Skip to content

Commit

Permalink
Merge branch 'dev' into oz-hyper-improvements-audit
Browse files Browse the repository at this point in the history
  • Loading branch information
vladbochok committed Jun 12, 2024
2 parents 8532ada + ab2f13d commit 4abad56
Show file tree
Hide file tree
Showing 205 changed files with 15,842 additions and 2,834 deletions.
File renamed without changes.
50 changes: 0 additions & 50 deletions .github/workflows/buld-release.yaml

This file was deleted.

40 changes: 23 additions & 17 deletions .github/workflows/l1-contracts-foundry-ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ env:

on:
pull_request:

jobs:
build:
runs-on: ubuntu-latest
Expand All @@ -28,7 +29,7 @@ jobs:
run: yarn

- name: Build artifacts
working-directory: ./l1-contracts-foundry
working-directory: ./l1-contracts
run: forge build

- name: Build system-contract artifacts
Expand All @@ -39,8 +40,8 @@ jobs:
with:
key: artifacts-l1-contracts-foudry-${{ github.sha }}
path: |
l1-contracts-foundry/cache
l1-contracts-foundry/out
l1-contracts/cache
l1-contracts/out
system-contracts/artifacts-zk
system-contracts/bootloader/build
system-contracts/cache-zk
Expand All @@ -62,8 +63,8 @@ jobs:
fail-on-cache-miss: true
key: artifacts-l1-contracts-foudry-${{ github.sha }}
path: |
l1-contracts-foundry/cache
l1-contracts-foundry/out
l1-contracts/cache
l1-contracts/out
system-contracts/artifacts-zk
system-contracts/bootloader/build
system-contracts/cache-zk
Expand All @@ -73,6 +74,10 @@ jobs:
- name: Use Foundry
uses: foundry-rs/foundry-toolchain@v1

- name: Copy configs from template
working-directory: ./l1-contracts
run: cp -r deploy-script-config-template script-config

- name: Run anvil
run: |
anvil --silent &
Expand All @@ -95,17 +100,18 @@ jobs:
fi
- name: Run DeployL1 script
working-directory: ./l1-contracts-foundry
run: forge script ./script/DeployL1.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY

- name: Run RegisterHyperchain script
working-directory: ./l1-contracts-foundry
run: forge script ./script/RegisterHyperchain.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY
working-directory: ./l1-contracts
run: forge script ./deploy-scripts/DeployL1.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY

- name: Run DeployErc20 script
working-directory: ./l1-contracts-foundry
run: forge script ./script/DeployErc20.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY

- name: Run InitializeL2WethToken script
working-directory: ./l1-contracts-foundry
run: forge script ./script/InitializeL2WethToken.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY
working-directory: ./l1-contracts
run: forge script ./deploy-scripts/DeployErc20.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY
# TODO restore scripts verification
# - name: Run RegisterHyperchain script
# working-directory: ./l1-contracts
# run: |
# cat ./script-out/output-deploy-l1.toml >> ./script-config/register-hyperchain.toml
# forge script ./deploy-scripts/RegisterHyperchain.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY
# - name: Run InitializeL2WethToken script
# working-directory: ./l1-contracts-foundry
# run: forge script ./deploy-scripts/InitializeL2WethToken.s.sol --ffi --rpc-url $ANVIL_RPC_URL --broadcast --private-key $ANVIL_PRIVATE_KEY
4 changes: 3 additions & 1 deletion .github/workflows/slither.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,4 +43,6 @@ jobs:
rm -rf ./l1-contracts/contracts/dev-contracts/test/VerifierRecursiveTest.sol
- name: Run Slither
run: slither --config ./l1-contracts/slither.config.json ./l1-contracts
run: |
cd l1-contracts
slither --config ./slither.config.json .
7 changes: 4 additions & 3 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ l1-contracts/lcov.info
l1-contracts/report/*
l1-contracts/coverage/*
l1-contracts/out/*
l1-contracts-foundry/broadcast/*
l1-contracts-foundry/script-out/*
!l1-contracts-foundry/script-out/.gitkeep
l1-contracts/broadcast/*
l1-contracts/script-config/*
l1-contracts/script-out/*
!l1-contracts/script-out/.gitkeep
15 changes: 7 additions & 8 deletions .gitmodules
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,11 @@
[submodule "l1-contracts/lib/murky"]
path = l1-contracts/lib/murky
url = https://github.com/dmfxyz/murky
[submodule "l1-contracts-foundry/lib/forge-std"]
path = l1-contracts-foundry/lib/forge-std
url = https://github.com/foundry-rs/forge-std
[submodule "l1-contracts-foundry/lib/openzeppelin-contracts"]
path = l1-contracts-foundry/lib/openzeppelin-contracts
url = https://github.com/Openzeppelin/openzeppelin-contracts
[submodule "l1-contracts-foundry/lib/openzeppelin-contracts-upgradeable"]
path = l1-contracts-foundry/lib/openzeppelin-contracts-upgradeable
[submodule "l1-contracts/lib/openzeppelin-contracts-upgradeable"]
path = l1-contracts/lib/openzeppelin-contracts-upgradeable
url = https://github.com/Openzeppelin/openzeppelin-contracts-upgradeable
branch = release-v4.9
[submodule "l1-contracts/lib/openzeppelin-contracts"]
path = l1-contracts/lib/openzeppelin-contracts
url = https://github.com/Openzeppelin/openzeppelin-contracts
branch = release-v4.9
45 changes: 27 additions & 18 deletions .solhint.json
Original file line number Diff line number Diff line change
@@ -1,31 +1,40 @@
{
"extends": "solhint:recommended",
"rules": {
"state-visibility": "off",
"func-visibility": ["warn", { "ignoreConstructors": true }],
"var-name-mixedcase": "off",
"avoid-call-value": "off",
"no-empty-blocks": "off",
"not-rely-on-time": "off",
"avoid-call-value": "error",
"avoid-low-level-calls": "off",
"no-inline-assembly": "off",
"avoid-sha3": "error",
"check-send-result": "error",
"compiler-version": ["error", "^0.8.0"],
"const-name-snakecase": "off",
"no-complex-fallback": "off",
"reason-string": "off",
"contract-name-camelcase": "off",
"gas-calldata-parameters": "error",
"gas-custom-errors": "error",
"gas-increment-by-one": "error",
"gas-length-in-loops": "error",
"gas-struct-packing": "error",
"explicit-types": "error",
"func-name-mixedcase": "off",
"custom-errors": "off",
"no-unused-vars": "error",
"func-named-parameters": ["error", 4],
"func-visibility": ["error", { "ignoreConstructors": true }],
"imports-on-top": "error",
"max-states-count": "off",
"modifier-name-mixedcase": "error",
"named-parameters-mapping": "off",
"no-complex-fallback": "off",
"no-console": "error",
"no-empty-blocks": "off",
"no-global-import": "error",
"no-inline-assembly": "off",
"no-unused-import": "error",
"explicit-types": "error",
"modifier-name-mixedcase": "error",
"imports-on-top": "error",
"no-unused-vars": "error",
"not-rely-on-time": "off",
"quotes": "error",
"use-forbidden-name": "error",
"visibility-modifier-order": "error",
"reason-string": "error",
"reentrancy": "error",
"func-named-parameters": ["error", 4],
"compiler-version": ["error", "^0.8.0"]
"state-visibility": "error",
"use-forbidden-name": "error",
"var-name-mixedcase": "off",
"visibility-modifier-order": "error"
}
}
7 changes: 7 additions & 0 deletions .solhintignore
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ l1-contracts/cache
l1-contracts/cache-forge
l1-contracts/lib
l1-contracts/node_modules
l1-contracts/contracts/dev-contracts
l1-contracts/test

