmed
/// and the staker is non zero.
bool refunded;
/// @notice TODO
uint64 totalTimeUnrivaledCache;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "../precompiles/ArbSys.sol";
library ArbitrumChecker {
function runningOnArbitrum() internal view returns (bool) {
(bool ok, bytes memory data) =
address(100).staticcall(abi.encodeWithSelector(ArbSys.arbOSVersion.selector));
return ok && data.length == 32;
}
}
// Copyright 2021-2024, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
library CallerChecker {
/**
* @notice A EIP-7702 safe check to ensure the caller is the origin and is codeless
* @return bool true if the caller is the origin and is codeless, false otherwise
* @dev If the caller is the origin and is codeless, then msg.data is guaranteed to be same as tx.data
* It also mean the caller would not be able to call a contract multiple times with the same transaction
*/
function isCallerCodelessOrigin() internal view returns (bool) {
// solhint-disable-next-line avoid-tx-origin
return msg.sender == tx.origin && msg.sender.code.length == 0;
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import {NotOwner} from "./Error.sol";
/// @dev A stateless contract that allows you to infer if the current call has been delegated or not
/// Pattern used here is from UUPS implementation by the OpenZeppelin team
abstract contract DelegateCallAware {
address private immutable __self = address(this);
/**
* @dev Check that the execution is being performed through a delegate call. This allows a function to be
* callable on the proxy contract but not on the logic contract.
*/
modifier onlyDelegated() {
require(address(this) != __self, "Function must be called through delegatecall");
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/
modifier notDelegated() {
require(address(this) == __self, "Function must not be called through delegatecall");
_;
}
/// @dev Check that msg.sender is the current EIP 1967 proxy admin
modifier onlyProxyOwner() {
// Storage slot with the admin of the proxy contract
// This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1
bytes32 slot = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
address admin;
assembly {
admin := sload(slot)
}
if (msg.sender != admin) revert NotOwner(msg.sender, admin);
_;
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.4;
/// @dev Init was already called
error AlreadyInit();
/// @dev Init was called with param set to zero that must be nonzero
error HadZeroInit();
/// @dev Thrown when post upgrade init validation fails
error BadPostUpgradeInit();
/// @dev Thrown when the caller is not a codeless origin
error NotCodelessOrigin();
/// @dev Thrown when non owner tries to access an only-owner function
/// @param sender The msg.sender who is not the owner
/// @param owner The owner address
error NotOwner(address sender, address owner);
/// @dev Thrown when an address that is not the rollup tries to call an only-rollup function
/// @param sender The sender who is not the rollup
/// @param rollup The rollup address authorized to call this function
error NotRollup(address sender, address rollup);
/// @dev Thrown when the contract was not called directly from the origin ie msg.sender != tx.origin
error NotOrigin();
/// @dev Provided data was too large
/// @param dataLength The length of the data that is too large
/// @param maxDataLength The max length the data can be
error DataTooLarge(uint256 dataLength, uint256 maxDataLength);
/// @dev The provided is not a contract and was expected to be
/// @param addr The adddress in question
error NotContract(address addr);
/// @dev The merkle proof provided was too long
/// @param actualLength The length of the merkle proof provided
/// @param maxProofLength The max length a merkle proof can have
error MerkleProofTooLong(uint256 actualLength, uint256 maxProofLength);
/// @dev Thrown when an un-authorized address tries to access an admin function
/// @param sender The un-authorized sender
/// @param rollup The rollup, which would be authorized
/// @param owner The rollup's owner, which would be authorized
error NotRollupOrOwner(address sender, address rollup, address owner);
// Bridge Errors
/// @dev Thrown when an un-authorized address tries to access an only-inbox function
/// @param sender The un-authorized sender
error NotDelayedInbox(address sender);
/// @dev Thrown when an un-authorized address tries to access an only-sequencer-inbox function
/// @param sender The un-authorized sender
error NotSequencerInbox(address sender);
/// @dev Thrown when an un-authorized address tries to access an only-outbox function
/// @param sender The un-authorized sender
error NotOutbox(address sender);
/// @dev the provided outbox address isn't valid
/// @param outbox address of outbox being set
error InvalidOutboxSet(address outbox);
/// @dev The provided token address isn't valid
/// @param token address of token being set
error InvalidTokenSet(address token);
/// @dev Call to this specific address is not allowed
/// @param target address of the call receiver
error CallTargetNotAllowed(address target);
/// @dev Call that changes the balance of ERC20Bridge is not allowed
error CallNotAllowed();
// Inbox Errors
/// @dev msg.value sent to the inbox isn't high enough
error InsufficientValue(uint256 expected, uint256 actual);
/// @dev submission cost provided isn't enough to create retryable ticket
error InsufficientSubmissionCost(uint256 expected, uint256 actual);
/// @dev address not allowed to interact with the given contract
error NotAllowedOrigin(address origin);
/// @dev used to convey retryable tx data in eth calls without requiring a tx trace
/// this follows a pattern similar to EIP-3668 where reverts surface call information
error RetryableData(
address from,
address to,
uint256 l2CallValue,
uint256 deposit,
uint256 maxSubmissionCost,
address excessFeeRefundAddress,
address callValueRefundAddress,
uint256 gasLimit,
uint256 maxFeePerGas,
bytes data
);
/// @dev Thrown when a L1 chainId fork is detected
error L1Forked();
/// @dev Thrown when a L1 chainId fork is not detected
error NotForked();
/// @dev The provided gasLimit is larger than uint64
error GasLimitTooLarge();
/// @dev The provided amount cannot be adjusted to 18 decimals due to overflow
error AmountTooLarge(uint256 amount);
/// @dev Number of native token's decimals is restricted to enable conversions to 18 decimals
error NativeTokenDecimalsTooLarge(uint256 decimals);
// Outbox Errors
/// @dev The provided proof was too long
/// @param proofLength The length of the too-long proof
error ProofTooLong(uint256 proofLength);
/// @dev The output index was greater than the maximum
/// @param index The output index
/// @param maxIndex The max the index could be
error PathNotMinimal(uint256 index, uint256 maxIndex);
/// @dev The calculated root does not exist
/// @param root The calculated root
error UnknownRoot(bytes32 root);
/// @dev The record has already been spent
/// @param index The index of the spent record
error AlreadySpent(uint256 index);
/// @dev A call to the bridge failed with no return data
error BridgeCallFailed();
// Sequencer Inbox Errors
/// @dev Thrown when someone attempts to read fewer messages than have already been read
error DelayedBackwards();
/// @dev Thrown when someone attempts to read more messages than exist
error DelayedTooFar();
/// @dev Force include can only read messages more blocks old than the delay period
error ForceIncludeBlockTooSoon();
/// @dev The message provided did not match the hash in the delayed inbox
error IncorrectMessagePreimage();
/// @dev This can only be called by the batch poster
error NotBatchPoster();
/// @dev The sequence number provided to this message was inconsistent with the number of batches already included
error BadSequencerNumber(uint256 stored, uint256 received);
/// @dev The sequence message number provided to this message was inconsistent with the previous one
error BadSequencerMessageNumber(uint256 stored, uint256 received);
/// @dev Tried to create an already valid Data Availability Service keyset
error AlreadyValidDASKeyset(bytes32);
/// @dev Tried to use or invalidate an already invalid Data Availability Service keyset
error NoSuchKeyset(bytes32);
/// @dev Thrown when the provided address is not the designated batch poster manager
error NotBatchPosterManager(address);
/// @dev Thrown when a data blob feature is attempted to be used on a chain that doesnt support it
error DataBlobsNotSupported();
/// @dev Thrown when batches are posted without buffer proof, this is only allowed in a sync state or when no new delayed messages are read
error DelayProofRequired();
/// @dev The DelayedAccPreimage is invalid
error InvalidDelayedAccPreimage();
/// @dev Thrown when the sequencer attempts to post a batch with delay / sync proofs without delay bufferability enabled
error NotDelayBufferable();
/// @dev Thrown when an init param was supplied as empty
error InitParamZero(string name);
/// @dev Thrown when data hashes where expected but not where present on the tx
error MissingDataHashes();
/// @dev Thrown when rollup is not updated with updateRollupAddress
error RollupNotChanged();
/// @dev Unsupported header flag was provided
error InvalidHeaderFlag(bytes1);
/// @dev SequencerInbox and Bridge are not in the same feeToken/ETH mode
error NativeTokenMismatch();
/// @dev Thrown when a deprecated function is called
error Deprecated();
/// @dev Thrown when any component of maxTimeVariation is over uint64
error BadMaxTimeVariation();
/// @dev Thrown when any component of bufferConfig is zero
error BadBufferConfig();
/// @dev Thrown when extra gas is not a uint64
error ExtraGasNotUint64();
/// @dev Thrown when keysetBytes is too large
error KeysetTooLarge();
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity ^0.8.0;
import "./IReader4844.sol";
import "./IGasRefunder.sol";
import "../libraries/CallerChecker.sol";
abstract contract GasRefundEnabled {
uint256 internal immutable gasPerBlob = 2 ** 17;
/// @dev this refunds the sender for execution costs of the tx
/// calldata costs are only refunded if `msg.sender == tx.origin` to guarantee the value refunded relates to charging
/// for the `tx.input`. this avoids a possible attack where you generate large calldata from a contract and get over-refunded
modifier refundsGas(IGasRefunder gasRefunder, IReader4844 reader4844) {
uint256 startGasLeft = gasleft();
_;
if (address(gasRefunder) != address(0)) {
uint256 calldataSize = msg.data.length;
uint256 calldataWords = (calldataSize + 31) / 32;
// account for the CALLDATACOPY cost of the proxy contract, including the memory expansion cost
startGasLeft += calldataWords * 6 + (calldataWords ** 2) / 512;
// if triggered in a contract call, the spender may be overrefunded by appending dummy data to the call
// so we check if it is a top level call, which would mean the sender paid calldata as part of tx.input
if (!CallerChecker.isCallerCodelessOrigin()) {
// We can't be sure if this calldata came from the top level tx,
// so to be safe we tell the gas refunder there was no calldata.
