@arbitrum/nitro-contracts 1.0.0-beta.5 → 1.0.0-beta.6

package/src/bridge/SequencerInbox.sol

@@ -5,9 +5,12 @@
 pragma solidity ^0.8.0;
 
 import "./IBridge.sol";
+import "./IInbox.sol";
 import "./ISequencerInbox.sol";
+import "../rollup/IRollupLogic.sol";
 import "./Messages.sol";
 
+import {L1MessageType_batchPostingReport} from "../libraries/MessageTypes.sol";
 import {GasRefundEnabled, IGasRefunder} from "../libraries/IGasRefunder.sol";
 import "../libraries/DelegateCallAware.sol";
 import {MAX_DATA_SIZE} from "../libraries/Constants.sol";
@@ -20,10 +23,9 @@ import {MAX_DATA_SIZE} from "../libraries/Constants.sol";
  * sequencer within a time limit they can be force included into the rollup inbox by anyone.
  */
 contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox {
-    bytes32[] public override inboxAccs;
     uint256 public totalDelayedMessagesRead;
 
-    IBridge public delayedBridge;
+    IBridge public bridge;
 
     /// @dev The size of the batch header
     uint256 public constant HEADER_LENGTH = 40;
@@ -31,19 +33,29 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
     /// the sequencer inbox has authenticated the data. Currently not used.
     bytes1 public constant DATA_AUTHENTICATED_FLAG = 0x40;
 
-    address public rollup;
+    IOwnable public rollup;
     mapping(address => bool) public isBatchPoster;
     ISequencerInbox.MaxTimeVariation public maxTimeVariation;
 
+    struct DasKeySetInfo {
+        bool isValidKeyset;
+        uint64 creationBlock;
+    }
+    mapping(bytes32 => DasKeySetInfo) public dasKeySetInfo;
+
+    modifier onlyRollupOwner() {
+        if (msg.sender != rollup.owner()) revert NotOwner(msg.sender, address(rollup));
+        _;
+    }
+
     function initialize(
-        IBridge delayedBridge_,
-        address rollup_,
+        IBridge bridge_,
         ISequencerInbox.MaxTimeVariation calldata maxTimeVariation_
     ) external onlyDelegated {
-        if (delayedBridge != IBridge(address(0))) revert AlreadyInit();
-        if (delayedBridge_ == IBridge(address(0))) revert HadZeroInit();
-        delayedBridge = delayedBridge_;
-        rollup = rollup_;
+        if (bridge != IBridge(address(0))) revert AlreadyInit();
+        if (bridge_ == IBridge(address(0))) revert HadZeroInit();
+        bridge = bridge_;
+        rollup = bridge_.rollup();
         maxTimeVariation = maxTimeVariation_;
     }
 
@@ -98,22 +110,24 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         // Verify that message hash represents the last message sequence of delayed message to be included
         bytes32 prevDelayedAcc = 0;
         if (_totalDelayedMessagesRead > 1) {
-            prevDelayedAcc = delayedBridge.inboxAccs(_totalDelayedMessagesRead - 2);
+            prevDelayedAcc = bridge.delayedInboxAccs(_totalDelayedMessagesRead - 2);
         }
         if (
-            delayedBridge.inboxAccs(_totalDelayedMessagesRead - 1) !=
+            bridge.delayedInboxAccs(_totalDelayedMessagesRead - 1) !=
             Messages.accumulateInboxMessage(prevDelayedAcc, messageHash)
         ) revert IncorrectMessagePreimage();
 
