Merge pull request #6112 from ethereum-optimism/clabby/dispute/hotswap-vm

feat(ctb): Modular VM for `FaultDisputeGame`

packages/contracts-bedrock/.gas-snapshot

@@ -32,12 +32,12 @@ DisputeGameFactory_SetImplementation_Test:test_setImplementation_notOwner_revert
 DisputeGameFactory_SetImplementation_Test:test_setImplementation_succeeds() (gas: 44243)
 DisputeGameFactory_TransferOwnership_Test:test_transferOwnership_notOwner_reverts() (gas: 15950)
 DisputeGameFactory_TransferOwnership_Test:test_transferOwnership_succeeds() (gas: 18642)
-FaultDisputeGame_ResolvesCorrectly_CorrectRoot2:test_resolvesCorrectly_succeeds() (gas: 497198)
-FaultDisputeGame_ResolvesCorrectly_CorrectRoot4:test_resolvesCorrectly_succeeds() (gas: 499064)
-FaultDisputeGame_ResolvesCorrectly_CorrectRoot:test_resolvesCorrectly_succeeds() (gas: 489092)
-FaultDisputeGame_ResolvesCorrectly_IncorrectRoot2:test_resolvesCorrectly_succeeds() (gas: 494067)
-FaultDisputeGame_ResolvesCorrectly_IncorrectRoot3:test_resolvesCorrectly_succeeds() (gas: 495933)
-FaultDisputeGame_ResolvesCorrectly_IncorrectRoot:test_resolvesCorrectly_succeeds() (gas: 485961)
+FaultDisputeGame_ResolvesCorrectly_CorrectRoot2:test_resolvesCorrectly_succeeds() (gas: 502842)
+FaultDisputeGame_ResolvesCorrectly_CorrectRoot3:test_resolvesCorrectly_succeeds() (gas: 504699)
+FaultDisputeGame_ResolvesCorrectly_CorrectRoot:test_resolvesCorrectly_succeeds() (gas: 492706)
+FaultDisputeGame_ResolvesCorrectly_IncorrectRoot2:test_resolvesCorrectly_succeeds() (gas: 501717)
+FaultDisputeGame_ResolvesCorrectly_IncorrectRoot3:test_resolvesCorrectly_succeeds() (gas: 503574)
+FaultDisputeGame_ResolvesCorrectly_IncorrectRoot:test_resolvesCorrectly_succeeds() (gas: 491581)
 FaultDisputeGame_Test:test_defendRoot_invalidMove_reverts() (gas: 13250)
 FaultDisputeGame_Test:test_extraData_succeeds() (gas: 17409)
 FaultDisputeGame_Test:test_gameData_succeeds() (gas: 17834)
@@ -49,10 +49,10 @@ FaultDisputeGame_Test:test_move_duplicateClaim_reverts() (gas: 103231)
 FaultDisputeGame_Test:test_move_gameDepthExceeded_reverts() (gas: 407967)
 FaultDisputeGame_Test:test_move_gameNotInProgress_reverts() (gas: 10923)
 FaultDisputeGame_Test:test_move_nonExistentParent_reverts() (gas: 24632)
-FaultDisputeGame_Test:test_resolve_challengeContested() (gas: 221074)
+FaultDisputeGame_Test:test_resolve_challengeContested() (gas: 221068)
 FaultDisputeGame_Test:test_resolve_notInProgress_reverts() (gas: 9657)
 FaultDisputeGame_Test:test_resolve_rootContested() (gas: 106120)
-FaultDisputeGame_Test:test_resolve_rootUncontested() (gas: 23630)
+FaultDisputeGame_Test:test_resolve_rootUncontested() (gas: 23624)
 FaultDisputeGame_Test:test_resolve_teamDeathmatch() (gas: 391731)
 FaultDisputeGame_Test:test_rootClaim_succeeds() (gas: 8203)
 FaultDisputeGame_Test:test_simpleAttack_succeeds() (gas: 107322)

packages/contracts-bedrock/contracts/dispute/FaultDisputeGame.sol

@@ -6,6 +6,7 @@ import { IVersioned } from "./interfaces/IVersioned.sol";
 import { IFaultDisputeGame } from "./interfaces/IFaultDisputeGame.sol";
 import { IInitializable } from "./interfaces/IInitializable.sol";
 import { IBondManager } from "./interfaces/IBondManager.sol";
+import { IBigStepper } from "./interfaces/IBigStepper.sol";
 
 import { Clone } from "../libraries/Clone.sol";
 import { LibHashing } from "./lib/LibHashing.sol";
@@ -29,6 +30,9 @@ contract FaultDisputeGame is IFaultDisputeGame, Clone {
     /// @notice The max depth of the game.
     uint256 public immutable MAX_GAME_DEPTH;
 