calldataSize = 0;
} else {
// for similar reasons to above we only refund blob gas when the tx.origin is the msg.sender
// this avoids the caller being able to send blobs to other contracts and still get refunded here
if (address(reader4844) != address(0)) {
// add any cost for 4844 data, the data hash reader throws an error prior to 4844 being activated
// we do this addition here rather in the GasRefunder so that we can check the msg.sender is the tx.origin
try reader4844.getDataHashes() returns (bytes32[] memory dataHashes) {
if (dataHashes.length != 0) {
uint256 blobBasefee = reader4844.getBlobBaseFee();
startGasLeft +=
(dataHashes.length * gasPerBlob * blobBasefee) / block.basefee;
}
} catch {}
}
}
gasRefunder.onGasSpent(payable(msg.sender), startGasLeft - gasleft(), calldataSize);
}
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
interface IGasRefunder {
function onGasSpent(
address payable spender,
uint256 gasUsed,
uint256 calldataSize
) external returns (bool success);
}
// Copyright 2023-2024, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.6.9 <0.9.0;
interface IReader4844 {
/// @notice Returns the current BLOBBASEFEE
function getBlobBaseFee() external view returns (uint256);
/// @notice Returns all the data hashes of all the blobs on the current transaction
function getDataHashes() external view returns (bytes32[] memory);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./IOneStepProver.sol";
import "../state/Machine.sol";
library OneStepProofEntryLib {
uint256 internal constant MAX_STEPS = 1 << 43;
}
struct ExecutionState {
GlobalState globalState;
MachineStatus machineStatus;
}
interface IOneStepProofEntry {
function getStartMachineHash(
bytes32 globalStateHash,
bytes32 wasmModuleRoot
) external pure returns (bytes32);
function proveOneStep(
ExecutionContext calldata execCtx,
uint256 machineStep,
bytes32 beforeHash,
bytes calldata proof
) external view returns (bytes32 afterHash);
function getMachineHash(
ExecutionState calldata execState
) external pure returns (bytes32);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "../state/Machine.sol";
import "../state/Module.sol";
import "../state/Instructions.sol";
import "../state/GlobalState.sol";
import "../bridge/ISequencerInbox.sol";
import "../bridge/IBridge.sol";
struct ExecutionContext {
uint256 maxInboxMessagesRead;
IBridge bridge;
bytes32 initialWasmModuleRoot;
}
abstract contract IOneStepProver {
function executeOneStep(
ExecutionContext memory execCtx,
Machine calldata mach,
Module calldata mod,
Instruction calldata instruction,
bytes calldata proof
) external view virtual returns (Machine memory result, Module memory resultMod);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.4.21 <0.9.0;
/// @title Provides insight into the cost of using the chain.
/// @notice These methods have been adjusted to account for Nitro's heavy use of calldata compression.
/// Of note to end-users, we no longer make a distinction between non-zero and zero-valued calldata bytes.
/// Precompiled contract that exists in every Arbitrum chain at 0x000000000000000000000000000000000000006c.
interface ArbGasInfo {
/// @notice Get gas prices for a provided aggregator
/// @return return gas prices in wei
/// (
/// per L2 tx,
/// per L1 calldata byte
/// per storage allocation,
/// per ArbGas base,
/// per ArbGas congestion,
/// per ArbGas total
/// )
function getPricesInWeiWithAggregator(
address aggregator
) external view returns (uint256, uint256, uint256, uint256, uint256, uint256);
/// @notice Get gas prices. Uses the caller's preferred aggregator, or the default if the caller doesn't have a preferred one.
/// @return return gas prices in wei
/// (
/// per L2 tx,
/// per L1 calldata byte
/// per storage allocation,
/// per ArbGas base,
/// per ArbGas congestion,
/// per ArbGas total
/// )
function getPricesInWei()
external
view
returns (uint256, uint256, uint256, uint256, uint256, uint256);
/// @notice Get prices in ArbGas for the supplied aggregator
/// @return (per L2 tx, per L1 calldata byte, per storage allocation)
function getPricesInArbGasWithAggregator(
address aggregator
) external view returns (uint256, uint256, uint256);
/// @notice Get prices in ArbGas. Assumes the callers preferred validator, or the default if caller doesn't have a preferred one.
/// @return (per L2 tx, per L1 calldata byte, per storage allocation)
function getPricesInArbGas() external view returns (uint256, uint256, uint256);
/// @notice Get the gas accounting parameters. `gasPoolMax` is always zero, as the exponential pricing model has no such notion.
/// @return (speedLimitPerSecond, gasPoolMax, maxTxGasLimit)
function getGasAccountingParams() external view returns (uint256, uint256, uint256);
/// @notice Get the minimum gas price needed for a tx to succeed
function getMinimumGasPrice() external view returns (uint256);
/// @notice Get ArbOS's estimate of the L1 basefee in wei
function getL1BaseFeeEstimate() external view returns (uint256);
/// @notice Get how slowly ArbOS updates its estimate of the L1 basefee
function getL1BaseFeeEstimateInertia() external view returns (uint64);
/// @notice Get the L1 pricer reward rate, in wei per unit
/// Available in ArbOS version 11
function getL1RewardRate() external view returns (uint64);
/// @notice Get the L1 pricer reward recipient
/// Available in ArbOS version 11
function getL1RewardRecipient() external view returns (address);
/// @notice Deprecated -- Same as getL1BaseFeeEstimate()
function getL1GasPriceEstimate() external view returns (uint256);
/// @notice Get L1 gas fees paid by the current transaction
function getCurrentTxL1GasFees() external view returns (uint256);
/// @notice Get the backlogged amount of gas burnt in excess of the speed limit
function getGasBacklog() external view returns (uint64);
/// @notice Get how slowly ArbOS updates the L2 basefee in response to backlogged gas
function getPricingInertia() external view returns (uint64);
/// @notice Get the forgivable amount of backlogged gas ArbOS will ignore when raising the basefee
function getGasBacklogTolerance() external view returns (uint64);
/// @notice Returns the surplus of funds for L1 batch posting payments (may be negative).
function getL1PricingSurplus() external view returns (int256);
/// @notice Returns the base charge (in L1 gas) attributed to each data batch in the calldata pricer
function getPerBatchGasCharge() external view returns (int64);
/// @notice Returns the cost amortization cap in basis points
function getAmortizedCostCapBips() external view returns (uint64);
/// @notice Returns the available funds from L1 fees
function getL1FeesAvailable() external view returns (uint256);
/// @notice Returns the equilibration units parameter for L1 price adjustment algorithm
/// Available in ArbOS version 20
function getL1PricingEquilibrationUnits() external view returns (uint256);
/// @notice Returns the last time the L1 calldata pricer was updated.
/// Available in ArbOS version 20
function getLastL1PricingUpdateTime() external view returns (uint64);
/// @notice Returns the amount of L1 calldata payments due for rewards (per the L1 reward rate)
/// Available in ArbOS version 20
function getL1PricingFundsDueForRewards() external view returns (uint256);
/// @notice Returns the amount of L1 calldata posted since the last update.
/// Available in ArbOS version 20
function getL1PricingUnitsSinceUpdate() external view returns (uint64);
/// @notice Returns the L1 pricing surplus as of the last update (may be negative).
/// Available in ArbOS version 20
function getLastL1PricingSurplus() external view returns (int256);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.4.21 <0.9.0;
/**
* @title System level functionality
* @notice For use by contracts to interact with core L2-specific functionality.
* Precompiled contract that exists in every Arbitrum chain at address(100), 0x0000000000000000000000000000000000000064.
*/
interface ArbSys {
/**
* @notice Get Arbitrum block number (distinct from L1 block number; Arbitrum genesis block has block number 0)
* @return block number as int
*/
function arbBlockNumber() external view returns (uint256);
/**
* @notice Get Arbitrum block hash (reverts unless currentBlockNum-256 <= arbBlockNum < currentBlockNum)
* @return block hash
*/
function arbBlockHash(
uint256 arbBlockNum
) external view returns (bytes32);
/**
* @notice Gets the rollup's unique chain identifier
* @return Chain identifier as int
*/
function arbChainID() external view returns (uint256);
/**
* @notice Get internal version number identifying an ArbOS build, this is `55 + nitroArbOS version number`
* e.g. on ArbOS 31 this would return 86. This is the only function that have the 55 offset.
* @return version number as int
*/
function arbOSVersion() external view returns (uint256);
/**
* @notice Returns 0 since Nitro has no concept of storage gas
* @return uint 0
*/
function getStorageGasAvailable() external view returns (uint256);
/**
* @notice (deprecated) check if current call is top level (meaning it was triggered by an EoA or a L1 contract)
* @dev this call has been deprecated and may be removed in a future release
* @return true if current execution frame is not a call by another L2 contract
*/
function isTopLevelCall() external view returns (bool);
/**
* @notice map L1 sender contract address to its L2 alias
* @param sender sender address
* @param unused argument no longer used
* @return aliased sender address
*/
function mapL1SenderContractAddressToL2Alias(
address sender,
address unused
) external pure returns (address);
/**
* @notice check if the caller (of this caller of this) is an aliased L1 contract address
* @return true iff the caller's address is an alias for an L1 contract address
*/
function wasMyCallersAddressAliased() external view returns (bool);
/**
* @notice return the address of the caller (of this caller of this), without applying L1 contract address aliasing
* @return address of the caller's caller, without applying L1 contract address aliasing
*/
function myCallersAddressWithoutAliasing() external view returns (address);
/**
* @notice Send given amount of Eth to dest from sender.
* This is a convenience function, which is equivalent to calling sendTxToL1 with empty data.
* @param destination recipient address on L1
* @return unique identifier for this L2-to-L1 transaction.