         (bytes32 dataHash, TimeBounds memory timeBounds) = formEmptyDataHash(
             _totalDelayedMessagesRead
         );
-        (bytes32 beforeAcc, bytes32 delayedAcc, bytes32 afterAcc) = addSequencerL2BatchImpl(
-            dataHash,
-            _totalDelayedMessagesRead
-        );
+        (
+            uint256 seqMessageIndex,
+            bytes32 beforeAcc,
+            bytes32 delayedAcc,
+            bytes32 afterAcc
+        ) = addSequencerL2BatchImpl(dataHash, _totalDelayedMessagesRead, 0);
         emit SequencerBatchDelivered(
-            inboxAccs.length - 1,
+            seqMessageIndex,
             beforeAcc,
             afterAcc,
             delayedAcc,
@@ -128,21 +142,24 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         bytes calldata data,
         uint256 afterDelayedMessagesRead,
         IGasRefunder gasRefunder
-    ) external refundsGasWithCalldata(gasRefunder, payable(msg.sender)) {
+    ) external refundsGas(gasRefunder) {
         // solhint-disable-next-line avoid-tx-origin
         if (msg.sender != tx.origin) revert NotOrigin();
         if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
-        if (inboxAccs.length != sequenceNumber) revert BadSequencerNumber();
         (bytes32 dataHash, TimeBounds memory timeBounds) = formDataHash(
             data,
             afterDelayedMessagesRead
         );
-        (bytes32 beforeAcc, bytes32 delayedAcc, bytes32 afterAcc) = addSequencerL2BatchImpl(
-            dataHash,
-            afterDelayedMessagesRead
-        );
+        (
+            uint256 seqMessageIndex,
+            bytes32 beforeAcc,
+            bytes32 delayedAcc,
+            bytes32 afterAcc
+        ) = addSequencerL2BatchImpl(dataHash, afterDelayedMessagesRead, data.length);
+        if (seqMessageIndex != sequenceNumber)
+            revert BadSequencerNumber(seqMessageIndex, sequenceNumber);
         emit SequencerBatchDelivered(
-            inboxAccs.length - 1,
+            sequenceNumber,
             beforeAcc,
             afterAcc,
             delayedAcc,
@@ -157,18 +174,23 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         bytes calldata data,
         uint256 afterDelayedMessagesRead,
         IGasRefunder gasRefunder
-    ) external override refundsGasNoCalldata(gasRefunder, payable(msg.sender)) {
-        if (!isBatchPoster[msg.sender] && msg.sender != rollup) revert NotBatchPoster();
-        if (inboxAccs.length != sequenceNumber) revert BadSequencerNumber();
+    ) external override refundsGas(gasRefunder) {
+        if (!isBatchPoster[msg.sender] && msg.sender != address(rollup)) revert NotBatchPoster();
 
         (bytes32 dataHash, TimeBounds memory timeBounds) = formDataHash(
             data,
             afterDelayedMessagesRead
         );
-        (bytes32 beforeAcc, bytes32 delayedAcc, bytes32 afterAcc) = addSequencerL2BatchImpl(
-            dataHash,
-            afterDelayedMessagesRead
-        );
+        // we set the calldata length posted to 0 here since the caller isn't the origin
+        // of the tx, so they might have not paid tx input cost for the calldata
+        (
+            uint256 seqMessageIndex,
+            bytes32 beforeAcc,
+            bytes32 delayedAcc,
+            bytes32 afterAcc
+        ) = addSequencerL2BatchImpl(dataHash, afterDelayedMessagesRead, 0);
+        if (seqMessageIndex != sequenceNumber)
+            revert BadSequencerNumber(seqMessageIndex, sequenceNumber);
         emit SequencerBatchDelivered(
             sequenceNumber,
             beforeAcc,
@@ -181,6 +203,22 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         emit SequencerBatchData(sequenceNumber, data);
     }
 
