Merge branch 'develop' into refactor_safe_attributes

.changeset/flat-adults-hope.md

+---
+'@eth-optimism/atst': minor
+---
+
+Update readAttestations and prepareWriteAttestation to handle keys longer than 32 bytes

.changeset/metal-feet-give.md

+---
+'@eth-optimism/atst': minor
+---
+
+Move react api to @eth-optimism/atst/react so react isn't required to run the core sdk

.changeset/sixty-days-explain.md

+---
+'@eth-optimism/atst': patch
+---
+
+Fixed bug with atst not defaulting to currently connected chain

.circleci/config.yml

@@ -163,6 +163,10 @@ jobs:
         description: Docker build context
         type: string
         default: "."
+      docker_target:
+        description: "target build stage"
+        type: string
+        default: ""
       registry:
         description: Docker registry
         type: string
@@ -196,7 +200,7 @@ jobs:
             DOCKER_TAGS=$(echo -ne <<parameters.docker_tags>> | sed "s/,/\n/g" | sed "s/[^a-zA-Z0-9\n]/-/g" | sed -e "s|^|-t ${IMAGE_BASE}:|")
             docker context create buildx-build
             docker buildx create --use buildx-build
-            docker buildx build --platform=<<parameters.platforms>> --push \
+            docker buildx build --platform=<<parameters.platforms>> --target "<<parameters.docker_target>>" --push \
               $(echo -ne $DOCKER_TAGS | tr '\n' ' ') \
               -f <<parameters.docker_file>> \
               <<parameters.docker_context>>
@@ -1132,6 +1136,14 @@ workflows:
           docker_tags: <<pipeline.git.revision>>,<<pipeline.git.branch>>
           context:
             - oplabs-gcr
+      - docker-publish:
+          name: chain-mon-docker-publish
+          docker_file: ./ops/docker/Dockerfile.packages
+          docker_name: chain-mon
+          docker_tags: <<pipeline.git.revision>>,<<pipeline.git.branch>>
+          docker_target: wd-mon
+          context:
+            - oplabs-gcr
       - hive-test:
           name: hive-test-rpc
           version: <<pipeline.git.revision>>
@@ -1227,4 +1239,4 @@ workflows:
           context:
             - oplabs-gcr-release
           requires:
-            - hold
\ No newline at end of file
+            - hold

bss-core/go.mod

@@ -62,8 +62,8 @@ require (
 	github.com/tklauser/go-sysconf v0.3.10 // indirect
 	github.com/tklauser/numcpus v0.4.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	golang.org/x/crypto v0.0.0-20220307211146-efcb8507fb70 // indirect
-	golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect
+	golang.org/x/crypto v0.1.0 // indirect
+	golang.org/x/sys v0.1.0 // indirect
 	golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect
 	google.golang.org/protobuf v1.27.1 // indirect
 	gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce // indirect

bss-core/go.sum

@@ -631,8 +631,8 @@ golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20220307211146-efcb8507fb70 h1:syTAU9FwmvzEoIYMqcPHOcVm4H3U5u90WsvuYgwpETU=
-golang.org/x/crypto v0.0.0-20220307211146-efcb8507fb70/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU=
+golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -708,7 +708,7 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
 golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
 golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211008194852-3b03d305991f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20220607020251-c690dde0001d h1:4SFsTMi4UahlKoloni7L4eYzhFRifURQLw+yv0QDCx8=
+golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -790,8 +790,8 @@ golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -799,8 +799,8 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=

go.mod

@@ -191,6 +191,6 @@ require (
 	nhooyr.io/websocket v1.8.7 // indirect
 )
 
-replace github.com/ethereum/go-ethereum v1.11.2 => github.com/ethereum-optimism/op-geth v1.11.2-aea0402.0.20230301232322-c407b2a217b7
+replace github.com/ethereum/go-ethereum v1.11.2 => github.com/ethereum-optimism/op-geth v1.11.2-de8c5df46.0.20230308025559-13ee9ab9153b
 
 //replace github.com/ethereum/go-ethereum v1.11.2 => ../go-ethereum

go.sum

@@ -217,8 +217,8 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7
 github.com/etcd-io/bbolt v1.3.3/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHjkjCrw=
 github.com/ethereum-optimism/go-ethereum-hdwallet v0.1.3 h1:RWHKLhCrQThMfch+QJ1Z8veEq5ZO3DfIhZ7xgRP9WTc=
 github.com/ethereum-optimism/go-ethereum-hdwallet v0.1.3/go.mod h1:QziizLAiF0KqyLdNJYD7O5cpDlaFMNZzlxYNcWsJUxs=
-github.com/ethereum-optimism/op-geth v1.11.2-aea0402.0.20230301232322-c407b2a217b7 h1:bkttBXCRDv2Mp4VoGBglr4BjS7icIuN8HS5ZFpeKfvE=
-github.com/ethereum-optimism/op-geth v1.11.2-aea0402.0.20230301232322-c407b2a217b7/go.mod h1:/tjlXxOaovIyuF0l6+wCzr6AtDb3lYWTymmpQAQcqu8=
+github.com/ethereum-optimism/op-geth v1.11.2-de8c5df46.0.20230308025559-13ee9ab9153b h1:7RNzqCwam//7PPieblo8GSIVukwrfoPO+0xT1yMp9Zw=
+github.com/ethereum-optimism/op-geth v1.11.2-de8c5df46.0.20230308025559-13ee9ab9153b/go.mod h1:/tjlXxOaovIyuF0l6+wCzr6AtDb3lYWTymmpQAQcqu8=
 github.com/fasthttp-contrib/websocket v0.0.0-20160511215533-1f3b11f56072/go.mod h1:duJ4Jxv5lDcvg4QuQr0oowTf7dz4/CR8NtyCooz9HL8=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=

indexer/go.mod

@@ -4,7 +4,7 @@ go 1.17
 
 replace (
 	github.com/ethereum/go-ethereum v1.10.26 => github.com/ethereum-optimism/op-geth v0.0.0-20230214215134-401b7fd3309b
-	github.com/ethereum/go-ethereum v1.11.2 => github.com/ethereum-optimism/op-geth v1.11.2-aea0402.0.20230301232322-c407b2a217b7
+	github.com/ethereum/go-ethereum v1.11.2 => github.com/ethereum-optimism/op-geth v1.11.2-de8c5df46.0.20230308025559-13ee9ab9153b
 )
 
 require (

op-batcher/batcher/batch_submitter.go

@@ -81,6 +81,7 @@ func Main(version string, cliCtx *cli.Context) error {
 		rpcCfg.ListenAddr,
 		rpcCfg.ListenPort,
 		version,
+		oprpc.WithLogger(l),
 	)
 	if rpcCfg.EnableAdmin {
 		server.AddAPI(gethrpc.API{

op-chain-ops/cmd/op-migrate/main.go

@@ -8,6 +8,8 @@ import (
 	"os"
 	"strings"
 
+	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
+
 	"github.com/ethereum-optimism/optimism/op-chain-ops/db"
 	"github.com/mattn/go-isatty"
 
@@ -22,7 +24,6 @@ import (
 	"github.com/ethereum-optimism/optimism/op-bindings/hardhat"
 
 	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
 	"github.com/ethereum/go-ethereum/ethclient"
 
 	"github.com/urfave/cli"
@@ -46,11 +47,6 @@ func main() {
 				Usage:    "Path to ovm-addresses.json",
 				Required: true,
 			},
-			&cli.StringFlag{
-				Name:     "evm-addresses",
-				Usage:    "Path to evm-addresses.json",
-				Required: true,
-			},
 			&cli.StringFlag{
 				Name:     "ovm-allowances",
 				Usage:    "Path to ovm-allowances.json",
@@ -62,8 +58,8 @@ func main() {
 				Required: true,
 			},
 			&cli.StringFlag{
-				Name:     "evm-messages",
-				Usage:    "Path to evm-messages.json",
+				Name:     "witness-file",
+				Usage:    "Path to witness file",
 				Required: true,
 			},
 			&cli.StringFlag{
@@ -118,30 +114,35 @@ func main() {
 				return err
 			}
 
-			ovmAddresses, err := migration.NewAddresses(ctx.String("ovm-addresses"))
+			ovmAddresses, err := crossdomain.NewAddresses(ctx.String("ovm-addresses"))
 			if err != nil {
 				return err
 			}
-			evmAddresess, err := migration.NewAddresses(ctx.String("evm-addresses"))
+			ovmAllowances, err := crossdomain.NewAllowances(ctx.String("ovm-allowances"))
 			if err != nil {
 				return err
 			}
-			ovmAllowances, err := migration.NewAllowances(ctx.String("ovm-allowances"))
+			ovmMessages, err := crossdomain.NewSentMessageFromJSON(ctx.String("ovm-messages"))
 			if err != nil {
 				return err
 			}
-			ovmMessages, err := migration.NewSentMessage(ctx.String("ovm-messages"))
-			if err != nil {
-				return err
-			}
-			evmMessages, err := migration.NewSentMessage(ctx.String("evm-messages"))
+			evmMessages, evmAddresses, err := crossdomain.ReadWitnessData(ctx.String("witness-file"))
 			if err != nil {
 				return err
 			}
 
-			migrationData := migration.MigrationData{
+			log.Info(
+				"Loaded witness data",
+				"ovmAddresses", len(ovmAddresses),
+				"evmAddresses", len(evmAddresses),
+				"ovmAllowances", len(ovmAllowances),
+				"ovmMessages", len(ovmMessages),
+				"evmMessages", len(evmMessages),
+			)
+
+			migrationData := crossdomain.MigrationData{
 				OvmAddresses:  ovmAddresses,
-				EvmAddresses:  evmAddresess,
+				EvmAddresses:  evmAddresses,
 				OvmAllowances: ovmAllowances,
 				OvmMessages:   ovmMessages,
 				EvmMessages:   evmMessages,

op-chain-ops/cmd/withdrawals/main.go

@@ -18,8 +18,6 @@ import (
 	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
 	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
 	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
-
 	"github.com/ethereum/go-ethereum/accounts/abi/bind"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
@@ -768,7 +766,7 @@ func newWithdrawals(ctx *cli.Context, l1ChainID *big.Int) ([]*crossdomain.Legacy
 	evmMsgs := ctx.String("evm-messages")
 
 	log.Debug("Migration data", "ovm-path", ovmMsgs, "evm-messages", evmMsgs)
-	ovmMessages, err := migration.NewSentMessage(ovmMsgs)
+	ovmMessages, err := crossdomain.NewSentMessageFromJSON(ovmMsgs)
 	if err != nil {
 		return nil, err
 	}
@@ -777,20 +775,20 @@ func newWithdrawals(ctx *cli.Context, l1ChainID *big.Int) ([]*crossdomain.Legacy
 	// committed to in git.
 	if l1ChainID.Cmp(common.Big1) != 0 {
 		log.Info("not using ovm messages because its not mainnet")
-		ovmMessages = []*migration.SentMessage{}
+		ovmMessages = []*crossdomain.SentMessage{}
 	}
 
-	evmMessages, err := migration.NewSentMessage(evmMsgs)
+	evmMessages, err := crossdomain.NewSentMessageFromJSON(evmMsgs)
 	if err != nil {
 		return nil, err
 	}
 
-	migrationData := migration.MigrationData{
+	migrationData := crossdomain.MigrationData{
 		OvmMessages: ovmMessages,
 		EvmMessages: evmMessages,
 	}
 
-	wds, err := migrationData.ToWithdrawals()
+	wds, _, err := migrationData.ToWithdrawals()
 	if err != nil {
 		return nil, err
 	}

op-chain-ops/genesis/migration/legacy.go → op-chain-ops/crossdomain/legacy.go

-package migration
+package crossdomain
 
 import (
 	"errors"

op-chain-ops/genesis/migration/params.go → op-chain-ops/crossdomain/params.go

-package migration
+package crossdomain
 
 import (
 	"math/big"

op-chain-ops/crossdomain/precheck.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 
 	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
+	"github.com/ethereum-optimism/optimism/op-chain-ops/util"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/core/state"
 	"github.com/ethereum/go-ethereum/log"
@@ -12,28 +13,40 @@ import (
 
 var (
 	ErrUnknownSlotInMessagePasser = errors.New("unknown slot in legacy message passer")
-	ErrMissingSlotInWitness       = errors.New("missing storage slot in witness data")
+	ErrMissingSlotInWitness       = errors.New("missing storage slot in witness data (see logs for details)")
 )
 
 // PreCheckWithdrawals checks that the given list of withdrawals represents all withdrawals made
 // in the legacy system and filters out any extra withdrawals not included in the legacy system.
-func PreCheckWithdrawals(db *state.StateDB, withdrawals DangerousUnfilteredWithdrawals) (SafeFilteredWithdrawals, error) {
+func PreCheckWithdrawals(db *state.StateDB, withdrawals DangerousUnfilteredWithdrawals, invalidMessages []InvalidMessage) (SafeFilteredWithdrawals, error) {
 	// Convert each withdrawal into a storage slot, and build a map of those slots.
-	slotsInp := make(map[common.Hash]*LegacyWithdrawal)
+	validSlotsInp := make(map[common.Hash]*LegacyWithdrawal)
 	for _, wd := range withdrawals {
 		slot, err := wd.StorageSlot()
 		if err != nil {
 			return nil, fmt.Errorf("cannot check withdrawals: %w", err)
 		}
 
-		slotsInp[slot] = wd
+		validSlotsInp[slot] = wd
+	}
+
+	// Convert each invalid message into a storage slot, and build a map of those slots.
+	invalidSlotsInp := make(map[common.Hash]InvalidMessage)
+	for _, msg := range invalidMessages {
+		slot, err := msg.StorageSlot()
+		if err != nil {
+			return nil, fmt.Errorf("cannot check invalid messages: %w", err)
+		}
+		invalidSlotsInp[slot] = msg
 	}
 
 	// Build a mapping of the slots of all messages actually sent in the legacy system.
 	var count int
 	var innerErr error
 	slotsAct := make(map[common.Hash]bool)
+	progress := util.ProgressLogger(1000, "Iterating legacy messages")
 	err := db.ForEachStorage(predeploys.LegacyMessagePasserAddr, func(key, value common.Hash) bool {
+		progress()
 		// When a message is inserted into the LegacyMessagePasser, it is stored with the value
 		// of the ABI encoding of "true". Although there should not be any other storage slots, we
 		// can safely ignore anything that is not "true".
@@ -59,24 +72,32 @@ func PreCheckWithdrawals(db *state.StateDB, withdrawals DangerousUnfilteredWithd
 	log.Info("Iterated legacy messages", "count", count)
 
