Open
Conversation
…optimism#19206) * fix(contracts): handle v1/v2 OPCM structures when loading DelayedWETH artifacts Upgrade tests were failing because ForkLive assumed v1 structure (DelayedWETH on game impl) but after OPCM v2 upgrades it's stored in gameArgs. This caused artifact loading to fail when tests ran past upgrades without useUpgradedFork. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(contracts): add underscore suffix to named return argument Fixes semgrep rule sol-style-return-arg-fmt which requires named return arguments to have an underscore suffix. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(contracts): improve v1/v2 fallback logic for DelayedWETH loading Simplify the fallback logic so that: - If gameArgs returns data (length > 0), it must decode successfully - Only fall back to v1 (game impl .weth()) if gameArgs doesn't exist or returns empty bytes This ensures proper error propagation when gameArgs data is invalid. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * Use helper method. * Fetch the pre-upgrade permissioned delayed weth from on chain. * Load preupgrade state from on chain. --------- Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: Georgios Konstantopoulos <me@gakonst.com> Co-authored-by: Amp <amp@ampcode.com>
…radigmxyz/reth#21686) Co-authored-by: Amp <amp@ampcode.com>
* feat(l2cm ): add L2ProxyAdmin * feat: initial l2proxyadmin implementation * feat: add semver and event * test: add L2ProxyAdmin unit tests * refactor: rename proxyAdmin to L2ProxyAdmin inside packages * refactor: rename proxyAdmin to L2ProxyAdmin in go side * refactor: rename l2cm interface * fix: semgrep issues * fix: revert proxy admin renaming * fix: revert proxy admin renaming in packages * fix: revert proxy admin renaming in go * fix: add missing natspec in l2pa constructor * fix: natspec proxied true * fix: run pre-pr * fix: proxy admin predeploy getName, label and refactor tests & TODO * fix: proxy admin predeploy getName, label and refactor tests * feat: add todo for l2pa refactor to be initializable
* ci: Fix make reproducible-prestate. Adjust reproducible-prestate so the op-program and kona prestates can be built in parallel. Depend on the full prestate build in CI to ensure it always works. * Use machine executor. * Remove remote docker setup. * Remove separate cannon-kona build job. * Build cannon and op-program binaries. * Depend on go-binaries-for-sysgo in e2e tests
…e` (op-rs/op-reth#204) - Adds new crates `reth-optimism-exex` and `reth_optimism_trie` - Moves `reth_exex::external_proofs` -> `reth_optimism_exex` - Moves `reth_exex::external_proofs::storage` -> `reth_optimism_trie`
Seems like when `reth-optimism-trie` depends on `reth-db-api` indirectly, the doctest crate couldn’t resolve `reth_db_api::…` and failing. Closes op-rs/op-reth#233 Co-authored-by: Emilia Hane <elsaemiliaevahane@gmail.com>
This PR separates storage and account cursors which makes sense because these two cursors may have very different seek/next implementations. In the case of in-memory, a single cursor impl can still handle both, but for MDBX, it makes sense to implement separate cursors. Closes op-rs/op-reth#236 --------- Co-authored-by: Arun Dhyani <dhyaniarun7@gmail.com>
Based on op-rs/op-reth#203 , op-rs/op-reth#204 This PR implements `StateProvider` given a `OpProofsStorage` instance. It reads most data from the external database, but falls back on the latest provider for block hashes and code by hash similar to the existing historical provider in Reth. This is an important part to implementing live syncing since we're running the sync process on the DB being created. In the Reth implementation, `proof.rs` is contained in `trie/db`, so I think it makes sense to go in our DB crate. The `provider.rs` is in the `reth-provider` crate, but I don't think a separate provider crate helps us here, so I think we should also include that in the trie crate as well. --------- Co-authored-by: Emilia Hane <elsaemiliaevahane@gmail.com>
Based on op-rs/op-reth#229 Adds tests to ensure that storing TrieUpdates that include deletions actually deletes the nodes at that block height, and that updates take precedence over deletions (same as `write_trie_updates` in Reth). Closes op-rs/op-reth#238
