@arbitrum/nitro-contracts 1.0.0-beta.4 → 1.0.0-beta.7

package/src/rollup/RollupLib.sol

@@ -11,7 +11,8 @@ import "../bridge/ISequencerInbox.sol";
 
 import "../bridge/IBridge.sol";
 import "../bridge/IOutbox.sol";
-import "./IRollupEventBridge.sol";
+import "../bridge/IInbox.sol";
+import "./IRollupEventInbox.sol";
 import "./IRollupLogic.sol";
 
 struct Config {
@@ -27,13 +28,17 @@ struct Config {
 }
 
 struct ContractDependencies {
-    IBridge delayedBridge;
+    IBridge bridge;
     ISequencerInbox sequencerInbox;
+    IInbox inbox;
     IOutbox outbox;
-    IRollupEventBridge rollupEventBridge;
+    IRollupEventInbox rollupEventInbox;
     IChallengeManager challengeManager;
     IRollupAdmin rollupAdminLogic;
     IRollupUser rollupUserLogic;
+    // misc contracts that are useful when interacting with the rollup
+    address validatorUtils;
+    address validatorWalletCreator;
 }
 
 library RollupLib {
@@ -127,9 +132,19 @@ library RollupLib {
         bool hasSibling,
         bytes32 lastHash,
         bytes32 assertionExecHash,
-        bytes32 inboxAcc
+        bytes32 inboxAcc,
+        bytes32 wasmModuleRoot
     ) internal pure returns (bytes32) {
         uint8 hasSiblingInt = hasSibling ? 1 : 0;
-        return keccak256(abi.encodePacked(hasSiblingInt, lastHash, assertionExecHash, inboxAcc));
+        return
+            keccak256(
+                abi.encodePacked(
+                    hasSiblingInt,
+                    lastHash,
+                    assertionExecHash,
+                    inboxAcc,
+                    wasmModuleRoot
+                )
+            );
     }
 }

package/src/rollup/RollupUserLogic.sol

@@ -487,6 +487,10 @@ abstract contract AbsRollupUserLogic is
         return currentRequiredStake(blockNumber, firstUnresolvedNodeNum, latestCreatedNode);
     }
 
+    function owner() external view returns (address) {
+        return _getAdmin();
+    }
+
     function currentRequiredStake() public view returns (uint256) {
         uint64 firstUnresolvedNodeNum = firstUnresolvedNode();
 
@@ -615,18 +619,13 @@ contract RollupUserLogic is AbsRollupUserLogic, IRollupUser {
 
     /**
      * @notice Withdraw uncommitted funds owned by sender from the rollup chain
-     * @param destination Address to transfer the withdrawn funds to
      */
-    function withdrawStakerFunds(address payable destination)
-        external
-        override
-        onlyValidator
-        whenNotPaused
-        returns (uint256)
-    {
+    function withdrawStakerFunds() external override onlyValidator whenNotPaused returns (uint256) {
         uint256 amount = withdrawFunds(msg.sender);
         // This is safe because it occurs after all checks and effects
-        destination.transfer(amount);
+        // solhint-disable-next-line avoid-low-level-calls
+        (bool success, ) = msg.sender.call{value: amount}("");
+        require(success, "TRANSFER_FAILED");
         return amount;
     }
 }
@@ -692,18 +691,11 @@ contract ERC20RollupUserLogic is AbsRollupUserLogic, IRollupUserERC20 {
 
     /**
      * @notice Withdraw uncommitted funds owned by sender from the rollup chain
-     * @param destination Address to transfer the withdrawn funds to
      */
-    function withdrawStakerFunds(address payable destination)
-        external
-        override
-        onlyValidator
-        whenNotPaused
-        returns (uint256)
-    {
+    function withdrawStakerFunds() external override onlyValidator whenNotPaused returns (uint256) {
         uint256 amount = withdrawFunds(msg.sender);
         // This is safe because it occurs after all checks and effects
-        require(IERC20Upgradeable(stakeToken).transfer(destination, amount), "TRANSFER_FAILED");
+        require(IERC20Upgradeable(stakeToken).transfer(msg.sender, amount), "TRANSFER_FAILED");
         return amount;
     }
 

package/src/rollup/ValidatorWallet.sol

@@ -6,24 +6,117 @@ pragma solidity ^0.8.0;
 
 import "../challenge/IChallengeManager.sol";
 import "../libraries/DelegateCallAware.sol";
+import "../libraries/IGasRefunder.sol";
 import "@openzeppelin/contracts/utils/Address.sol";
 import "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
 