 	// Iterate over the list of actual slots and check that we have an input message for each one.
+
+	var missing int
 	for slot := range slotsAct {
-		_, ok := slotsInp[slot]
-		if !ok {
-			return nil, ErrMissingSlotInWitness
+		_, okValid := validSlotsInp[slot]
+		_, okInvalid := invalidSlotsInp[slot]
+		if !okValid && !okInvalid {
+			log.Error("missing storage slot", "slot", slot.String())
+			missing++
 		}
 	}
+	if missing > 0 {
+		log.Error("missing storage slots in witness data", "count", missing)
+		return nil, ErrMissingSlotInWitness
+	}
 
 	// Iterate over the list of input messages and check that we have a known slot for each one.
 	// We'll filter out any extra messages that are not in the legacy system.
 	filtered := make(SafeFilteredWithdrawals, 0)
-	for slot := range slotsInp {
+	for slot := range validSlotsInp {
 		_, ok := slotsAct[slot]
 		if !ok {
 			log.Info("filtering out unknown input message", "slot", slot.String())
 			continue
 		}
 
-		wd := slotsInp[slot]
+		wd := validSlotsInp[slot]
 		if wd.MessageSender != predeploys.L2CrossDomainMessengerAddr {
 			log.Info("filtering out message from sender other than the L2XDM", "sender", wd.MessageSender)
 			continue

op-chain-ops/crossdomain/precheck_test.go

@@ -71,7 +71,7 @@ func TestPreCheckWithdrawals_InvalidSlotInStorage(t *testing.T) {
 	err = stateDB.Database().TrieDB().Commit(root, true)
 	require.NoError(t, err)
 
-	_, err = PreCheckWithdrawals(stateDB, nil)
+	_, err = PreCheckWithdrawals(stateDB, nil, nil)
 	require.ErrorIs(t, err, ErrUnknownSlotInMessagePasser)
 }
 
@@ -130,5 +130,5 @@ func runPrecheck(t *testing.T, dbWds []*LegacyWithdrawal, witnessWds []*LegacyWi
 	err = stateDB.Database().TrieDB().Commit(root, true)
 	require.NoError(t, err)
 
-	return PreCheckWithdrawals(stateDB, witnessWds)
+	return PreCheckWithdrawals(stateDB, witnessWds, nil)
 }

op-chain-ops/crossdomain/testdata/witness.txt

+MSG|0x4200000000000000000000000000000000000007|cafa81dc000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000001a4cbd4ece900000000000000000000000099c9fc46f92e8a1c0dec1b1747d010903e884be1000000000000000000000000420000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000019bd000000000000000000000000000000000000000000000000000000000000000e4a9f9e675000000000000000000000000d533a949740bb3306d119cc777fa900ba034cd520000000000000000000000000994206dfe8de6ec6920ff4d779b0d950605fb53000000000000000000000000e3a44dd2a8c108be56a78635121ec914074da16d000000000000000000000000e3a44dd2a8c108be56a78635121ec914074da16d0000000000000000000000000000000000000000000001b0ac98ab3858d7547800000000000000000000000000000000000000000000000000000000000000c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+MSG|0x8B1d477410344785ff1DF52500032E6D5f532EE4|cafa81dc000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000030420690000000000000000000000000000000000000000000000000000000000
+ETH|0x6340d44c5174588B312F545eEC4a42f8a514eF50
\ No newline at end of file

op-chain-ops/crossdomain/types.go

 package crossdomain
 
 import (
+	"fmt"
+
 	"github.com/ethereum/go-ethereum/accounts/abi"
 	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/crypto"
 )
 
 // DangerousUnfilteredWithdrawals is a list of raw withdrawal witness
@@ -30,3 +33,35 @@ type WithdrawalMessage interface {
 	Hash() (common.Hash, error)
 	StorageSlot() (common.Hash, error)
 }
+
+// InvalidMessage represents a message to the L1 message passer that
+// cannot be decoded as a withdrawal. They are defined as a separate
+// type in order to completely disambiguate them from any other
+// message.
+type InvalidMessage SentMessage
+
+func (msg *InvalidMessage) Encode() ([]byte, error) {
+	out := make([]byte, len(msg.Msg)+20)
+	copy(out, msg.Msg)
+	copy(out[len(msg.Msg):], msg.Who.Bytes())
+	return out, nil
+}
+
+func (msg *InvalidMessage) Hash() (common.Hash, error) {
+	bytes, err := msg.Encode()
+	if err != nil {
+		return common.Hash{}, fmt.Errorf("cannot hash: %w", err)
+	}
+	return crypto.Keccak256Hash(bytes), nil
+}
+
+func (msg *InvalidMessage) StorageSlot() (common.Hash, error) {
+	hash, err := msg.Hash()
+	if err != nil {
+		return common.Hash{}, fmt.Errorf("cannot compute storage slot: %w", err)
+	}
+	preimage := make([]byte, 64)
+	copy(preimage, hash.Bytes())
+
+	return crypto.Keccak256Hash(preimage), nil
+}

op-chain-ops/crossdomain/types_test.go

+package crossdomain
+
+import (
+	"testing"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/stretchr/testify/require"
+)
+
+func TestInvalidMessage(t *testing.T) {
+	tests := []struct {
+		name string
+		msg  InvalidMessage
+		slot common.Hash
+	}{
+		{
+			name: "unparseable x-domain message on mainnet",
+			msg: InvalidMessage{
+				Who: common.HexToAddress("0x8b1d477410344785ff1df52500032e6d5f532ee4"),
+				Msg: common.FromHex("0x042069"),
+			},
+			slot: common.HexToHash("0x2a49ae6579c3878f10cf87ecdbebc6c4e2b2159ffe2b1af88af6ca9697fc32cb"),
+		},
+		{
+			name: "valid x-domain message on mainnet for validation",
+			msg: InvalidMessage{
+				Who: common.HexToAddress("0x4200000000000000000000000000000000000007"),
+				Msg: common.FromHex("" +
+					"0xcbd4ece900000000000000000000000099c9fc46f92e8a1c0dec1b1747d01090" +
+					"3e884be100000000000000000000000042000000000000000000000000000000" +
+					"0000001000000000000000000000000000000000000000000000000000000000" +
+					"0000008000000000000000000000000000000000000000000000000000000000" +
+					"00019be200000000000000000000000000000000000000000000000000000000" +
+					"000000e4a9f9e675000000000000000000000000a0b86991c6218b36c1d19d4a" +
+					"2e9eb0ce3606eb480000000000000000000000007f5c764cbc14f9669b88837c" +
+					"a1490cca17c31607000000000000000000000000a420b2d1c0841415a695b81e" +
+					"5b867bcd07dff8c9000000000000000000000000c186fa914353c44b2e33ebe0" +
+					"5f21846f1048beda000000000000000000000000000000000000000000000000" +
+					"00000000295d681d000000000000000000000000000000000000000000000000" +
+					"00000000000000c0000000000000000000000000000000000000000000000000" +
+					"0000000000000000000000000000000000000000000000000000000000000000" +
+					"00000000",
+				),
+			},
+			slot: common.HexToHash("0x8f8f6be7a4c5048f46ca41897181d17c10c39365ead5ac27c23d1e8e466d0ed5"),
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			// StorageSlot() tests Hash() and Encode() so we don't
+			// need to test these separately.
+			slot, err := test.msg.StorageSlot()
+			require.NoError(t, err)
+			require.Equal(t, test.slot, slot)
+		})
+	}
+}

op-chain-ops/genesis/migration/types.go → op-chain-ops/crossdomain/witness.go

-package migration
+package crossdomain
 
 import (
+	"bufio"
 	"encoding/json"
 	"fmt"
 	"os"
+	"strings"
+
+	"github.com/ethereum-optimism/optimism/op-bindings/bindings"
+	"github.com/ethereum/go-ethereum/log"
 
-	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
 )
 
-// SentMessageJSON represents an entry in the JSON file that is created by
+// SentMessage represents an entry in the JSON file that is created by
 // the `migration-data` package. Each entry represents a call to the
 // `LegacyMessagePasser`. The `who` should always be the
 // `L2CrossDomainMessenger` and the `msg` should be an abi encoded
@@ -20,10 +24,10 @@ type SentMessage struct {
 	Msg hexutil.Bytes  `json:"msg"`
 }
 
-// NewSentMessageJSON will read a JSON file from disk given a path to the JSON
+// NewSentMessageFromJSON will read a JSON file from disk given a path to the JSON
 // file. The JSON file this function reads from disk is an output from the
 // `migration-data` package.
-func NewSentMessage(path string) ([]*SentMessage, error) {
+func NewSentMessageFromJSON(path string) ([]*SentMessage, error) {
 	file, err := os.ReadFile(path)
 	if err != nil {
 		return nil, fmt.Errorf("cannot find sent message json at %s: %w", path, err)
@@ -37,15 +41,81 @@ func NewSentMessage(path string) ([]*SentMessage, error) {
 	return j, nil
 }
 
+// ReadWitnessData will read messages and addresses from a raw l2geth state
+// dump file.
+func ReadWitnessData(path string) ([]*SentMessage, OVMETHAddresses, error) {
+	f, err := os.Open(path)
+	if err != nil {
+		return nil, nil, fmt.Errorf("cannot open witness data file: %w", err)
+	}
+	defer f.Close()
+
+	scan := bufio.NewScanner(f)
+	var witnesses []*SentMessage
+	addresses := make(map[common.Address]bool)
+	for scan.Scan() {
+		line := scan.Text()
+		splits := strings.Split(line, "|")
+		if len(splits) < 2 {
+			return nil, nil, fmt.Errorf("invalid line: %s", line)
+		}
+
+		switch splits[0] {
+		case "MSG":
+			if len(splits) != 3 {
+				return nil, nil, fmt.Errorf("invalid line: %s", line)
+			}
+
+			msg := splits[2]
+			// Make sure that the witness data has a 0x prefix
+			if !strings.HasPrefix(msg, "0x") {
+				msg = "0x" + msg
+			}
+
+			abi, err := bindings.LegacyMessagePasserMetaData.GetAbi()
+			if err != nil {
+				return nil, nil, fmt.Errorf("failed to get abi: %w", err)
+			}
+
+			msgB := hexutil.MustDecode(msg)
+			method, err := abi.MethodById(msgB[:4])
+			if err != nil {
+				return nil, nil, fmt.Errorf("failed to get method: %w", err)
+			}
+
+			out, err := method.Inputs.Unpack(msgB[4:])
+			if err != nil {
+				return nil, nil, fmt.Errorf("failed to unpack: %w", err)
+			}
+
+			cast, ok := out[0].([]byte)
+			if !ok {
+				return nil, nil, fmt.Errorf("failed to cast to bytes")
+			}
+
+			witnesses = append(witnesses, &SentMessage{
+				Who: common.HexToAddress(splits[1]),
+				Msg: cast,
+			})
+		case "ETH":
+			addresses[common.HexToAddress(splits[1])] = true
+		default:
+			return nil, nil, fmt.Errorf("invalid line: %s", line)
+		}
+	}
+
+	return witnesses, addresses, nil
+}
+
 // ToLegacyWithdrawal will convert a SentMessageJSON to a LegacyWithdrawal
 // struct. This is useful because the LegacyWithdrawal struct has helper
 // functions on it that can compute the withdrawal hash and the storage slot.
-func (s *SentMessage) ToLegacyWithdrawal() (*crossdomain.LegacyWithdrawal, error) {
+func (s *SentMessage) ToLegacyWithdrawal() (*LegacyWithdrawal, error) {
 	data := make([]byte, len(s.Who)+len(s.Msg))
 	copy(data, s.Msg)
 	copy(data[len(s.Msg):], s.Who[:])
 
-	var w crossdomain.LegacyWithdrawal
+	var w LegacyWithdrawal
 	if err := w.Decode(data); err != nil {
 		return nil, err
 	}
@@ -117,26 +187,26 @@ type MigrationData struct {
 	EvmMessages []*SentMessage
 }
 
-func (m *MigrationData) ToWithdrawals() (crossdomain.DangerousUnfilteredWithdrawals, error) {
-	messages := make(crossdomain.DangerousUnfilteredWithdrawals, 0)
+func (m *MigrationData) ToWithdrawals() (DangerousUnfilteredWithdrawals, []InvalidMessage, error) {
+	messages := make(DangerousUnfilteredWithdrawals, 0)
+	invalidMessages := make([]InvalidMessage, 0)
 	for _, msg := range m.OvmMessages {
 		wd, err := msg.ToLegacyWithdrawal()
 		if err != nil {
-			return nil, err
+			return nil, nil, fmt.Errorf("error serializing OVM message: %w", err)
 		}
 		messages = append(messages, wd)
-		if err != nil {
-			return nil, err
-		}
 	}
 	for _, msg := range m.EvmMessages {
 		wd, err := msg.ToLegacyWithdrawal()
 		if err != nil {
-			return nil, err
+			log.Warn("Discovered mal-formed withdrawal", "who", msg.Who, "data", msg.Msg)
+			invalidMessages = append(invalidMessages, InvalidMessage(*msg))
+			continue
 		}
 		messages = append(messages, wd)
 	}
-	return messages, nil
+	return messages, invalidMessages, nil
 }
 
 func (m *MigrationData) Addresses() []common.Address {

op-chain-ops/crossdomain/witness_test.go

+package crossdomain
+
+import (
+	"testing"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/stretchr/testify/require"
+)
+
+func TestRead(t *testing.T) {
+	witnesses, addresses, err := ReadWitnessData("testdata/witness.txt")
+	require.NoError(t, err)
+
+	require.Equal(t, []*SentMessage{
+		{
+			Who: common.HexToAddress("0x4200000000000000000000000000000000000007"),
+			Msg: common.FromHex(
+				"0xcbd4ece900000000000000000000000099c9fc46f92e8a1c0dec1b1747d01090" +
+					"3e884be100000000000000000000000042000000000000000000000000000000" +
+					"0000001000000000000000000000000000000000000000000000000000000000" +
+					"0000008000000000000000000000000000000000000000000000000000000000" +
+					"00019bd000000000000000000000000000000000000000000000000000000000" +
+					"000000e4a9f9e675000000000000000000000000d533a949740bb3306d119cc7" +
+					"77fa900ba034cd520000000000000000000000000994206dfe8de6ec6920ff4d" +
+					"779b0d950605fb53000000000000000000000000e3a44dd2a8c108be56a78635" +
+					"121ec914074da16d000000000000000000000000e3a44dd2a8c108be56a78635" +
+					"121ec914074da16d0000000000000000000000000000000000000000000001b0" +
+					"ac98ab3858d75478000000000000000000000000000000000000000000000000" +
+					"00000000000000c0000000000000000000000000000000000000000000000000" +
+					"0000000000000000000000000000000000000000000000000000000000000000" +
+					"00000000",
+			),
+		},
+		{
+			Who: common.HexToAddress("0x8b1d477410344785ff1df52500032e6d5f532ee4"),
+			Msg: common.FromHex("0x042069"),
+		},
+	}, witnesses)
+
+	require.Equal(t, OVMETHAddresses{
+		common.HexToAddress("0x6340d44c5174588B312F545eEC4a42f8a514eF50"): true,
+	}, addresses)
+}

op-chain-ops/ether/addresses.go

@@ -8,9 +8,9 @@ import (
 	"io"
 	"strings"
 