…p-reth#198) Based on op-rs/op-reth#197 This PR implements the live state collector on top of the `OpProofsStateProvider` created in the previous PR. This sync process tries to re-execute all blocks from the current block of the external database to tip. --------- Co-authored-by: Emilia Hane <elsaemiliaevahane@gmail.com>
…#222) Closes op-rs/op-reth#164 --------- Co-authored-by: Arun Dhyani <dhyaniarun7@gmail.com>
Fixes op-rs/op-reth#225 (does not track errors as these are fatal currently)
…#251) Fixes op-rs/op-reth#237 Adds more concrete error variants for `OpProofsStorageError` Co-authored-by: Arun Dhyani <dhyaniarun7@gmail.com>
…eth#248) Fixes op-rs/op-reth#247 Removes the `block_number` parameter from: - store_account_branches - store_storage_branches - store_hashed_accounts - store_hashed_storages Co-authored-by: Arun Dhyani <dhyaniarun7@gmail.com>
…p-rs/op-reth#253) Fixes op-rs/op-reth#215 --------- Co-authored-by: Arun Dhyani <dhyaniarun7@gmail.com>
…op-reth#250) Ref op-rs/op-reth#241 - Fixes comment from deps fix in op-rs/op-reth#229 (fix correct but comment misleading) - `serde-bincode-compat` is a feature which must be enabled when the `bincode` dependency is used. Asides for dev-deps, this only happens in `reth-stages`. `reth-exex` runs in `reth-stages`. In this wokrstream we use the `TrieUpdate` in exex. `serde-bincode-compat` is already implemented for `TrieUpdates` in `reth-trie-common`, this PR simply makes that feature accessible via `reth-trie` and in turn `reth-optimism-trie`, in order to enable it in `reth-optimism-exex`.
Closes op-rs/op-reth#212 --------- Co-authored-by: Emilia Hane <elsaemiliaevahane@gmail.com>
Ref op-rs/op-reth#205 Removes redundant dep `reth-db-api` from `reth-optimism-trie`, since used types are re-exported via `reth-db` --------- Co-authored-by: Arun Dhyani <dhyaniarun7@gmail.com>
Resolves op-rs/op-reth#239 --------- Co-authored-by: Einar Rasmussen <einar@oplabs.co>
* Remove rust build step. * ci: persist kona-build-release binaries to workspace for memory-all Add persist_to_workspace parameter to rust-build-binary job and enable it for kona-build-release so that rust/target/release is available via the workspace for the memory-all acceptance test job. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Only persist binaries. * Persist some more binaries. * Back to full paths. --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
…ism#19220) * feat(op-node): execute NUT bundles at Karst fork activation Add the Karst fork and wire NUT bundle execution into the derivation pipeline, with upgrade gas allocated to the block gas limit. * feat: add NUT bundle fork lock with CI check Prevent accidental modification of finalized NUT bundles by adding a lock file with sha256 hashes and a CI check that enforces immutability. * fix: Add missing test-nut * refactor: make NUT bundle types and functions private Only UpgradeTransactions (to be added) will be the public API for NUTs. This enables easier refactoring and eventual migration to op-core. * refactor: move NUT bundle embed to parse_upgrade_transactions.go Co-locates the embedded JSON with the code that parses it. * refactor: add UpgradeTransactions(fork) with switch and error wrapping Encapsulates fork-to-bundle mapping in a single public function, wraps errors with context, and simplifies the call site in attributes.go. * chore: move check-nut-locks from Makefile to justfile Also updates CI to call just directly. * fix: go fmt * fix: Formatting on testdata * refactor: rename parse_upgrade_transactions to upgrade_transaction Per review feedback to use a simpler file name. * feat: add reverse check that all NUT bundles have lock entries Globs known bundle locations to catch bundles added without a corresponding fork_lock.toml entry. * fix: use go run directly rather than just command
…o flake-shake gate (ethereum-optimism#19350) Registers the test in the flake-shake quarantine gate so it can accumulate stability data before being promoted to the supernode-interop gate. Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
…eum-optimism#19365) Add stop/cancellation check in Start() loop while paused to prevent infinite spinning when RewindEngine exits before Resume is called. Add deferred Resume() call in RewindEngine to ensure the container is always unpaused on return, even on context cancellation or errors.
