merge: consensus PR conflicts

.github/SECURITY.md

@@ -5,7 +5,7 @@ We truly appreciate efforts to discover and disclose security issues responsibly
 ## Vulnerabilities
 
 If you'd like to report a security issue in the repositories of matter-labs organization, please proceed to our
-[Bug Bounty Program on Immunefi](https://era.zksync.io/docs/reference/troubleshooting/audit-bug-bounty.html#bug-bounty-program).
+[Bug Bounty Program on Immunefi](https://immunefi.com/bug-bounty/zksyncera/information/).
 
 ## Other Security Issues
 

.github/workflows/codespell.yaml

@@ -12,25 +12,26 @@ name: Codespell
 on: pull_request
 
 jobs:
-  codespell:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout the repository
-        uses: actions/checkout@v4
-
-      - name: pip cache
-        uses: actions/cache@v4
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: ${{ runner.os }}-pip-
-
-      - name: Install prerequisites
-        run: sudo pip install -r ./.codespell/requirements.txt
-
-      - name: Spell check
-        run: codespell --config=./.codespell/.codespellrc
+  # TODO: fix codespell CI
+  # codespell:
+  #   runs-on: ubuntu-latest
+
+  #   steps:
+  #     - name: Checkout the repository
+  #       uses: actions/checkout@v4
+
+  #     - name: pip cache
+  #       uses: actions/cache@v4
+  #       with:
+  #         path: ~/.cache/pip
+  #         key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
+  #         restore-keys: ${{ runner.os }}-pip-
+
+  #     - name: Install prerequisites
+  #       run: sudo pip install -r ./.codespell/requirements.txt
+
+  #     - name: Spell check
+  #       run: codespell --config=./.codespell/.codespellrc
 
   typos:
     runs-on: ubuntu-latest

.github/workflows/dead-links.yaml

@@ -0,0 +1,22 @@
+name: Check Dead Links in Markdown Files
+
+on: pull_request
+
+jobs:
+  check-dead-links:
+    name: Check Dead Links in Markdown Files
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install Rust and Lychee
+        run: |
+          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+          ~/.cargo/bin/cargo install lychee
+
+      - name: Find and check markdown files
+        run: |
+          GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+          find . -type f -name "*.md" ! -path "*/node_modules/*" ! -path "*/openzeppelin*" ! -path "*/murky/*" -exec lychee --github-token $GITHUB_TOKEN {} +

.github/workflows/l1-contracts-ci.yaml

@@ -22,6 +22,9 @@ jobs:
           node-version: 18.18.0
           cache: yarn
 
+      - name: Use Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+
       - name: Install dependencies
         run: yarn
 
@@ -39,11 +42,18 @@ jobs:
       - name: Build l1 artifacts
         run: yarn l1 build
 
+      - name: Build da-contracts artifacts
+        run: yarn da build:foundry
+
+      - name: Build l1 artifacts
+        run: yarn l1 build
+
       - name: Create cache
         uses: actions/cache/save@v3
         with:
           key: artifacts-l1-${{ github.sha }}
           path: |
+            da-contracts/out
             l1-contracts/artifacts
             l1-contracts/artifacts-zk
             l1-contracts/cache
@@ -72,6 +82,9 @@ jobs:
       - name: Lint
         run: yarn lint:check
 
+      - name: Lint errors
+        run: yarn l1 errors-lint --check
+
   test-foundry:
     needs: [build, lint]
     runs-on: ubuntu-latest
@@ -100,14 +113,14 @@ jobs:
           fail-on-cache-miss: true
           key: artifacts-l1-${{ github.sha }}
           path: |
+            da-contracts/out
             l1-contracts/artifacts
             l1-contracts/artifacts-zk
             l1-contracts/cache
             l1-contracts/typechain
             l2-contracts/artifacts-zk
             l2-contracts/cache-zk
             l2-contracts/typechain
-            l1-contracts/lib
 