-	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
+	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
 
+	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/core/rawdb"
 	"github.com/ethereum/go-ethereum/ethdb"
@@ -105,7 +105,7 @@ func IterateAllowanceList(r io.Reader, cb AllowanceCB) error {
 func IterateMintEvents(db ethdb.Database, headNum uint64, cb AddressCBWithHead, progressCb func(uint64)) error {
 	for headNum > 0 {
 		hash := rawdb.ReadCanonicalHash(db, headNum)
-		receipts, err := migration.ReadLegacyReceipts(db, hash, headNum)
+		receipts, err := crossdomain.ReadLegacyReceipts(db, hash, headNum)
 		if err != nil {
 			return err
 		}

op-chain-ops/ether/migrate.go

@@ -4,9 +4,10 @@ import (
 	"fmt"
 	"math/big"
 
-	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
+	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
+	"github.com/ethereum-optimism/optimism/op-chain-ops/util"
 
+	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/core/state"
 	"github.com/ethereum/go-ethereum/log"
@@ -30,7 +31,7 @@ var (
 
 func MigrateLegacyETH(db *state.StateDB, addresses []common.Address, chainID int, noCheck bool) error {
 	// Chain params to use for integrity checking.
-	params := migration.ParamsByChainID[chainID]
+	params := crossdomain.ParamsByChainID[chainID]
 	if params == nil {
 		return fmt.Errorf("no chain params for %d", chainID)
 	}
@@ -47,7 +48,7 @@ func MigrateLegacyETH(db *state.StateDB, addresses []common.Address, chainID int
 	// Migrate the legacy ETH to ETH.
 	log.Info("Migrating legacy ETH to ETH", "num-accounts", len(addresses))
 	totalMigrated := new(big.Int)
-	logAccountProgress := ProgressLogger(1000, "imported accounts")
+	logAccountProgress := util.ProgressLogger(1000, "imported accounts")
 	for addr := range deduped {
 		// No accounts should have a balance in state. If they do, bail.
 		if db.GetBalance(addr).Sign() > 0 {

op-chain-ops/ether/precheck.go

 package ether
 
 import (
+	"errors"
 	"fmt"
 	"math/big"
 
-	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
+	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
+	"github.com/ethereum-optimism/optimism/op-chain-ops/util"
 
+	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/core/state"
 	"github.com/ethereum/go-ethereum/ethdb"
@@ -17,9 +19,9 @@ import (
 // slots in the LegacyERC20ETH contract. We don't have to filter out extra addresses like we do for
 // withdrawals because we'll simply carry the balance of a given address to the new system, if the
 // account is extra then it won't have any balance and nothing will happen.
-func PreCheckBalances(ldb ethdb.Database, db *state.StateDB, addresses []common.Address, allowances []*migration.Allowance, chainID int, noCheck bool) ([]common.Address, error) {
+func PreCheckBalances(ldb ethdb.Database, db *state.StateDB, addresses []common.Address, allowances []*crossdomain.Allowance, chainID int, noCheck bool) ([]common.Address, error) {
 	// Chain params to use for integrity checking.
-	params := migration.ParamsByChainID[chainID]
+	params := crossdomain.ParamsByChainID[chainID]
 	if params == nil {
 		return nil, fmt.Errorf("no chain params for %d", chainID)
 	}
@@ -53,7 +55,10 @@ func PreCheckBalances(ldb ethdb.Database, db *state.StateDB, addresses []common.
 	// slots that we know we can ignore (totalSupply, name, symbol).
 	var count int
 	slotsAct := make(map[common.Hash]common.Hash)
+	progress := util.ProgressLogger(1000, "Read OVM_ETH storage slot")
 	err := db.ForEachStorage(predeploys.LegacyERC20ETHAddr, func(key, value common.Hash) bool {
+		progress()
+
 		// We can safely ignore specific slots (totalSupply, name, symbol).
 		if ignoredSlots[key] {
 			return true
@@ -75,13 +80,16 @@ func PreCheckBalances(ldb ethdb.Database, db *state.StateDB, addresses []common.
 	// keep track of the total balance to be migrated and throw if the total supply exceeds the
 	// expected supply delta.
 	totalFound := new(big.Int)
+	var unknown bool
 	for slot := range slotsAct {
 		slotType, ok := slotsInp[slot]
 		if !ok {
 			if noCheck {
-				log.Error("ignoring unknown storage slot in state", "slot", slot)
+				log.Error("ignoring unknown storage slot in state", "slot", slot.String())
 			} else {
-				log.Crit("unknown storage slot in state: %s", slot)
+				unknown = true
+				log.Error("unknown storage slot in state", "slot", slot.String())
+				continue
 			}
 		}
 
@@ -102,6 +110,9 @@ func PreCheckBalances(ldb ethdb.Database, db *state.StateDB, addresses []common.
 			}
 		}
 	}
+	if unknown {
+		return nil, errors.New("unknown storage slots in state (see logs for details)")
+	}
 
 	// Verify the supply delta. Recorded total supply in the LegacyERC20ETH contract may be higher
 	// than the actual migrated amount because self-destructs will remove ETH supply in a way that

op-chain-ops/genesis/check.go

@@ -19,7 +19,6 @@ import (
 
 	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
 	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
 	"github.com/ethereum-optimism/optimism/op-node/rollup/derive"
 )
 
@@ -89,7 +88,7 @@ var (
 // PostCheckMigratedDB will check that the migration was performed correctly
 func PostCheckMigratedDB(
 	ldb ethdb.Database,
-	migrationData migration.MigrationData,
+	migrationData crossdomain.MigrationData,
 	l1XDM *common.Address,
 	l1ChainID uint64,
 	finalSystemOwner common.Address,
@@ -468,8 +467,8 @@ func PostCheckL1Block(db vm.StateDB, info *derive.L1BlockInfo) error {
 	return nil
 }
 
-func CheckWithdrawalsAfter(db vm.StateDB, data migration.MigrationData, l1CrossDomainMessenger *common.Address) error {
-	wds, err := data.ToWithdrawals()
+func CheckWithdrawalsAfter(db vm.StateDB, data crossdomain.MigrationData, l1CrossDomainMessenger *common.Address) error {
+	wds, invalidMessages, err := data.ToWithdrawals()
 	if err != nil {
 		return err
 	}
@@ -479,6 +478,7 @@ func CheckWithdrawalsAfter(db vm.StateDB, data migration.MigrationData, l1CrossD
 	// some witness data may references withdrawals that reverted.
 	oldToNewSlots := make(map[common.Hash]common.Hash)
 	wdsByOldSlot := make(map[common.Hash]*crossdomain.LegacyWithdrawal)
+	invalidMessagesByOldSlot := make(map[common.Hash]crossdomain.InvalidMessage)
 	for _, wd := range wds {
 		migrated, err := crossdomain.MigrateWithdrawal(wd, l1CrossDomainMessenger)
 		if err != nil {
@@ -497,6 +497,15 @@ func CheckWithdrawalsAfter(db vm.StateDB, data migration.MigrationData, l1CrossD
 		oldToNewSlots[legacySlot] = migratedSlot
 		wdsByOldSlot[legacySlot] = wd
 	}
+	for _, im := range invalidMessages {
+		invalidSlot, err := im.StorageSlot()
+		if err != nil {
+			return fmt.Errorf("cannot compute legacy storage slot: %w", err)
+		}
+		invalidMessagesByOldSlot[invalidSlot] = im
+	}
+
+	log.Info("computed withdrawal storage slots", "migrated", len(oldToNewSlots), "invalid", len(invalidMessagesByOldSlot))
 
 	// Now, iterate over each legacy withdrawal and check if there is a corresponding
 	// migrated withdrawal.
@@ -515,6 +524,17 @@ func CheckWithdrawalsAfter(db vm.StateDB, data migration.MigrationData, l1CrossD
 			return false
 		}
 
+		// Make sure invalid slots don't get migrated.
+		_, isInvalidSlot := invalidMessagesByOldSlot[key]
+		if isInvalidSlot {
+			value := db.GetState(predeploys.L2ToL1MessagePasserAddr, key)
+			if value != abiFalse {
+				innerErr = fmt.Errorf("expected invalid slot not to be migrated, but got %s", value)
+				return false
+			}
+			return true
+		}
+
 		// Grab the migrated slot.
 		migratedSlot := oldToNewSlots[key]
 		if migratedSlot == (common.Hash{}) {

op-chain-ops/genesis/db_migration.go

@@ -8,7 +8,6 @@ import (
 	"github.com/ethereum-optimism/optimism/op-bindings/predeploys"
 	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
 	"github.com/ethereum-optimism/optimism/op-chain-ops/ether"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/core/rawdb"
 	"github.com/ethereum/go-ethereum/core/state"
@@ -35,7 +34,7 @@ type MigrationResult struct {
 }
 
 // MigrateDB will migrate an l2geth legacy Optimism database to a Bedrock database.
-func MigrateDB(ldb ethdb.Database, config *DeployConfig, l1Block *types.Block, migrationData *migration.MigrationData, commit, noCheck bool) (*MigrationResult, error) {
+func MigrateDB(ldb ethdb.Database, config *DeployConfig, l1Block *types.Block, migrationData *crossdomain.MigrationData, commit, noCheck bool) (*MigrationResult, error) {
 	// Grab the hash of the tip of the legacy chain.
 	hash := rawdb.ReadHeadHeaderHash(ldb)
 	log.Info("Reading chain tip from database", "hash", hash)
@@ -114,17 +113,19 @@ func MigrateDB(ldb ethdb.Database, config *DeployConfig, l1Block *types.Block, m
 
 	// Convert all input messages into legacy messages. Note that this list is not yet filtered and
 	// may be missing some messages or have some extra messages.
-	unfilteredWithdrawals, err := migrationData.ToWithdrawals()
+	unfilteredWithdrawals, invalidMessages, err := migrationData.ToWithdrawals()
 	if err != nil {
 		return nil, fmt.Errorf("cannot serialize withdrawals: %w", err)
 	}
 
+	log.Info("Read withdrawals from witness data", "unfiltered", len(unfilteredWithdrawals), "invalid", len(invalidMessages))
+
 	// We now need to check that we have all of the withdrawals that we expect to have. An error
 	// will be thrown if there are any missing messages, and any extra messages will be removed.
 	var filteredWithdrawals crossdomain.SafeFilteredWithdrawals
 	if !noCheck {
 		log.Info("Checking withdrawals...")
-		filteredWithdrawals, err = crossdomain.PreCheckWithdrawals(db, unfilteredWithdrawals)
+		filteredWithdrawals, err = crossdomain.PreCheckWithdrawals(db, unfilteredWithdrawals, invalidMessages)
 		if err != nil {
 			return nil, fmt.Errorf("withdrawals mismatch: %w", err)
 		}

op-chain-ops/genesis/migration_action/action.go

@@ -5,8 +5,9 @@ import (
 	"math/big"
 	"path/filepath"
 
+	"github.com/ethereum-optimism/optimism/op-chain-ops/crossdomain"
+
 	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis"
-	"github.com/ethereum-optimism/optimism/op-chain-ops/genesis/migration"
 	"github.com/ethereum/go-ethereum/core/rawdb"
 	"github.com/ethereum/go-ethereum/ethclient"
 )
@@ -30,28 +31,28 @@ type Config struct {
 func Migrate(cfg *Config) (*genesis.MigrationResult, error) {
 	deployConfig := cfg.DeployConfig
 
-	ovmAddresses, err := migration.NewAddresses(cfg.OVMAddressesPath)
+	ovmAddresses, err := crossdomain.NewAddresses(cfg.OVMAddressesPath)
 	if err != nil {
 		return nil, err
 	}
-	evmAddresess, err := migration.NewAddresses(cfg.EVMAddressesPath)
+	evmAddresess, err := crossdomain.NewAddresses(cfg.EVMAddressesPath)
 	if err != nil {
 		return nil, err
 	}
-	ovmAllowances, err := migration.NewAllowances(cfg.OVMAllowancesPath)
+	ovmAllowances, err := crossdomain.NewAllowances(cfg.OVMAllowancesPath)
 	if err != nil {
 		return nil, err
 	}
-	ovmMessages, err := migration.NewSentMessage(cfg.OVMMessagesPath)
+	ovmMessages, err := crossdomain.NewSentMessageFromJSON(cfg.OVMMessagesPath)
 	if err != nil {
 		return nil, err
 	}
-	evmMessages, err := migration.NewSentMessage(cfg.EVMMessagesPath)
+	evmMessages, err := crossdomain.NewSentMessageFromJSON(cfg.EVMMessagesPath)
 	if err != nil {
 		return nil, err
 	}
 
-	migrationData := migration.MigrationData{
+	migrationData := crossdomain.MigrationData{
 		OvmAddresses:  ovmAddresses,
 		EvmAddresses:  evmAddresess,
 		OvmAllowances: ovmAllowances,

op-chain-ops/ether/util.go → op-chain-ops/util/util.go

-package ether
+package util
 
 import (
 	"github.com/ethereum/go-ethereum/log"

op-e2e/actions/l1_replica.go

@@ -184,42 +184,68 @@ func (s *L1Replica) L1Client(t Testing, cfg *rollup.Config) *sources.L1Client {
 	return l1F
 }
 