…16 (ethereum-optimism#19271) Add missing @param blueprint NatSpec to OpcmContractRef struct (#2). Add comments about pause blocking interop upgrades (#3). Document migrate() scope limitations and re-migration risks (#7, #15). Update PERMIT_ALL_CONTRACTS_INSTRUCTION comment (#12). Document intentional use of chainSystemConfigs[0] for shared contracts (#16). Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
…thereum-optimism#19285) * wip: require interop dev feature for migrate * fix(contracts): require interop dev feature for migrate (Finding 21) Add ABI snapshot for new OPContractsManagerMigrator_InteropNotEnabled error, regenerated by `just pr`. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
…tup (ethereum-optimism#19349) Extract the duplicated mock logic for DelayedWETH and ETHLockbox proxy implementations into Setup.mockUnoptimizedProxyImplementations(), replacing identical ~40-line blocks in both OPContractsManager.t.sol and OPContractsManagerStandardValidator.t.sol. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
…um-optimism#19273) * chore(contracts): add initializer side-effects review rules Add AI review rules for detecting initializer functions with side-effects (loops, mapping writes, external calls) that could be unsafe during contract re-initialization with partial state. Addresses audit finding #20 (ETHLockbox re-initialization footgun). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update docs/ai/contract-dev.md Co-authored-by: Maurelian <john@oplabs.co> * Update docs/ai/contract-dev.md Co-authored-by: graphite-app[bot] <96075541+graphite-app[bot]@users.noreply.github.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Maurelian <john@oplabs.co> Co-authored-by: graphite-app[bot] <96075541+graphite-app[bot]@users.noreply.github.com>
…ce (ethereum-optimism#19357) BlobSource::load_blobs wrapped all errors from chain_provider.block_info_and_transactions_by_hash with BlobProviderError::Backend(e.to_string()).into(), which forced every error to PipelineErrorKind::Temporary regardless of the underlying error kind. This caused a regression: AlloyChainProvider was fixed in ee4d492 to emit PipelineErrorKind::Reset for BlockNotFound errors (mapping to ResetError::BlockNotFound). However, the Backend wrapping in BlobSource bypassed that fix, downgrading Reset to Temporary. During an L1 reorg when a blob-bearing block hash disappears, kona would spin retrying instead of triggering a pipeline reset, causing a liveness stall. The Go reference (blob_data_source.go:82-85) explicitly branches on errors.Is(err, ethereum.NotFound) and wraps it as NewResetError. Fix: use .map_err(Into::into) to preserve the error classification from the underlying ChainProvider::Error implementation. This mirrors the pattern already used correctly by CalldataSource. Fixes ethereum-optimism#19354
Adds test duration caching and ordering.
… (Phase 5) (ethereum-optimism#18876) Implement the "Simplified Network Interface" design by adding a ComponentRegistry interface that provides generic component access. This reduces interface bloat by enabling new component types to be added without requiring new interface methods. Key changes: - Add ComponentRegistry interface with Component(), Components(), ComponentIDs() methods - Embed ComponentRegistry in Network and System interfaces - Add 32 typed free functions (GetL2BatcherByID, GetL2Batchers, etc.) - Add *stack.Registry to shim implementations (presetNetwork, presetL1Network, presetL2Network, presetSystem) - Update all Add* methods to register in both legacy maps and unified registry for backward compatibility - Fix nil map bug in RegisterL2MetricsTargets Existing typed interface methods (L2Batcher, L2Batchers, etc.) continue to work unchanged. Callers can migrate incrementally to the new patterns.
