matter-labs · kelemeno · Apr 18, 2024 · Apr 2, 2024 · Apr 3, 2024 · Mar 21, 2024
@@ -15,7 +15,6 @@ recursion_node_level_vk_hash = "0x0000000000000000000000000000000000000000000000
 recursion_leaf_level_vk_hash = "0x0000000000000000000000000000000000000000000000000000000000000000"
 recursion_circuits_set_vks_hash = "0x0000000000000000000000000000000000000000000000000000000000000000"
 priority_tx_max_gas_limit = 80000000
-shared_bridge_upgrade_storage_switch = 0
 diamond_init_pubdata_pricing_mode = 0
 diamond_init_batch_overhead_l1_gas = 1000000
 diamond_init_max_pubdata_per_batch = 120000

@@ -97,7 +97,6 @@ contract DeployL1Script is Script {
         bytes32 recursionLeafLevelVkHash;
         bytes32 recursionCircuitsSetVksHash;
         uint256 priorityTxMaxGasLimit;
-        uint256 sharedBridgeUpgradeStorageSwitch;
         PubdataPricingMode diamondInitPubdataPricingMode;
         uint256 diamondInitBatchOverheadL1Gas;
         uint256 diamondInitMaxPubdataPerBatch;
@@ -181,9 +180,6 @@ contract DeployL1Script is Script {
         config.contracts.recursionLeafLevelVkHash = toml.readBytes32("$.contracts.recursion_leaf_level_vk_hash");
         config.contracts.recursionCircuitsSetVksHash = toml.readBytes32("$.contracts.recursion_circuits_set_vks_hash");
         config.contracts.priorityTxMaxGasLimit = toml.readUint("$.contracts.priority_tx_max_gas_limit");
-        config.contracts.sharedBridgeUpgradeStorageSwitch = toml.readUint(
-            "$.contracts.shared_bridge_upgrade_storage_switch"
-        );
         config.contracts.diamondInitPubdataPricingMode = PubdataPricingMode(
             toml.readUint("$.contracts.diamond_init_pubdata_pricing_mode")
         );
@@ -499,8 +495,7 @@ contract DeployL1Script is Script {
     }
 
     function deploySharedBridgeProxy() internal {
-        uint256 storageSwitch = config.contracts.sharedBridgeUpgradeStorageSwitch;
-        bytes memory initCalldata = abi.encodeCall(L1SharedBridge.initialize, (config.deployerAddress, storageSwitch));
+        bytes memory initCalldata = abi.encodeCall(L1SharedBridge.initialize, (config.deployerAddress));
         bytes memory bytecode = abi.encodePacked(
             type(TransparentUpgradeableProxy).creationCode,
             abi.encode(addresses.bridges.sharedBridgeImplementation, addresses.transparentProxyAdmin, initCalldata)

@@ -2,7 +2,7 @@ CHAIN_ETH_NETWORK=hardhat
 CONTRACTS_PRIORITY_TX_MAX_GAS_LIMIT=72000000
 CONTRACTS_DEPLOY_L2_BRIDGE_COUNTERPART_GAS_LIMIT=10000000
 ETH_CLIENT_WEB3_URL=http://127.0.0.1:8545
-CHAIN_ETH_ZKSYNC_NETWORK_ID=270
+CHAIN_ETH_ZKSYNC_NETWORK_ID=271
 CONTRACTS_BRIDGEHUB_PROXY_ADDR=0x0000000000000000000000000000000000000000
 CONTRACTS_BRIDGEHUB_IMPL_ADDR=0x0000000000000000000000000000000000000000
 CONTRACTS_STATE_TRANSITION_PROXY_ADDR=0x0000000000000000000000000000000000000000

@@ -2,8 +2,7 @@
 
 pragma solidity 0.8.24;
 
-import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
-import {Ownable2Step} from "@openzeppelin/contracts/access/Ownable2Step.sol";
+import {Ownable2StepUpgradeable} from "@openzeppelin/contracts-upgradeable/access/Ownable2StepUpgradeable.sol";
 
 import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
 import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
@@ -27,25 +26,42 @@
 /// @custom:security-contact [email protected]
 /// @dev Bridges assets between L1 and hyperchains, supporting both ETH and ERC20 tokens.
 /// @dev Designed for use with a proxy for upgradability.
-contract L1SharedBridge is IL1SharedBridge, ReentrancyGuard, Initializable, Ownable2Step {
+contract L1SharedBridge is IL1SharedBridge, ReentrancyGuard, Ownable2StepUpgradeable {
     using SafeERC20 for IERC20;
 
