Holocene: Add L2ToL1MessagePasser account storage root to Header withdrawalsRoot
#177
Conversation
clabby
requested review from
protolambda,
tynes,
ajsutton,
sebastianst and
mslipper
as code owners
|
Warning This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
This stack of pull requests is managed by Graphite. Learn more about stacking. |
|
I would like us to consider adding it to the L1 attributes transaction's calldata instead of in the extradata field for 2 reasons:
You can fetch the L1 attributes tx and pull the output root from its calldata, its still in the history and a proof of tx inclusion in a header can be used for a light client proof. Note: great spec btw! well formatted and documented |
1 does make sense (re: forwards compat), though for this, creates a bit of an issue. If we submit the account storage root in the L1 info transaction, we must do 1 of two things:
The message passer account storage root also doesn't need to be available within the EVM, as the |
This is definitely what I was thinking. I don't think its that big of a deal but you are right that its different than the header which contains post execution information and in this case in the calldata it would be pre execution data. You are right that the EVM doesn't care about this information, its more about reserving extradata for future usage. If the root goes in the extradata, then interop will certainly need to use the calldata method I am describing. (Likely not in the first release, but we know we need this design to scale). So we are both contending for the same thing and basically what I am sayig is that neither of us should get it and prioritize L1 taking it eventually :P We shouldn't argue on too far in the future, just sharing some researchy thoughts:
|
|
A few issues with the
And missing from the specs: the L1-block-attributes, derived from L1, are compared to the L2 blocks, for safe-block validation. To verify the block-attributes, we would need to isolate this 32 bytes, and just optimistically accept it in op-node during consolidation. And then add a rule in op-geth, when importing the block, to check the storage-root against the actual storage (if it can, i.e. non-archive nodes may have to skip this for older blocks). Using While I agree with @tynes that it would be better to avoid |
|
Putting it in the withdrawals root makes a lot of sense h/t @clabby Test case:
Another thought is EL change vs CL change. This is useful to ensure that you are proving against a good withdrawal. The user can check against an RPC to ensure that they aren't proving against a malicious claim. It also makes it so that you don't need historical Output root proof: |
clabby
force-pushed
the
cl/fjord-header-change
branch
from
16d5882
to
f039dfe
Compare
clabby
changed the title
L2ToL1MessagePasser account storage root to Header extraDataL2ToL1MessagePasser account storage root to Header withdrawalsRoot
clabby
force-pushed
the
cl/fjord-header-change
branch
from
f039dfe
to
b5cfc70
Compare
|
Withdrawals root definitely makes sense for this. If we do want to use the extraData field though, we can take a leaf out of clique & IBFT's book and just extend the extraData field. Because Clique stores the validator info in extraData, there's very widespread support for it being longer than 32 bytes so we can also take advantage of that and just append our data to whatever value L1 winds up using it for in the future. |
specs/fjord/header.md
Outdated
| Varous EL clients store historical state of accounts differently. If, as a contrived case, an OP Stack chain did not have | ||
| an outbound withdrawal for a long period of time, the node may not have access to the account storage root of the | ||
| [`L2ToL1MessagePasser`][l2-to-l1-mp]. In this case, the client would be unable to keep consensus. However, most modern | ||
| clients are able to at the very least reconstruct the account storage root at a given block on the fly if it does not | ||
| directly store this information. |
There was a problem hiding this comment.
Any transaction that changes the account storage of L2ToL1MessagePasser would require being able to calculate the new account storage root - since any arbitrary leaf in the storage may be changed, the client must have all the leafs nodes required to recompute the storage root or it may be unable to process transactions. And likely it needs to be reasonably cheap or the client wouldn't be able to handle blocks that change the storage of a wide range of accounts. Basically, this value is already required to be able to keep consensus as its used as part of creating the state root that's already included in the block header.
|
I think its fine to target this towards granite now as we know its not landing in fjord |
|
Also @ajsutton @protolambda the proposal has been updated away from using |
|
I would be supportive of updating this PR to be proposed for inclusion in granite |
|
I don't think we can add this for Fjord, but I will add it to the scope of work item for Granite. |
|
Happy to put this into Granite! |
tynes
changed the title
L2ToL1MessagePasser account storage root to Header withdrawalsRootL2ToL1MessagePasser account storage root to Header withdrawalsRoot
clabby
force-pushed
the
cl/fjord-header-change
branch
from
b5cfc70
to
904ae2a
Compare
clabby
force-pushed
the
cl/fjord-header-change
branch
from
904ae2a
to
1fb7df5
Compare
clabby
force-pushed
the
cl/granite-receipt-accumulator
branch
from
e633af0
to
d1b2f63
Compare
clabby
force-pushed
the
cl/fjord-header-change
branch
from
2e697c6
to
c345bb9
Compare
clabby
force-pushed
the
cl/fjord-header-change
branch
from
c345bb9
to
3d38c91
Compare
…aData` Introduces an addition to the `Fjord` hardfork, where upon activation, consensus will require L2 block headers to contain the 32 byte account storage root of the `L2ToL1MessagePasser` predeploy after the block's execution.
clabby
force-pushed
the
cl/granite-receipt-accumulator
branch
from
ba9d971
to
404bf07
Compare
clabby
force-pushed
the
cl/fjord-header-change
branch
from
3d38c91
to
0ce18bc
Compare
|
This requires no changes to the batch serialization as all of the data is present in the EL |
|
As agreed on the ENG staff call, I'm assigning this to @protolambda as tech lead that will own this implementation for Granite hardfork. |
BlocksOnAChain
changed the title
L2ToL1MessagePasser account storage root to Header withdrawalsRootL2ToL1MessagePasser account storage root to Header withdrawalsRoot
Rebased version of #177 There is consensus that this is to be included in holocene Co-authored-by: clabby <ben@clab.by>
|
Closing this in favor of #374 |
* holocene: execution engine page Rebased version of #177 There is consensus that this is to be included in holocene Co-authored-by: clabby <ben@clab.by> * specs: replace granite with holocene --------- Co-authored-by: clabby <ben@clab.by>
* holocene: execution engine page Rebased version of #177 There is consensus that this is to be included in holocene Co-authored-by: clabby <ben@clab.by> * specs: replace granite with holocene --------- Co-authored-by: clabby <ben@clab.by>
Overview
Introduces an addition to the
Granitehardfork, where upon activation, consensus will require L2 block headers to contain the 32 byte account storage root of theL2ToL1MessagePasserpredeploy after the block's execution.