*/
function withdrawEth(
address destination
) external payable returns (uint256);
/**
* @notice Send a transaction to L1
* @dev it is not possible to execute on the L1 any L2-to-L1 transaction which contains data
* to a contract address without any code (as enforced by the Bridge contract).
* @param destination recipient address on L1
* @param data (optional) calldata for L1 contract call
* @return a unique identifier for this L2-to-L1 transaction.
*/
function sendTxToL1(
address destination,
bytes calldata data
) external payable returns (uint256);
/**
* @notice Get send Merkle tree state
* @return size number of sends in the history
* @return root root hash of the send history
* @return partials hashes of partial subtrees in the send history tree
*/
function sendMerkleTreeState()
external
view
returns (uint256 size, bytes32 root, bytes32[] memory partials);
/**
* @notice creates a send txn from L2 to L1
* @param position = (level << 192) + leaf = (0 << 192) + leaf = leaf
*/
event L2ToL1Tx(
address caller,
address indexed destination,
uint256 indexed hash,
uint256 indexed position,
uint256 arbBlockNum,
uint256 ethBlockNum,
uint256 timestamp,
uint256 callvalue,
bytes data
);
/// @dev DEPRECATED in favour of the new L2ToL1Tx event above after the nitro upgrade
event L2ToL1Transaction(
address caller,
address indexed destination,
uint256 indexed uniqueId,
uint256 indexed batchNumber,
uint256 indexInBatch,
uint256 arbBlockNum,
uint256 ethBlockNum,
uint256 timestamp,
uint256 callvalue,
bytes data
);
/**
* @notice logs a merkle branch for proof synthesis
* @param reserved an index meant only to align the 4th index with L2ToL1Transaction's 4th event
* @param hash the merkle hash
* @param position = (level << 192) + leaf
*/
event SendMerkleUpdate(
uint256 indexed reserved, bytes32 indexed hash, uint256 indexed position
);
error InvalidBlockNumber(uint256 requested, uint256 current);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./AssertionState.sol";
enum AssertionStatus {
// No assertion at this index
NoAssertion,
// Assertion is being computed
Pending,
// Assertion is confirmed
Confirmed
}
struct AssertionNode {
// This value starts at zero and is set to a value when the first child is created. After that it is constant until the assertion is destroyed or the owner destroys pending assertions
uint64 firstChildBlock;
// This value starts at zero and is set to a value when the second child is created. After that it is constant until the assertion is destroyed or the owner destroys pending assertions
uint64 secondChildBlock;
// The block number when this assertion was created
uint64 createdAtBlock;
// True if this assertion is the first child of its prev
bool isFirstChild;
// Status of the Assertion
AssertionStatus status;
// A hash of the context available at the time of this assertions creation. It should contain information that is not specific
// to this assertion, but instead to the environment at the time of creation. This is necessary to store on the assertion
// as this environment can change and we need to know what it was like at the time this assertion was created. An example
// of this is the wasm module root which determines the state transition function on the L2. If the wasm module root
// changes we need to know that previous assertions were made under a different root, so that we can understand that they
// were valid at the time. So when resolving a challenge by one step, the edge challenge manager finds the wasm module root
// that was recorded on the prev of the assertions being disputed and uses it to resolve the one step proof.
bytes32 configHash;
}
struct BeforeStateData {
// The assertion hash of the prev of the beforeState(prev)
bytes32 prevPrevAssertionHash;
// The sequencer inbox accumulator asserted by the beforeState(prev)
bytes32 sequencerBatchAcc;
// below are the components of config hash
ConfigData configData;
}
struct AssertionInputs {
// Additional data used to validate the before state
BeforeStateData beforeStateData;
AssertionState beforeState;
AssertionState afterState;
}
struct ConfigData {
bytes32 wasmModuleRoot;
uint256 requiredStake;
address challengeManager;
uint64 confirmPeriodBlocks;
uint64 nextInboxPosition;
}
/**
* @notice Utility functions for Assertion
*/
library AssertionNodeLib {
/**
* @notice Initialize a Assertion
*/
function createAssertion(
bool _isFirstChild,
bytes32 _configHash
) internal view returns (AssertionNode memory) {
AssertionNode memory assertion;
assertion.createdAtBlock = uint64(block.number);
assertion.isFirstChild = _isFirstChild;
assertion.configHash = _configHash;
assertion.status = AssertionStatus.Pending;
return assertion;
}
/**
* @notice Update child properties
*/
function childCreated(
AssertionNode storage self
) internal {
if (self.firstChildBlock == 0) {
self.firstChildBlock = uint64(block.number);
} else if (self.secondChildBlock == 0) {
self.secondChildBlock = uint64(block.number);
}
}
function requireExists(
AssertionNode memory self
) internal pure {
require(self.status != AssertionStatus.NoAssertion, "ASSERTION_NOT_EXIST");
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "../state/GlobalState.sol";
import "../state/Machine.sol";
import "../osp/IOneStepProofEntry.sol";
struct AssertionState {
GlobalState globalState;
MachineStatus machineStatus;
bytes32 endHistoryRoot;
}
library AssertionStateLib {
function toExecutionState(
AssertionState memory state
) internal pure returns (ExecutionState memory) {
return ExecutionState(state.globalState, state.machineStatus);
}
function hash(
AssertionState memory state
) internal pure returns (bytes32) {
return keccak256(abi.encode(state));
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./Assertion.sol";
import "../bridge/IBridge.sol";
import "../bridge/IOutbox.sol";
import "../bridge/IInboxBase.sol";
import "./IRollupEventInbox.sol";
import "../challengeV2/IEdgeChallengeManager.sol";
import "../challengeV2/IAssertionChain.sol";
interface IRollupCore is IAssertionChain {
struct Staker {
uint256 amountStaked;
bytes32 latestStakedAssertion;
uint64 index;
bool isStaked;
address withdrawalAddress;
}
event RollupInitialized(bytes32 machineHash, uint256 chainId);
event AssertionCreated(
bytes32 indexed assertionHash,
bytes32 indexed parentAssertionHash,
AssertionInputs assertion,
bytes32 afterInboxBatchAcc,
uint256 inboxMaxCount,
bytes32 wasmModuleRoot,
uint256 requiredStake,
address challengeManager,
uint64 confirmPeriodBlocks
);
event AssertionConfirmed(bytes32 indexed assertionHash, bytes32 blockHash, bytes32 sendRoot);
event RollupChallengeStarted(
uint64 indexed challengeIndex,
address asserter,
address challenger,
uint64 challengedAssertion
);
event UserStakeUpdated(
address indexed user,
address indexed withdrawalAddress,
uint256 initialBalance,
uint256 finalBalance
);
event UserWithdrawableFundsUpdated(
address indexed user, uint256 initialBalance, uint256 finalBalance
);
function confirmPeriodBlocks() external view returns (uint64);
function validatorAfkBlocks() external view returns (uint64);
function chainId() external view returns (uint256);
function baseStake() external view returns (uint256);
function wasmModuleRoot() external view returns (bytes32);
function bridge() external view returns (IBridge);
function sequencerInbox() external view returns (ISequencerInbox);
function outbox() external view returns (IOutbox);
function rollupEventInbox() external view returns (IRollupEventInbox);
function challengeManager() external view returns (IEdgeChallengeManager);
function loserStakeEscrow() external view returns (address);
function stakeToken() external view returns (address);
function minimumAssertionPeriod() external view returns (uint256);
function genesisAssertionHash() external pure returns (bytes32);
/**
* @notice Get the Assertion for the given id.
*/
function getAssertion(
bytes32 assertionHash
) external view returns (AssertionNode memory);
/**
* @notice Returns the block in which the given assertion was created for looking up its creation event.
* Unlike the assertion's createdAtBlock field, this will be the ArbSys blockNumber if the host chain is an Arbitrum chain.
* That means that the block number returned for this is usable for event queries.
* This function will revert if the given assertion hash does not exist.
* @dev This function is meant for internal use only and has no stability guarantees.
*/
function getAssertionCreationBlockForLogLookup(
bytes32 assertionHash
) external view returns (uint256);
/**
* @notice Get the address of the staker at the given index
* @param stakerNum Index of the staker
* @return Address of the staker
*/
function getStakerAddress(
uint64 stakerNum
) external view returns (address);
/**
* @notice Check whether the given staker is staked
* @param staker Staker address to check
* @return True or False for whether the staker was staked
*/
function isStaked(
address staker
) external view returns (bool);
/**
* @notice Get the latest staked assertion of the given staker
* @param staker Staker address to lookup
* @return Latest assertion staked of the staker
*/
function latestStakedAssertion(
address staker
) external view returns (bytes32);
/**
* @notice Get the amount staked of the given staker
* @param staker Staker address to lookup
* @return Amount staked of the staker
*/
function amountStaked(
address staker
) external view returns (uint256);
/**
* @notice Get the withdrawal address of the given staker
* @param staker Staker address to lookup
* @return Withdrawal address of the staker
*/
function withdrawalAddress(
address staker
) external view returns (address);
/**
* @notice Retrieves stored information about a requested staker
* @param staker Staker address to retrieve
* @return A structure with information about the requested staker
*/
function getStaker(
address staker
) external view returns (Staker memory);
/**
* @notice Get the amount of funds withdrawable by the given address
* @param owner Address to check the funds of
* @return Amount of funds withdrawable by owner
*/
function withdrawableFunds(
address owner
) external view returns (uint256);
/// @return Hash of the latest confirmed assertion
function latestConfirmed() external view returns (bytes32);
/// @return Number of active stakers currently staked
function stakerCount() external view returns (uint64);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "../bridge/IBridge.sol";
interface IRollupEventInbox {
function bridge() external view returns (IBridge);
function initialize(
IBridge _bridge
) external;
function rollup() external view returns (address);
function updateRollupAddress() external;
function rollupInitialized(uint256 chainId, string calldata chainConfig) external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./IRollupCore.sol";
import "../bridge/ISequencerInbox.sol";
import "../bridge/IOutbox.sol";
import "../bridge/IOwnable.sol";
interface IRollupUser is IRollupCore, IOwnable {
/// @dev the user logic just validated configuration and shouldn't write to state during init
/// this allows the admin logic to ensure consistency on parameters.