) * op-node: copy LocalSafeL2 in follow source mode When op-node runs in light-node/follow-source mode, it follows an upstream node's sync status. Previously, FollowClient.GetFollowStatus() only copied SafeL2, FinalizedL2, and CurrentL1 - but not LocalSafeL2. The FollowSource() function was incorrectly using SafeL2 (cross-safe) for updating the local-safe head, when it should use the upstream's LocalSafeL2 instead. Changes: - Add LocalSafeL2 field to FollowStatus struct - Copy LocalSafeL2 from upstream sync status in GetFollowStatus() - Update FollowSource() to accept separate LocalSafe parameter - Pass LocalSafeL2 through followUpstream() to FollowSource() - Add test for FollowClient to verify LocalSafeL2 is copied * fix(op-node): use local-safe for FollowSource consolidation and inject cross-safe FollowSource was using eSafeBlockRef (cross-safe) for consolidation/reorg checks, but this logic syncs local chain state and should use eLocalSafeRef. Cross-safe was also never injected into the engine, causing promoteFinalized to silently fail when finalized > SafeL2Head (which reads deprecatedSafeHead). - Switch consolidation/reorg/EL-sync checks from eSafeBlockRef to eLocalSafeRef - Add PromoteSafe call for cross-safe injection before promoteFinalized - Add SafeL2 <= LocalSafeL2 invariant check in driver followUpstream - Add L1 origin validation for LocalSafeL2 in driver followUpstream - Add unit test for divergent cross-safe/local-safe values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(op-node): follow-source nodes report distinct SafeL2/LocalSafeL2 In follow-source mode, SafeL2Head() and FinalizedHead() now return the cross-safe/cross-finalized values (deprecatedSafeHead/deprecatedFinalizedHead) without requiring supervisorEnabled. This lets light CL nodes naturally report distinct SafeL2 vs LocalSafeL2 in SyncStatus, since the upstream always provides both values. Also prevents local-safe from auto-promoting to cross-safe in follow-source mode (localSafeIsFullySafe returns false), since cross-safe comes from upstream. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(op-node): address review nits in FollowSource test - Use FollowSourceEnabled sync config instead of supervisorEnabled to exercise the production code path for follow-source nodes - Assert deprecatedFinalizedHead instead of localFinalizedHead for consistency with cross-safe assertions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: opsuperchain <opsuperchain@slop.bot> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…erop (ethereum-optimism#19378) * op-devstack: Add preset for light CL follow source Adds a preset `WithTwoL2SupernodeFollowL2` that sets up two L2 chains with interop enabled (via `TwoL2SupernodeInterop`) and one verifier per chain configured with follow source mode (light CL). * op-acceptance-tests: Add `TestFollowSource_LocalSafeDivergesThenConverges` This test exercises the flow where: * We have two L2s using interop via supernode * We have two additional L2 light CLs following the supernode and asserts that: * The follower node's `LocalSafeL2` advances independently of its `SafeL2` * `LocalSafeL2` leads `SafeL2` during the window before cross-safe promotion * Both eventually converge closes ethereum-optimism#19331 * chore: Annotate TODO for L2 CL P2P issue * op-devstack: Expose the follower ELs in TwoL2SupernodeFollowL2 preset These will be useful in future tests, so exposing them right now makes sense --------- Co-authored-by: wwared <541936+wwared@users.noreply.github.com>
…imism#19105) * op-dispute-mon: add supernode endpoint tracking fields * op-dispute-mon: add supernode helper methods * op-dispute-mon: add comprehensive endpoint tracking to super enricher * op-dispute-mon: add supernode monitors and Prometheus metrics * op-dispute-mon: add comprehensive endpoint tracking tests * op-dispute-mon: add safety comment to super agreement enricher Add explanatory comment about safety validation for super roots, matching the equivalent comment in output_agreement_enricher.go. Clarifies that even if the super root matches the game's root claim, the game could still be challenged if the required L1 data was not fully available at proposal time. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * op-dispute-mon: unify rollup and super node endpoint tracking Consolidates duplicate endpoint tracking metrics and fields into a single unified set. Since games are mutually exclusive (either using output roots or super roots), we can use the same fields and metrics for both types. Changes: - Renamed RollupEndpoint* fields to NodeEndpoint* in types - Removed all SuperNodeEndpoint* duplicate fields - Removed duplicate super-specific metrics and monitors - Renamed differentOutputRootGames to differentRootGames - Updated enrichers to populate unified NodeEndpoint* fields This simplifies the codebase (net -973 lines) while maintaining the same monitoring capabilities. Existing metrics now aggregate across both rollup and super nodes. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * op-dispute-mon: rename different_output_roots files to different_roots Renames monitor files to match the refactored naming that tracks both output roots and super roots. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * op-dispute-mon: consolidate super agreement enricher tests Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * lint fixes --------- Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