-// ActL1FinalizeNext finalizes the next block, which must be marked as safe before doing so (see ActL1SafeNext).
-func (s *L1Replica) ActL1FinalizeNext(t Testing) {
+func (s *L1Replica) UnsafeNum() uint64 {
+	head := s.l1Chain.CurrentBlock()
+	headNum := uint64(0)
+	if head != nil {
+		headNum = head.NumberU64()
+	}
+	return headNum
+}
+
+func (s *L1Replica) SafeNum() uint64 {
 	safe := s.l1Chain.CurrentSafeBlock()
 	safeNum := uint64(0)
 	if safe != nil {
 		safeNum = safe.NumberU64()
 	}
+	return safeNum
+}
+
+func (s *L1Replica) FinalizedNum() uint64 {
 	finalized := s.l1Chain.CurrentFinalizedBlock()
 	finalizedNum := uint64(0)
 	if finalized != nil {
 		finalizedNum = finalized.NumberU64()
 	}
-	if safeNum <= finalizedNum {
+	return finalizedNum
+}
+
+// ActL1Finalize finalizes a later block, which must be marked as safe before doing so (see ActL1SafeNext).
+func (s *L1Replica) ActL1Finalize(t Testing, num uint64) {
+	safeNum := s.SafeNum()
+	finalizedNum := s.FinalizedNum()
+	if safeNum < num {
 		t.InvalidAction("need to move forward safe block before moving finalized block")
 		return
 	}
-	next := s.l1Chain.GetBlockByNumber(finalizedNum + 1)
-	if next == nil {
-		t.Fatalf("expected next block after finalized L1 block %d, safe head is ahead", finalizedNum)
+	newFinalized := s.l1Chain.GetBlockByNumber(num)
+	if newFinalized == nil {
+		t.Fatalf("expected block at %d after finalized L1 block %d, safe head is ahead", num, finalizedNum)
 	}
-	s.l1Chain.SetFinalized(next)
+	s.l1Chain.SetFinalized(newFinalized)
 }
 
-// ActL1SafeNext marks the next unsafe block as safe.
-func (s *L1Replica) ActL1SafeNext(t Testing) {
-	safe := s.l1Chain.CurrentSafeBlock()
-	safeNum := uint64(0)
-	if safe != nil {
-		safeNum = safe.NumberU64()
-	}
-	next := s.l1Chain.GetBlockByNumber(safeNum + 1)
-	if next == nil {
-		t.InvalidAction("if head of chain is marked as safe then there's no next block")
+// ActL1FinalizeNext finalizes the next block, which must be marked as safe before doing so (see ActL1SafeNext).
+func (s *L1Replica) ActL1FinalizeNext(t Testing) {
+	n := s.FinalizedNum() + 1
+	s.ActL1Finalize(t, n)
+}
+
+// ActL1Safe marks the given unsafe block as safe.
+func (s *L1Replica) ActL1Safe(t Testing, num uint64) {
+	newSafe := s.l1Chain.GetBlockByNumber(num)
+	if newSafe == nil {
+		t.InvalidAction("could not find L1 block %d, cannot label it as safe", num)
 		return
 	}
-	s.l1Chain.SetSafe(next)
+	s.l1Chain.SetSafe(newSafe)
+}
+
+// ActL1SafeNext marks the next unsafe block as safe.
+func (s *L1Replica) ActL1SafeNext(t Testing) {
+	n := s.SafeNum() + 1
+	s.ActL1Safe(t, n)
 }
 
 func (s *L1Replica) Close() error {

op-e2e/actions/l2_batcher_test.go

@@ -196,6 +196,62 @@ func TestL2Finalization(gt *testing.T) {
 	require.Equal(t, heightToSubmit, sequencer.SyncStatus().FinalizedL2.Number, "unknown/bad finalized L1 blocks are ignored")
 }
 
+// TestL2FinalizationWithSparseL1 tests that safe L2 blocks can be finalized even if we do not regularly get a L1 finalization signal
+func TestL2FinalizationWithSparseL1(gt *testing.T) {
+	t := NewDefaultTesting(gt)
+	dp := e2eutils.MakeDeployParams(t, defaultRollupTestParams)
+	sd := e2eutils.Setup(t, dp, defaultAlloc)
+	log := testlog.Logger(t, log.LvlDebug)
+	miner, engine, sequencer := setupSequencerTest(t, sd, log)
+
+	sequencer.ActL2PipelineFull(t)
+
+	miner.ActEmptyBlock(t)
+	sequencer.ActL1HeadSignal(t)
+	sequencer.ActBuildToL1Head(t)
+
+	startStatus := sequencer.SyncStatus()
+	require.Less(t, startStatus.SafeL2.Number, startStatus.UnsafeL2.Number, "sequencer has unsafe L2 block")
+
+	batcher := NewL2Batcher(log, sd.RollupCfg, &BatcherCfg{
+		MinL1TxSize: 0,
+		MaxL1TxSize: 128_000,
+		BatcherKey:  dp.Secrets.Batcher,
+	}, sequencer.RollupClient(), miner.EthClient(), engine.EthClient())
+	batcher.ActSubmitAll(t)
+
+	// include in L1
+	miner.ActL1StartBlock(12)(t)
+	miner.ActL1IncludeTx(dp.Addresses.Batcher)(t)
+	miner.ActL1EndBlock(t)
+
+	// Make 2 L1 blocks without batches
+	miner.ActEmptyBlock(t)
+	miner.ActEmptyBlock(t)
+
+	// See the L1 head, and traverse the pipeline to it
+	sequencer.ActL1HeadSignal(t)
+	sequencer.ActL2PipelineFull(t)
+
+	updatedStatus := sequencer.SyncStatus()
+	require.Equal(t, updatedStatus.SafeL2.Number, updatedStatus.UnsafeL2.Number, "unsafe L2 block is now safe")
+	require.Less(t, updatedStatus.FinalizedL2.Number, updatedStatus.UnsafeL2.Number, "submitted block is not yet finalized")
+
+	// Now skip straight to the head with L1 signals (sequencer has traversed the L1 blocks, but they did not have L2 contents)
+	headL1Num := miner.UnsafeNum()
+	miner.ActL1Safe(t, headL1Num)
+	miner.ActL1Finalize(t, headL1Num)
+	sequencer.ActL1SafeSignal(t)
+	sequencer.ActL1FinalizedSignal(t)
+
+	// Now see if the signals can be processed
+	sequencer.ActL2PipelineFull(t)
+
+	finalStatus := sequencer.SyncStatus()
+	// Verify the signal was processed, even though we signalled a later L1 block than the one with the batch.
+	require.Equal(t, finalStatus.FinalizedL2.Number, finalStatus.UnsafeL2.Number, "sequencer submitted its L2 block and it finalized")
+}
+
 // TestGarbageBatch tests the behavior of an invalid/malformed output channel frame containing
 // valid batches being submitted to the batch inbox. These batches should always be rejected
 // and the safe L2 head should remain unaltered.

op-e2e/actions/l2_sequencer_test.go

@@ -4,8 +4,6 @@ import (
 	"math/big"
 	"testing"
 
-	"github.com/ethereum-optimism/optimism/op-node/rollup/derive"
-
 	"github.com/ethereum/go-ethereum/core/types"
 	"github.com/ethereum/go-ethereum/params"
 
@@ -144,24 +142,19 @@ func TestL2Sequencer_SequencerOnlyReorg(gt *testing.T) {
 	// so it'll keep the L2 block with the old L1 origin, since no conflict is detected.
 	sequencer.ActL1HeadSignal(t)
 	sequencer.ActL2PipelineFull(t)
-	// TODO: CLI-3405 we can detect the inconsistency of the L1 origin of the unsafe L2 head:
-	//  as verifier, there is no need to wait for sequencer to recognize it.
+	// Verifier should detect the inconsistency of the L1 origin and reset the pipeline to follow the reorg
 	newStatus := sequencer.SyncStatus()
-	require.Equal(t, status.HeadL1.Hash, newStatus.UnsafeL2.L1Origin.Hash, "still have old bad L1 origin")
+	require.Zero(t, newStatus.UnsafeL2.L1Origin.Number, "back to genesis block with good L1 origin, drop old unsafe L2 chain with bad L1 origins")
 	require.NotEqual(t, status.HeadL1.Hash, newStatus.HeadL1.Hash, "did see the new L1 head change")
 	require.Equal(t, newStatus.HeadL1.Hash, newStatus.CurrentL1.Hash, "did sync the new L1 head as verifier")
 
 	// the block N+1 cannot build on the old N which still refers to the now orphaned L1 origin
 	require.Equal(t, status.UnsafeL2.L1Origin.Number, newStatus.HeadL1.Number-1, "seeing N+1 to attempt to build on N")
 	require.NotEqual(t, status.UnsafeL2.L1Origin.Hash, newStatus.HeadL1.ParentHash, "but N+1 cannot fit on N")
-	sequencer.ActL1HeadSignal(t)
-	// sequence more L2 blocks, until we actually need the next L1 origin
-	sequencer.ActBuildToL1HeadExclUnsafe(t)
-	// We expect block building to fail when the next L1 block is not consistent with the existing L1 origin
-	sequencer.ActL2StartBlockCheckErr(t, derive.ErrReset)
-	// After hitting a reset error, it reset derivation, and drops the old L1 chain
+
+	// After hitting a reset error, it resets derivation, and drops the old L1 chain
 	sequencer.ActL2PipelineFull(t)
-	require.Zero(t, sequencer.SyncStatus().UnsafeL2.L1Origin.Number, "back to genesis block with good L1 origin, drop old unsafe L2 chain with bad L1 origins")
+
 	// Can build new L2 blocks with good L1 origin
 	sequencer.ActBuildToL1HeadUnsafe(t)
 	require.Equal(t, newStatus.HeadL1.Hash, sequencer.SyncStatus().UnsafeL2.L1Origin.Hash, "build L2 chain with new correct L1 origins")

op-e2e/op_geth_test.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/ethereum-optimism/optimism/op-node/eth"
 	"github.com/ethereum-optimism/optimism/op-node/rollup/derive"
+	"github.com/ethereum/go-ethereum"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
 	"github.com/ethereum/go-ethereum/core/types"
@@ -371,6 +372,12 @@ func TestRegolith(t *testing.T) {
 			tx, _, err := opGeth.L2Client.TransactionByHash(ctx, contractCreateTx.Hash())
 			require.NoError(t, err)
 			require.Equal(t, expectedNonce, *tx.EffectiveNonce(), "should report actual tx nonce")
+
+			// Should be able to search for logs even though there are deposit transactions in blocks.
+			logs, err := opGeth.L2Client.FilterLogs(ctx, ethereum.FilterQuery{})
+			require.NoError(t, err)
+			require.NotNil(t, logs)
+			require.Empty(t, logs)
 		})
 
 		t.Run("ReturnUnusedGasToPool_"+test.name, func(t *testing.T) {

op-e2e/setup.go

@@ -464,7 +464,7 @@ func (cfg SystemConfig) Start() (*System, error) {
 			c.P2P = p
 
 			if c.Driver.SequencerEnabled {
-				c.P2PSigner = &p2p.PreparedSigner{Signer: p2p.NewLegacyLocalSigner(cfg.Secrets.SequencerP2P)}
+				c.P2PSigner = &p2p.PreparedSigner{Signer: p2p.NewLocalSigner(cfg.Secrets.SequencerP2P)}
 			}
 		}
 

op-node/cmd/batch_decoder/fetch/fetch.go

+package fetch
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"log"
+	"math/big"
+	"os"
+	"path"
+	"time"
+
+	"github.com/ethereum-optimism/optimism/op-node/rollup/derive"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/core/types"
+	"github.com/ethereum/go-ethereum/ethclient"
+)
+
+type TransactionWithMeta struct {
+	TxIndex     uint64             `json:"tx_index"`
+	InboxAddr   common.Address     `json:"inbox_address"`
+	BlockNumber uint64             `json:"block_number"`
+	BlockHash   common.Hash        `json:"block_hash"`
+	ChainId     uint64             `json:"chain_id"`
+	Sender      common.Address     `json:"sender"`
+	ValidSender bool               `json:"valid_sender"`
+	Frames      []derive.Frame     `json:"frames"`
+	FrameErr    string             `json:"frame_parse_error"`
+	ValidFrames bool               `json:"valid_data"`
+	Tx          *types.Transaction `json:"tx"`
+}
+
+type Config struct {
+	Start, End   uint64
+	ChainID      *big.Int
+	BatchInbox   common.Address
+	BatchSenders map[common.Address]struct{}
+	OutDirectory string
+}
+
+func Batches(client *ethclient.Client, config Config) (totalValid, totalInvalid int) {
+	if err := os.MkdirAll(config.OutDirectory, 0750); err != nil {
+		log.Fatal(err)
+	}
+	number := new(big.Int).SetUint64(config.Start)
+	signer := types.LatestSignerForChainID(config.ChainID)
+	for i := config.Start; i < config.End; i++ {
+		valid, invalid := fetchBatchesPerBlock(client, number, signer, config)
+		totalValid += valid
+		totalInvalid += invalid
+		number = number.Add(number, common.Big1)
+	}
+	return
+}
+
+func fetchBatchesPerBlock(client *ethclient.Client, number *big.Int, signer types.Signer, config Config) (validBatchCount, invalidBatchCount int) {
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
+	defer cancel()
+	block, err := client.BlockByNumber(ctx, number)
+	if err != nil {
+		log.Fatal(err)
+	}
+	for i, tx := range block.Transactions() {
+		if tx.To() != nil && *tx.To() == config.BatchInbox {
+			sender, err := signer.Sender(tx)
+			if err != nil {
+				log.Fatal(err)
+			}
+			validSender := true
+			if _, ok := config.BatchSenders[sender]; !ok {
+				fmt.Printf("Found a transaction (%s) from an invalid sender (%s)\n", tx.Hash().String(), sender.String())
+				invalidBatchCount += 1
+				validSender = false
+			}
+
+			validFrames := true
+			frameError := ""
+			frames, err := derive.ParseFrames(tx.Data())
+			if err != nil {
+				fmt.Printf("Found a transaction (%s) with invalid data: %v\n", tx.Hash().String(), err)
+				validFrames = false
+				frameError = err.Error()
+			}
+
+			if validSender && validFrames {
+				validBatchCount += 1
+			} else {
+				invalidBatchCount += 1
+			}
+
+			txm := &TransactionWithMeta{
+				Tx:          tx,
+				Sender:      sender,
+				ValidSender: validSender,
+				TxIndex:     uint64(i),
+				BlockNumber: block.NumberU64(),
+				BlockHash:   block.Hash(),
+				ChainId:     config.ChainID.Uint64(),
+				InboxAddr:   config.BatchInbox,
+				Frames:      frames,
+				FrameErr:    frameError,
+				ValidFrames: validFrames,
+			}
+			filename := path.Join(config.OutDirectory, fmt.Sprintf("%s.json", tx.Hash().String()))
+			file, err := os.Create(filename)
+			if err != nil {
+				log.Fatal(err)
+			}
+			defer file.Close()
+			enc := json.NewEncoder(file)
+			if err := enc.Encode(txm); err != nil {
+				log.Fatal(err)
+			}
+		}
+	}
+	return
+}