function initialize(
address stakeToken
) external view;
function removeWhitelistAfterFork() external;
function removeWhitelistAfterValidatorAfk() external;
function confirmAssertion(
bytes32 assertionHash,
bytes32 prevAssertionHash,
AssertionState calldata confirmState,
bytes32 winningEdgeId,
ConfigData calldata prevConfig,
bytes32 inboxAcc
) external;
function stakeOnNewAssertion(
AssertionInputs calldata assertion,
bytes32 expectedAssertionHash
) external;
function returnOldDeposit() external;
function returnOldDepositFor(
address stakerAddress
) external;
function reduceDeposit(
uint256 target
) external;
function withdrawStakerFunds() external returns (uint256);
function newStakeOnNewAssertion(
uint256 tokenAmount,
AssertionInputs calldata assertion,
bytes32 expectedAssertionHash
) external;
function newStakeOnNewAssertion(
uint256 tokenAmount,
AssertionInputs calldata assertion,
bytes32 expectedAssertionHash,
address withdrawalAddress
) external;
function newStake(uint256 tokenAmount, address withdrawalAddress) external;
function addToDeposit(
address stakerAddress,
address expectedWithdrawalAddress,
uint256 tokenAmount
) external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
struct GlobalState {
bytes32[2] bytes32Vals;
uint64[2] u64Vals;
}
library GlobalStateLib {
using GlobalStateLib for GlobalState;
uint16 internal constant BYTES32_VALS_NUM = 2;
uint16 internal constant U64_VALS_NUM = 2;
function hash(
GlobalState memory state
) internal pure returns (bytes32) {
return keccak256(
abi.encodePacked(
"Global state:",
state.bytes32Vals[0],
state.bytes32Vals[1],
state.u64Vals[0],
state.u64Vals[1]
)
);
}
function getBlockHash(
GlobalState memory state
) internal pure returns (bytes32) {
return state.bytes32Vals[0];
}
function getSendRoot(
GlobalState memory state
) internal pure returns (bytes32) {
return state.bytes32Vals[1];
}
function getInboxPosition(
GlobalState memory state
) internal pure returns (uint64) {
return state.u64Vals[0];
}
function getPositionInMessage(
GlobalState memory state
) internal pure returns (uint64) {
return state.u64Vals[1];
}
function isEmpty(
GlobalState calldata state
) internal pure returns (bool) {
return (
state.bytes32Vals[0] == bytes32(0) && state.bytes32Vals[1] == bytes32(0)
&& state.u64Vals[0] == 0 && state.u64Vals[1] == 0
);
}
function comparePositions(
GlobalState calldata a,
GlobalState calldata b
) internal pure returns (int256) {
uint64 aPos = a.getInboxPosition();
uint64 bPos = b.getInboxPosition();
if (aPos < bPos) {
return -1;
} else if (aPos > bPos) {
return 1;
} else {
uint64 aMsg = a.getPositionInMessage();
uint64 bMsg = b.getPositionInMessage();
if (aMsg < bMsg) {
return -1;
} else if (aMsg > bMsg) {
return 1;
} else {
return 0;
}
}
}
function comparePositionsAgainstStartOfBatch(
GlobalState calldata a,
uint256 bPos
) internal pure returns (int256) {
uint64 aPos = a.getInboxPosition();
if (aPos < bPos) {
return -1;
} else if (aPos > bPos) {
return 1;
} else {
if (a.getPositionInMessage() > 0) {
return 1;
} else {
return 0;
}
}
}
}
// Copyright 2021-2023, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
struct Instruction {
uint16 opcode;
uint256 argumentData;
}
library Instructions {
uint16 internal constant UNREACHABLE = 0x00;
uint16 internal constant NOP = 0x01;
uint16 internal constant RETURN = 0x0F;
uint16 internal constant CALL = 0x10;
uint16 internal constant CALL_INDIRECT = 0x11;
uint16 internal constant LOCAL_GET = 0x20;
uint16 internal constant LOCAL_SET = 0x21;
uint16 internal constant GLOBAL_GET = 0x23;
uint16 internal constant GLOBAL_SET = 0x24;
uint16 internal constant I32_LOAD = 0x28;
uint16 internal constant I64_LOAD = 0x29;
uint16 internal constant F32_LOAD = 0x2A;
uint16 internal constant F64_LOAD = 0x2B;
uint16 internal constant I32_LOAD8_S = 0x2C;
uint16 internal constant I32_LOAD8_U = 0x2D;
uint16 internal constant I32_LOAD16_S = 0x2E;
uint16 internal constant I32_LOAD16_U = 0x2F;
uint16 internal constant I64_LOAD8_S = 0x30;
uint16 internal constant I64_LOAD8_U = 0x31;
uint16 internal constant I64_LOAD16_S = 0x32;
uint16 internal constant I64_LOAD16_U = 0x33;
uint16 internal constant I64_LOAD32_S = 0x34;
uint16 internal constant I64_LOAD32_U = 0x35;
uint16 internal constant I32_STORE = 0x36;
uint16 internal constant I64_STORE = 0x37;
uint16 internal constant F32_STORE = 0x38;
uint16 internal constant F64_STORE = 0x39;
uint16 internal constant I32_STORE8 = 0x3A;
uint16 internal constant I32_STORE16 = 0x3B;
uint16 internal constant I64_STORE8 = 0x3C;
uint16 internal constant I64_STORE16 = 0x3D;
uint16 internal constant I64_STORE32 = 0x3E;
uint16 internal constant MEMORY_SIZE = 0x3F;
uint16 internal constant MEMORY_GROW = 0x40;
uint16 internal constant DROP = 0x1A;
uint16 internal constant SELECT = 0x1B;
uint16 internal constant I32_CONST = 0x41;
uint16 internal constant I64_CONST = 0x42;
uint16 internal constant F32_CONST = 0x43;
uint16 internal constant F64_CONST = 0x44;
uint16 internal constant I32_EQZ = 0x45;
uint16 internal constant I32_RELOP_BASE = 0x46;
uint16 internal constant IRELOP_EQ = 0;
uint16 internal constant IRELOP_NE = 1;
uint16 internal constant IRELOP_LT_S = 2;
uint16 internal constant IRELOP_LT_U = 3;
uint16 internal constant IRELOP_GT_S = 4;
uint16 internal constant IRELOP_GT_U = 5;
uint16 internal constant IRELOP_LE_S = 6;
uint16 internal constant IRELOP_LE_U = 7;
uint16 internal constant IRELOP_GE_S = 8;
uint16 internal constant IRELOP_GE_U = 9;
uint16 internal constant IRELOP_LAST = IRELOP_GE_U;
uint16 internal constant I64_EQZ = 0x50;
uint16 internal constant I64_RELOP_BASE = 0x51;
uint16 internal constant I32_UNOP_BASE = 0x67;
uint16 internal constant IUNOP_CLZ = 0;
uint16 internal constant IUNOP_CTZ = 1;
uint16 internal constant IUNOP_POPCNT = 2;
uint16 internal constant IUNOP_LAST = IUNOP_POPCNT;
uint16 internal constant I32_ADD = 0x6A;
uint16 internal constant I32_SUB = 0x6B;
uint16 internal constant I32_MUL = 0x6C;
uint16 internal constant I32_DIV_S = 0x6D;
uint16 internal constant I32_DIV_U = 0x6E;
uint16 internal constant I32_REM_S = 0x6F;
uint16 internal constant I32_REM_U = 0x70;
uint16 internal constant I32_AND = 0x71;
uint16 internal constant I32_OR = 0x72;
uint16 internal constant I32_XOR = 0x73;
uint16 internal constant I32_SHL = 0x74;
uint16 internal constant I32_SHR_S = 0x75;
uint16 internal constant I32_SHR_U = 0x76;
uint16 internal constant I32_ROTL = 0x77;
uint16 internal constant I32_ROTR = 0x78;
uint16 internal constant I64_UNOP_BASE = 0x79;
uint16 internal constant I64_ADD = 0x7C;
uint16 internal constant I64_SUB = 0x7D;
uint16 internal constant I64_MUL = 0x7E;
uint16 internal constant I64_DIV_S = 0x7F;
uint16 internal constant I64_DIV_U = 0x80;
uint16 internal constant I64_REM_S = 0x81;
uint16 internal constant I64_REM_U = 0x82;
uint16 internal constant I64_AND = 0x83;
uint16 internal constant I64_OR = 0x84;
uint16 internal constant I64_XOR = 0x85;
uint16 internal constant I64_SHL = 0x86;
uint16 internal constant I64_SHR_S = 0x87;
uint16 internal constant I64_SHR_U = 0x88;
uint16 internal constant I64_ROTL = 0x89;
uint16 internal constant I64_ROTR = 0x8A;
uint16 internal constant I32_WRAP_I64 = 0xA7;
uint16 internal constant I64_EXTEND_I32_S = 0xAC;
uint16 internal constant I64_EXTEND_I32_U = 0xAD;
uint16 internal constant I32_REINTERPRET_F32 = 0xBC;
uint16 internal constant I64_REINTERPRET_F64 = 0xBD;
uint16 internal constant F32_REINTERPRET_I32 = 0xBE;
uint16 internal constant F64_REINTERPRET_I64 = 0xBF;
uint16 internal constant I32_EXTEND_8S = 0xC0;
uint16 internal constant I32_EXTEND_16S = 0xC1;
uint16 internal constant I64_EXTEND_8S = 0xC2;
uint16 internal constant I64_EXTEND_16S = 0xC3;
uint16 internal constant I64_EXTEND_32S = 0xC4;
uint16 internal constant INIT_FRAME = 0x8002;
uint16 internal constant ARBITRARY_JUMP = 0x8003;
uint16 internal constant ARBITRARY_JUMP_IF = 0x8004;
uint16 internal constant MOVE_FROM_STACK_TO_INTERNAL = 0x8005;
uint16 internal constant MOVE_FROM_INTERNAL_TO_STACK = 0x8006;
uint16 internal constant DUP = 0x8008;
uint16 internal constant CROSS_MODULE_CALL = 0x8009;
uint16 internal constant CALLER_MODULE_INTERNAL_CALL = 0x800A;
uint16 internal constant CROSS_MODULE_FORWARD = 0x800B;
uint16 internal constant CROSS_MODULE_INTERNAL_CALL = 0x800C;
uint16 internal constant GET_GLOBAL_STATE_BYTES32 = 0x8010;
uint16 internal constant SET_GLOBAL_STATE_BYTES32 = 0x8011;
uint16 internal constant GET_GLOBAL_STATE_U64 = 0x8012;
uint16 internal constant SET_GLOBAL_STATE_U64 = 0x8013;
uint16 internal constant READ_PRE_IMAGE = 0x8020;
uint16 internal constant READ_INBOX_MESSAGE = 0x8021;
uint16 internal constant HALT_AND_SET_FINISHED = 0x8022;
uint16 internal constant LINK_MODULE = 0x8023;
uint16 internal constant UNLINK_MODULE = 0x8024;
uint16 internal constant NEW_COTHREAD = 0x8030;
uint16 internal constant POP_COTHREAD = 0x8031;
uint16 internal constant SWITCH_COTHREAD = 0x8032;
uint256 internal constant INBOX_INDEX_SEQUENCER = 0;
uint256 internal constant INBOX_INDEX_DELAYED = 1;
function hash(
Instruction[] memory code
) internal pure returns (bytes32) {
// To avoid quadratic expense, we declare a `bytes` early and populate its contents.