-contract ValidatorWallet is OwnableUpgradeable, DelegateCallAware {
+/// @dev thrown when arrays provided don't have the expected length
+error BadArrayLength(uint256 expected, uint256 actual);
+
+/// @dev thrown when a function is called by an address that isn't the owner nor a executor
+error NotExecutorOrOwner(address actual);
+
+/// @dev thrown when the particular address can't be called by an executor
+error OnlyOwnerDestination(address expected, address actual, address destination);
+
+/// @dev thrown when eth withdrawal tx fails
+error WithdrawEthFail(address destination);
+
+contract ValidatorWallet is OwnableUpgradeable, DelegateCallAware, GasRefundEnabled {
     using Address for address;
 
-    function initialize() external initializer onlyDelegated {
+    /// @dev a executor is allowed to call only certain contracts
+    mapping(address => bool) public executors;
+
+    /// @dev allowed addresses which can be called by an executor
+    mapping(address => bool) public allowedExecutorDestinations;
+
+    modifier onlyExecutorOrOwner() {
+        if (!executors[_msgSender()] && owner() != _msgSender())
+            revert NotExecutorOrOwner(_msgSender());
+        _;
+    }
+
+    event ExecutorUpdated(address indexed executor, bool isExecutor);
+
+    /// @dev updates the executor addresses
+    function setExecutor(address[] calldata newExecutors, bool[] calldata isExecutor)
+        external
+        onlyOwner
+    {
+        if (newExecutors.length != isExecutor.length)
+            revert BadArrayLength(newExecutors.length, isExecutor.length);
+        unchecked {
+            for (uint64 i = 0; i < newExecutors.length; ++i) {
+                executors[newExecutors[i]] = isExecutor[i];
+                emit ExecutorUpdated(newExecutors[i], isExecutor[i]);
+            }
+        }
+    }
+
+    function initialize(
+        address _executor,
+        address _owner,
+        address[] calldata initialExecutorAllowedDests
+    ) external initializer onlyDelegated {
         __Ownable_init();
+        transferOwnership(_owner);
+
+        executors[_executor] = true;
+        emit ExecutorUpdated(_executor, true);
+
+        unchecked {
+            for (uint64 i = 0; i < initialExecutorAllowedDests.length; ++i) {
+                allowedExecutorDestinations[initialExecutorAllowedDests[i]] = true;
+                emit AllowedExecutorDestinationsUpdated(initialExecutorAllowedDests[i], true);
+            }
+        }
+    }
+
+    event AllowedExecutorDestinationsUpdated(address indexed destination, bool isSet);
+
+    /// @notice updates the destination addresses which executors are allowed to call
+    function setAllowedExecutorDestinations(address[] calldata destinations, bool[] calldata isSet)
+        external
+        onlyOwner
+    {
+        if (destinations.length != isSet.length)
+            revert BadArrayLength(destinations.length, isSet.length);
+        unchecked {
+            for (uint256 i = 0; i < destinations.length; ++i) {
+                allowedExecutorDestinations[destinations[i]] = isSet[i];
+                emit AllowedExecutorDestinationsUpdated(destinations[i], isSet[i]);
+            }
+        }
+    }
+
+    /// @dev reverts if the current function can't be called
+    function validateExecuteTransaction(address destination) public view {
+        if (!allowedExecutorDestinations[destination] && owner() != _msgSender())
+            revert OnlyOwnerDestination(owner(), _msgSender(), destination);
     }
 