op-node/cmd/batch_decoder/main.go

+package main
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"os"
+	"time"
+
+	"github.com/ethereum-optimism/optimism/op-node/cmd/batch_decoder/fetch"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/ethclient"
+	"github.com/urfave/cli"
+)
+
+func main() {
+	app := cli.NewApp()
+	app.Name = "batch-decoder"
+	app.Usage = "Optimism Batch Decoding Utility"
+	app.Commands = []cli.Command{
+		{
+			Name:  "fetch",
+			Usage: "Fetches batches in the specified range",
+			Flags: []cli.Flag{
+				cli.IntFlag{
+					Name:     "start",
+					Required: true,
+					Usage:    "First block (inclusive) to fetch",
+				},
+				cli.IntFlag{
+					Name:     "end",
+					Required: true,
+					Usage:    "Last block (exclusive) to fetch",
+				},
+				cli.StringFlag{
+					Name:     "inbox",
+					Required: true,
+					Usage:    "Batch Inbox Address",
+				},
+				cli.StringFlag{
+					Name:     "sender",
+					Required: true,
+					Usage:    "Batch Sender Address",
+				},
+				cli.StringFlag{
+					Name:  "out",
+					Value: "/tmp/batch_decoder/transactions_cache",
+					Usage: "Cache directory for the found transactions",
+				},
+				cli.StringFlag{
+					Name:     "l1",
+					Required: true,
+					Usage:    "L1 RPC URL",
+					EnvVar:   "L1_RPC",
+				},
+			},
+			Action: func(cliCtx *cli.Context) error {
+				client, err := ethclient.Dial(cliCtx.String("l1"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
+				defer cancel()
+				chainID, err := client.ChainID(ctx)
+				if err != nil {
+					log.Fatal(err)
+				}
+				config := fetch.Config{
+					Start:   uint64(cliCtx.Int("start")),
+					End:     uint64(cliCtx.Int("end")),
+					ChainID: chainID,
+					BatchSenders: map[common.Address]struct{}{
+						common.HexToAddress(cliCtx.String("sender")): struct{}{},
+					},
+					BatchInbox:   common.HexToAddress(cliCtx.String("inbox")),
+					OutDirectory: cliCtx.String("out"),
+				}
+				totalValid, totalInvalid := fetch.Batches(client, config)
+				fmt.Printf("Fetched batches in range [%v,%v). Found %v valid & %v invalid batches\n", config.Start, config.End, totalValid, totalInvalid)
+				fmt.Printf("Fetch Config: Chain ID: %v. Inbox Address: %v. Valid Senders: %v.\n", config.ChainID, config.BatchInbox, config.BatchSenders)
+				fmt.Printf("Wrote transactions with batches to %v\n", config.OutDirectory)
+				return nil
+			},
+		},
+	}
+
+	if err := app.Run(os.Args); err != nil {
+		log.Fatal(err)
+	}
+}

op-node/cmd/stateviz/main.go

@@ -19,6 +19,7 @@ import (
 	"time"
 
 	"github.com/ethereum-optimism/optimism/op-node/eth"
+	ophttp "github.com/ethereum-optimism/optimism/op-node/http"
 	"github.com/ethereum/go-ethereum/log"
 )
 
@@ -161,7 +162,8 @@ func runServer() {
 	mux.HandleFunc("/logs", makeGzipHandler(logsHandler))
 
 	log.Info("running webserver...")
-	if err := http.Serve(l, mux); err != nil && !errors.Is(err, http.ErrServerClosed) {
+	httpServer := ophttp.NewHttpServer(mux)
+	if err := httpServer.Serve(l); err != nil && !errors.Is(err, http.ErrServerClosed) {
 		log.Crit("http server failed", "message", err)
 	}
 }

op-node/http/http.go

+package http
+
+import (
+	"net/http"
+
+	"github.com/ethereum/go-ethereum/rpc"
+)
+
+// Use default timeouts from Geth as battle tested default values
+var timeouts = rpc.DefaultHTTPTimeouts
+
+func NewHttpServer(handler http.Handler) *http.Server {
+	return &http.Server{
+		Handler:           handler,
+		ReadTimeout:       timeouts.ReadTimeout,
+		ReadHeaderTimeout: timeouts.ReadHeaderTimeout,
+		WriteTimeout:      timeouts.WriteTimeout,
+		IdleTimeout:       timeouts.IdleTimeout,
+	}
+}

op-node/metrics/metrics.go

@@ -7,10 +7,10 @@ import (
 	"errors"
 	"fmt"
 	"net"
-	"net/http"
 	"strconv"
 	"time"
 
+	ophttp "github.com/ethereum-optimism/optimism/op-node/http"
 	"github.com/ethereum-optimism/optimism/op-service/metrics"
 
 	pb "github.com/libp2p/go-libp2p-pubsub/pb"
@@ -528,12 +528,10 @@ func (m *Metrics) RecordSequencerSealingTime(duration time.Duration) {
 // The server will be closed when the passed-in context is cancelled.
 func (m *Metrics) Serve(ctx context.Context, hostname string, port int) error {
 	addr := net.JoinHostPort(hostname, strconv.Itoa(port))
-	server := &http.Server{
-		Addr: addr,
-		Handler: promhttp.InstrumentMetricHandler(
-			m.registry, promhttp.HandlerFor(m.registry, promhttp.HandlerOpts{}),
-		),
-	}
+	server := ophttp.NewHttpServer(promhttp.InstrumentMetricHandler(
+		m.registry, promhttp.HandlerFor(m.registry, promhttp.HandlerOpts{}),
+	))
+	server.Addr = addr
 	go func() {
 		<-ctx.Done()
 		server.Close()

op-node/node/server.go

@@ -7,6 +7,7 @@ import (
 	"net/http"
 	"strconv"
 
+	ophttp "github.com/ethereum-optimism/optimism/op-node/http"
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/ethereum/go-ethereum/node"
 	"github.com/ethereum/go-ethereum/rpc"
@@ -87,7 +88,7 @@ func (s *rpcServer) Start() error {
 	}
 	s.listenAddr = listener.Addr()
 
-	s.httpServer = &http.Server{Handler: mux}
+	s.httpServer = ophttp.NewHttpServer(mux)
 	go func() {
 		if err := s.httpServer.Serve(listener); err != nil && !errors.Is(err, http.ErrServerClosed) { // todo improve error handling
 			s.log.Error("http server failed", "err", err)

op-node/p2p/cli/load_signer.go

@@ -24,7 +24,7 @@ func LoadSignerSetup(ctx *cli.Context) (p2p.SignerSetup, error) {
 			return nil, fmt.Errorf("failed to read batch submitter key: %w", err)
 		}
 
-		return &p2p.PreparedSigner{Signer: p2p.NewLegacyLocalSigner(priv)}, nil
+		return &p2p.PreparedSigner{Signer: p2p.NewLocalSigner(priv)}, nil
 	}
 
 	// TODO: create remote signer

op-node/p2p/gossip_test.go

@@ -49,7 +49,7 @@ func TestVerifyBlockSignature(t *testing.T) {
 	}{
 		{
 			name:      "Legacy",
-			newSigner: NewLegacyLocalSigner,
+			newSigner: newLegacyLocalSigner,
 		},
 		{
 			name:      "Updated",
@@ -102,3 +102,7 @@ func TestVerifyBlockSignature(t *testing.T) {
 		})
 	}
 }
+
+func newLegacyLocalSigner(priv *ecdsa.PrivateKey) *LocalSigner {
+	return &LocalSigner{priv: priv, hasher: LegacySigningHash}
+}

op-node/p2p/host_test.go

@@ -315,7 +315,7 @@ func TestDiscovery(t *testing.T) {
 
 	// B and C don't know each other yet, but both have A as a bootnode.
 	// It should only be a matter of time for them to connect, if they discover each other via A.
-	timeout := time.After(time.Second * 10)
+	timeout := time.After(time.Second * 60)
 	var peersOfB []peer.ID
 	// B should be connected to the bootnode (A) it used (it's a valid optimism node to connect to here)
 	// C should also be connected, although this one might take more time to discover

op-node/p2p/signer.go

@@ -64,10 +64,6 @@ type LocalSigner struct {
 	hasher func(domain [32]byte, chainID *big.Int, payloadBytes []byte) (common.Hash, error)
 }
 
-func NewLegacyLocalSigner(priv *ecdsa.PrivateKey) *LocalSigner {
-	return &LocalSigner{priv: priv, hasher: LegacySigningHash}
-}
-
 func NewLocalSigner(priv *ecdsa.PrivateKey) *LocalSigner {
 	return &LocalSigner{priv: priv, hasher: SigningHash}
 }

op-node/rollup/derive/engine_queue.go

@@ -203,13 +203,6 @@ func (eq *EngineQueue) SafeL2Head() eth.L2BlockRef {
 	return eq.safeHead
 }
 
-func (eq *EngineQueue) LastL2Time() uint64 {
-	if eq.safeAttribute == nil {
-		return eq.safeHead.Time
-	}
-	return uint64(eq.safeAttribute.Timestamp)
-}
-
 func (eq *EngineQueue) Step(ctx context.Context) error {
 	if eq.needForkchoiceUpdate {
 		return eq.tryUpdateEngine(ctx)
@@ -218,7 +211,13 @@ func (eq *EngineQueue) Step(ctx context.Context) error {
 		return eq.tryNextSafeAttributes(ctx)
 	}
 	outOfData := false
-	eq.origin = eq.prev.Origin()
+	newOrigin := eq.prev.Origin()
+	// Check if the L2 unsafe head origin is consistent with the new origin
+	if err := eq.verifyNewL1Origin(ctx, newOrigin); err != nil {
+		return err
+	}
+	eq.origin = newOrigin
+	eq.postProcessSafeL2() // make sure we track the last L2 safe head for every new L1 block
 	if next, err := eq.prev.NextAttributes(ctx, eq.safeHead); err == io.EOF {
 		outOfData = true
 	} else if err != nil {
@@ -239,6 +238,38 @@ func (eq *EngineQueue) Step(ctx context.Context) error {
 	}
 }
 
+// verifyNewL1Origin checks that the L2 unsafe head still has a L1 origin that is on the canonical chain.
+// If the unsafe head origin is after the new L1 origin it is assumed to still be canonical.
+// The check is only required when moving to a new L1 origin.
+func (eq *EngineQueue) verifyNewL1Origin(ctx context.Context, newOrigin eth.L1BlockRef) error {
+	if newOrigin == eq.origin {
+		return nil
+	}
+	unsafeOrigin := eq.unsafeHead.L1Origin
+	if newOrigin.Number == unsafeOrigin.Number && newOrigin.ID() != unsafeOrigin {
+		return NewResetError(fmt.Errorf("l1 origin was inconsistent with l2 unsafe head origin, need reset to resolve: l1 origin: %v; unsafe origin: %v",
+			newOrigin.ID(), unsafeOrigin))
+	}
+	// Avoid requesting an older block by checking against the parent hash
+	if newOrigin.Number == unsafeOrigin.Number+1 && newOrigin.ParentHash != unsafeOrigin.Hash {
+		return NewResetError(fmt.Errorf("l2 unsafe head origin is no longer canonical, need reset to resolve: canonical hash: %v; unsafe origin hash: %v",
+			newOrigin.ParentHash, unsafeOrigin.Hash))
+	}
+	if newOrigin.Number > unsafeOrigin.Number+1 {
+		// If unsafe origin is further behind new origin, check it's still on the canonical chain.
+		canonical, err := eq.l1Fetcher.L1BlockRefByNumber(ctx, unsafeOrigin.Number)
+		if err != nil {
+			return NewTemporaryError(fmt.Errorf("failed to fetch canonical L1 block at slot: %v; err: %w", unsafeOrigin.Number, err))
+		}
+		if canonical.ID() != unsafeOrigin {
+			eq.log.Error("Resetting due to origin mismatch")
+			return NewResetError(fmt.Errorf("l2 unsafe head origin is no longer canonical, need reset to resolve: canonical: %v; unsafe origin: %v",
+				canonical, unsafeOrigin))
+		}
+	}
+	return nil
+}
+
 // tryFinalizeL2 traverses the past L1 blocks, checks if any has been finalized,
 // and then marks the latest fully derived L2 block from this as finalized,
 // or defaults to the current finalized L2 block.
@@ -273,9 +304,15 @@ func (eq *EngineQueue) postProcessSafeL2() {
 			L2Block: eq.safeHead,
 			L1Block: eq.origin.ID(),
 		})
+		last := &eq.finalityData[len(eq.finalityData)-1]
+		eq.log.Debug("extended finality-data", "last_l1", last.L1Block, "last_l2", last.L2Block)
 	} else {
-		// if it's a now L2 block that was derived from the same latest L1 block, then just update the entry
-		eq.finalityData[len(eq.finalityData)-1].L2Block = eq.safeHead
+		// if it's a new L2 block that was derived from the same latest L1 block, then just update the entry
+		last := &eq.finalityData[len(eq.finalityData)-1]
+		if last.L2Block != eq.safeHead { // avoid logging if there are no changes
+			last.L2Block = eq.safeHead
+			eq.log.Debug("updated finality-data", "last_l1", last.L1Block, "last_l2", last.L2Block)
+		}
 	}
 }
 

op-node/rollup/derive/frame.go

@@ -24,10 +24,10 @@ const MaxFrameLen = 1_000_000
 // is_last           = bool
 
 type Frame struct {
-	ID          ChannelID
-	FrameNumber uint16
-	Data        []byte
-	IsLast      bool
+	ID          ChannelID `json:"id"`
+	FrameNumber uint16    `json:"frame_number"`
+	Data        []byte    `json:"data"`
+	IsLast      bool      `'json:"is_last"`
 }
 
 // MarshalBinary writes the frame to `w`.

