Merge branch 'develop' into feat/hardcode-bootnodes

1fab1c93 · mergify[bot] · GitHub · cef8bed4 · aa1e1b71 · 1fab1c93
Commit 1fab1c93 authored Jan 07, 2023 by mergify[bot] Committed by GitHub Jan 07, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 3 deletions

batches.go op-node/rollup/derive/batches.go +5 -0

batches_test.go op-node/rollup/derive/batches_test.go +16 -0

derivation.md specs/derivation.md +7 -3

No files found.
--- a/op-node/rollup/derive/batches.go
+++ b/op-node/rollup/derive/batches.go
@@ -95,6 +95,11 @@ func CheckBatch(cfg *rollup.Config, log log.Logger, l1Blocks []eth.L1BlockRef, l
 		return BatchDrop
 	}

+	if batch.Batch.Timestamp < batchOrigin.Time {
+		log.Warn("batch timestamp is less than L1 origin timestamp", "l2_timestamp", batch.Batch.Timestamp, "l1_timestamp", batchOrigin.Time, "origin", batchOrigin.ID())
+		return BatchDrop
+	}
+
 	// If we ran out of sequencer time drift, then we drop the batch and produce an empty batch instead,
 	// as the sequencer is not allowed to include anything past this point without moving to the next epoch.
 	if max := batchOrigin.Time + cfg.MaxSequencerDrift; batch.Batch.Timestamp > max {

--- a/op-node/rollup/derive/batches_test.go
+++ b/op-node/rollup/derive/batches_test.go
@@ -418,6 +418,22 @@ func TestValidBatch(t *testing.T) {
 			},
 			Expected: BatchAccept,
 		},
+		{
+			Name:       "batch with L2 time before L1 time",
+			L1Blocks:   []eth.L1BlockRef{l1A, l1B, l1C},
+			L2SafeHead: l2A2,
+			Batch: BatchWithL1InclusionBlock{
+				L1InclusionBlock: l1B,
+				Batch: &BatchData{BatchV1{ // we build l2B0', which starts a new epoch too early
+					ParentHash:   l2A2.Hash,
+					EpochNum:     rollup.Epoch(l2B0.L1Origin.Number),
+					EpochHash:    l2B0.L1Origin.Hash,
+					Timestamp:    l2A2.Time + conf.BlockTime,
+					Transactions: nil,
+				}},
+			},
+			Expected: BatchDrop,
+		},
 	}

 	// Log level can be increased for debugging purposes

--- a/specs/derivation.md
+++ b/specs/derivation.md
@@ -123,9 +123,11 @@ inception][g-l2-chain-inception] as first epoch, then process all sequencing win
 Each epoch may contain a variable number of L2 blocks (one every `l2_block_time`, 2s on Optimism), at the discretion of
 [the sequencer][g-sequencer], but subject to the following constraints for each block:

- `min_l2_timestamp <= block.timestamp < max_l2_timestamp`, where
+- `min_l2_timestamp <= block.timestamp <= max_l2_timestamp`, where
  - all these values are denominated in seconds
-  - `min_l2_timestamp = prev_l2_timestamp + l2_block_time`
+  - `min_l2_timestamp = l1_timestamp`
+    - This ensures that the L2 timestamp is not behind the L1 origin timestamp.
+  - `block.timestamp = prev_l2_timestamp + l2_block_time`
    - `prev_l2_timestamp` is the timestamp of the last L2 block of the previous epoch
    - `l2_block_time` is a configurable parameter of the time between L2 blocks (on Optimism, 2s)
  - `max_l2_timestamp = max(l1_timestamp + max_sequencer_drift, min_l2_timestamp + l2_block_time)`
@@ -600,7 +602,9 @@ Rules, in validation order:
 - `batch.epoch_hash != batch_origin.hash` -> `drop`: i.e. a batch must reference a canonical L1 origin,
  to prevent batches from being replayed onto unexpected L1 chains.
 - `batch.timestamp > batch_origin.time + max_sequencer_drift` -> `drop`: i.e. a batch that does not adopt the next L1
-  within time will be dropped, in favor of an empty batch that can advance the L1 origin.
+  within time will be dropped, in favor of an empty batch that can advance the L1 origin. This enforces the max L2
+  timestamp rule.
+- `batch.timestamp < batch_origin.time` -> `drop`: enforce the min L2 timestamp rule.
 - `batch.transactions`: `drop` if the `batch.transactions` list contains a transaction
  that is invalid or derived by other means exclusively:
  - any transaction that is empty (zero length byte string)