     function executeTransactions(
         bytes[] calldata data,
         address[] calldata destination,
         uint256[] calldata amount
-    ) external payable onlyOwner {
+    ) external payable {
+        executeTransactionsWithGasRefunder(IGasRefunder(address(0)), data, destination, amount);
+    }
+
+    function executeTransactionsWithGasRefunder(
+        IGasRefunder gasRefunder,
+        bytes[] calldata data,
+        address[] calldata destination,
+        uint256[] calldata amount
+    ) public payable onlyExecutorOrOwner refundsGas(gasRefunder) {
         uint256 numTxes = data.length;
+        if (numTxes != destination.length) revert BadArrayLength(numTxes, destination.length);
+        if (numTxes != amount.length) revert BadArrayLength(numTxes, amount.length);
+
         for (uint256 i = 0; i < numTxes; i++) {
             if (data[i].length > 0) require(destination[i].isContract(), "NO_CODE_AT_ADDR");
+            validateExecuteTransaction(destination[i]);
             // We use a low level call here to allow for contract and non-contract calls
             // solhint-disable-next-line avoid-low-level-calls
             (bool success, ) = address(destination[i]).call{value: amount[i]}(data[i]);
@@ -42,8 +135,18 @@ contract ValidatorWallet is OwnableUpgradeable, DelegateCallAware {
         bytes calldata data,
         address destination,
         uint256 amount
-    ) external payable onlyOwner {
+    ) external payable {
+        executeTransactionWithGasRefunder(IGasRefunder(address(0)), data, destination, amount);
+    }
+
+    function executeTransactionWithGasRefunder(
+        IGasRefunder gasRefunder,
+        bytes calldata data,
+        address destination,
+        uint256 amount
+    ) public payable onlyExecutorOrOwner refundsGas(gasRefunder) {
         if (data.length > 0) require(destination.isContract(), "NO_CODE_AT_ADDR");
+        validateExecuteTransaction(destination);
         // We use a low level call here to allow for contract and non-contract calls
         // solhint-disable-next-line avoid-low-level-calls
         (bool success, ) = destination.call{value: amount}(data);
@@ -57,10 +160,15 @@ contract ValidatorWallet is OwnableUpgradeable, DelegateCallAware {
         }
     }
 
-    function timeoutChallenges(IChallengeManager manager, uint64[] calldata challenges)
-        external
-        onlyOwner
-    {
+    function timeoutChallenges(IChallengeManager manager, uint64[] calldata challenges) external {
+        timeoutChallengesWithGasRefunder(IGasRefunder(address(0)), manager, challenges);
+    }
+
+    function timeoutChallengesWithGasRefunder(
+        IGasRefunder gasRefunder,
+        IChallengeManager manager,
+        uint64[] calldata challenges
+    ) public onlyExecutorOrOwner refundsGas(gasRefunder) {
         uint256 challengesCount = challenges.length;
         for (uint256 i = 0; i < challengesCount; i++) {
             try manager.timeout(challenges[i]) {} catch (bytes memory error) {
@@ -72,4 +180,13 @@ contract ValidatorWallet is OwnableUpgradeable, DelegateCallAware {
             }
         }
     }
+
+    receive() external payable {}
+
+    /// @dev allows the owner to withdraw eth held by this contract
+    function withdrawEth(uint256 amount, address destination) external onlyOwner {
+        // solhint-disable-next-line avoid-low-level-calls
+        (bool success, ) = destination.call{value: amount}("");
+        if (!success) revert WithdrawEthFail(destination);
+    }
 }

package/src/rollup/ValidatorWalletCreator.sol

@@ -13,7 +13,8 @@ import "./ValidatorWallet.sol";
 contract ValidatorWalletCreator is Ownable {
     event WalletCreated(
         address indexed walletAddress,
-        address indexed userAddress,
+        address indexed executorAddress,
+        address indexed ownerAddress,
         address adminProxy
     );
     event TemplateUpdated();
@@ -29,15 +30,19 @@ contract ValidatorWalletCreator is Ownable {
         emit TemplateUpdated();
     }
 