op-node/rollup/derive/params.go

 package derive
 
 import (
+	"encoding/hex"
 	"errors"
 	"fmt"
 )
@@ -44,3 +45,19 @@ func (id ChannelID) String() string {
 func (id ChannelID) TerminalString() string {
 	return fmt.Sprintf("%x..%x", id[:3], id[13:])
 }
+
+func (id ChannelID) MarshalText() ([]byte, error) {
+	return []byte(id.String()), nil
+}
+
+func (id *ChannelID) UnmarshalText(text []byte) error {
+	h, err := hex.DecodeString(string(text))
+	if err != nil {
+		return err
+	}
+	if len(h) != ChannelIDLength {
+		return errors.New("invalid length")
+	}
+	copy(id[:], h)
+	return nil
+}

op-proposer/proposer/l2_output_submitter.go

@@ -92,7 +92,7 @@ func Main(version string, cliCtx *cli.Context) error {
 	}
 
 	rpcCfg := cfg.RPCConfig
-	server := oprpc.NewServer(rpcCfg.ListenAddr, rpcCfg.ListenPort, version)
+	server := oprpc.NewServer(rpcCfg.ListenAddr, rpcCfg.ListenPort, version, oprpc.WithLogger(l))
 	if err := server.Start(); err != nil {
 		cancel()
 		return fmt.Errorf("error starting RPC server: %w", err)

op-service/log/cli.go

@@ -65,6 +65,9 @@ func NewLogger(cfg CLIConfig) log.Logger {
 	handler := log.StreamHandler(os.Stdout, Format(cfg.Format, cfg.Color))
 	handler = log.SyncHandler(handler)
 	handler = log.LvlFilterHandler(Level(cfg.Level), handler)
+	// Set the root handle to what we have configured. Some components like go-ethereum's RPC
+	// server use log.Root() instead of being able to pass in a log.
+	log.Root().SetHandler(handler)
 	logger := log.New()
 	logger.SetHandler(handler)
 	return logger

ops-bedrock/Dockerfile.l2

-FROM ethereumoptimism/op-geth:optimism
+FROM us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:optimism
 
 RUN apk add --no-cache jq
 

packages/atst/package.json

@@ -6,6 +6,20 @@
   "types": "src/index.ts",
   "module": "dist/index.cjs",
   "license": "MIT",
+  "exports": {
+    ".": {
+      "types": "./src/index.ts",
+      "default": "./dist/index.js",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    },
+    "./react": {
+      "types": "./src/react.ts",
+      "default": "./dist/react.js",
+      "import": "./dist/react.js",
+      "require": "./dist/react.cjs"
+    }
+  },
   "bin": {
     "atst": "./dist/cli.js"
   },

packages/atst/src/index.ts

@@ -28,5 +28,3 @@ export type { AttestationCreatedEvent } from './types/AttestationCreatedEvent'
 export type { AttestationReadParams } from './types/AttestationReadParams'
 export type { DataTypeOption } from './types/DataTypeOption'
 export type { WagmiBytes } from './types/WagmiBytes'
-// react
-export * from './react'

packages/atst/src/lib/getEvents.spec.ts

@@ -76,6 +76,35 @@ describe(getEvents.name, () => {
           "transactionHash": "0x61f59bd4dfe54272d9369effe3ae57a0ef2584161fcf2bbd55f5596002e759bd",
           "transactionIndex": 1,
         },
+        {
+          "address": "0xEE36eaaD94d1Cc1d0eccaDb55C38bFfB6Be06C77",
+          "args": [
+            "0xBCf86Fd70a0183433763ab0c14E7a760194f3a9F",
+            "0x00000000000000000000000000000000000060A7",
+            "0x616e696d616c6661726d2e7363686f6f6c2e617474656e646564000000000000",
+            "0x01",
+          ],
+          "blockHash": "0x4870baaac6d7195952dc25e5dc0109ea324f819f8152d2889c7b4ad64040a9bf",
+          "blockNumber": 6278428,
+          "data": "0x000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000010100000000000000000000000000000000000000000000000000000000000000",
+          "decode": [Function],
+          "event": "AttestationCreated",
+          "eventSignature": "AttestationCreated(address,address,bytes32,bytes)",
+          "getBlock": [Function],
+          "getTransaction": [Function],
+          "getTransactionReceipt": [Function],
+          "logIndex": 0,
+          "removeListener": [Function],
+          "removed": false,
+          "topics": [
+            "0x28710dfecab43d1e29e02aa56b2e1e610c0bae19135c9cf7a83a1adb6df96d85",
+            "0x000000000000000000000000bcf86fd70a0183433763ab0c14e7a760194f3a9f",
+            "0x00000000000000000000000000000000000000000000000000000000000060a7",
+            "0x616e696d616c6661726d2e7363686f6f6c2e617474656e646564000000000000",
+          ],
+          "transactionHash": "0x4e836b74c51a370375efa374297524d9b0f6eacdd699c30556680ae7dc9a14ea",
+          "transactionIndex": 1,
+        },
       ]
     `)
   })

packages/atst/src/lib/getEvents.ts

 import { ethers } from 'ethers'
-import { Address } from 'wagmi'
+import type { Address } from '@wagmi/core'
 
 import { ATTESTATION_STATION_ADDRESS } from '../constants/attestationStationAddress'
 import { abi } from '../lib/abi'

packages/atst/src/lib/prepareWriteAttestation.spec.ts

@@ -43,7 +43,7 @@ describe(prepareWriteAttestation.name, () => {
     expect(result.address).toMatchInlineSnapshot(
       '"0xEE36eaaD94d1Cc1d0eccaDb55C38bFfB6Be06C77"'
     )
-    expect(result.chainId).toMatchInlineSnapshot('10')
+    expect(result.chainId).toMatchInlineSnapshot('undefined')
     expect(result.functionName).toMatchInlineSnapshot('"attest"')
     expect(result.mode).toMatchInlineSnapshot('"prepared"')
     expect(result.request.gasLimit).toMatchInlineSnapshot(`
@@ -54,18 +54,16 @@ describe(prepareWriteAttestation.name, () => {
     `)
   })
 
-  it('should throw an error if key is longer than 32 bytes', async () => {
+  it('should work for key longer than 32 bytes', async () => {
     const dataType = 'string'
 
-    await expect(
-      readAttestation(
+    expect(
+      await readAttestation(
         creator,
         about,
         'this is a key that is way longer than 32 bytes so this key should throw an error matching the inline snapshot',
         dataType
       )
-    ).rejects.toThrowErrorMatchingInlineSnapshot(
-      '"Key is longer than the max length of 32 for attestation keys"'
-    )
+    ).toMatchInlineSnapshot('""')
   })
 })

packages/atst/src/lib/prepareWriteAttestation.ts

 import { Address, prepareWriteContract } from '@wagmi/core'
-import { formatBytes32String } from 'ethers/lib/utils.js'
 
 import { ATTESTATION_STATION_ADDRESS } from '../constants/attestationStationAddress'
 import { WagmiBytes } from '../types/WagmiBytes'
 import { abi } from './abi'
+import { createKey } from './createKey'
 import { createValue } from './createValue'
 
 export const prepareWriteAttestation = async (
   about: Address,
   key: string,
   value: string | WagmiBytes | number | boolean,
-  chainId = 10,
+  chainId: number | undefined = undefined,
   contractAddress: Address = ATTESTATION_STATION_ADDRESS
 ) => {
-  let formattedKey: WagmiBytes
-  try {
-    formattedKey = formatBytes32String(key) as WagmiBytes
-  } catch (e) {
-    console.error(e)
-    throw new Error(
-      `key is longer than 32 bytes: ${key}.  Try using a shorter key or using 'encodeRawKey' to encode the key into 32 bytes first`
-    )
-  }
+  const formattedKey = createKey(key) as WagmiBytes
   return prepareWriteContract({
     address: contractAddress,
     abi,

packages/atst/src/lib/prepareWriteAttestations.spec.ts

@@ -49,7 +49,7 @@ describe(prepareWriteAttestations.name, () => {
     expect(result.address).toMatchInlineSnapshot(
       '"0xEE36eaaD94d1Cc1d0eccaDb55C38bFfB6Be06C77"'
     )
-    expect(result.chainId).toMatchInlineSnapshot('10')
+    expect(result.chainId).toMatchInlineSnapshot('undefined')
     expect(result.functionName).toMatchInlineSnapshot('"attest"')
     expect(result.mode).toMatchInlineSnapshot('"prepared"')
     expect(result.request.gasLimit).toMatchInlineSnapshot(`
@@ -60,18 +60,16 @@ describe(prepareWriteAttestations.name, () => {
     `)
   })
 
-  it('should throw an error if key is longer than 32 bytes', async () => {
+  it('should work if key is longer than 32 bytes', async () => {
     const dataType = 'string'
 
-    await expect(
-      readAttestation(
+    expect(
+      await readAttestation(
         creator,
         about,
         'this is a key that is way longer than 32 bytes so this key should throw an error matching the inline snapshot',
         dataType
       )
-    ).rejects.toThrowErrorMatchingInlineSnapshot(
-      '"Key is longer than the max length of 32 for attestation keys"'
-    )
+    ).toMatchInlineSnapshot('""')
   })
 })

packages/atst/src/lib/prepareWriteAttestations.ts

@@ -14,7 +14,7 @@ type Attestation = {
 
 export const prepareWriteAttestations = async (
   attestations: Attestation[],
-  chainId = 10,
+  chainId: number | undefined = undefined,
   contractAddress: Address = ATTESTATION_STATION_ADDRESS
 ) => {
   const formattedAttestations = attestations.map((attestation) => {
@@ -27,9 +27,7 @@ export const prepareWriteAttestations = async (
         `key is longer than 32 bytes: ${attestation.key}.  Try using a shorter key or using 'encodeRawKey' to encode the key into 32 bytes first`
       )
     }
-    const formattedValue = createValue(
-      attestation.value
-    ) as WagmiBytes
+    const formattedValue = createValue(attestation.value) as WagmiBytes
     return {
       about: attestation.about,
       key: formattedKey,

packages/atst/src/lib/readAttestation.spec.ts

@@ -26,16 +26,14 @@ describe(readAttestation.name, () => {
     )
   })
 
-  it('should throw an error if key is longer than 32 bytes', async () => {
-    await expect(
-      readAttestation(
+  it('should work if key is longer than 32 bytes', async () => {
+    expect(
+      await readAttestation(
         creator,
         about,
         'this is a key that is way longer than 32 bytes so this key should throw an error matching the inline snapshot',
         dataType
       )
-    ).rejects.toThrowErrorMatchingInlineSnapshot(
-      '"Key is longer than the max length of 32 for attestation keys"'
-    )
+    ).toMatchInlineSnapshot('""')
   })
 })

packages/atst/src/lib/readAttestations.ts

 import { readContracts } from '@wagmi/core'
-import { formatBytes32String } from 'ethers/lib/utils.js'
 
 import { ATTESTATION_STATION_ADDRESS } from '../constants/attestationStationAddress'
 import type { AttestationReadParams } from '../types/AttestationReadParams'
 import { DEFAULT_DATA_TYPE } from '../types/DataTypeOption'
 import type { WagmiBytes } from '../types/WagmiBytes'
 import { abi } from './abi'
+import { createKey } from './createKey'
 import { parseAttestationBytes } from './parseAttestationBytes'
 
 /**
@@ -39,16 +39,11 @@ export const readAttestations = async (
       key,
       contractAddress = ATTESTATION_STATION_ADDRESS,
     } = attestation
-    if (key.length > 32) {
-      throw new Error(
-        'Key is longer than the max length of 32 for attestation keys'
-      )
-    }
     return {
       address: contractAddress,
       abi,
       functionName: 'attestations',
-      args: [creator, about, formatBytes32String(key) as WagmiBytes],
+      args: [creator, about, createKey(key) as WagmiBytes],
     } as const
   })
 

packages/atst/src/types/AttestationReadParams.ts

@@ -11,4 +11,5 @@ export interface AttestationReadParams {
   key: string
   dataType?: DataTypeOption
   contractAddress?: Address
+  chainId?: number
 }

packages/atst/src/types/ParseBytesReturn.ts

 import { BigNumber } from 'ethers'
-import { Address } from 'wagmi'
+import type { Address } from '@wagmi/core'
 
 import { DataTypeOption } from './DataTypeOption'
 import { WagmiBytes } from './WagmiBytes'

packages/atst/tsup.config.ts

@@ -10,7 +10,7 @@ export default defineConfig({
    *
    * @see https://tsup.egoist.dev/#building-cli-app
    */
-  entry: ['src/index.ts', 'src/cli.ts'],
+  entry: ['src/index.ts', 'src/cli.ts', 'src/react.ts'],
   outDir: 'dist',
   target: 'es2021',
   // will create a .js file for commonjs and a .cjs file for esm

packages/contracts-bedrock/.gas-snapshot

-Bytes_slice_Test:test_slice_acrossMultipleWords_works() (gas: 9423)
-Bytes_slice_Test:test_slice_acrossWords_works() (gas: 1418)
-Bytes_slice_Test:test_slice_fromNonZeroIdx_works() (gas: 17154)
-Bytes_slice_Test:test_slice_fromZeroIdx_works() (gas: 20694)
+Bytes_slice_Test:test_slice_acrossMultipleWords_works() (gas: 9413)
+Bytes_slice_Test:test_slice_acrossWords_works() (gas: 1430)
+Bytes_slice_Test:test_slice_fromNonZeroIdx_works() (gas: 17240)
+Bytes_slice_Test:test_slice_fromZeroIdx_works() (gas: 20826)
 Bytes_toNibbles_Test:test_toNibbles_expectedResult128Bytes_works() (gas: 129874)
 Bytes_toNibbles_Test:test_toNibbles_expectedResult5Bytes_works() (gas: 6132)
 Bytes_toNibbles_Test:test_toNibbles_zeroLengthInput_works() (gas: 944)
@@ -264,13 +264,13 @@ OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifOutp
 OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifOutputTimestampIsNotFinalized_reverts() (gas: 207520)
 OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifWithdrawalNotProven_reverts() (gas: 41753)
 OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifWithdrawalProofNotOldEnough_reverts() (gas: 199464)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onInsufficientGas_reverts() (gas: 203388)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onInsufficientGas_reverts() (gas: 206360)
 OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onRecentWithdrawal_reverts() (gas: 180229)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReentrancy_reverts() (gas: 244483)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReplay_reverts() (gas: 245634)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReentrancy_reverts() (gas: 244377)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReplay_reverts() (gas: 245528)
 OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_paused_reverts() (gas: 53555)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_provenWithdrawalHash_succeeds() (gas: 235047)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_targetFails_fails() (gas: 8797746687696163866)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_provenWithdrawalHash_succeeds() (gas: 234941)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_targetFails_fails() (gas: 8797746687696163864)
 OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_timestampLessThanL2OracleStart_reverts() (gas: 197042)
 OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_onInvalidOutputRootProof_reverts() (gas: 85690)
 OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_onInvalidWithdrawalProof_reverts() (gas: 137350)
@@ -403,6 +403,8 @@ ResourceMetering_Test:test_meter_updateTenEmptyBlocks_succeeds() (gas: 21161)
 ResourceMetering_Test:test_meter_updateTwoEmptyBlocks_succeeds() (gas: 21117)
 ResourceMetering_Test:test_meter_useMax_succeeds() (gas: 8017416)
 ResourceMetering_Test:test_meter_useMoreThanMax_reverts() (gas: 16045)
+SafeCall_call_Test:test_callWithMinGas_noLeakageHigh_succeeds() (gas: 2075873614)
+SafeCall_call_Test:test_callWithMinGas_noLeakageLow_succeeds() (gas: 753665282)
 Semver_Test:test_behindProxy_succeeds() (gas: 506748)
 Semver_Test:test_version_succeeds() (gas: 9418)
 SequencerFeeVault_Test:test_constructor_succeeds() (gas: 5526)

packages/contracts-bedrock/README.md

@@ -195,6 +195,11 @@ After the initial Bedrock upgrade, contracts MUST use the following versioning s
 
 We have made an exception to the `Semver` rule for the `WETH` contract to avoid making changes to a well-known, simple, and recognizable contract.
 