bytes memory data = new bytes(13 + 1 + 34 * code.length);
assembly {
// Represents the string "Instructions:", which we place after the length word.
mstore(
add(data, 32), 0x496e737472756374696f6e733a00000000000000000000000000000000000000
)
}
// write the instruction count
uint256 offset = 13;
data[offset] = bytes1(uint8(code.length));
offset++;
// write each instruction
for (uint256 i = 0; i < code.length; i++) {
Instruction memory inst = code[i];
data[offset] = bytes1(uint8(inst.opcode >> 8));
data[offset + 1] = bytes1(uint8(inst.opcode));
offset += 2;
uint256 argumentData = inst.argumentData;
assembly {
mstore(add(add(data, 32), offset), argumentData)
}
offset += 32;
}
return keccak256(data);
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./ValueStack.sol";
import "./Instructions.sol";
import "./MultiStack.sol";
import "./StackFrame.sol";
enum MachineStatus {
RUNNING,
FINISHED,
ERRORED
}
struct Machine {
MachineStatus status;
ValueStack valueStack;
MultiStack valueMultiStack;
ValueStack internalStack;
StackFrameWindow frameStack;
MultiStack frameMultiStack;
bytes32 globalStateHash;
uint32 moduleIdx;
uint32 functionIdx;
uint32 functionPc;
bytes32 recoveryPc;
bytes32 modulesRoot;
}
library MachineLib {
using StackFrameLib for StackFrameWindow;
using ValueStackLib for ValueStack;
using MultiStackLib for MultiStack;
bytes32 internal constant NO_RECOVERY_PC = ~bytes32(0);
function hash(
Machine memory mach
) internal pure returns (bytes32) {
// Warning: the non-running hashes are replicated in Challenge
if (mach.status == MachineStatus.RUNNING) {
bytes32 valueMultiHash =
mach.valueMultiStack.hash(mach.valueStack.hash(), mach.recoveryPc != NO_RECOVERY_PC);
bytes32 frameMultiHash =
mach.frameMultiStack.hash(mach.frameStack.hash(), mach.recoveryPc != NO_RECOVERY_PC);
bytes memory preimage = abi.encodePacked(
"Machine running:",
valueMultiHash,
mach.internalStack.hash(),
frameMultiHash,
mach.globalStateHash,
mach.moduleIdx,
mach.functionIdx,
mach.functionPc,
mach.recoveryPc,
mach.modulesRoot
);
return keccak256(preimage);
} else if (mach.status == MachineStatus.FINISHED) {
return keccak256(abi.encodePacked("Machine finished:", mach.globalStateHash));
} else if (mach.status == MachineStatus.ERRORED) {
return keccak256(abi.encodePacked("Machine errored:", mach.globalStateHash));
} else {
revert("BAD_MACH_STATUS");
}
}
function switchCoThreadStacks(
Machine memory mach
) internal pure {
bytes32 newActiveValue = mach.valueMultiStack.inactiveStackHash;
bytes32 newActiveFrame = mach.frameMultiStack.inactiveStackHash;
if (
newActiveFrame == MultiStackLib.NO_STACK_HASH
|| newActiveValue == MultiStackLib.NO_STACK_HASH
) {
mach.status = MachineStatus.ERRORED;
return;
}
mach.frameMultiStack.inactiveStackHash = mach.frameStack.hash();
mach.valueMultiStack.inactiveStackHash = mach.valueStack.hash();
mach.frameStack.overwrite(newActiveFrame);
mach.valueStack.overwrite(newActiveValue);
}
function setPcFromData(Machine memory mach, uint256 data) internal pure returns (bool) {
if (data >> 96 != 0) {
return false;
}
mach.functionPc = uint32(data);
mach.functionIdx = uint32(data >> 32);
mach.moduleIdx = uint32(data >> 64);
return true;
}
function setPcFromRecovery(
Machine memory mach
) internal pure returns (bool) {
if (!setPcFromData(mach, uint256(mach.recoveryPc))) {
return false;
}
mach.recoveryPc = NO_RECOVERY_PC;
return true;
}
function setRecoveryFromPc(Machine memory mach, uint32 offset) internal pure returns (bool) {
if (mach.recoveryPc != NO_RECOVERY_PC) {
return false;
}
uint256 result;
result = uint256(mach.moduleIdx) << 64;
result = result | (uint256(mach.functionIdx) << 32);
result = result | uint256(mach.functionPc + offset - 1);
mach.recoveryPc = bytes32(result);
return true;
}
function setPc(Machine memory mach, Value memory pc) internal pure {
if (pc.valueType == ValueType.REF_NULL) {
mach.status = MachineStatus.ERRORED;
return;
}
if (pc.valueType != ValueType.INTERNAL_REF) {
mach.status = MachineStatus.ERRORED;
return;
}
if (!setPcFromData(mach, pc.contents)) {
mach.status = MachineStatus.ERRORED;
return;
}
}
}
// Copyright 2021-2023, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./ModuleMemoryCompact.sol";
struct Module {
bytes32 globalsMerkleRoot;
ModuleMemory moduleMemory;
bytes32 tablesMerkleRoot;
bytes32 functionsMerkleRoot;
bytes32 extraHash;
uint32 internalsOffset;
}
library ModuleLib {
using ModuleMemoryCompactLib for ModuleMemory;
function hash(
Module memory mod
) internal pure returns (bytes32) {
return keccak256(
abi.encodePacked(
"Module:",
mod.globalsMerkleRoot,
mod.moduleMemory.hash(),
mod.tablesMerkleRoot,
mod.functionsMerkleRoot,
mod.extraHash,
mod.internalsOffset
)
);
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
struct ModuleMemory {
uint64 size;
uint64 maxSize;
bytes32 merkleRoot;
}
library ModuleMemoryCompactLib {
function hash(
ModuleMemory memory mem
) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("Memory:", mem.size, mem.maxSize, mem.merkleRoot));
}
}
// Copyright 2021-2024, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
struct MultiStack {
bytes32 inactiveStackHash; // NO_STACK_HASH if no stack, 0 if empty stack
bytes32 remainingHash; // 0 if less than 2 cothreads exist
}
library MultiStackLib {
bytes32 internal constant NO_STACK_HASH = ~bytes32(0);
function hash(
MultiStack memory multi,
bytes32 activeStackHash,
bool cothread
) internal pure returns (bytes32) {
require(activeStackHash != NO_STACK_HASH, "MULTISTACK_NOSTACK_ACTIVE");
if (cothread) {
require(multi.inactiveStackHash != NO_STACK_HASH, "MULTISTACK_NOSTACK_MAIN");
return keccak256(
abi.encodePacked(
"multistack:", multi.inactiveStackHash, activeStackHash, multi.remainingHash
)
);
} else {
return keccak256(
abi.encodePacked(
"multistack:", activeStackHash, multi.inactiveStackHash, multi.remainingHash
)
);
}
}
function setEmpty(
MultiStack memory multi
) internal pure {
multi.inactiveStackHash = NO_STACK_HASH;
multi.remainingHash = 0;
}
function pushNew(
MultiStack memory multi
) internal pure {
if (multi.inactiveStackHash != NO_STACK_HASH) {
multi.remainingHash = keccak256(
abi.encodePacked("cothread:", multi.inactiveStackHash, multi.remainingHash)
);
}
multi.inactiveStackHash = 0;
}
}
// Copyright 2021-2023, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./Value.sol";
struct StackFrame {
Value returnPc;
bytes32 localsMerkleRoot;
uint32 callerModule;
uint32 callerModuleInternals;
}
struct StackFrameWindow {
StackFrame[] proved;
bytes32 remainingHash;
}
library StackFrameLib {
using ValueLib for Value;
function hash(
StackFrame memory frame
) internal pure returns (bytes32) {
return keccak256(
abi.encodePacked(
"Stack frame:",
frame.returnPc.hash(),
frame.localsMerkleRoot,
frame.callerModule,
frame.callerModuleInternals
)
);
}
function hash(
StackFrameWindow memory window
) internal pure returns (bytes32 h) {
h = window.remainingHash;
for (uint256 i = 0; i < window.proved.length; i++) {
h = keccak256(abi.encodePacked("Stack frame stack:", hash(window.proved[i]), h));
}
}
function peek(
StackFrameWindow memory window
) internal pure returns (StackFrame memory) {
require(window.proved.length == 1, "BAD_WINDOW_LENGTH");