       - name: Run tests
         working-directory: ./l1-contracts
@@ -141,14 +154,14 @@ jobs:
           fail-on-cache-miss: true
           key: artifacts-l1-${{ github.sha }}
           path: |
+            da-contracts/out
             l1-contracts/artifacts
             l1-contracts/artifacts-zk
             l1-contracts/cache
             l1-contracts/typechain
             l2-contracts/artifacts-zk
             l2-contracts/cache-zk
             l2-contracts/typechain
-            l1-contracts/lib
 
       - name: Install foundry zksync
         run: |
@@ -191,6 +204,7 @@ jobs:
           fail-on-cache-miss: true
           key: artifacts-l1-${{ github.sha }}
           path: |
+            da-contracts/out
             l1-contracts/artifacts
             l1-contracts/artifacts-zk
             l1-contracts/cache
@@ -203,6 +217,9 @@ jobs:
       - name: Build L2 contracts
         run: yarn l2 build
 
+      - name: Build L2 contracts
+        run: yarn l2 build
+
       - name: Run tests
         run: yarn l1 test --no-compile
 
@@ -258,49 +275,50 @@ jobs:
           fail-on-cache-miss: true
           key: artifacts-l1-${{ github.sha }}
           path: |
+            da-contracts/out
             l1-contracts/artifacts
             l1-contracts/artifacts-zk
             l1-contracts/cache
             l1-contracts/typechain
             l2-contracts/artifacts-zk
             l2-contracts/cache-zk
             l2-contracts/typechain
-            l1-contracts/lib
 
       - name: Run coverage
         run: FOUNDRY_PROFILE=default yarn test:foundry && FOUNDRY_PROFILE=default yarn coverage:foundry --report summary --report lcov
 
-      # To ignore coverage for certain directories modify the paths in this step as needed. The
-      # below default ignores coverage results for the test and script directories. Alternatively,
-      # to include coverage in all directories, comment out this step. Note that because this
-      # filtering applies to the lcov file, the summary table generated in the previous step will
-      # still include all files and directories.
-      # The `--rc lcov_branch_coverage=1` part keeps branch info in the filtered report, since lcov
-      # defaults to removing branch info.
-      - name: Filter directories
-        run: |
-          sudo apt update && sudo apt install -y lcov
-          lcov --remove lcov.info 'test/*' 'contracts/bridge/asset-router/L1AssetRouter.sol' 'contracts/dev-contracts/*' '../lib/forge-std/*' '../lib/murky/*' 'lib/*' '../lib/*' 'lib/' --ignore-errors unused --output-file lcov.info --rc lcov_branch_coverage=1
-
-      # This step posts a detailed coverage report as a comment and deletes previous comments on
-      # each push. The below step is used to fail coverage if the specified coverage threshold is
-      # not met. The below step can post a comment (when it's `github-token` is specified) but it's
-      # not as useful, and this action cannot fail CI based on a minimum coverage threshold, which
-      # is why we use both in this way.
-      - name: Post coverage report
-        if: github.event_name == 'pull_request' # This action fails when ran outside of a pull request.
-        uses: romeovs/[email protected]
-        with:
-          delete-old-comments: true
-          lcov-file: ./l1-contracts/lcov.info
-          github-token: ${{ secrets.GITHUB_TOKEN }} # Adds a coverage summary comment to the PR.
-
-      - name: Verify minimum coverage
-        uses: zgosalvez/github-actions-report-lcov@v2
-        with:
-          coverage-files: ./l1-contracts/lcov.info
-          working-directory: l1-contracts
-          minimum-coverage: 85 # Set coverage threshold.
+      # TODO: for some reason filtering directories stopped working.
+      # # To ignore coverage for certain directories modify the paths in this step as needed. The
+      # # below default ignores coverage results for the test and script directories. Alternatively,
+      # # to include coverage in all directories, comment out this step. Note that because this
+      # # filtering applies to the lcov file, the summary table generated in the previous step will
+      # # still include all files and directories.
+      # # The `--rc lcov_branch_coverage=1` part keeps branch info in the filtered report, since lcov
+      # # defaults to removing branch info.
+      # - name: Filter directories
+      #   run: |
+      #     sudo apt update && sudo apt install -y lcov
+      #     lcov --remove lcov.info 'test/*' 'contracts/dev-contracts/*' '../lib/forge-std/*' '../lib/murky/*' 'lib/*' '../lib/*' 'lib/' 'deploy-scripts/*' --output-file lcov.info --rc lcov_branch_coverage=1
+
+      # # This step posts a detailed coverage report as a comment and deletes previous comments on
+      # # each push. The below step is used to fail coverage if the specified coverage threshold is
+      # # not met. The below step can post a comment (when it's `github-token` is specified) but it's
+      # # not as useful, and this action cannot fail CI based on a minimum coverage threshold, which
+      # # is why we use both in this way.
+      # - name: Post coverage report
+      #   if: github.event_name == 'pull_request' # This action fails when ran outside of a pull request.
+      #   uses: romeovs/[email protected]
+      #   with:
+      #     delete-old-comments: true
+      #     lcov-file: ./l1-contracts/lcov.info
+      #     github-token: ${{ secrets.GITHUB_TOKEN }} # Adds a coverage summary comment to the PR.
+
+      # - name: Verify minimum coverage
+      #   uses: zgosalvez/github-actions-report-lcov@v2
+      #   with:
+      #     coverage-files: ./l1-contracts/lcov.info
+      #     working-directory: l1-contracts
+      #     minimum-coverage: 85 # Set coverage threshold.
 