+    modifier validateBatchData(bytes calldata data) {
+        uint256 fullDataLen = HEADER_LENGTH + data.length;
+        if (fullDataLen > MAX_DATA_SIZE) revert DataTooLarge(fullDataLen, MAX_DATA_SIZE);
+        if (data.length > 0 && (data[0] & DATA_AUTHENTICATED_FLAG) == DATA_AUTHENTICATED_FLAG) {
+            revert DataNotAuthenticated();
+        }
+        // the first byte is used to identify the type of batch data
+        // das batches expect to have the type byte set, followed by the keyset (so they should have at least 33 bytes)
+        if (data.length >= 33 && data[0] & 0x80 != 0) {
+            // we skip the first byte, then read the next 32 bytes for the keyset
+            bytes32 dasKeysetHash = bytes32(data[1:33]);
+            if (!dasKeySetInfo[dasKeysetHash].isValidKeyset) revert NoSuchKeyset(dasKeysetHash);
+        }
+        _;
+    }
+
     function packHeader(uint256 afterDelayedMessagesRead)
         internal
         view
@@ -202,25 +240,12 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
     function formDataHash(bytes calldata data, uint256 afterDelayedMessagesRead)
         internal
         view
+        validateBatchData(data)
         returns (bytes32, TimeBounds memory)
     {
-        uint256 fullDataLen = HEADER_LENGTH + data.length;
-        if (fullDataLen < HEADER_LENGTH) revert DataLengthOverflow();
-        if (fullDataLen > MAX_DATA_SIZE) revert DataTooLarge(fullDataLen, MAX_DATA_SIZE);
-        bytes memory fullData = new bytes(fullDataLen);
         (bytes memory header, TimeBounds memory timeBounds) = packHeader(afterDelayedMessagesRead);
-
-        for (uint256 i = 0; i < HEADER_LENGTH; i++) {
-            fullData[i] = header[i];
-        }
-        if (data.length > 0 && (data[0] & DATA_AUTHENTICATED_FLAG) == DATA_AUTHENTICATED_FLAG) {
-            revert DataNotAuthenticated();
-        }
-        // copy data into fullData at offset of HEADER_LENGTH (the extra 32 offset is because solidity puts the array len first)
-        assembly {
-            calldatacopy(add(fullData, add(HEADER_LENGTH, 32)), data.offset, data.length)
-        }
-        return (keccak256(fullData), timeBounds);
+        bytes32 dataHash = keccak256(bytes.concat(header, data));
+        return (dataHash, timeBounds);
     }
 
     function formEmptyDataHash(uint256 afterDelayedMessagesRead)
@@ -232,43 +257,117 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         return (keccak256(header), timeBounds);
     }
 
-    function addSequencerL2BatchImpl(bytes32 dataHash, uint256 afterDelayedMessagesRead)
+    function addSequencerL2BatchImpl(
+        bytes32 dataHash,
+        uint256 afterDelayedMessagesRead,
+        uint256 calldataLengthPosted
+    )
         internal
         returns (
+            uint256 seqMessageIndex,
             bytes32 beforeAcc,
             bytes32 delayedAcc,
             bytes32 acc
         )
     {
         if (afterDelayedMessagesRead < totalDelayedMessagesRead) revert DelayedBackwards();
-        if (afterDelayedMessagesRead > delayedBridge.messageCount()) revert DelayedTooFar();
+        if (afterDelayedMessagesRead > bridge.delayedMessageCount()) revert DelayedTooFar();
 
-        if (inboxAccs.length > 0) {
-            beforeAcc = inboxAccs[inboxAccs.length - 1];
-        }
-        if (afterDelayedMessagesRead > 0) {
-            delayedAcc = delayedBridge.inboxAccs(afterDelayedMessagesRead - 1);
-        }
+        (seqMessageIndex, beforeAcc, delayedAcc, acc) = bridge.enqueueSequencerMessage(
+            dataHash,
+            afterDelayedMessagesRead
+        );
 
-        acc = keccak256(abi.encodePacked(beforeAcc, dataHash, delayedAcc));
-        inboxAccs.push(acc);
         totalDelayedMessagesRead = afterDelayedMessagesRead;
+
+        if (calldataLengthPosted > 0) {
+            // this msg isn't included in the current sequencer batch, but instead added to
+            // the delayed messages queue that is yet to be included
+            address batchPoster = msg.sender;
+            bytes memory spendingReportMsg = abi.encodePacked(
+                block.timestamp,
+                batchPoster,
+                dataHash,
+                seqMessageIndex,
+                block.basefee
+            );
+            uint256 msgNum = bridge.submitBatchSpendingReport(
+                batchPoster,
+                keccak256(spendingReportMsg)
+            );
+            // this is the same event used by Inbox.sol after including a message to the delayed message accumulator
+            emit InboxMessageDelivered(msgNum, spendingReportMsg);
+        }
+    }
+
+    function inboxAccs(uint256 index) external view override returns (bytes32) {
+        return bridge.sequencerInboxAccs(index);
     }
 
     function batchCount() external view override returns (uint256) {
-        return inboxAccs.length;
+        return bridge.sequencerMessageCount();
     }
 
