feat: pectra compatibility (#1053)

Updates checkpoint proof system to be Pectra compatible. The breaking
change to EigenPods is the `BeaconState` container increasing to have 37
fields, which results in the tree height to be > 5.

We need to solve for the following cases:

- Prevent deneb proofs from being submitted to pectra blocks
- Ensure that the PECTRA_FORK_TIMESTAMP is the first timestamp at or
after the pectra hard fork for which there is a non missed slot

To do this, here is the upgrade process:

1. Pause checkpoint starting & credential proofs
2. Upgrade after fork is hit
3. Run script to detect the first timestamp at or after the pectra hard
fork for which there is a non missed slot
4. Set pectra fork timestamp to the first timestamp at which there is a
pectra block header
5. Unpause

- Updated balance container and validator container proofs to pass in a
proof timestamp & pectra fork timestamp to check against which tree
height to use for the beacon state
- Modify storing variables in memory to handle stack too deep errors
- Note that since the 4788 oracle returns the PARENT beacon block root,
our check against the pectra fork timestamp returns the previous tree
length for proofs that are <= `pectraForkTimestamp`

- Post pectra, we can upgrade the EigenPod to deprecate the fork
timestamp case handling once all in progress pre-Pectra checkpoints have
been completed

- [x] Unit Tests
- [x] Integration Tests simulating upgrade
- [x] Mekong Deployment
- [x] Update Integration Test User to use validators >32 ETH

Author: ypatil12

src/contracts/interfaces/IEigenPod.sol

@@ -66,6 +66,8 @@ interface IEigenPodErrors {
     error MsgValueNot32ETH();
     /// @dev Thrown when provided `beaconTimestamp` is too far in the past.
     error BeaconTimestampTooFarInPast();
+    /// @dev Thrown when the pectraForkTimestamp returned from the EigenPodManager is zero
+    error ForkTimestampZero();
 }
 
 interface IEigenPodTypes {
@@ -145,6 +147,7 @@ interface IEigenPod is IEigenPodErrors, IEigenPodEvents {
     ) external;
 
     /// @notice Called by EigenPodManager when the owner wants to create another ETH validator.
+    /// @dev This function only supports staking to a 0x01 validator. For compounding validators, please interact directly with the deposit contract.
     function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable;
 
     /**

src/contracts/interfaces/IEigenPodManager.sol

@@ -25,6 +25,8 @@ interface IEigenPodManagerErrors {
     /// @dev Thrown when the pods shares are negative and a beacon chain balance update is attempted.
     /// The podOwner should complete legacy withdrawal first.
     error LegacyWithdrawalsNotCompleted();
+    /// @dev Thrown when caller is not the proof timestamp setter
+    error OnlyProofTimestampSetter();
 }
 
 interface IEigenPodManagerEvents {
@@ -54,6 +56,15 @@ interface IEigenPodManagerEvents {
     event BeaconChainSlashingFactorDecreased(
         address staker, uint64 prevBeaconChainSlashingFactor, uint64 newBeaconChainSlashingFactor
     );
+
+    /// @notice Emitted when an operator is slashed and shares to be burned are increased
+    event BurnableETHSharesIncreased(uint256 shares);
+
+    /// @notice Emitted when the Pectra fork timestamp is updated
+    event PectraForkTimestampSet(uint64 newPectraForkTimestamp);
+
+    /// @notice Emitted when the proof timestamp setter is updated
+    event ProofTimestampSetterSet(address newProofTimestampSetter);
 }
 
 interface IEigenPodManagerTypes {
@@ -115,6 +126,16 @@ interface IEigenPodManager is
         int256 balanceDeltaWei
     ) external;
 
+    /// @notice Sets the address that can set proof timestamps
+    function setProofTimestampSetter(
+        address newProofTimestampSetter
+    ) external;
+
+    /// @notice Sets the Pectra fork timestamp, only callable by `proofTimestampSetter`
+    function setPectraForkTimestamp(
+        uint64 timestamp
+    ) external;
+
     /// @notice Returns the address of the `podOwner`'s EigenPod if it has been deployed.
     function ownerToPod(
         address podOwner
@@ -161,4 +182,11 @@ interface IEigenPodManager is
     function beaconChainSlashingFactor(
         address staker
     ) external view returns (uint64);
+
+    /// @notice Returns the accumulated amount of beacon chain ETH Strategy shares
+    function burnableETHShares() external view returns (uint256);
+
+    /// @notice Returns the timestamp of the Pectra hard fork
+    /// @dev Specifically, this returns the timestamp of the first non-missed slot at or after the Pectra hard fork
+    function pectraForkTimestamp() external view returns (uint64);
 }