-    function createWallet() external returns (address) {
+    function createWallet(address[] calldata initialExecutorAllowedDests)
+        external
+        returns (address)
+    {
+        address _executor = msg.sender;
+        address _owner = msg.sender;
         ProxyAdmin admin = new ProxyAdmin();
         address proxy = address(
             new TransparentUpgradeableProxy(address(template), address(admin), "")
         );
-        admin.transferOwnership(msg.sender);
-        ValidatorWallet(proxy).initialize();
-        ValidatorWallet(proxy).transferOwnership(msg.sender);
-        emit WalletCreated(proxy, msg.sender, address(admin));
+        admin.transferOwnership(_owner);
+        ValidatorWallet(payable(proxy)).initialize(_executor, _owner, initialExecutorAllowedDests);
+        emit WalletCreated(proxy, _executor, _owner, address(admin));
         return proxy;
     }
 }

package/src/state/Deserialize.sol

@@ -6,7 +6,6 @@ pragma solidity ^0.8.0;
 
 import "./Value.sol";
 import "./ValueStack.sol";
-import "./PcStack.sol";
 import "./Machine.sol";
 import "./Instructions.sol";
 import "./StackFrame.sol";
@@ -120,23 +119,6 @@ library Deserialize {
         stack = ValueStack({proved: ValueArray(proved), remainingHash: remainingHash});
     }
 
-    function pcStack(bytes calldata proof, uint256 startOffset)
-        internal
-        pure
-        returns (PcStack memory stack, uint256 offset)
-    {
-        offset = startOffset;
-        bytes32 remainingHash;
-        (remainingHash, offset) = b32(proof, offset);
-        uint256 provedLength;
-        (provedLength, offset) = u256(proof, offset);
-        uint32[] memory proved = new uint32[](provedLength);
-        for (uint256 i = 0; i < proved.length; i++) {
-            (proved[i], offset) = u32(proof, offset);
-        }
-        stack = PcStack({proved: PcArray(proved), remainingHash: remainingHash});
-    }
-
     function instruction(bytes calldata proof, uint256 startOffset)
         internal
         pure
@@ -199,10 +181,12 @@ library Deserialize {
     {
         offset = startOffset;
         uint64 size;
+        uint64 maxSize;
         bytes32 root;
         (size, offset) = u64(proof, offset);
+        (maxSize, offset) = u64(proof, offset);
         (root, offset) = b32(proof, offset);
-        mem = ModuleMemory({size: size, merkleRoot: root});
+        mem = ModuleMemory({size: size, maxSize: maxSize, merkleRoot: root});
     }
 
     function module(bytes calldata proof, uint256 startOffset)
@@ -274,7 +258,6 @@ library Deserialize {
         }
         ValueStack memory values;
         ValueStack memory internalStack;
-        PcStack memory blocks;
         bytes32 globalStateHash;
         uint32 moduleIdx;
         uint32 functionIdx;
@@ -283,7 +266,6 @@ library Deserialize {
         bytes32 modulesRoot;
         (values, offset) = valueStack(proof, offset);
         (internalStack, offset) = valueStack(proof, offset);
-        (blocks, offset) = pcStack(proof, offset);
         (frameStack, offset) = stackFrameWindow(proof, offset);
         (globalStateHash, offset) = b32(proof, offset);
         (moduleIdx, offset) = u32(proof, offset);
@@ -294,7 +276,6 @@ library Deserialize {
             status: status,
             valueStack: values,
             internalStack: internalStack,
-            blockStack: blocks,
             frameStack: frameStack,
             globalStateHash: globalStateHash,
             moduleIdx: moduleIdx,

package/src/state/Instructions.sol

@@ -12,9 +12,6 @@ struct Instruction {
 library Instructions {
     uint16 internal constant UNREACHABLE = 0x00;
     uint16 internal constant NOP = 0x01;
-    uint16 internal constant BLOCK = 0x02;
-    uint16 internal constant BRANCH = 0x0C;
-    uint16 internal constant BRANCH_IF = 0x0D;
     uint16 internal constant RETURN = 0x0F;
     uint16 internal constant CALL = 0x10;
     uint16 internal constant CALL_INDIRECT = 0x11;
@@ -129,14 +126,11 @@ library Instructions {
     uint16 internal constant I64_EXTEND_16S = 0xC3;
     uint16 internal constant I64_EXTEND_32S = 0xC4;
 