return window.proved[0];
}
function pop(
StackFrameWindow memory window
) internal pure returns (StackFrame memory frame) {
require(window.proved.length == 1, "BAD_WINDOW_LENGTH");
frame = window.proved[0];
window.proved = new StackFrame[](0);
}
function push(StackFrameWindow memory window, StackFrame memory frame) internal pure {
StackFrame[] memory newProved = new StackFrame[](window.proved.length + 1);
for (uint256 i = 0; i < window.proved.length; i++) {
newProved[i] = window.proved[i];
}
newProved[window.proved.length] = frame;
window.proved = newProved;
}
function overwrite(StackFrameWindow memory window, bytes32 root) internal pure {
window.remainingHash = root;
delete window.proved;
}
}
// Copyright 2021-2023, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
enum ValueType {
I32,
I64,
F32,
F64,
REF_NULL,
FUNC_REF,
INTERNAL_REF
}
struct Value {
ValueType valueType;
uint256 contents;
}
library ValueLib {
function hash(
Value memory val
) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("Value:", val.valueType, val.contents));
}
function maxValueType() internal pure returns (ValueType) {
return ValueType.INTERNAL_REF;
}
function assumeI32(
Value memory val
) internal pure returns (uint32) {
uint256 uintval = uint256(val.contents);
require(val.valueType == ValueType.I32, "NOT_I32");
require(uintval < (1 << 32), "BAD_I32");
return uint32(uintval);
}
function assumeI64(
Value memory val
) internal pure returns (uint64) {
uint256 uintval = uint256(val.contents);
require(val.valueType == ValueType.I64, "NOT_I64");
require(uintval < (1 << 64), "BAD_I64");
return uint64(uintval);
}
function newRefNull() internal pure returns (Value memory) {
return Value({valueType: ValueType.REF_NULL, contents: 0});
}
function newI32(
uint32 x
) internal pure returns (Value memory) {
return Value({valueType: ValueType.I32, contents: uint256(x)});
}
function newI64(
uint64 x
) internal pure returns (Value memory) {
return Value({valueType: ValueType.I64, contents: uint256(x)});
}
function newBoolean(
bool x
) internal pure returns (Value memory) {
if (x) {
return newI32(uint32(1));
} else {
return newI32(uint32(0));
}
}
function newPc(
uint32 funcPc,
uint32 func,
uint32 module
) internal pure returns (Value memory) {
uint256 data = 0;
data |= funcPc;
data |= uint256(func) << 32;
data |= uint256(module) << 64;
return Value({valueType: ValueType.INTERNAL_REF, contents: data});
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./Value.sol";
struct ValueArray {
Value[] inner;
}
library ValueArrayLib {
function get(ValueArray memory arr, uint256 index) internal pure returns (Value memory) {
return arr.inner[index];
}
function set(ValueArray memory arr, uint256 index, Value memory val) internal pure {
arr.inner[index] = val;
}
function length(
ValueArray memory arr
) internal pure returns (uint256) {
return arr.inner.length;
}
function push(ValueArray memory arr, Value memory val) internal pure {
Value[] memory newInner = new Value[](arr.inner.length + 1);
for (uint256 i = 0; i < arr.inner.length; i++) {
newInner[i] = arr.inner[i];
}
newInner[arr.inner.length] = val;
arr.inner = newInner;
}
function pop(
ValueArray memory arr
) internal pure returns (Value memory popped) {
popped = arr.inner[arr.inner.length - 1];
Value[] memory newInner = new Value[](arr.inner.length - 1);
for (uint256 i = 0; i < newInner.length; i++) {
newInner[i] = arr.inner[i];
}
arr.inner = newInner;
}
}
// Copyright 2021-2023, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./Value.sol";
import "./ValueArray.sol";
struct ValueStack {
ValueArray proved;
bytes32 remainingHash;
}
library ValueStackLib {
using ValueLib for Value;
using ValueArrayLib for ValueArray;
function hash(
ValueStack memory stack
) internal pure returns (bytes32 h) {
h = stack.remainingHash;
uint256 len = stack.proved.length();
for (uint256 i = 0; i < len; i++) {
h = keccak256(abi.encodePacked("Value stack:", stack.proved.get(i).hash(), h));
}
}
function peek(
ValueStack memory stack
) internal pure returns (Value memory) {
uint256 len = stack.proved.length();
return stack.proved.get(len - 1);
}
function pop(
ValueStack memory stack
) internal pure returns (Value memory) {
return stack.proved.pop();
}
function push(ValueStack memory stack, Value memory val) internal pure {
return stack.proved.push(val);
}
function overwrite(ValueStack memory stack, bytes32 root) internal pure {
stack.remainingHash = root;
delete stack.proved;
}
}
File 5 of 5: Bridge
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts. Equivalent to `reinitializer(1)`.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* `initializer` is equivalent to `reinitializer(1)`, so a reinitializer may be used after the original
* initialization step. This is essential to configure modules that are added through upgrades and that require
* initialization.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized < type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.4;
import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
import "@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol";
import {
NotContract,
NotRollupOrOwner,
NotDelayedInbox,
NotSequencerInbox,
NotOutbox,
InvalidOutboxSet,
BadSequencerMessageNumber
} from "../libraries/Error.sol";
import "./IBridge.sol";
import "./Messages.sol";
import "../libraries/DelegateCallAware.sol";
import {L1MessageType_batchPostingReport} from "../libraries/MessageTypes.sol";
/**
* @title Staging ground for incoming and outgoing messages
* @notice Holds the inbox accumulator for sequenced and delayed messages.
* Since the escrow is held here, this contract also contains a list of allowed
* outboxes that can make calls from here and withdraw this escrow.
*/
abstract contract AbsBridge is Initializable, DelegateCallAware, IBridge {
using AddressUpgradeable for address;
struct InOutInfo {
uint256 index;
bool allowed;
}
mapping(address => InOutInfo) private allowedDelayedInboxesMap;
mapping(address => InOutInfo) private allowedOutboxesMap;
address[] public allowedDelayedInboxList;
address[] public allowedOutboxList;
address internal _activeOutbox;
/// @inheritdoc IBridge
bytes32[] public delayedInboxAccs;
/// @inheritdoc IBridge
bytes32[] public sequencerInboxAccs;
IOwnable public rollup;
address public sequencerInbox;
uint256 public override sequencerReportedSubMessageCount;
address internal constant EMPTY_ACTIVEOUTBOX = address(type(uint160).max);
modifier onlyRollupOrOwner() {
if (msg.sender != address(rollup)) {
address rollupOwner = rollup.owner();
if (msg.sender != rollupOwner) {
revert NotRollupOrOwner(msg.sender, address(rollup), rollupOwner);
}
}
_;
}
/// @notice Allows the rollup owner to set another rollup address
function updateRollupAddress(
IOwnable _rollup
) external onlyRollupOrOwner {
rollup = _rollup;
emit RollupUpdated(address(_rollup));
}
/// @dev returns the address of current active Outbox, or zero if no outbox is active
function activeOutbox() public view returns (address) {
address outbox = _activeOutbox;
// address zero is returned if no outbox is set, but the value used in storage
// is non-zero to save users some gas (as storage refunds are usually maxed out)
// EIP-1153 would help here.