     /// @dev The address of the WETH token on L1.
    address public immutable override l1WethAddress;

    /// @dev Bridgehub smart contract that is used to operate with L2 via asynchronous L2 <-> L1 communication.
    IBridgehub public immutable override bridgehub;

    /// @dev Era's chainID
    uint256 immutable eraChainId;

     /// @dev The address of zkSync Era diamond proxy contract.
     address immutable eraDiamondProxy;
 
-    /// @dev Stores the first batch number on the zkSync Era Diamond Proxy that was settled after Shared Bridge upgrade.
-    /// This variable is used to differentiate between pre-upgrade and post-upgrade withdrawals. Withdrawals from batches older
+    /// @dev Stores the first batch number on the zkSync Era Diamond Proxy that was settled after Diamond proxy upgrade.
+    /// This variable is used to differentiate between pre-upgrade and post-upgrade Eth withdrawals. Withdrawals from batches older
     /// than this value are considered to have been finalized prior to the upgrade and handled separately.
-    uint256 internal eraFirstPostUpgradeBatch;
+    uint256 internal eraPostDiamondUpgradeFirstBatch;
+
+    /// @dev Stores the first batch number on the zkSync Era Diamond Proxy that was settled after L1ERC20 Bridge upgrade.
+    /// This variable is used to differentiate between pre-upgrade and post-upgrade ERC20 withdrawals. Withdrawals from batches older
+    /// than this value are considered to have been finalized prior to the upgrade and handled separately.
+    uint256 internal eraPostLegacyBridgeUpgradeFirstBatch;
+
+    /// @dev Stores the zkSync Era batch number that processes the last deposit tx initiated by the legacy bridge
+    /// This variable (together with eraLegacyBridgeLastDepositTxNumber) is used to differentiate between pre-upgrade and post-upgrade deposits. Deposits processed in older batches
+    /// than this value are considered to have been processed prior to the upgrade and handled separately.
+    /// We use this both for Eth and erc20 token deposits, so we need to update the diamond and bridge simultaneously.
+    uint256 internal eraLegacyBridgeLastDepositBatch;
+
+    /// @dev The tx number in the _eraLegacyBridgeLastDepositBatch of the last deposit tx initiated by the legacy bridge
+    /// This variable (together with eraLegacyBridgeLastDepositBatch) is used to differentiate between pre-upgrade and post-upgrade deposits. Deposits processed in older txs
+    /// than this value are considered to have been processed prior to the upgrade and handled separately.
+    /// We use this both for Eth and erc20 token deposits, so we need to update the diamond and bridge simultaneously.
+    uint256 internal eraLegacyBridgeLastDepositTxNumber;
 
     /// @dev Legacy bridge smart contract that used to hold ERC20 tokens.
     IL1ERC20Bridge public override legacyBridge;
@@ -110,14 +126,36 @@
     /// @dev Initializes a contract bridge for later use. Expected to be used in the proxy
     /// @param _owner Address which can change L2 token implementation and upgrade the bridge
     /// implementation. The owner is the Governor and separate from the ProxyAdmin from now on, so that the Governor can call the bridge.
-    function initialize(
-        address _owner,
-        uint256 _eraFirstPostUpgradeBatch
-    ) external reentrancyGuardInitializer initializer {
+    function initialize(address _owner) external reentrancyGuardInitializer initializer {
         require(_owner != address(0), "ShB owner 0");
         _transferOwnership(_owner);
+    }
+
+    /// @dev This sets the first post diamond upgrade batch for era, used to check old eth withdrawals
+    /// @param _eraPostDiamondUpgradeFirstBatch The first batch number on the zkSync Era Diamond Proxy that was settled after diamond proxy upgrade.
+    function setEraPostDiamondUpgradeFirstBatch(uint256 _eraPostDiamondUpgradeFirstBatch) external onlyOwner {
+        require(eraPostDiamondUpgradeFirstBatch == 0, "ShB: eFPUB already set");
+        eraPostDiamondUpgradeFirstBatch = _eraPostDiamondUpgradeFirstBatch;
+    }
+
+    /// @dev This sets the first post upgrade batch for era, used to check old token withdrawals
+    /// @param _eraPostLegacyBridgeUpgradeFirstBatch The first batch number on the zkSync Era Diamond Proxy that was settled after legacy bridge upgrade.
+    function setEraPostLegacyBridgeUpgradeFirstBatch(uint256 _eraPostLegacyBridgeUpgradeFirstBatch) external onlyOwner {
+        require(eraPostLegacyBridgeUpgradeFirstBatch == 0, "ShB: eFPUB already set");
+        eraPostLegacyBridgeUpgradeFirstBatch = _eraPostLegacyBridgeUpgradeFirstBatch;
+    }
 