+    /// @notice A hypervisor that performs single instruction steps on a fault proof program trace.
+    IBigStepper public immutable VM;
+
     /// @notice The duration of the game.
     /// @dev TODO: Account for resolution buffer. (?)
     Duration internal constant GAME_DURATION = Duration.wrap(7 days);
@@ -55,9 +59,14 @@ contract FaultDisputeGame is IFaultDisputeGame, Clone {
     mapping(ClaimHash => bool) internal claims;
 
     /// @param _absolutePrestate The absolute prestate of the instruction trace.
-    constructor(Claim _absolutePrestate, uint256 _maxGameDepth) {
+    constructor(
+        Claim _absolutePrestate,
+        uint256 _maxGameDepth,
+        IBigStepper _vm
+    ) {
         ABSOLUTE_PRESTATE = _absolutePrestate;
         MAX_GAME_DEPTH = _maxGameDepth;
+        VM = _vm;
     }
 
     ////////////////////////////////////////////////////////////////
@@ -79,8 +88,8 @@ contract FaultDisputeGame is IFaultDisputeGame, Clone {
         uint256 _stateIndex,
         uint256 _claimIndex,
         bool _isAttack,
-        bytes calldata,
-        bytes calldata
+        bytes calldata _stateData,
+        bytes calldata _proof
     ) external {
         // Steps cannot be made unless the game is currently in progress.
         if (status != GameStatus.IN_PROGRESS) {
@@ -127,19 +136,19 @@ contract FaultDisputeGame is IFaultDisputeGame, Clone {
                 postStateClaim = claimData[_stateIndex].claim;
             }
 
-            // Assert that the given prestate commits to the instruction at `gindex - 1`.
+            // Assert that the given prestate commits to the instruction at `gindex - 1` and
+            // that the `_stateData` is the preimage for the prestate claim digest.
             if (
                 Position.unwrap(preStatePos.rightIndex(MAX_GAME_DEPTH)) !=
-                Position.unwrap(postStatePos.rightIndex(MAX_GAME_DEPTH)) - 1
+                Position.unwrap(postStatePos.rightIndex(MAX_GAME_DEPTH)) - 1 ||
+                keccak256(_stateData) != Claim.unwrap(preStateClaim)
             ) {
                 revert InvalidPrestate();
             }
         }
 
-        // TODO: Call `MIPS.sol#step` to verify the step.
-        // For now, we just use a simple state transition function that increments the prestate,
-        // `s_p`, by 1.
-        if (uint256(Claim.unwrap(preStateClaim)) + 1 == uint256(Claim.unwrap(postStateClaim))) {
+        // Perform the VM step and check to see if it is valid.
+        if (VM.step(_stateData, _proof) == Claim.unwrap(postStateClaim)) {
             revert ValidStep();
         }
 
@@ -274,7 +283,7 @@ contract FaultDisputeGame is IFaultDisputeGame, Clone {
         // Search for the left-most dangling non-bottom node
         // The most recent claim is always a dangling, non-bottom node so we start with that
         uint256 leftMostIndex = claimData.length - 1;
-        Position leftMostTraceIndex = Position.wrap(type(uint128).max);
+        uint256 leftMostTraceIndex = type(uint128).max;
         for (uint256 i = leftMostIndex; i < type(uint64).max; ) {
             // Fetch the claim at the current index.
             ClaimData storage claim = claimData[i];
@@ -295,8 +304,8 @@ contract FaultDisputeGame is IFaultDisputeGame, Clone {
             // If the claim is a dangling node, we can check if it is the left-most
             // dangling node we've come across so far. If it is, we can update the
             // left-most trace index.
-            Position traceIndex = claimPos.rightIndex(MAX_GAME_DEPTH);
-            if (Position.unwrap(traceIndex) < Position.unwrap(leftMostTraceIndex)) {
+            uint256 traceIndex = claimPos.traceIndex(MAX_GAME_DEPTH);
+            if (traceIndex < leftMostTraceIndex) {
                 leftMostTraceIndex = traceIndex;
                 unchecked {
                     leftMostIndex = i + 1;
@@ -309,7 +318,7 @@ contract FaultDisputeGame is IFaultDisputeGame, Clone {
         if (
             // slither-disable-next-line weak-prng
             claimData[leftMostIndex].position.depth() % 2 == 0 &&
-            Position.unwrap(leftMostTraceIndex) != type(uint128).max
+            leftMostTraceIndex != type(uint128).max
         ) {
             status_ = GameStatus.DEFENDER_WINS;
         } else {