   gas-report:
     needs: [build, lint]

.github/workflows/l1-contracts-foundry-ci.yaml

@@ -41,11 +41,15 @@ jobs:
       - name: Build l2 artifacts
         run: yarn l2 build
 
+      - name: Build da-contracts artifacts
+        run: yarn da build:foundry
+
       - name: Create cache
         uses: actions/cache/save@v3
         with:
           key: artifacts-l1-contracts-foudry-${{ github.sha }}
           path: |
+            da-contracts/out
             l1-contracts/cache
             l1-contracts/out
             l1-contracts/artifacts-zk
@@ -72,6 +76,7 @@ jobs:
           fail-on-cache-miss: true
           key: artifacts-l1-contracts-foudry-${{ github.sha }}
           path: |
+            da-contracts/out
             l1-contracts/cache
             l1-contracts/out
             l1-contracts/artifacts-zk

.github/workflows/slither.yaml

@@ -39,6 +39,7 @@ jobs:
           rm -rf ./l1-contracts/contracts/state-transition/utils/
           rm -rf ./l1-contracts/contracts/state-transition/Verifier.sol
           rm -rf ./l1-contracts/contracts/state-transition/TestnetVerifier.sol
+          rm -rf ./l1-contracts/contracts/state-transition/chain-deps/GatewayCTMDeployer.sol
           rm -rf ./l1-contracts/contracts/dev-contracts/test/VerifierTest.sol
           rm -rf ./l1-contracts/contracts/dev-contracts/test/VerifierRecursiveTest.sol
 