-        eraFirstPostUpgradeBatch = _eraFirstPostUpgradeBatch;
+    /// @dev This sets the first post upgrade batch for era, used to check old withdrawals
+    /// @param  _eraLegacyBridgeLastDepositBatch The the zkSync Era batch number that processes the last deposit tx initiated by the legacy bridge
+    /// @param _eraLegacyBridgeLastDepositTxNumber The tx number in the _eraLegacyBridgeLastDepositBatch of the last deposit tx initiated by the legacy bridge
+    function setEraLegacyBridgeLastDepositTime(
+        uint256 _eraLegacyBridgeLastDepositBatch,
+        uint256 _eraLegacyBridgeLastDepositTxNumber
+    ) external onlyOwner {
+        require(eraLegacyBridgeLastDepositBatch == 0, "ShB: eLOBDB already set");
+        require(eraLegacyBridgeLastDepositTxNumber == 0, "ShB: eLOBDTN already set");
+        eraLegacyBridgeLastDepositBatch = _eraLegacyBridgeLastDepositBatch;
+        eraLegacyBridgeLastDepositTxNumber = _eraLegacyBridgeLastDepositTxNumber;
     }
 
     /// @dev transfer tokens from legacy erc20 bridge or mailbox and set chainBalance as part of migration process
@@ -261,7 +299,6 @@
         require(address(legacyBridge) == address(0), "ShB: legacy bridge already set");
         require(_legacyBridge != address(0), "ShB: legacy bridge 0");
         legacyBridge = IL1ERC20Bridge(_legacyBridge);
-        l2BridgeAddress[eraChainId] = address(legacyBridge);
     }
 
     /// @dev Generate a calldata for calling the deposit finalization on the L2 bridge contract
@@ -355,7 +392,7 @@
             bool notCheckedInLegacyBridgeOrWeCanCheckDeposit;
             {
                 // Deposits that happened before the upgrade cannot be checked here, they have to be claimed and checked in the legacyBridge
-                bool weCanCheckDepositHere = !_isEraLegacyWithdrawal(_chainId, _l2BatchNumber);
+                bool weCanCheckDepositHere = !_isEraLegacyDeposit(_chainId, _l2BatchNumber, _l2TxNumberInBatch);
                 // Double claims are not possible, as we this check except for legacy bridge withdrawals
                 // Funds claimed before the update will still be recorded in the legacy bridge
                 // Note we double check NEW deposits if they are called from the legacy bridge
@@ -392,12 +429,46 @@
         emit ClaimedFailedDepositSharedBridge(_chainId, _depositSender, _l1Token, _amount);
     }
 
-    /// @dev Determines if a withdrawal was initiated on zkSync Era before the upgrade to the Shared Bridge.
+    /// @dev Determines if an eth withdrawal was initiated on zkSync Era before the upgrade to the Shared Bridge.
     /// @param _chainId The chain ID of the transaction to check.
     /// @param _l2BatchNumber The L2 batch number for the withdrawal.
-    /// @return Whether withdrawal was initiated on zkSync Era before Shared Bridge upgrade.
-    function _isEraLegacyWithdrawal(uint256 _chainId, uint256 _l2BatchNumber) internal view returns (bool) {
-        return (_chainId == eraChainId) && (_l2BatchNumber < eraFirstPostUpgradeBatch);
+    /// @return Whether withdrawal was initiated on zkSync Era before diamond proxy upgrade.
+    function _isEraLegacyEthWithdrawal(uint256 _chainId, uint256 _l2BatchNumber) internal view returns (bool) {
+        require((_chainId != eraChainId) || eraPostDiamondUpgradeFirstBatch != 0, "ShB: diamondUFB not set for Era");
+        return (_chainId == eraChainId) && (_l2BatchNumber < eraPostDiamondUpgradeFirstBatch);
+    }
+
+    /// @dev Determines if a token withdrawal was initiated on zkSync Era before the upgrade to the Shared Bridge.
+    /// @param _chainId The chain ID of the transaction to check.
+    /// @param _l2BatchNumber The L2 batch number for the withdrawal.
+    /// @return Whether withdrawal was initiated on zkSync Era before Legacy Bridge upgrade.
+    function _isEraLegacyTokenWithdrawal(uint256 _chainId, uint256 _l2BatchNumber) internal view returns (bool) {
+        require(
+            (_chainId != eraChainId) || eraPostLegacyBridgeUpgradeFirstBatch != 0,
+            "ShB: LegacyUFB not set for Era"
+        );
+        return (_chainId == eraChainId) && (_l2BatchNumber < eraPostLegacyBridgeUpgradeFirstBatch);
+    }
+
+    /// @dev Determines if a deposit was initiated on zkSync Era before the upgrade to the Shared Bridge.
+    /// @param _chainId The chain ID of the transaction to check.
+    /// @param _l2BatchNumber The L2 batch number for the deposit where it was processed.
+    /// @param _l2TxNumberInBatch The L2 transaction number in the batch, in which the deposit was processed.
+    /// @return Whether deposit was initiated on zkSync Era before Shared Bridge upgrade.
+    function _isEraLegacyDeposit(
+        uint256 _chainId,
+        uint256 _l2BatchNumber,
+        uint256 _l2TxNumberInBatch
+    ) internal view returns (bool) {
+        require(
+            (_chainId != eraChainId) || (eraLegacyBridgeLastDepositBatch != 0),
+            "ShB: last deposit time not set for Era"
+        );
+        return
+            (_chainId == eraChainId) &&
+            (_l2BatchNumber < eraLegacyBridgeLastDepositBatch ||
+                (_l2TxNumberInBatch < eraLegacyBridgeLastDepositTxNumber &&
+                    _l2BatchNumber == eraLegacyBridgeLastDepositBatch));
     }
 