+    /**
+     * @notice Set max delay for sequencer inbox
+     * @param maxTimeVariation_ the maximum time variation parameters
+     */
     function setMaxTimeVariation(ISequencerInbox.MaxTimeVariation memory maxTimeVariation_)
         external
         override
+        onlyRollupOwner
     {
-        if (msg.sender != rollup) revert NotRollup(msg.sender, rollup);
         maxTimeVariation = maxTimeVariation_;
+        emit OwnerFunctionCalled(0);
     }
 
-    function setIsBatchPoster(address addr, bool isBatchPoster_) external override {
-        if (msg.sender != rollup) revert NotRollup(msg.sender, rollup);
+    /**
+     * @notice Updates whether an address is authorized to be a batch poster at the sequencer inbox
+     * @param addr the address
+     * @param isBatchPoster_ if the specified address should be authorized as a batch poster
+     */
+    function setIsBatchPoster(address addr, bool isBatchPoster_) external override onlyRollupOwner {
         isBatchPoster[addr] = isBatchPoster_;
+        emit OwnerFunctionCalled(1);
+    }
+
+    /**
+     * @notice Makes Data Availability Service keyset valid
+     * @param keysetBytes bytes of the serialized keyset
+     */
+    function setValidKeyset(bytes calldata keysetBytes) external override onlyRollupOwner {
+        bytes32 ksHash = keccak256(keysetBytes);
+        if (dasKeySetInfo[ksHash].isValidKeyset) revert AlreadyValidDASKeyset(ksHash);
+        dasKeySetInfo[ksHash] = DasKeySetInfo({
+            isValidKeyset: true,
+            creationBlock: uint64(block.number)
+        });
+        emit SetValidKeyset(ksHash, keysetBytes);
+        emit OwnerFunctionCalled(2);
+    }
+
+    /**
+     * @notice Invalidates a Data Availability Service keyset
+     * @param ksHash hash of the keyset
+     */
+    function invalidateKeysetHash(bytes32 ksHash) external override onlyRollupOwner {
+        if (!dasKeySetInfo[ksHash].isValidKeyset) revert NoSuchKeyset(ksHash);
+        // we don't delete the block creation value since its used to fetch the SetValidKeyset
+        // event efficiently. The event provides the hash preimage of the key.
+        // this is still needed when syncing the chain after a keyset is invalidated.
+        dasKeySetInfo[ksHash].isValidKeyset = false;
+        emit InvalidateKeyset(ksHash);
+        emit OwnerFunctionCalled(3);
+    }
+
+    function isValidKeysetHash(bytes32 ksHash) external view returns (bool) {
+        return dasKeySetInfo[ksHash].isValidKeyset;
+    }
+
+    /// @notice the creation block is intended to still be available after a keyset is deleted
+    function getKeysetCreationBlock(bytes32 ksHash) external view returns (uint256) {
+        DasKeySetInfo memory ksInfo = dasKeySetInfo[ksHash];
+        if (ksInfo.creationBlock == 0) revert NoSuchKeyset(ksHash);
+        return uint256(ksInfo.creationBlock);
     }
 }

package/src/challenge/ChallengeLib.sol

@@ -61,14 +61,12 @@ library ChallengeLib {
         ValueArray memory valuesArray = ValueArray({inner: startingValues});
         ValueStack memory values = ValueStack({proved: valuesArray, remainingHash: 0});
         ValueStack memory internalStack;
-        PcStack memory blocks;
         StackFrameWindow memory frameStack;
 
         Machine memory mach = Machine({
             status: MachineStatus.RUNNING,
             valueStack: values,
             internalStack: internalStack,
-            blockStack: blocks,
             frameStack: frameStack,
             globalStateHash: globalStateHash,
             moduleIdx: 0,

package/src/challenge/ChallengeManager.sol

@@ -33,7 +33,7 @@ contract ChallengeManager is DelegateCallAware, IChallengeManager {
     IChallengeResultReceiver public resultReceiver;
 