+### Dependencies
+
+Where basic functionality is already supported by an existing contract in the OpenZeppelin library,
+we should default to using the Upgradeable version of that contract.
+
 ### Tests
 
 Tests are written using Foundry.
@@ -207,13 +212,13 @@ These guidelines are also encoded in a script which can be run with:
 ts-node scripts/forge-test-names.ts
 ```
 
-*Note: This is a work in progress, not all test files are compliant with these guidelines.*
+_Note: This is a work in progress, not all test files are compliant with these guidelines._
 
 #### Organizing Principles
 
 - Solidity `contract`s are used to organize the test suite similar to how mocha uses describe.
 - Every non-trivial state changing function should have a separate contract for happy and sad path
-   tests. This helps to make it very obvious where there are not yet sad path tests.
+  tests. This helps to make it very obvious where there are not yet sad path tests.
 - Simpler functions like getters and setters are grouped together into test contracts.
 
 #### Test function naming convention

packages/contracts-bedrock/contracts/L1/OptimismPortal.sol

@@ -43,11 +43,6 @@ contract OptimismPortal is Initializable, ResourceMetering, Semver {
      */
     uint64 internal constant RECEIVE_DEFAULT_GAS_LIMIT = 100_000;
 
-    /**
-     * @notice Additional gas reserved for clean up after finalizing a transaction withdrawal.
-     */
-    uint256 internal constant FINALIZE_GAS_BUFFER = 20_000;
-
     /**
      * @notice Address of the L2OutputOracle.
      */
@@ -363,26 +358,19 @@ contract OptimismPortal is Initializable, ResourceMetering, Semver {
         // Mark the withdrawal as finalized so it can't be replayed.
         finalizedWithdrawals[withdrawalHash] = true;
 
-        // We want to maintain the property that the amount of gas supplied to the call to the
-        // target contract is at least the gas limit specified by the user. We can do this by
-        // enforcing that, at this point in time, we still have gaslimit + buffer gas available.
-        require(
-            gasleft() >= _tx.gasLimit + FINALIZE_GAS_BUFFER,
-            "OptimismPortal: insufficient gas to finalize withdrawal"
-        );
-
         // Set the l2Sender so contracts know who triggered this withdrawal on L2.
         l2Sender = _tx.sender;
 
-        // Trigger the call to the target contract. We use SafeCall because we don't
-        // care about the returndata and we don't want target contracts to be able to force this
-        // call to run out of gas via a returndata bomb.
-        bool success = SafeCall.call(
-            _tx.target,
-            gasleft() - FINALIZE_GAS_BUFFER,
-            _tx.value,
-            _tx.data
-        );
+        // Trigger the call to the target contract. We use a custom low level method
+        // SafeCall.callWithMinGas to ensure two key properties
+        //   1. Target contracts cannot force this call to run out of gas by returning a very large
+        //      amount of data (and this is OK because we don't care about the returndata here).
+        //   2. The amount of gas provided to the call to the target contract is at least the gas
+        //      limit specified by the user. If there is not enough gas in the callframe to
+        //      accomplish this, `callWithMinGas` will revert.
+        // Additionally, if there is not enough gas remaining to complete the execution after the
+        // call returns, this function will revert.
+        bool success = SafeCall.callWithMinGas(_tx.target, _tx.gasLimit, _tx.value, _tx.data);
 
         // Reset the l2Sender back to the default value.
         l2Sender = Constants.DEFAULT_L2_SENDER;

packages/contracts-bedrock/contracts/libraries/SafeCall.sol

@@ -26,7 +26,7 @@ library SafeCall {
                 _gas, // gas
                 _target, // recipient
                 _value, // ether value
-                add(_calldata, 0x20), // inloc
+                add(_calldata, 32), // inloc
                 mload(_calldata), // inlen
                 0, // outloc
                 0 // outlen
@@ -34,4 +34,71 @@ library SafeCall {
         }
         return _success;
     }
+
+    /**
+     * @notice Perform a low level call without copying any returndata. This function
+     *         will revert if the call cannot be performed with the specified minimum
+     *         gas.
+     *
+     * @param _target   Address to call
+     * @param _minGas   The minimum amount of gas that may be passed to the call
+     * @param _value    Amount of value to pass to the call
+     * @param _calldata Calldata to pass to the call
+     */
+    function callWithMinGas(
+        address _target,
+        uint256 _minGas,
+        uint256 _value,
+        bytes memory _calldata
+    ) internal returns (bool) {
+        bool _success;
+        assembly {
+            // Assertion: gasleft() >= ((_minGas + 200) * 64) / 63
+            //
+            // Because EIP-150 ensures that, a maximum of 63/64ths of the remaining gas in the call
+            // frame may be passed to a subcontext, we need to ensure that the gas will not be
+            // truncated to hold this function's invariant: "If a call is performed by
+            // `callWithMinGas`, it must receive at least the specified minimum gas limit." In
+            // addition, exactly 51 gas is consumed between the below `GAS` opcode and the `CALL`
+            // opcode, so it is factored in with some extra room for error.
+            if lt(gas(), div(mul(64, add(_minGas, 200)), 63)) {
+                // Store the "Error(string)" selector in scratch space.
+                mstore(0, 0x08c379a0)
+                // Store the pointer to the string length in scratch space.
+                mstore(32, 32)
+                // Store the string.
+                //
+                // SAFETY:
+                // - We pad the beginning of the string with two zero bytes as well as the
+                // length (24) to ensure that we override the free memory pointer at offset
+                // 0x40. This is necessary because the free memory pointer is likely to
+                // be greater than 1 byte when this function is called, but it is incredibly
+                // unlikely that it will be greater than 3 bytes. As for the data within
+                // 0x60, it is ensured that it is 0 due to 0x60 being the zero offset.
+                // - It's fine to clobber the free memory pointer, we're reverting.
+                mstore(88, 0x0000185361666543616c6c3a204e6f7420656e6f75676820676173)
+
+                // Revert with 'Error("SafeCall: Not enough gas")'
+                revert(28, 100)
+            }
+
+            // The call will be supplied at least (((_minGas + 200) * 64) / 63) - 49 gas due to the
+            // above assertion. This ensures that, in all circumstances, the call will
+            // receive at least the minimum amount of gas specified.
+            // We can prove this property by solving the inequalities:
+            // ((((_minGas + 200) * 64) / 63) - 49) >= _minGas
+            // ((((_minGas + 200) * 64) / 63) - 51) * (63 / 64) >= _minGas
+            // Both inequalities hold true for all possible values of `_minGas`.
+            _success := call(
+                gas(), // gas
+                _target, // recipient
+                _value, // ether value
+                add(_calldata, 32), // inloc
+                mload(_calldata), // inlen
+                0x00, // outloc
+                0x00 // outlen
+            )
+        }
+        return _success;
+    }
 }

packages/contracts-bedrock/contracts/test/Bytes.t.sol

@@ -122,6 +122,58 @@ contract Bytes_slice_Test is Test {
         vm.expectRevert("slice_overflow");
         Bytes.slice(_input, _start, _length);
     }
+
+    /**
+     * @notice Tests that the `slice` function correctly updates the free memory pointer depending
+     *         on the length of the slice.
+     */
+    function testFuzz_slice_memorySafety_succeeds(
+        bytes memory _input,
+        uint256 _start,
+        uint256 _length
+    ) public {
+        // The start should never be more than the length of the input bytes array - 1
+        vm.assume(_start < _input.length);
+        // The length should never be more than the length of the input bytes array - the starting
+        // slice index.
+        vm.assume(_length <= _input.length - _start);
+
+        // Grab the free memory pointer before the slice operation
+        uint256 initPtr;
+        assembly {
+            initPtr := mload(0x40)
+        }
+
+        // Slice the input bytes array from `_start` to `_start + _length`
+        bytes memory slice = Bytes.slice(_input, _start, _length);
+
+        // Grab the free memory pointer after the slice operation
+        uint256 finalPtr;
+        assembly {
+            finalPtr := mload(0x40)
+        }
+
+        // The free memory pointer should have been updated properly
+        if (_length == 0) {
+            // If the slice length is zero, only 32 bytes of memory should have been allocated.
+            assertEq(finalPtr, initPtr + 0x20);
+        } else {
+            // If the slice length is greater than zero, the memory allocated should be the
+            // length of the slice rounded up to the next 32 byte word + 32 bytes for the
+            // length of the byte array.
+            //
+            // Note that we use a slightly less efficient, but equivalent method of rounding
+            // up `_length` to the next multiple of 32 than is used in the `slice` function.
+            // This is to diff test the method used in `slice`.
+            assertEq(finalPtr, initPtr + 0x20 + (((_length + 0x1F) >> 5) << 5));
+
+            // Sanity check for equivalence of the rounding methods.
+            assertEq(((_length + 0x1F) >> 5) << 5, (_length + 0x1F) & ~uint256(0x1F));
+        }
+
+        // The slice length should be equal to `_length`
+        assertEq(slice.length, _length);
+    }
 }
 
 contract Bytes_toNibbles_Test is Test {

packages/contracts-bedrock/contracts/test/OptimismPortal.t.sol

@@ -905,7 +905,7 @@ contract OptimismPortal_FinalizeWithdrawal_Test is Portal_Initializer {
         );
 
         vm.warp(block.timestamp + oracle.FINALIZATION_PERIOD_SECONDS() + 1);
-        vm.expectRevert("OptimismPortal: insufficient gas to finalize withdrawal");
+        vm.expectRevert("SafeCall: Not enough gas");
         op.finalizeWithdrawalTransaction{ gas: gasLimit }(insufficientGasTx);
     }
 

packages/contracts-bedrock/contracts/test/SafeCall.t.sol

@@ -14,8 +14,8 @@ contract SafeCall_call_Test is CommonTest {
     ) external {
         vm.assume(from.balance == 0);
         vm.assume(to.balance == 0);
-        // no precompiles
-        vm.assume(uint160(to) > 10);
+        // no precompiles (mainnet)
+        assumeNoPrecompiles(to, 1);
         // don't call the vm
         vm.assume(to != address(vm));
         vm.assume(from != address(vm));
@@ -23,20 +23,140 @@ contract SafeCall_call_Test is CommonTest {
         vm.assume(to != address(0x000000000000000000636F6e736F6c652e6c6f67));
         // don't call the create2 deployer
         vm.assume(to != address(0x4e59b44847b379578588920cA78FbF26c0B4956C));
-        // don't send funds to self
-        vm.assume(from != to);
 
         assertEq(from.balance, 0, "from balance is 0");
         vm.deal(from, value);
         assertEq(from.balance, value, "from balance not dealt");
 
-        vm.expectCall(to, value, data);
+        uint256[2] memory balancesBefore = [from.balance, to.balance];
 
+        vm.expectCall(to, value, data);
         vm.prank(from);
         bool success = SafeCall.call(to, gas, value, data);
 
-        assertEq(success, true, "call not successful");
-        assertEq(to.balance, value, "to balance received");
-        assertEq(from.balance, 0, "from balance not drained");
+        assertTrue(success, "call not successful");
+        if (from == to) {
+            assertEq(from.balance, balancesBefore[0], "Self-send did not change balance");
+        } else {
+            assertEq(from.balance, balancesBefore[0] - value, "from balance not drained");
+            assertEq(to.balance, balancesBefore[1] + value, "to balance received");
+        }
+    }
+
+    function testFuzz_callWithMinGas_hasEnough_succeeds(
+        address from,
+        address to,
+        uint64 minGas,
+        uint64 value,
+        bytes memory data
+    ) external {
+        vm.assume(from.balance == 0);
+        vm.assume(to.balance == 0);
+        // no precompiles (mainnet)
+        assumeNoPrecompiles(to, 1);
+        // don't call the vm
+        vm.assume(to != address(vm));
+        vm.assume(from != address(vm));
+        // don't call the console
+        vm.assume(to != address(0x000000000000000000636F6e736F6c652e6c6f67));
+        // don't call the create2 deployer
+        vm.assume(to != address(0x4e59b44847b379578588920cA78FbF26c0B4956C));
+
+        assertEq(from.balance, 0, "from balance is 0");
+        vm.deal(from, value);
+        assertEq(from.balance, value, "from balance not dealt");
+
+        // Bound minGas to [0, l1_block_gas_limit]
+        minGas = uint64(bound(minGas, 0, 30_000_000));
+
+        uint256[2] memory balancesBefore = [from.balance, to.balance];
+
+        vm.expectCallMinGas(to, value, minGas, data);
+        vm.prank(from);
+        bool success = SafeCall.callWithMinGas(to, minGas, value, data);
+
+        assertTrue(success, "call not successful");
+        if (from == to) {
+            assertEq(from.balance, balancesBefore[0], "Self-send did not change balance");
+        } else {
+            assertEq(from.balance, balancesBefore[0] - value, "from balance not drained");
+            assertEq(to.balance, balancesBefore[1] + value, "to balance received");
+        }
+    }
+
+    function test_callWithMinGas_noLeakageLow_succeeds() external {
+        SimpleSafeCaller caller = new SimpleSafeCaller();