src/contracts/libraries/BeaconChainProofs.sol

@@ -28,7 +28,8 @@ library BeaconChainProofs {
     /// |                                             HEIGHT: VALIDATOR_TREE_HEIGHT
     /// individual validators
     uint256 internal constant BEACON_BLOCK_HEADER_TREE_HEIGHT = 3;
-    uint256 internal constant BEACON_STATE_TREE_HEIGHT = 5;
+    uint256 internal constant DENEB_BEACON_STATE_TREE_HEIGHT = 5;
+    uint256 internal constant PECTRA_BEACON_STATE_TREE_HEIGHT = 6;
     uint256 internal constant BALANCE_TREE_HEIGHT = 38;
     uint256 internal constant VALIDATOR_TREE_HEIGHT = 40;
 
@@ -71,6 +72,12 @@ library BeaconChainProofs {
     uint64 internal constant FAR_FUTURE_EPOCH = type(uint64).max;
     bytes8 internal constant UINT64_MASK = 0xffffffffffffffff;
 
+    /// @notice The beacon chain version to validate against
+    enum ProofVersion {
+        DENEB,
+        PECTRA
+    }
+
     /// @notice Contains a beacon state root and a merkle proof verifying its inclusion under a beacon block root
     struct StateRootProof {
         bytes32 beaconStateRoot;
@@ -134,17 +141,20 @@ library BeaconChainProofs {
     /// @param validatorFieldsProof a merkle proof of inclusion of `validatorFields` under `beaconStateRoot`
     /// @param validatorIndex the validator's unique index
     function verifyValidatorFields(
+        ProofVersion proofVersion,
         bytes32 beaconStateRoot,
         bytes32[] calldata validatorFields,
         bytes calldata validatorFieldsProof,
         uint40 validatorIndex
     ) internal view {
         require(validatorFields.length == VALIDATOR_FIELDS_LENGTH, InvalidValidatorFieldsLength());
 
+        uint256 beaconStateTreeHeight = getBeaconStateTreeHeight(proofVersion);
+
         /// Note: the reason we use `VALIDATOR_TREE_HEIGHT + 1` here is because the merklization process for
         /// this container includes hashing the root of the validator tree with the length of the validator list
         require(
-            validatorFieldsProof.length == 32 * ((VALIDATOR_TREE_HEIGHT + 1) + BEACON_STATE_TREE_HEIGHT),
+            validatorFieldsProof.length == 32 * ((VALIDATOR_TREE_HEIGHT + 1) + beaconStateTreeHeight),
             InvalidProofLength()
         );
 
@@ -185,10 +195,15 @@ library BeaconChainProofs {
     /// against the same balance container root.
     /// @param beaconBlockRoot merkle root of the beacon block
     /// @param proof a beacon balance container root and merkle proof of its inclusion under `beaconBlockRoot`
-    function verifyBalanceContainer(bytes32 beaconBlockRoot, BalanceContainerProof calldata proof) internal view {
+    function verifyBalanceContainer(
+        ProofVersion proofVersion,
+        bytes32 beaconBlockRoot,
+        BalanceContainerProof calldata proof
+    ) internal view {
+        uint256 beaconStateTreeHeight = getBeaconStateTreeHeight(proofVersion);
+
         require(
-            proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT + BEACON_STATE_TREE_HEIGHT),
-            InvalidProofLength()
+            proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT + beaconStateTreeHeight), InvalidProofLength()
         );
 