     ISequencerInbox public sequencerInbox;
-    IBridge public delayedBridge;
+    IBridge public bridge;
     IOneStepProofEntry public osp;
 
     function challengeInfo(uint64 challengeIndex)
@@ -99,14 +99,14 @@ contract ChallengeManager is DelegateCallAware, IChallengeManager {
     function initialize(
         IChallengeResultReceiver resultReceiver_,
         ISequencerInbox sequencerInbox_,
-        IBridge delayedBridge_,
+        IBridge bridge_,
         IOneStepProofEntry osp_
     ) external override onlyDelegated {
         require(address(resultReceiver) == address(0), "ALREADY_INIT");
         require(address(resultReceiver_) != address(0), "NO_RESULT_RECEIVER");
         resultReceiver = resultReceiver_;
         sequencerInbox = sequencerInbox_;
-        delayedBridge = delayedBridge_;
+        bridge = bridge_;
         osp = osp_;
     }
 
@@ -254,11 +254,7 @@ contract ChallengeManager is DelegateCallAware, IChallengeManager {
         }
 
         bytes32 afterHash = osp.proveOneStep(
-            ExecutionContext({
-                maxInboxMessagesRead: challenge.maxInboxMessages,
-                sequencerInbox: sequencerInbox,
-                delayedBridge: delayedBridge
-            }),
+            ExecutionContext({maxInboxMessagesRead: challenge.maxInboxMessages, bridge: bridge}),
             challengeStart,
             selection.oldSegments[selection.challengePosition],
             proof

package/src/challenge/IChallengeManager.sol

@@ -43,7 +43,7 @@ interface IChallengeManager {
     function initialize(
         IChallengeResultReceiver resultReceiver_,
         ISequencerInbox sequencerInbox_,
-        IBridge delayedBridge_,
+        IBridge bridge_,
         IOneStepProofEntry osp_
     ) external;
 

package/src/libraries/Error.sol

@@ -36,3 +36,9 @@ error NotContract(address addr);
 /// @param actualLength The length of the merkle proof provided
 /// @param maxProofLength The max length a merkle proof can have
 error MerkleProofTooLong(uint256 actualLength, uint256 maxProofLength);
+
+/// @dev Thrown when an un-authorized address tries to access an admin function
+/// @param sender The un-authorized sender
+/// @param rollup The rollup, which would be authorized
+/// @param owner The rollup's owner, which would be authorized
+error NotRollupOrOwner(address sender, address rollup, address owner);

package/src/libraries/IGasRefunder.sol

@@ -13,23 +13,22 @@ interface IGasRefunder {
 }
 
 abstract contract GasRefundEnabled {
-    modifier refundsGasWithCalldata(IGasRefunder gasRefunder, address payable spender) {
+    /// @dev this refunds the sender for execution costs of the tx
+    /// calldata costs are only refunded if `msg.sender == tx.origin` to guarantee the value refunded relates to charging
+    /// for the `tx.input`. this avoids a possible attack where you generate large calldata from a contract and get over-refunded
+    modifier refundsGas(IGasRefunder gasRefunder) {
         uint256 startGasLeft = gasleft();
         _;
         if (address(gasRefunder) != address(0)) {
-            uint256 calldataSize;
-            assembly {
-                calldataSize := calldatasize()
+            uint256 calldataSize = 0;
+            // if triggered in a contract call, the spender may be overrefunded by appending dummy data to the call
+            // so we check if it is a top level call, which would mean the sender paid calldata as part of tx.input
+            if (msg.sender == tx.origin) {
+                assembly {
+                    calldataSize := calldatasize()
+                }
             }
-            gasRefunder.onGasSpent(spender, startGasLeft - gasleft(), calldataSize);
-        }
-    }
-
-    modifier refundsGasNoCalldata(IGasRefunder gasRefunder, address payable spender) {
-        uint256 startGasLeft = gasleft();
-        _;
-        if (address(gasRefunder) != address(0)) {
-            gasRefunder.onGasSpent(spender, startGasLeft - gasleft(), 0);
+            gasRefunder.onGasSpent(payable(msg.sender), startGasLeft - gasleft(), calldataSize);
         }
     }
 }

package/src/libraries/MerkleLib.sol

@@ -34,10 +34,19 @@ library MerkleLib {
         if (proofItems > 256) revert MerkleProofTooLong(proofItems, 256);
         bytes32 h = item;
         for (uint256 i = 0; i < proofItems; i++) {
+            bytes32 node = nodes[i];
             if (route % 2 == 0) {
-                h = keccak256(abi.encodePacked(h, nodes[i]));
+                assembly {
+                    mstore(0x00, h)
+                    mstore(0x20, node)
+                    h := keccak256(0x00, 0x40)
+                }
             } else {
-                h = keccak256(abi.encodePacked(nodes[i], h));
+                assembly {
+                    mstore(0x00, node)
+                    mstore(0x20, h)
+                    h := keccak256(0x00, 0x40)
+                }
             }
             route /= 2;
         }