.github/workflows/system-contracts-ci.yaml

@@ -53,35 +53,36 @@ jobs:
       - name: Run lint
         run: yarn lint:check
 
-  test-bootloader:
-    needs: [build, lint]
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout the repository
-        uses: actions/checkout@v4
-
-      - name: Install rust
-        uses: actions-rust-lang/setup-rust-toolchain@v1
-        with:
-          toolchain: nightly-2023-04-17
-
-      - name: Restore artifacts cache
-        uses: actions/cache/restore@v3
-        with:
-          fail-on-cache-miss: true
-          key: artifacts-system-${{ github.sha }}
-          path: |
-            system-contracts/artifacts-zk
-            system-contracts/cache-zk
-            system-contracts/typechain
-            system-contracts/contracts-preprocessed
-            system-contracts/bootloader/build
-
-      - name: Run bootloader tests
-        run: |
-          cd system-contracts/bootloader/test_infra
-          cargo run
+  # FIXME: recover when used multivm is updated
+  # test-bootloader:
+  #   needs: [build, lint]
+  #   runs-on: ubuntu-latest
+
+  #   steps:
+  #     - name: Checkout the repository
+  #       uses: actions/checkout@v4
+
+  #     - name: Install rust
+  #       uses: actions-rust-lang/setup-rust-toolchain@v1
+  #       with:
+  #         toolchain: nightly-2023-04-17
+
+  #     - name: Restore artifacts cache
+  #       uses: actions/cache/restore@v3
+  #       with:
+  #         fail-on-cache-miss: true
+  #         key: artifacts-system-${{ github.sha }}
+  #         path: |
+  #           system-contracts/artifacts-zk
+  #           system-contracts/cache-zk
+  #           system-contracts/typechain
+  #           system-contracts/contracts-preprocessed
+  #           system-contracts/bootloader/build
+
+  #     - name: Run bootloader tests
+  #       run: |
+  #         cd system-contracts/bootloader/test_infra
+  #         cargo run
 
   test-contracts:
     needs: [build, lint]

.gitignore

@@ -31,4 +31,7 @@ l1-contracts/test/foundry/l1/integration/deploy-scripts/script-out/*.toml
 !l1-contracts/script-out/.gitkeep
 *.timestamp
 l1-contracts/test/foundry/l1/integration/deploy-scripts/script-out/*
+l1-contracts/test/foundry/l1/integration/deploy-scripts/script-config/config-deploy-zk-chain-*.toml
+l1-contracts/test/foundry/integration/deploy-scripts/script-out/*
+l1-contracts/test/foundry/l1/integration/upgrade-envs/script-out/*.toml
 l1-contracts/zkout/*

.solhintignore

@@ -17,6 +17,7 @@ l1-contracts-foundry/lib
 # l2-contracts
 l2-contracts/cache-zk
 l2-contracts/node_modules
+l2-contracts/contracts/dev-contracts
 l2-contracts/test
 
 # system-contracts

CONTRIBUTING.md

@@ -13,7 +13,7 @@ There are many ways to contribute to the ZK Stack:
    issues.
 3. Resolve issues: either by showing an issue isn't a problem and the current state is ok as is or by fixing the problem
    and opening a PR.
-4. Report security issues, see [our security policy](./github/SECURITY.md).
+4. Report security issues, see [our security policy](./.github/SECURITY.md).
 5. [Join the team!](https://matterlabs.notion.site/Shape-the-future-of-Ethereum-at-Matter-Labs-dfb3b5a037044bb3a8006af2eb0575e0)
 
 ## Fixing issues
@@ -34,7 +34,7 @@ We aim to make it as easy as possible to contribute to the mission. This is stil
 and suggestions here too. Some resources to help:
 
 1. [In-repo docs aimed at developers](docs)
-2. [ZKsync Era docs!](https://era.zksync.io/docs/)
+2. [ZKsync Era docs!](https://docs.zksync.io/zk-stack)
 3. Company links can be found in the [repo's readme](README.md)
 
 ## Code of Conduct

README.md

@@ -8,7 +8,7 @@ or re-auditing a single line of code. ZKsync Era also uses an LLVM-based compile
 write smart contracts in C++, Rust and other popular languages.
 
 This repository contains both L1 and L2 ZKsync smart contracts. For their description see the
-[system overview](docs/Overview.md).
+[system overview](docs/overview.md).
 
 ## Disclaimer
 

SECURITY.md

@@ -5,7 +5,7 @@ We truly appreciate efforts to discover and disclose security issues responsibly
 ## Vulnerabilities
 
 If you'd like to report a security issue in the repositories of matter-labs organization, please proceed to our
-[Bug Bounty Program on Immunefi](https://era.zksync.io/docs/reference/troubleshooting/audit-bug-bounty.html#bug-bounty-program).
+[Bug Bounty Program on Immunefi](https://immunefi.com/bug-bounty/zksyncera/information/).
 
 ## Other Security Issues