         /// This proof combines two proofs, so its index accounts for the relative position of leaves in two trees:
@@ -197,7 +212,7 @@ library BeaconChainProofs {
         /// -- beaconStateRoot
         /// |                            HEIGHT: BEACON_STATE_TREE_HEIGHT
         /// ---- balancesContainerRoot
-        uint256 index = (STATE_ROOT_INDEX << (BEACON_STATE_TREE_HEIGHT)) | BALANCE_CONTAINER_INDEX;
+        uint256 index = (STATE_ROOT_INDEX << (beaconStateTreeHeight)) | BALANCE_CONTAINER_INDEX;
 
         require(
             Merkle.verifyInclusionSha256({
@@ -312,4 +327,12 @@ library BeaconChainProofs {
     ) internal pure returns (uint64) {
         return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_EXIT_EPOCH_INDEX]);
     }
+
+    /// @dev We check if the proofTimestamp is <= pectraForkTimestamp because a `proofTimestamp` at the `pectraForkTimestamp`
+    ///      is considered to be Pre-Pectra given the EIP-4788 oracle returns the parent block.
+    function getBeaconStateTreeHeight(
+        ProofVersion proofVersion
+    ) internal pure returns (uint256) {
+        return proofVersion == ProofVersion.DENEB ? DENEB_BEACON_STATE_TREE_HEIGHT : PECTRA_BEACON_STATE_TREE_HEIGHT;
+    }
 }

src/contracts/pods/EigenPod.sol

@@ -159,6 +159,7 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
 
         // Verify `balanceContainerProof` against `beaconBlockRoot`
         BeaconChainProofs.verifyBalanceContainer({
+            proofVersion: _getProofVersion(checkpointTimestamp),
             beaconBlockRoot: checkpoint.beaconBlockRoot,
             proof: balanceContainerProof
         });
@@ -254,6 +255,7 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
         for (uint256 i = 0; i < validatorIndices.length; i++) {
             // forgefmt: disable-next-item
             totalAmountToBeRestakedWei += _verifyWithdrawalCredentials(
+                beaconTimestamp,
                 stateRootProof.beaconStateRoot,
                 validatorIndices[i],
                 validatorFieldsProofs[i],
@@ -341,6 +343,7 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
 
         // Verify Validator container proof against `beaconStateRoot`
         BeaconChainProofs.verifyValidatorFields({
+            proofVersion: _getProofVersion(beaconTimestamp),
             beaconStateRoot: stateRootProof.beaconStateRoot,
             validatorFields: proof.validatorFields,
             validatorFieldsProof: proof.proof,
@@ -378,6 +381,7 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
     }
 
     /// @notice Called by EigenPodManager when the owner wants to create another ETH validator.
+    /// @dev This function only supports staking to a 0x01 validator. For compounding validators, please interact directly with the deposit contract.
     function stake(
         bytes calldata pubkey,
         bytes calldata signature,
@@ -419,6 +423,7 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
      * @param validatorFields are the fields of the "Validator Container", refer to consensus specs
      */
     function _verifyWithdrawalCredentials(
+        uint64 beaconTimestamp,
         bytes32 beaconStateRoot,
         uint40 validatorIndex,
         bytes calldata validatorFieldsProof,
@@ -473,7 +478,8 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
 
         // Ensure the validator's withdrawal credentials are pointed at this pod
         require(
-            validatorFields.getWithdrawalCredentials() == bytes32(_podWithdrawalCredentials()),
+            validatorFields.getWithdrawalCredentials() == bytes32(_podWithdrawalCredentials())
+                || validatorFields.getWithdrawalCredentials() == bytes32(_podCompoundingWithdrawalCredentials()),
             WithdrawalCredentialsNotForEigenPod()
         );
 
@@ -484,6 +490,7 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
 
         // Verify passed-in validatorFields against verified beaconStateRoot:
         BeaconChainProofs.verifyValidatorFields({
+            proofVersion: _getProofVersion(beaconTimestamp),
             beaconStateRoot: beaconStateRoot,
             validatorFields: validatorFields,
             validatorFieldsProof: validatorFieldsProof,
@@ -665,6 +672,10 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
         return abi.encodePacked(bytes1(uint8(1)), bytes11(0), address(this));
     }
 