packages/contracts-bedrock/contracts/dispute/interfaces/IBigStepper.sol

+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.15;
+
+/// @title IBigStepper
+/// @notice An interface for a contract with a state transition function that
+///         will accept a pre state and return a post state.
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣼⠶⢅⠒⢄⢔⣶⡦⣤⡤⠄⣀⠀⠀⠀⠀⠀⠀⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠨⡏⠀⠀⠈⠢⣙⢯⣄⠀⢨⠯⡺⡘⢄⠀⠀⠀⠀⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⣶⡆⠀⠀⠀⠀⠈⠓⠬⡒⠡⣀⢙⡜⡀⠓⠄⠀⠀⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⡷⠿⣧⣀⡀⠀⠀⠀⠀⠀⠀⠉⠣⣞⠩⠥⠀⠼⢄⠀⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⡇⠀⠀⠀⠉⢹⣶⠒⠒⠂⠈⠉⠁⠘⡆⠀⣿⣿⠫⡄⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⢶⣤⣀⡀⠀⠀⢸⡿⠀⠀⠀⠀⠀⢀⠞⠀⠀⢡⢨⢀⡄⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⡒⣿⢿⡤⠝⡣⠉⠁⠚⠛⠀⠤⠤⣄⡰⠁⠀⠀⠀⠉⠙⢸⠀⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡤⢯⡌⡿⡇⠘⡷⠀⠁⠀⠀⢀⣰⠢⠲⠛⣈⣸⠦⠤⠶⠴⢬⣐⣊⡂⠀
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣤⡪⡗⢫⠞⠀⠆⣀⠻⠤⠴⠐⠚⣉⢀⠦⠂⠋⠁⠀⠁⠀⠀⠀⠀⢋⠉⠇⠀
+/// ⠀⠀⠀⠀⣀⡤⠐⠒⠘⡹⠉⢸⠇⠸⠀⠀⠀⠀⣀⣤⠴⠚⠉⠈⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠼⠀⣾⠀
+/// ⠀⠀⠀⡰⠀⠉⠉⠀⠁⠀⠀⠈⢇⠈⠒⠒⠘⠈⢀⢡⡂⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢰⠀⢸⡄
+/// ⠀⠀⠸⣿⣆⠤⢀⡀⠀⠀⠀⠀⢘⡌⠀⠀⣀⣀⣀⡈⣤⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⠀⢸⡇
+/// ⠀⠀⢸⣀⠀⠉⠒⠐⠛⠋⠭⠭⠍⠉⠛⠒⠒⠒⠀⠒⠚⠛⠛⠛⠩⠭⠭⠭⠭⠤⠤⠤⠤⠤⠭⠭⠉⠓⡆
+/// ⠀⠀⠘⠿⣷⣶⣤⣤⣀⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣤⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡇
+/// ⠀⠀⠀⠀⠀⠉⠙⠛⠛⠻⠿⢿⣿⣿⣷⣶⣶⣶⣤⣤⣀⣁⣛⣃⣒⠿⠿⠿⠤⠠⠄⠤⠤⢤⣛⣓⣂⣻⡇
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠉⠉⠉⠙⠛⠻⠿⠿⠿⢿⣿⣿⣿⣷⣶⣶⣾⣿⣿⣿⣿⠿⠟⠁
+/// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠈⠉⠉⠉⠉⠁⠀⠀⠀⠀⠀
+interface IBigStepper {
+    /// @notice Performs a single instruction step from a given prestate and returns the poststate
+    ///         hash.
+    /// @param _stateData The preimage of the prestate hash.
+    /// @param _proof A proof for the inclusion of the prestate's memory in the merkle tree.
+    /// @return postState_ The poststate hash after the instruction step.
+    function step(bytes calldata _stateData, bytes calldata _proof)
+        external
+        returns (bytes32 postState_);
+}

packages/contracts-bedrock/contracts/dispute/lib/LibPosition.sol

@@ -104,6 +104,26 @@ library LibPosition {
         }
     }
 
+    /// @notice Get the deepest, right most trace index relative to the `position`. This is
+    ///         equivalent to calling `right` on a position until the maximum depth is reached and
+    ///         then finding its index at depth.
+    /// @param _position The position to get the relative trace index of.
+    /// @param _maxDepth The maximum depth of the game.
+    /// @return traceIndex_ The trace index relative to the `position`.
+    function traceIndex(
+        Position _position,
+        uint256 _maxDepth
+    ) internal pure returns (uint256 traceIndex_) {
+        uint256 msb = depth(_position);
+        assembly {
+            let remaining := sub(_maxDepth, msb)
+            traceIndex_ := sub(
+                or(shl(remaining, _position), sub(shl(remaining, 1), 1)),
+                shl(_maxDepth, 1)
+            )
+        }
+    }
+
     /// @notice Get the move position of `_position`, which is the left child of:
     ///         1. `_position + 1` if `_isAttack` is true.
     ///         1. `_position` if `_isAttack` is false.