package/src/libraries/MessageTypes.sol

@@ -8,6 +8,7 @@ uint8 constant L2_MSG = 3;
 uint8 constant L1MessageType_L2FundedByL1 = 7;
 uint8 constant L1MessageType_submitRetryableTx = 9;
 uint8 constant L1MessageType_ethDeposit = 12;
+uint8 constant L1MessageType_batchPostingReport = 13;
 uint8 constant L2MessageType_unsignedEOATx = 0;
 uint8 constant L2MessageType_unsignedContractTx = 1;
 

package/src/mocks/BridgeStub.sol

@@ -14,19 +14,28 @@ contract BridgeStub is IBridge {
         bool allowed;
     }
 
-    mapping(address => InOutInfo) private allowedInboxesMap;
+    mapping(address => InOutInfo) private allowedDelayedInboxesMap;
     //mapping(address => InOutInfo) private allowedOutboxesMap;
 
-    address[] public allowedInboxList;
+    address[] public allowedDelayedInboxList;
     address[] public allowedOutboxList;
 
     address public override activeOutbox;
 
     // Accumulator for delayed inbox; tail represents hash of the current state; each element represents the inclusion of a new message.
-    bytes32[] public override inboxAccs;
+    bytes32[] public override delayedInboxAccs;
 
-    function allowedInboxes(address inbox) external view override returns (bool) {
-        return allowedInboxesMap[inbox].allowed;
+    bytes32[] public override sequencerInboxAccs;
+
+    address public sequencerInbox;
+
+    function setSequencerInbox(address _sequencerInbox) external override {
+        sequencerInbox = _sequencerInbox;
+        emit SequencerInboxUpdated(_sequencerInbox);
+    }
+
+    function allowedDelayedInboxes(address inbox) external view override returns (bool) {
+        return allowedDelayedInboxesMap[inbox].allowed;
     }
 
     function allowedOutboxes(address) external pure override returns (bool) {
@@ -38,9 +47,9 @@ contract BridgeStub is IBridge {
         address sender,
         bytes32 messageDataHash
     ) external payable override returns (uint256) {
-        require(allowedInboxesMap[msg.sender].allowed, "NOT_FROM_INBOX");
+        require(allowedDelayedInboxesMap[msg.sender].allowed, "NOT_FROM_INBOX");
         return
-            addMessageToAccumulator(
+            addMessageToDelayedAccumulator(
                 kind,
                 sender,
                 block.number,
@@ -50,7 +59,34 @@ contract BridgeStub is IBridge {
             );
     }
 
-    function addMessageToAccumulator(
+    function enqueueSequencerMessage(bytes32 dataHash, uint256 afterDelayedMessagesRead)
+        external
+        returns (
+            uint256 seqMessageIndex,
+            bytes32 beforeAcc,
+            bytes32 delayedAcc,
+            bytes32 acc
+        )
+    {
+        seqMessageIndex = sequencerInboxAccs.length;
+        if (sequencerInboxAccs.length > 0) {
+            beforeAcc = sequencerInboxAccs[sequencerInboxAccs.length - 1];
+        }
+        if (afterDelayedMessagesRead > 0) {
+            delayedAcc = delayedInboxAccs[afterDelayedMessagesRead - 1];
+        }
+        acc = keccak256(abi.encodePacked(beforeAcc, dataHash, delayedAcc));
+        sequencerInboxAccs.push(acc);
+    }
+
+    function submitBatchSpendingReport(address batchPoster, bytes32 dataHash)
+        external
+        returns (uint256)
+    {
+        // TODO: implement stub
+    }
+
+    function addMessageToDelayedAccumulator(
         uint8,
         address,
         uint256,
@@ -58,7 +94,7 @@ contract BridgeStub is IBridge {
         uint256,
         bytes32 messageDataHash
     ) internal returns (uint256) {
-        uint256 count = inboxAccs.length;
+        uint256 count = delayedInboxAccs.length;
         bytes32 messageHash = Messages.messageHash(
             0,
             address(uint160(0)),
@@ -70,9 +106,9 @@ contract BridgeStub is IBridge {
         );
         bytes32 prevAcc = 0;
         if (count > 0) {
-            prevAcc = inboxAccs[count - 1];
+            prevAcc = delayedInboxAccs[count - 1];
         }
-        inboxAccs.push(Messages.accumulateInboxMessage(prevAcc, messageHash));
+        delayedInboxAccs.push(Messages.accumulateInboxMessage(prevAcc, messageHash));
         return count;
     }
 