+    function _podCompoundingWithdrawalCredentials() internal view returns (bytes memory) {
+        return abi.encodePacked(bytes1(uint8(2)), bytes11(0), address(this));
+    }
+
     ///@notice Calculates the pubkey hash of a validator's pubkey as per SSZ spec
     function _calculateValidatorPubkeyHash(
         bytes memory validatorPubkey
@@ -731,4 +742,20 @@ contract EigenPod is Initializable, ReentrancyGuardUpgradeable, EigenPodPausingC
         require(success && result.length > 0, InvalidEIP4788Response());
         return abi.decode(result, (bytes32));
     }
+
+    /// @notice Returns the PROOF_TYPE depending on the `proofTimestamp` in relation to the fork timestamp.
+    function _getProofVersion(
+        uint64 proofTimestamp
+    ) internal view returns (BeaconChainProofs.ProofVersion) {
+        /// Get the timestamp of the Pectra fork, read from the `EigenPodManager`
+        /// This returns the timestamp of the first non-missed slot at or after the Pectra hard fork
+        uint64 forkTimestamp = eigenPodManager.pectraForkTimestamp();
+        require(forkTimestamp != 0, ForkTimestampZero());
+
+        /// We check if the proofTimestamp is <= pectraForkTimestamp because a `proofTimestamp` at the `pectraForkTimestamp`
+        /// is considered to be Pre-Pectra given the EIP-4788 oracle returns the parent block.
+        return proofTimestamp <= forkTimestamp
+            ? BeaconChainProofs.ProofVersion.DENEB
+            : BeaconChainProofs.ProofVersion.PECTRA;
+    }
 }

src/contracts/pods/EigenPodManager.sol

@@ -44,6 +44,11 @@ contract EigenPodManager is
         _;
     }
 
+    modifier onlyProofTimestampSetter() {
+        require(msg.sender == proofTimestampSetter, OnlyProofTimestampSetter());
+        _;
+    }
+
     constructor(
         IETHPOSDeposit _ethPOS,
         IBeacon _eigenPodBeacon,
@@ -219,6 +224,28 @@ contract EigenPodManager is
         }
     }
 
+    /// @inheritdoc IShareManager
+    function increaseBurnableShares(IStrategy, uint256 addedSharesToBurn) external onlyDelegationManager nonReentrant {
+        burnableETHShares += addedSharesToBurn;
+        emit BurnableETHSharesIncreased(addedSharesToBurn);
+    }
+
+    /// @notice Sets the address that can set proof timestamps
+    function setProofTimestampSetter(
+        address newProofTimestampSetter
+    ) external onlyOwner {
+        proofTimestampSetter = newProofTimestampSetter;
+        emit ProofTimestampSetterSet(newProofTimestampSetter);
+    }
+
+    /// @notice Sets the pectra fork timestamp
+    function setPectraForkTimestamp(
+        uint64 timestamp
+    ) external onlyProofTimestampSetter {
+        pectraForkTimestamp = timestamp;
+        emit PectraForkTimestampSet(timestamp);
+    }
+
     // INTERNAL FUNCTIONS
 
     function _deployPod() internal returns (IEigenPod) {

src/contracts/pods/EigenPodManagerStorage.sol

@@ -78,6 +78,15 @@ abstract contract EigenPodManagerStorage is IEigenPodManager {
     /// Note: this is specifically updated when the staker's beacon chain balance decreases
     mapping(address staker => BeaconChainSlashingFactor) internal _beaconChainSlashingFactor;
 
+    /// @notice Returns the amount of `shares` that have been slashed on EigenLayer but not burned yet.
+    uint256 public burnableETHShares;
+
+    /// @notice The address that can set proof timestamps
+    address public proofTimestampSetter;
+
+    /// @notice The timestamp of the Pectra proof
+    uint64 public pectraForkTimestamp;
+
     constructor(IETHPOSDeposit _ethPOS, IBeacon _eigenPodBeacon, IDelegationManager _delegationManager) {
         ethPOS = _ethPOS;
         eigenPodBeacon = _eigenPodBeacon;
@@ -89,5 +98,5 @@ abstract contract EigenPodManagerStorage is IEigenPodManager {
      * variables without shifting down storage in the inheritance chain.
      * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
      */
-    uint256[43] private __gap;
+    uint256[41] private __gap;
 }

src/test/harnesses/EigenPodHarness.sol

@@ -25,12 +25,14 @@ contract EigenPodHarness is EigenPod {
     }
 
     function verifyWithdrawalCredentials(
+        uint64 beaconTimestamp,
         bytes32 beaconStateRoot,
         uint40 validatorIndex,
         bytes calldata validatorFieldsProof,
         bytes32[] calldata validatorFields
     ) public returns (uint256) {
         return _verifyWithdrawalCredentials(
+            beaconTimestamp,
             beaconStateRoot,
             validatorIndex,
             validatorFieldsProof,