// we don't return `EMPTY_ACTIVEOUTBOX` to avoid a breaking change on the current api
if (outbox == EMPTY_ACTIVEOUTBOX) return address(0);
return outbox;
}
function allowedDelayedInboxes(
address inbox
) public view returns (bool) {
return allowedDelayedInboxesMap[inbox].allowed;
}
function allowedOutboxes(
address outbox
) public view returns (bool) {
return allowedOutboxesMap[outbox].allowed;
}
modifier onlySequencerInbox() {
if (msg.sender != sequencerInbox) revert NotSequencerInbox(msg.sender);
_;
}
function enqueueSequencerMessage(
bytes32 dataHash,
uint256 afterDelayedMessagesRead,
uint256 prevMessageCount,
uint256 newMessageCount
)
external
onlySequencerInbox
returns (uint256 seqMessageIndex, bytes32 beforeAcc, bytes32 delayedAcc, bytes32 acc)
{
if (
sequencerReportedSubMessageCount != prevMessageCount && prevMessageCount != 0
&& sequencerReportedSubMessageCount != 0
) {
revert BadSequencerMessageNumber(sequencerReportedSubMessageCount, prevMessageCount);
}
sequencerReportedSubMessageCount = newMessageCount;
seqMessageIndex = sequencerInboxAccs.length;
if (seqMessageIndex > 0) {
beforeAcc = sequencerInboxAccs[seqMessageIndex - 1];
}
if (afterDelayedMessagesRead > 0) {
delayedAcc = delayedInboxAccs[afterDelayedMessagesRead - 1];
}
acc = keccak256(abi.encodePacked(beforeAcc, dataHash, delayedAcc));
sequencerInboxAccs.push(acc);
}
/// @inheritdoc IBridge
function submitBatchSpendingReport(
address sender,
bytes32 messageDataHash
) external onlySequencerInbox returns (uint256) {
return addMessageToDelayedAccumulator(
L1MessageType_batchPostingReport,
sender,
uint64(block.number),
uint64(block.timestamp), // solhint-disable-line not-rely-on-time,
block.basefee,
messageDataHash
);
}
function _enqueueDelayedMessage(
uint8 kind,
address sender,
bytes32 messageDataHash,
uint256 amount
) internal returns (uint256) {
if (!allowedDelayedInboxes(msg.sender)) revert NotDelayedInbox(msg.sender);
uint256 messageCount = addMessageToDelayedAccumulator(
kind,
sender,
uint64(block.number),
uint64(block.timestamp), // solhint-disable-line not-rely-on-time
_baseFeeToReport(),
messageDataHash
);
_transferFunds(amount);
return messageCount;
}
function addMessageToDelayedAccumulator(
uint8 kind,
address sender,
uint64 blockNumber,
uint64 blockTimestamp,
uint256 baseFeeL1,
bytes32 messageDataHash
) internal returns (uint256) {
uint256 count = delayedInboxAccs.length;
bytes32 messageHash = Messages.messageHash(
kind, sender, blockNumber, blockTimestamp, count, baseFeeL1, messageDataHash
);
bytes32 prevAcc = 0;
if (count > 0) {
prevAcc = delayedInboxAccs[count - 1];
}
delayedInboxAccs.push(Messages.accumulateInboxMessage(prevAcc, messageHash));
emit MessageDelivered(
count, prevAcc, msg.sender, kind, sender, messageDataHash, baseFeeL1, blockTimestamp
);
return count;
}
/// @inheritdoc IBridge
function executeCall(
address to,
uint256 value,
bytes calldata data
) external returns (bool success, bytes memory returnData) {
if (!allowedOutboxes(msg.sender)) revert NotOutbox(msg.sender);
if (data.length > 0 && !to.isContract()) revert NotContract(to);
address prevOutbox = _activeOutbox;
_activeOutbox = msg.sender;
// We set and reset active outbox around external call so activeOutbox remains valid during call
// We use a low level call here since we want to bubble up whether it succeeded or failed to the caller
// rather than reverting on failure as well as allow contract and non-contract calls
(success, returnData) = _executeLowLevelCall(to, value, data);
_activeOutbox = prevOutbox;
emit BridgeCallTriggered(msg.sender, to, value, data);
}
function setSequencerInbox(
address _sequencerInbox
) external onlyRollupOrOwner {
sequencerInbox = _sequencerInbox;
emit SequencerInboxUpdated(_sequencerInbox);
}
function setDelayedInbox(address inbox, bool enabled) external onlyRollupOrOwner {
InOutInfo storage info = allowedDelayedInboxesMap[inbox];
bool alreadyEnabled = info.allowed;
emit InboxToggle(inbox, enabled);
if (alreadyEnabled == enabled) {
return;
}
if (enabled) {
allowedDelayedInboxesMap[inbox] = InOutInfo(allowedDelayedInboxList.length, true);
allowedDelayedInboxList.push(inbox);
} else {
allowedDelayedInboxList[info.index] =
allowedDelayedInboxList[allowedDelayedInboxList.length - 1];
allowedDelayedInboxesMap[allowedDelayedInboxList[info.index]].index = info.index;
allowedDelayedInboxList.pop();
delete allowedDelayedInboxesMap[inbox];
}
}
function setOutbox(address outbox, bool enabled) external onlyRollupOrOwner {
if (outbox == EMPTY_ACTIVEOUTBOX) revert InvalidOutboxSet(outbox);
InOutInfo storage info = allowedOutboxesMap[outbox];
bool alreadyEnabled = info.allowed;
emit OutboxToggle(outbox, enabled);
if (alreadyEnabled == enabled) {
return;
}
if (enabled) {
allowedOutboxesMap[outbox] = InOutInfo(allowedOutboxList.length, true);
allowedOutboxList.push(outbox);
} else {
allowedOutboxList[info.index] = allowedOutboxList[allowedOutboxList.length - 1];
allowedOutboxesMap[allowedOutboxList[info.index]].index = info.index;
allowedOutboxList.pop();
delete allowedOutboxesMap[outbox];
}
}
function setSequencerReportedSubMessageCount(
uint256 newMsgCount
) external onlyRollupOrOwner {
sequencerReportedSubMessageCount = newMsgCount;
}
function delayedMessageCount() external view override returns (uint256) {
return delayedInboxAccs.length;
}
function sequencerMessageCount() external view returns (uint256) {
return sequencerInboxAccs.length;
}
/// @dev For the classic -> nitro migration. TODO: remove post-migration.
function acceptFundsFromOldBridge() external payable {}
/// @dev transfer funds provided to pay for crosschain msg
function _transferFunds(
uint256 amount
) internal virtual;
function _executeLowLevelCall(
address to,
uint256 value,
bytes memory data
) internal virtual returns (bool success, bytes memory returnData);
/// @dev get base fee which is emitted in `MessageDelivered` event and then picked up and
/// used in ArbOs to calculate the submission fee for retryable ticket
function _baseFeeToReport() internal view virtual returns (uint256);
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[40] private __gap;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.4;
import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
import "@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol";
import "./AbsBridge.sol";
import "./IEthBridge.sol";
import "./Messages.sol";
import "../libraries/DelegateCallAware.sol";
/**
* @title Staging ground for incoming and outgoing messages
* @notice It is also the ETH escrow for value sent with these messages.
*/
contract Bridge is AbsBridge, IEthBridge {
using AddressUpgradeable for address;
/// @inheritdoc IEthBridge
function initialize(
IOwnable rollup_
) external initializer onlyDelegated {
_activeOutbox = EMPTY_ACTIVEOUTBOX;
rollup = rollup_;
}
/// @inheritdoc IEthBridge
function enqueueDelayedMessage(
uint8 kind,
address sender,
bytes32 messageDataHash
) external payable returns (uint256) {
return _enqueueDelayedMessage(kind, sender, messageDataHash, msg.value);
}
function _transferFunds(
uint256
) internal override {
// do nothing as Eth transfer is part of TX execution
}
function _executeLowLevelCall(
address to,
uint256 value,
bytes memory data
) internal override returns (bool success, bytes memory returnData) {
// solhint-disable-next-line avoid-low-level-calls
(success, returnData) = to.call{value: value}(data);
}
function _baseFeeToReport() internal view override returns (uint256) {
return block.basefee;
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
import "./IOwnable.sol";
interface IBridge {
/// @dev This is an instruction to offchain readers to inform them where to look
/// for sequencer inbox batch data. This is not the type of data (eg. das, brotli encoded, or blob versioned hash)
/// and this enum is not used in the state transition function, rather it informs an offchain
/// reader where to find the data so that they can supply it to the replay binary
enum BatchDataLocation {
/// @notice The data can be found in the transaction call data
TxInput,
/// @notice The data can be found in an event emitted during the transaction
SeparateBatchEvent,
/// @notice This batch contains no data
NoData,
/// @notice The data can be found in the 4844 data blobs on this transaction
Blob
}
struct TimeBounds {
uint64 minTimestamp;
uint64 maxTimestamp;
uint64 minBlockNumber;
uint64 maxBlockNumber;
}
event MessageDelivered(
uint256 indexed messageIndex,
bytes32 indexed beforeInboxAcc,
address inbox,
uint8 kind,
address sender,
bytes32 messageDataHash,
uint256 baseFeeL1,
uint64 timestamp
);
event BridgeCallTriggered(
address indexed outbox, address indexed to, uint256 value, bytes data
);
event InboxToggle(address indexed inbox, bool enabled);
event OutboxToggle(address indexed outbox, bool enabled);
event SequencerInboxUpdated(address newSequencerInbox);
event RollupUpdated(address rollup);
function allowedDelayedInboxList(
uint256
) external returns (address);
function allowedOutboxList(
uint256
) external returns (address);
/// @dev Accumulator for delayed inbox messages; tail represents hash of the current state; each element represents the inclusion of a new message.
function delayedInboxAccs(
uint256
) external view returns (bytes32);
/// @dev Accumulator for sequencer inbox messages; tail represents hash of the current state; each element represents the inclusion of a new message.
function sequencerInboxAccs(
uint256
) external view returns (bytes32);
function rollup() external view returns (IOwnable);
function sequencerInbox() external view returns (address);
function activeOutbox() external view returns (address);
function allowedDelayedInboxes(
address inbox
) external view returns (bool);
function allowedOutboxes(
address outbox
) external view returns (bool);
function sequencerReportedSubMessageCount() external view returns (uint256);
function executeCall(
address to,
uint256 value,
bytes calldata data
) external returns (bool success, bytes memory returnData);
function delayedMessageCount() external view returns (uint256);
function sequencerMessageCount() external view returns (uint256);
// ---------- onlySequencerInbox functions ----------
function enqueueSequencerMessage(
bytes32 dataHash,
uint256 afterDelayedMessagesRead,
uint256 prevMessageCount,
uint256 newMessageCount
)
external
returns (uint256 seqMessageIndex, bytes32 beforeAcc, bytes32 delayedAcc, bytes32 acc);
/**
* @dev Allows the sequencer inbox to submit a delayed message of the batchPostingReport type
* This is done through a separate function entrypoint instead of allowing the sequencer inbox
* to call `enqueueDelayedMessage` to avoid the gas overhead of an extra SLOAD in either
* every delayed inbox or every sequencer inbox call.
*/
function submitBatchSpendingReport(
address batchPoster,
bytes32 dataHash
) external returns (uint256 msgNum);
// ---------- onlyRollupOrOwner functions ----------
function setSequencerInbox(
address _sequencerInbox
) external;
function setDelayedInbox(address inbox, bool enabled) external;
function setOutbox(address inbox, bool enabled) external;
function updateRollupAddress(
IOwnable _rollup
) external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
import "./IOwnable.sol";
import "./IBridge.sol";
interface IEthBridge is IBridge {
/**
* @dev Enqueue a message in the delayed inbox accumulator.
* These messages are later sequenced in the SequencerInbox, either
* by the sequencer as part of a normal batch, or by force inclusion.