…thereum-optimism#19272) * contracts: implement audit code fixes and add tests Add onlyDelegateCall enforcement to upgradeSuperchain, upgrade, and migrate functions (#17). Include msg.sender in deploy salt to prevent cross-caller CREATE2 collisions (#17). Add duplicate instruction key detection in upgrade validation (#9). Validate startingRespectedGameType against enabled game configs (#10). Add code-existence check in loadBytes (#18). Add setUp guard to VerifyOPCM.runSingle (#4). Remove unused _findChar function (#5). Pass real AddressManager in migrator proxy deploy args (#11). Add tests covering all audit fix behaviors. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * contracts: regenerate semver-lock.json for OPContractsManagerV2 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * contracts: bump OPContractsManagerV2 version to 7.0.10 Semver-diff requires a patch version bump when bytecode changes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
… notifications (ethereum-optimism#19367) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Kelvin Fichter <kelvinfichter@gmail.com>
…hereum-optimism#19402) * really skip problematic test * Apply suggestion from @geoknee
… compatibility (ethereum-optimism#19377) * test(contracts): reuse ProxyAdmin tests on L2ProxyAdmin for backwards compatibility - extract virtual _createAdmin hook in ProxyAdmin_TestInit for subclass override - make ProxyAdmin_TestInit.setUp public virtual to support test inheritance - add 10 backwards-compat test contracts that run all ProxyAdmin tests against L2ProxyAdmin * refactor(test): inline _createL2ProxyAdmin into each override - remove _createL2ProxyAdmin free function from L2ProxyAdmin.t.sol - inline L2ProxyAdmin deployment directly in each _createAdmin override
…nding 22) (ethereum-optimism#19286) * fix(contracts): forward-compatible OZ v5 Initializable in upgrade (Finding 22) Make OPContractsManagerUtils.upgrade() also clear the OZ v5 ERC-7201 Initializable storage slot (uint64 _initialized in the low 8 bytes). For v4 contracts the slot is all zeros so this is a no-op. Reverts if _initializing bool is set, since a contract should never be mid-initialization during an upgrade. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * docs(contracts): add ERC-7201 slot derivation comment for OZ v5 Initializable Show the keccak256 derivation formula and link to the OpenZeppelin source for the hardcoded ERC-7201 Initializable storage slot. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(contracts): address PR review comments on OPContractsManagerUtils - Clarify error NatSpec: "mid-initialization" → "has `_initializing` as true" - Remove stale "Otherwise" from comment on initialized slot reset Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
…thereum-optimism#19415) * chore(op-acceptance-tests): add ELSync stalling tests to flake-shake TestUnsafeChainNotStalling_ELSync_Short/Long/RestartOpNode_Long failed 3 times each across 3 distinct branches in the past 7 days, always co-failing in the same job. All instances passed on rerun (confirmed flake). The three tests share the same package and common fixture (UnsafeChainNotStalling_Disconnect / _RestartOpNode), which explains why they fail together — a setup-level timing issue affects all three simultaneously. Quarantine while root cause is investigated. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: correct package path to syncmodereqressync/elsync The failing tests are in depreqres/syncmodereqressync/elsync, not reqressyncdisabled/elsync. The reqressyncdisabled variants pass cleanly. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: smartcontracts <smartcontracts@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Tag created with op-workbench. Conflicts: .circleci/config.yml .gitmodules .semgrep/rules/sol-rules.yaml go.mod go.sum mise.toml op-e2e/actions/helpers/l2_sequencer.go op-node/node/node.go op-node/rollup/derive/blob_data_source.go op-node/rollup/derive/span_batch_txs.go op-node/rollup/driver/driver.go op-program/scripts/build-prestates.sh op-service/txinclude/txbudget_test.go ops/docker/op-stack-go/Dockerfile ops/docker/op-stack-go/Dockerfile.dockerignore packages/contracts-bedrock/scripts/checks/check-semver-diff.sh packages/contracts-bedrock/snapshots/semver-lock.json packages/contracts-bedrock/src/libraries/Predeploys.sol packages/contracts-bedrock/test/setup/Setup.sol
|
The conflicts in |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Our own e2e tests have passed.
The conflicts in .circleci/config.yml are left to @syntrust .
The old 2023 commits are from this PR which merged kona , reserving the kona history.