@@ -84,21 +120,23 @@ contract BridgeStub is IBridge {
         revert("NOT_IMPLEMENTED");
     }
 
-    function setInbox(address inbox, bool enabled) external override {
-        InOutInfo storage info = allowedInboxesMap[inbox];
+    function setDelayedInbox(address inbox, bool enabled) external override {
+        InOutInfo storage info = allowedDelayedInboxesMap[inbox];
         bool alreadyEnabled = info.allowed;
         emit InboxToggle(inbox, enabled);
         if ((alreadyEnabled && enabled) || (!alreadyEnabled && !enabled)) {
             return;
         }
         if (enabled) {
-            allowedInboxesMap[inbox] = InOutInfo(allowedInboxList.length, true);
-            allowedInboxList.push(inbox);
+            allowedDelayedInboxesMap[inbox] = InOutInfo(allowedDelayedInboxList.length, true);
+            allowedDelayedInboxList.push(inbox);
         } else {
-            allowedInboxList[info.index] = allowedInboxList[allowedInboxList.length - 1];
-            allowedInboxesMap[allowedInboxList[info.index]].index = info.index;
-            allowedInboxList.pop();
-            delete allowedInboxesMap[inbox];
+            allowedDelayedInboxList[info.index] = allowedDelayedInboxList[
+                allowedDelayedInboxList.length - 1
+            ];
+            allowedDelayedInboxesMap[allowedDelayedInboxList[info.index]].index = info.index;
+            allowedDelayedInboxList.pop();
+            delete allowedDelayedInboxesMap[inbox];
         }
     }
 
@@ -109,7 +147,15 @@ contract BridgeStub is IBridge {
         revert("NOT_IMPLEMENTED");
     }
 
-    function messageCount() external view override returns (uint256) {
-        return inboxAccs.length;
+    function delayedMessageCount() external view override returns (uint256) {
+        return delayedInboxAccs.length;
+    }
+
+    function sequencerMessageCount() external view override returns (uint256) {
+        return sequencerInboxAccs.length;
+    }
+
+    function rollup() external pure override returns (IOwnable) {
+        revert("NOT_IMPLEMENTED");
     }
 }

package/src/mocks/InboxStub.sol

@@ -28,16 +28,10 @@ contract InboxStub is IInbox {
     }
 
     /**
-     * @notice Send a generic L2 message to the chain
-     * @dev This method is an optimization to avoid having to emit the entirety of the messageData in a log. Instead validators are expected to be able to parse the data from the transaction's input
-     * @param messageData Data of the message being sent
+     * @dev DEPRECATED in favor of sendL2Message
      */
     function sendL2MessageFromOrigin(bytes calldata messageData) external returns (uint256) {
-        // solhint-disable-next-line avoid-tx-origin
-        require(msg.sender == tx.origin, "origin only");
-        uint256 msgNum = deliverToBridge(L2_MSG, msg.sender, keccak256(messageData));
-        emit InboxMessageDeliveredFromOrigin(msgNum);
-        return msgNum;
+        return sendL2Message(messageData);
     }
 
     /**
@@ -45,7 +39,7 @@ contract InboxStub is IInbox {
      * @dev This method can be used to send any type of message that doesn't require L1 validation
      * @param messageData Data of the message being sent
      */
-    function sendL2Message(bytes calldata messageData) external override returns (uint256) {
+    function sendL2Message(bytes calldata messageData) public override returns (uint256) {
         uint256 msgNum = deliverToBridge(L2_MSG, msg.sender, keccak256(messageData));
         emit InboxMessageDelivered(msgNum, messageData);
         return msgNum;