*/
function enqueueDelayedMessage(
uint8 kind,
address sender,
bytes32 messageDataHash
) external payable returns (uint256);
// ---------- initializer ----------
function initialize(
IOwnable rollup_
) external;
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.4.21 <0.9.0;
interface IOwnable {
function owner() external view returns (address);
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
// solhint-disable-next-line compiler-version
pragma solidity >=0.6.9 <0.9.0;
pragma experimental ABIEncoderV2;
library Messages {
struct Message {
uint8 kind;
address sender;
uint64 blockNumber;
uint64 timestamp;
uint256 inboxSeqNum;
uint256 baseFeeL1;
bytes32 messageDataHash;
}
function messageHash(
Message memory message
) internal pure returns (bytes32) {
return messageHash(
message.kind,
message.sender,
message.blockNumber,
message.timestamp,
message.inboxSeqNum,
message.baseFeeL1,
message.messageDataHash
);
}
function messageHash(
uint8 kind,
address sender,
uint64 blockNumber,
uint64 timestamp,
uint256 inboxSeqNum,
uint256 baseFeeL1,
bytes32 messageDataHash
) internal pure returns (bytes32) {
return keccak256(
abi.encodePacked(
kind, sender, blockNumber, timestamp, inboxSeqNum, baseFeeL1, messageDataHash
)
);
}
function accumulateInboxMessage(
bytes32 prevAcc,
bytes32 message
) internal pure returns (bytes32) {
return keccak256(abi.encodePacked(prevAcc, message));
}
/// @dev Validates a delayed accumulator preimage
/// @param delayedAcc The delayed accumulator to validate against
/// @param beforeDelayedAcc The previous delayed accumulator
/// @param message The message to validate
function isValidDelayedAccPreimage(
bytes32 delayedAcc,
bytes32 beforeDelayedAcc,
Message memory message
) internal pure returns (bool) {
return delayedAcc == accumulateInboxMessage(beforeDelayedAcc, messageHash(message));
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import {NotOwner} from "./Error.sol";
/// @dev A stateless contract that allows you to infer if the current call has been delegated or not
/// Pattern used here is from UUPS implementation by the OpenZeppelin team
abstract contract DelegateCallAware {
address private immutable __self = address(this);
/**
* @dev Check that the execution is being performed through a delegate call. This allows a function to be
* callable on the proxy contract but not on the logic contract.
*/
modifier onlyDelegated() {
require(address(this) != __self, "Function must be called through delegatecall");
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/
modifier notDelegated() {
require(address(this) == __self, "Function must not be called through delegatecall");
_;
}
/// @dev Check that msg.sender is the current EIP 1967 proxy admin
modifier onlyProxyOwner() {
// Storage slot with the admin of the proxy contract
// This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1
bytes32 slot = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
address admin;
assembly {
admin := sload(slot)
}
if (msg.sender != admin) revert NotOwner(msg.sender, admin);
_;
}
}
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.4;
/// @dev Init was already called
error AlreadyInit();
/// @dev Init was called with param set to zero that must be nonzero
error HadZeroInit();
/// @dev Thrown when post upgrade init validation fails
error BadPostUpgradeInit();
/// @dev Thrown when the caller is not a codeless origin
error NotCodelessOrigin();
/// @dev Thrown when non owner tries to access an only-owner function
/// @param sender The msg.sender who is not the owner
/// @param owner The owner address
error NotOwner(address sender, address owner);
/// @dev Thrown when an address that is not the rollup tries to call an only-rollup function
/// @param sender The sender who is not the rollup
/// @param rollup The rollup address authorized to call this function
error NotRollup(address sender, address rollup);
/// @dev Thrown when the contract was not called directly from the origin ie msg.sender != tx.origin
error NotOrigin();
/// @dev Provided data was too large
/// @param dataLength The length of the data that is too large
/// @param maxDataLength The max length the data can be
error DataTooLarge(uint256 dataLength, uint256 maxDataLength);
/// @dev The provided is not a contract and was expected to be
/// @param addr The adddress in question
error NotContract(address addr);
/// @dev The merkle proof provided was too long
/// @param actualLength The length of the merkle proof provided
/// @param maxProofLength The max length a merkle proof can have
error MerkleProofTooLong(uint256 actualLength, uint256 maxProofLength);
/// @dev Thrown when an un-authorized address tries to access an admin function
/// @param sender The un-authorized sender
/// @param rollup The rollup, which would be authorized
/// @param owner The rollup's owner, which would be authorized
error NotRollupOrOwner(address sender, address rollup, address owner);
// Bridge Errors
/// @dev Thrown when an un-authorized address tries to access an only-inbox function
/// @param sender The un-authorized sender
error NotDelayedInbox(address sender);
/// @dev Thrown when an un-authorized address tries to access an only-sequencer-inbox function
/// @param sender The un-authorized sender
error NotSequencerInbox(address sender);
/// @dev Thrown when an un-authorized address tries to access an only-outbox function
/// @param sender The un-authorized sender
error NotOutbox(address sender);
/// @dev the provided outbox address isn't valid
/// @param outbox address of outbox being set
error InvalidOutboxSet(address outbox);
/// @dev The provided token address isn't valid
/// @param token address of token being set
error InvalidTokenSet(address token);
/// @dev Call to this specific address is not allowed
/// @param target address of the call receiver
error CallTargetNotAllowed(address target);
/// @dev Call that changes the balance of ERC20Bridge is not allowed
error CallNotAllowed();
// Inbox Errors
/// @dev msg.value sent to the inbox isn't high enough
error InsufficientValue(uint256 expected, uint256 actual);
/// @dev submission cost provided isn't enough to create retryable ticket
error InsufficientSubmissionCost(uint256 expected, uint256 actual);
/// @dev address not allowed to interact with the given contract
error NotAllowedOrigin(address origin);
/// @dev used to convey retryable tx data in eth calls without requiring a tx trace
/// this follows a pattern similar to EIP-3668 where reverts surface call information
error RetryableData(
address from,
address to,
uint256 l2CallValue,
uint256 deposit,
uint256 maxSubmissionCost,
address excessFeeRefundAddress,
address callValueRefundAddress,
uint256 gasLimit,
uint256 maxFeePerGas,
bytes data
);
/// @dev Thrown when a L1 chainId fork is detected
error L1Forked();
/// @dev Thrown when a L1 chainId fork is not detected
error NotForked();
/// @dev The provided gasLimit is larger than uint64
error GasLimitTooLarge();
/// @dev The provided amount cannot be adjusted to 18 decimals due to overflow
error AmountTooLarge(uint256 amount);
/// @dev Number of native token's decimals is restricted to enable conversions to 18 decimals
error NativeTokenDecimalsTooLarge(uint256 decimals);
// Outbox Errors
/// @dev The provided proof was too long
/// @param proofLength The length of the too-long proof
error ProofTooLong(uint256 proofLength);
/// @dev The output index was greater than the maximum
/// @param index The output index
/// @param maxIndex The max the index could be
error PathNotMinimal(uint256 index, uint256 maxIndex);
/// @dev The calculated root does not exist
/// @param root The calculated root
error UnknownRoot(bytes32 root);
/// @dev The record has already been spent
/// @param index The index of the spent record
error AlreadySpent(uint256 index);
/// @dev A call to the bridge failed with no return data
error BridgeCallFailed();
// Sequencer Inbox Errors
/// @dev Thrown when someone attempts to read fewer messages than have already been read
error DelayedBackwards();
/// @dev Thrown when someone attempts to read more messages than exist
error DelayedTooFar();
/// @dev Force include can only read messages more blocks old than the delay period
error ForceIncludeBlockTooSoon();
/// @dev The message provided did not match the hash in the delayed inbox
error IncorrectMessagePreimage();
/// @dev This can only be called by the batch poster
error NotBatchPoster();
/// @dev The sequence number provided to this message was inconsistent with the number of batches already included
error BadSequencerNumber(uint256 stored, uint256 received);
/// @dev The sequence message number provided to this message was inconsistent with the previous one
error BadSequencerMessageNumber(uint256 stored, uint256 received);
/// @dev Tried to create an already valid Data Availability Service keyset
error AlreadyValidDASKeyset(bytes32);
/// @dev Tried to use or invalidate an already invalid Data Availability Service keyset
error NoSuchKeyset(bytes32);
/// @dev Thrown when the provided address is not the designated batch poster manager
error NotBatchPosterManager(address);
/// @dev Thrown when a data blob feature is attempted to be used on a chain that doesnt support it
error DataBlobsNotSupported();
/// @dev Thrown when batches are posted without buffer proof, this is only allowed in a sync state or when no new delayed messages are read
error DelayProofRequired();
/// @dev The DelayedAccPreimage is invalid
error InvalidDelayedAccPreimage();
/// @dev Thrown when the sequencer attempts to post a batch with delay / sync proofs without delay bufferability enabled
error NotDelayBufferable();
/// @dev Thrown when an init param was supplied as empty
error InitParamZero(string name);
/// @dev Thrown when data hashes where expected but not where present on the tx
error MissingDataHashes();
/// @dev Thrown when rollup is not updated with updateRollupAddress
error RollupNotChanged();
/// @dev Unsupported header flag was provided
error InvalidHeaderFlag(bytes1);
/// @dev SequencerInbox and Bridge are not in the same feeToken/ETH mode
error NativeTokenMismatch();
/// @dev Thrown when a deprecated function is called
error Deprecated();
/// @dev Thrown when any component of maxTimeVariation is over uint64
error BadMaxTimeVariation();
/// @dev Thrown when any component of bufferConfig is zero
error BadBufferConfig();
/// @dev Thrown when extra gas is not a uint64
error ExtraGasNotUint64();
/// @dev Thrown when keysetBytes is too large
error KeysetTooLarge();
// Copyright 2021-2022, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.4;
uint8 constant L2_MSG = 3;
uint8 constant L1MessageType_L2FundedByL1 = 7;
uint8 constant L1MessageType_submitRetryableTx = 9;
uint8 constant L1MessageType_ethDeposit = 12;
uint8 constant L1MessageType_batchPostingReport = 13;
uint8 constant L2MessageType_unsignedEOATx = 0;
uint8 constant L2MessageType_unsignedContractTx = 1;
uint8 constant ROLLUP_PROTOCOL_EVENT_TYPE = 8;
uint8 constant INITIALIZATION_MSG_TYPE = 11;