# l1-contracts-foundry
l1-contracts-foundry/cache
Expand All @@ -18,3 +20,8 @@ l2-contracts/node_modules
# system-contracts
system-contracts/contracts/openzeppelin
system-contracts/contracts/Constants.sol
system-contracts/contracts/test-contracts
system-contracts/contracts-preprocessed

# gas-bound-caller
gas-bound-caller/contracts/test-contracts
51 changes: 51 additions & 0 deletions gas-bound-caller/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
# GasBoundCaller

Starting from v24 On Era, the gas for pubdata is charged at the end of the execution of the entire transaction. This means that if a subcall is not trusted, it can consume a significant amount of pubdata during the process. While this may not be an issue for most contracts, there are use cases, e.g., for relayers, where it is crucial to ensure that the subcall will not spend more money than intended.

The `GasBoundCaller` is a contract with the following interface:

```solidity
function gasBoundCall(address _to, uint256 _maxTotalGas, bytes calldata _data) external payable
```

> Note that the amount of gas passed into this function should be less than or equal to `_maxTotalGas`. If the computational gas provided is higher than `_maxTotalGas`, the higher value will be used.
This contract will call the address `_to` with the entire execution gas passed to it, while ensuring that the total consumed gas does not exceed `_maxTotalGas` under any circumstances.

If the call to the `_to` address fails, the gas used on pubdata is considered zero, and the total gas used is fully equivalent to the gas consumed within the execution. The `GasBoundCaller` will relay the revert message as-is.

If the call to the `_to` address succeeds, the `GasBoundCaller` will ensure that the total consumed gas does not exceed `_maxTotalGas`. If it does, it will revert with a "Not enough gas for pubdata" error. If the total consumed gas is less than or equal to `_maxTotalGas`, the `GasBoundCaller` will return returndata equal to `abi.encode(bytes returndataFromSubcall, uint256 gasUsedForPubdata)`.

## Usage

Summing up the information from the previous chapter, the `GasBoundCaller` should be used in the following way:

TODO(EVM-585): switch `addr` with address.

```solidity
uint256 computeGasBefore = gasleft();
(bool success, bytes memory returnData) = address(this).call{gas: _gasToPass}(abi.encodeWithSelector(GasBoundCaller.gasBoundCall.selector, _to, _maxTotalGas, _data));
uint256 pubdataGasSpent;
if (success) {
(returnData, pubdataGasSpent) = abi.decode(returnData, (bytes, uint256));
} else {
// `returnData` is fully equal to the returndata, while `pubdataGasSpent` is equal to 0
}
uint256 computeGasAfter = gasleft();
// This is the total gas that the subcall made the transaction to be charged for
uint256 totalGasConsumed = computeGasBefore - computeGasAfter + pubdataGasSpent;
```

### Preserving `msg.sender`

Since `GasBoundCaller` would be the contract that calls the `_to` contract, the `msg.sender` will be equal to the `GasBoundCaller`'s address. To preserve the current `msg.sender`, this contract can be inherited from and used the same way, but instead of calling `GasBoundCaller.gasBoundCall`, `this.gasBoundCall` could be called.

## Deployed Address

It should be deployed via a built-in CREATE2 factory on each individual chain.

TODO(EVM-585)
Loading

0 comments on commit 4abad56

Please sign in to comment.