-    uint16 internal constant END_BLOCK = 0x8000;
-    uint16 internal constant END_BLOCK_IF = 0x8001;
     uint16 internal constant INIT_FRAME = 0x8002;
-    uint16 internal constant ARBITRARY_JUMP_IF = 0x8003;
-    uint16 internal constant PUSH_STACK_BOUNDARY = 0x8004;
+    uint16 internal constant ARBITRARY_JUMP = 0x8003;
+    uint16 internal constant ARBITRARY_JUMP_IF = 0x8004;
     uint16 internal constant MOVE_FROM_STACK_TO_INTERNAL = 0x8005;
     uint16 internal constant MOVE_FROM_INTERNAL_TO_STACK = 0x8006;
-    uint16 internal constant IS_STACK_BOUNDARY = 0x8007;
     uint16 internal constant DUP = 0x8008;
     uint16 internal constant CROSS_MODULE_CALL = 0x8009;
     uint16 internal constant CALLER_MODULE_INTERNAL_CALL = 0x800A;
@@ -150,8 +144,6 @@ library Instructions {
     uint16 internal constant READ_INBOX_MESSAGE = 0x8021;
     uint16 internal constant HALT_AND_SET_FINISHED = 0x8022;
 
-    uint16 internal constant ARBITRARY_JUMP = 0x8023;
-
     uint256 internal constant INBOX_INDEX_SEQUENCER = 0;
     uint256 internal constant INBOX_INDEX_DELAYED = 1;
 

package/src/state/Machine.sol

@@ -5,7 +5,6 @@
 pragma solidity ^0.8.0;
 
 import "./ValueStack.sol";
-import "./PcStack.sol";
 import "./Instructions.sol";
 import "./StackFrame.sol";
 
@@ -20,7 +19,6 @@ struct Machine {
     MachineStatus status;
     ValueStack valueStack;
     ValueStack internalStack;
-    PcStack blockStack;
     StackFrameWindow frameStack;
     bytes32 globalStateHash;
     uint32 moduleIdx;
@@ -30,7 +28,6 @@ struct Machine {
 }
 
 library MachineLib {
-    using PcStackLib for PcStack;
     using StackFrameLib for StackFrameWindow;
     using ValueStackLib for ValueStack;
 
@@ -43,7 +40,6 @@ library MachineLib {
                         "Machine running:",
                         mach.valueStack.hash(),
                         mach.internalStack.hash(),
-                        mach.blockStack.hash(),
                         mach.frameStack.hash(),
                         mach.globalStateHash,
                         mach.moduleIdx,

package/src/state/ModuleMemory.sol

@@ -9,6 +9,7 @@ import "./Deserialize.sol";
 
 struct ModuleMemory {
     uint64 size;
+    uint64 maxSize;
     bytes32 merkleRoot;
 }
 
@@ -16,7 +17,7 @@ library ModuleMemoryLib {
     using MerkleProofLib for MerkleProof;
 
     function hash(ModuleMemory memory mem) internal pure returns (bytes32) {
-        return keccak256(abi.encodePacked("Memory:", mem.size, mem.merkleRoot));
+        return keccak256(abi.encodePacked("Memory:", mem.size, mem.maxSize, mem.merkleRoot));
     }
 
     function proveLeaf(

package/src/state/Value.sol

@@ -11,8 +11,7 @@ enum ValueType {
     F64,
     REF_NULL,
     FUNC_REF,
-    INTERNAL_REF,
-    STACK_BOUNDARY
+    INTERNAL_REF
 }
 
 struct Value {
@@ -26,7 +25,7 @@ library ValueLib {
     }
 
     function maxValueType() internal pure returns (ValueType) {
-        return ValueType.STACK_BOUNDARY;
+        return ValueType.INTERNAL_REF;
     }
 
     function assumeI32(Value memory val) internal pure returns (uint32) {