[WIP] feat: new lockbox #192
Conversation
| @@ -28,9 +28,6 @@ contract SharedLockbox is ISemver { | |||
| /// @notice The address of the SuperchainConfig contract. | |||
| ISuperchainConfig public immutable SUPERCHAIN_CONFIG; | |||
There was a problem hiding this comment.
We should not leak the fact that this is immutable into the abi, could we add a superchainConfig()(address) getter and make internal immutable SUPERCHAIN_CONFIG ?
There was a problem hiding this comment.
This contract address should never change, the SharedLockbox should always have the same SuperchaingConfig contract address, or were you thinking of something else?
| /// @notice | ||
| contract UpgradeHandler { | ||
| function addDependency(address _supechainConfig, uint256 _chainId, address _systemConfig) external { | ||
| if (msg.sender != Constants.DEPOSITOR_ACCOUNT) revert Unauthorized(); // TODO: check if this is safe enough |
There was a problem hiding this comment.
This is safe enough because only the derivation pipeline can mock this identity
| /// @title UpgradeHandler | ||
| /// @notice | ||
| contract UpgradeHandler { | ||
| function addDependency(address _supechainConfig, uint256 _chainId, address _systemConfig) external { |
|
|
||
| IL2ToL1MessagePasser(payable(Predeploys.L2_TO_L1_MESSAGE_PASSER)).initiateWithdrawal( | ||
| _supechainConfig, | ||
| 400_000, // TODO: find an arbitrary value that is enough |
There was a problem hiding this comment.
We need to remove the gas limit on withdrawals, its the source of so much pain
|
|
||
| event ETHMigrated(uint256 amount); | ||
|
|
||
| function migrateLiquidity() external { |
There was a problem hiding this comment.
Do you think its better to move away from the intermediate upgrade contract?
There was a problem hiding this comment.
This approach does simplify multisig operations which is nice
There was a problem hiding this comment.
Yes! Also you can be sure that the ETH liquidity migration is done at the same time as the portal is authorized to withdraw from the lockbox. The other way it has to be manually done and checked before processing the addDependency withdrawal tx .
| @@ -174,19 +175,11 @@ contract CrossL2Inbox is ISemver, TransientReentrancyAware { | |||
| // We need to know if this is being called on a depositTx | |||
| if (IL1BlockInterop(Predeploys.L1_BLOCK_ATTRIBUTES).isDeposit()) revert NoExecutingDeposits(); | |||
|
|
|||
| // Check the Identifier. | |||
| _checkIdentifier(_id); | |||
| if (!IDependencySet(Predeploys.L1_BLOCK_ATTRIBUTES).isInDependencySet(_id.chainId)) revert InvalidChainId(); | |||
There was a problem hiding this comment.
If we have this, then we will need the first block to set the dependency set, which makes testing a bit more complicated. The real benefit that I see is on outgoing messages from the L2 to L2 xdm
There was a problem hiding this comment.
We need to make sure that we do not have unprovable logs. Its most simple to assume that you cannot consume logs before the interop start. We would need to move that logic offchain in the block builder, proof and fork choice rule if its not onchain. I think we can get away with keeping everything that was in _checkIdentifier offchain, it will save a bit of gas over time
There was a problem hiding this comment.
Ok perfect, we will remove the check from here but leave it in the L2toL2CDM
| @@ -0,0 +1,30 @@ | |||
| // SPDX-License-Identifier: MIT | |||
| pragma solidity 0.8.25; | |||
There was a problem hiding this comment.
Curious if you have an opinion on the dependency set living in this contract vs the L1Block contract. The tradeoff is with it being in the L1Block contract, it expands the ABI, which causes more gas cost for every single system transaction doing 4byte selector matching. Its likely a minimal amount of gas but it adds up every block. Historically we just always added things to L1Block but this consideration exists
There was a problem hiding this comment.
I like this approach, as we talked, we can have a DependencyManager predeploy handling this
|
These changes generally look good to me |
No description provided.