     /// @notice Finalize the withdrawal and release funds
@@ -417,7 +488,7 @@
     ) external override {
         // To avoid rewithdrawing txs that have already happened on the legacy bridge.
         // Note: new withdraws are all recorded here, so double withdrawing them is not possible.
-        if (_isEraLegacyWithdrawal(_chainId, _l2BatchNumber)) {
+        if (_isEraLegacyTokenWithdrawal(_chainId, _l2BatchNumber)) {
             require(!legacyBridge.isWithdrawalFinalized(_l2BatchNumber, _l2MessageIndex), "ShB: legacy withdrawal");
         }
         _finalizeWithdrawal({
@@ -450,7 +521,7 @@
         isWithdrawalFinalized[_chainId][_l2BatchNumber][_l2MessageIndex] = true;
 
         // Handling special case for withdrawal from zkSync Era initiated before Shared Bridge.
-        if (_isEraLegacyWithdrawal(_chainId, _l2BatchNumber)) {
+        if (_isEraLegacyEthWithdrawal(_chainId, _l2BatchNumber)) {
             // Checks that the withdrawal wasn't finalized already.
             bool alreadyFinalized = IGetters(eraDiamondProxy).isEthWithdrawalFinalized(_l2BatchNumber, _l2MessageIndex);
             require(!alreadyFinalized, "Withdrawal is already finalized 2");
@@ -603,13 +674,7 @@
             // If the refund recipient is not specified, the refund will be sent to the sender of the transaction.
             // Otherwise, the refund will be sent to the specified address.
             // If the recipient is a contract on L1, the address alias will be applied.
-            address refundRecipient = _refundRecipient;
-            if (_refundRecipient == address(0)) {
-                // slither-disable-next-line tx-origin
-                refundRecipient = _prevMsgSender != tx.origin
-                    ? AddressAliasHelper.applyL1ToL2Alias(_prevMsgSender)
-                    : _prevMsgSender;
-            }
+            address refundRecipient = AddressAliasHelper.actualRefundRecipient(_refundRecipient, _prevMsgSender);
 
             L2TransactionRequestDirect memory request = L2TransactionRequestDirect({
                 chainId: eraChainId,

@@ -111,6 +111,15 @@ interface IL1SharedBridge {
         bytes32[] calldata _merkleProof
     ) external;
 
+    function setEraPostDiamondUpgradeFirstBatch(uint256 _eraPostDiamondUpgradeFirstBatch) external;
+
+    function setEraPostLegacyBridgeUpgradeFirstBatch(uint256 _eraPostLegacyBridgeUpgradeFirstBatch) external;
+
+    function setEraLegacyBridgeLastDepositTime(
+        uint256 _eraLegacyBridgeLastDepositBatch,
+        uint256 _eraLegacyBridgeLastDepositTxNumber
+    ) external;
+
     function l1WethAddress() external view returns (address);
 
     function bridgehub() external view returns (IBridgehub);