+
+        for (uint64 i = 5000; i < 50_000; i++) {
+            uint256 snapshot = vm.snapshot();
+
+            // 26,071 is the exact amount of gas required to make the safe call
+            // successfully.
+            if (i < 26_071) {
+                assertFalse(caller.makeSafeCall(i, 25_000));
+            } else {
+                vm.expectCallMinGas(
+                    address(caller),
+                    0,
+                    25_000,
+                    abi.encodeWithSelector(caller.setA.selector, 1)
+                );
+                assertTrue(caller.makeSafeCall(i, 25_000));
+            }
+
+            assertTrue(vm.revertTo(snapshot));
+        }
+    }
+
+    function test_callWithMinGas_noLeakageHigh_succeeds() external {
+        SimpleSafeCaller caller = new SimpleSafeCaller();
+
+        for (uint64 i = 15_200_000; i < 15_300_000; i++) {
+            uint256 snapshot = vm.snapshot();
+
+            // 15,238,769 is the exact amount of gas required to make the safe call
+            // successfully.
+            if (i < 15_238_769) {
+                assertFalse(caller.makeSafeCall(i, 15_000_000));
+            } else {
+                vm.expectCallMinGas(
+                    address(caller),
+                    0,
+                    15_000_000,
+                    abi.encodeWithSelector(caller.setA.selector, 1)
+                );
+                assertTrue(caller.makeSafeCall(i, 15_000_000));
+            }
+
+            assertTrue(vm.revertTo(snapshot));
+        }
+    }
+}
+
+contract SimpleSafeCaller {
+    uint256 public a;
+
+    function makeSafeCall(uint64 gas, uint64 minGas) external returns (bool) {
+        return
+            SafeCall.call(
+                address(this),
+                gas,
+                0,
+                abi.encodeWithSelector(this.makeSafeCallMinGas.selector, minGas)
+            );
+    }
+
+    function makeSafeCallMinGas(uint64 minGas) external returns (bool) {
+        return
+            SafeCall.callWithMinGas(
+                address(this),
+                minGas,
+                0,
+                abi.encodeWithSelector(this.setA.selector, 1)
+            );
+    }
+
+    function setA(uint256 _a) external {
+        a = _a;
     }
 }

packages/contracts-bedrock/contracts/test/invariants/SafeCall.t.sol

+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.15;
+
+import { Test } from "forge-std/Test.sol";
+import { StdUtils } from "forge-std/StdUtils.sol";
+import { Vm } from "forge-std/Vm.sol";
+import { SafeCall } from "../../libraries/SafeCall.sol";
+
+contract SafeCall_Succeeds_Invariants is Test {
+    SafeCaller_Actor actor;
+
+    function setUp() public {
+        // Create a new safe caller actor.
+        actor = new SafeCaller_Actor(vm, false);
+
+        // Set the caller to this contract
+        targetSender(address(this));
+
+        // Target the safe caller actor.
+        targetContract(address(actor));
+    }
+
+    /**
+     * @custom:invariant If `callWithMinGas` performs a call, then it must always
+     * provide at least the specified minimum gas limit to the subcontext.
+     *
+     * If the check for remaining gas in `SafeCall.callWithMinGas` passes, the
+     * subcontext of the call below it must be provided at least `minGas` gas.
+     */
+    function invariant_callWithMinGas_alwaysForwardsMinGas_succeeds() public {
+        assertEq(actor.numCalls(), 0, "no failed calls allowed");
+    }
+
+    function performSafeCallMinGas(uint64 minGas) external {
+        SafeCall.callWithMinGas(address(0), minGas, 0, hex"");
+    }
+}
+
+contract SafeCall_Fails_Invariants is Test {
+    SafeCaller_Actor actor;
+
+    function setUp() public {
+        // Create a new safe caller actor.
+        actor = new SafeCaller_Actor(vm, true);
+
+        // Set the caller to this contract
+        targetSender(address(this));
+
+        // Target the safe caller actor.
+        targetContract(address(actor));
+    }
+
+    /**
+     * @custom:invariant `callWithMinGas` reverts if there is not enough gas to pass
+     * to the subcontext.
+     *
+     * If there is not enough gas in the callframe to ensure that `callWithMinGas`
+     * can provide the specified minimum gas limit to the subcontext of the call,
+     * then `callWithMinGas` must revert.
+     */
+    function invariant_callWithMinGas_neverForwardsMinGas_reverts() public {
+        assertEq(actor.numCalls(), 0, "no successful calls allowed");
+    }
+
+    function performSafeCallMinGas(uint64 minGas) external {
+        SafeCall.callWithMinGas(address(0), minGas, 0, hex"");
+    }
+}
+
+contract SafeCaller_Actor is StdUtils {
+    bool internal immutable FAILS;
+
+    Vm internal vm;
+    uint256 public numCalls;
+
+    constructor(Vm _vm, bool _fails) {
+        vm = _vm;
+        FAILS = _fails;
+    }
+
+    function performSafeCallMinGas(uint64 gas, uint64 minGas) external {
+        if (FAILS) {
+            // Bound the minimum gas amount to [2500, type(uint48).max]
+            minGas = uint64(bound(minGas, 2500, type(uint48).max));
+            // Bound the gas passed to [minGas, (((minGas + 200) * 64) / 63)]
+            gas = uint64(bound(gas, minGas, (((minGas + 200) * 64) / 63)));
+        } else {
+            // Bound the minimum gas amount to [2500, type(uint48).max]
+            minGas = uint64(bound(minGas, 2500, type(uint48).max));
+            // Bound the gas passed to [(((minGas + 200) * 64) / 63) + 500, type(uint64).max]
+            gas = uint64(bound(gas, (((minGas + 200) * 64) / 63) + 500, type(uint64).max));
+        }
+
+        vm.expectCallMinGas(address(0x00), 0, minGas, hex"");
+        bool success = SafeCall.call(
+            msg.sender,
+            gas,
+            0,
+            abi.encodeWithSelector(0x2ae57a41, minGas)
+        );
+
+        if (success && FAILS) numCalls++;
+        if (!FAILS && !success) numCalls++;
+    }
+}

packages/contracts-bedrock/deploy-config/devnetL1.json

@@ -33,5 +33,6 @@
   "eip1559Denominator": 8,
   "eip1559Elasticity": 2,
   "l1GenesisBlockTimestamp": "0x638a4554",
-  "l1StartingBlockTag": "earliest"
+  "l1StartingBlockTag": "earliest",
+  "l2GenesisRegolithTimeOffset": "0x0"
 }

packages/contracts-bedrock/invariant-docs/README.md

@@ -14,6 +14,7 @@ This directory contains documentation for all defined invariant tests within `co
 - [L2OutputOracle](./L2OutputOracle.md)
 - [OptimismPortal](./OptimismPortal.md)
 - [ResourceMetering](./ResourceMetering.md)
+- [SafeCall](./SafeCall.md)
 - [SystemConfig](./SystemConfig.md)
 <!-- END autoTOC -->
 

packages/contracts-bedrock/invariant-docs/SafeCall.md

+# `SafeCall` Invariants
+
+## If `callWithMinGas` performs a call, then it must always provide at least the specified minimum gas limit to the subcontext.
+**Test:** [`SafeCall.t.sol#L30`](../contracts/test/invariants/SafeCall.t.sol#L30)
+
+If the check for remaining gas in `SafeCall.callWithMinGas` passes, the subcontext of the call below it must be provided at least `minGas` gas. 
+
+
+## `callWithMinGas` reverts if there is not enough gas to pass to the subcontext.
+**Test:** [`SafeCall.t.sol#L61`](../contracts/test/invariants/SafeCall.t.sol#L61)
+
+If there is not enough gas in the callframe to ensure that `callWithMinGas` can provide the specified minimum gas limit to the subcontext of the call, then `callWithMinGas` must revert. 

packages/contracts-bedrock/src/deploy-utils.ts

@@ -54,10 +54,16 @@ export const deploy = async ({
       waitConfirmations: hre.deployConfig.numDeployConfirmations,
     })
     console.log(`Deployed ${name} at ${result.address}`)
+    // Only wait for the transaction if it was recently deployed in case the
+    // result was deployed a long time ago and was pruned from the backend.
+    await hre.ethers.provider.waitForTransaction(result.transactionHash)
   }
 
-  // Always wait for the transaction to be mined, just in case.
-  await hre.ethers.provider.waitForTransaction(result.transactionHash)
+  // Check to make sure there is code
+  const code = await hre.ethers.provider.getCode(result.address)
+  if (code === '0x') {
+    throw new Error(`no code for ${result.address}`)
+  }
 
   // Create the contract object to return.
   const created = asAdvancedContract({

packages/contracts/docs/TeleportrDeposit.md

-# TeleportrDeposit
-
-
-
-> TeleportrDeposit Shout out to 0xclem for providing the inspiration for this contract: https://github.com/0xclem/teleportr/blob/main/contracts/BridgeDeposit.sol
-
-
-
-
-
-## Methods
-
-### maxBalance
-
-```solidity
-function maxBalance() external view returns (uint256)
-```
-
-The maximum balance the contract can hold after a receive.
-
-
-
-
-#### Returns
-
-| Name | Type | Description |
-|---|---|---|
-| _0 | uint256 | undefined
-
-### maxDepositAmount
-
-```solidity
-function maxDepositAmount() external view returns (uint256)
-```
-
-The maximum amount that be deposited in a receive.
-
-
-
-
-#### Returns
-
-| Name | Type | Description |
-|---|---|---|
-| _0 | uint256 | undefined
-
-### minDepositAmount
-
-```solidity
-function minDepositAmount() external view returns (uint256)
-```
-
-The minimum amount that be deposited in a receive.
-
-
-
-
-#### Returns
-
-| Name | Type | Description |
-|---|---|---|
-| _0 | uint256 | undefined
-
-### owner
-
-```solidity
-function owner() external view returns (address)
-```
-
-
-
-*Returns the address of the current owner.*
-
-
-#### Returns
-
-| Name | Type | Description |
-|---|---|---|
-| _0 | address | undefined
-
-### renounceOwnership
-
-```solidity
-function renounceOwnership() external nonpayable
-```
-
-
-
-*Leaves the contract without owner. It will not be possible to call `onlyOwner` functions anymore. Can only be called by the current owner. NOTE: Renouncing ownership will leave the contract without an owner, thereby removing any functionality that is only available to the owner.*
-
-
-### setMaxAmount
-
-```solidity
-function setMaxAmount(uint256 _maxDepositAmount) external nonpayable
-```
-
-Sets the maximum amount that can be deposited in a receive.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| _maxDepositAmount | uint256 | The new maximum deposit amount.
-
-### setMaxBalance
-
-```solidity
-function setMaxBalance(uint256 _maxBalance) external nonpayable
-```
-
-Sets the maximum balance the contract can hold after a receive.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| _maxBalance | uint256 | The new maximum contract balance.
-
-### setMinAmount
-
-```solidity
-function setMinAmount(uint256 _minDepositAmount) external nonpayable
-```
-
-Sets the minimum amount that can be deposited in a receive.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| _minDepositAmount | uint256 | The new minimum deposit amount.
-
-### totalDeposits
-
-```solidity
-function totalDeposits() external view returns (uint256)
-```
-
-The total number of successful deposits received.
-
-
-
-
-#### Returns
-
-| Name | Type | Description |
-|---|---|---|
-| _0 | uint256 | undefined
-
-### transferOwnership
-
-```solidity
-function transferOwnership(address newOwner) external nonpayable
-```
-
-
-
-*Transfers ownership of the contract to a new account (`newOwner`). Can only be called by the current owner.*
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| newOwner | address | undefined
-
-### withdrawBalance
-
-```solidity
-function withdrawBalance() external nonpayable
-```
-
-Sends the contract's current balance to the owner.
-
-
-
-
-
-
-## Events
-
-### BalanceWithdrawn
-
-```solidity
-event BalanceWithdrawn(address indexed owner, uint256 balance)
-```
-
-Emitted any time the balance is withdrawn by the owner.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| owner `indexed` | address | The current owner and recipient of the funds. |
-| balance  | uint256 | The current contract balance paid to the owner. |
-
-### EtherReceived
-
-```solidity
-event EtherReceived(uint256 indexed depositId, address indexed emitter, uint256 indexed amount)
-```
-
-Emitted any time a successful deposit is received.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| depositId `indexed` | uint256 | A unique sequencer number identifying the deposit. |
-| emitter `indexed` | address | The sending address of the payer. |
-| amount `indexed` | uint256 | The amount deposited by the payer. |
-
-### MaxBalanceSet
-
-```solidity
-event MaxBalanceSet(uint256 previousBalance, uint256 newBalance)
-```
-
-Emitted any time the contract maximum balance is set.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| previousBalance  | uint256 | The previous maximum contract balance. |
-| newBalance  | uint256 | The new maximum contract balance. |
-
-### MaxDepositAmountSet
-
-```solidity
-event MaxDepositAmountSet(uint256 previousAmount, uint256 newAmount)
-```
-
-Emitted any time the maximum deposit amount is set.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| previousAmount  | uint256 | The previous maximum deposit amount. |
-| newAmount  | uint256 | The new maximum deposit amount. |
-
-### MinDepositAmountSet
-
-```solidity
-event MinDepositAmountSet(uint256 previousAmount, uint256 newAmount)
-```
-
-Emitted any time the minimum deposit amount is set.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| previousAmount  | uint256 | The previous minimum deposit amount. |
-| newAmount  | uint256 | The new minimum deposit amount. |
-
-### OwnershipTransferred
-
-```solidity
-event OwnershipTransferred(address indexed previousOwner, address indexed newOwner)
-```
-
-
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| previousOwner `indexed` | address | undefined |
-| newOwner `indexed` | address | undefined |
-
-
-

packages/contracts/docs/TeleportrDisburser.md

-# TeleportrDisburser
-
-
-
-> TeleportrDisburser
-
-
-
-
-
-## Methods
-
-### disburse
-
-```solidity
-function disburse(uint256 _nextDepositId, TeleportrDisburser.Disbursement[] _disbursements) external payable
-```
-
-Accepts a list of Disbursements and forwards the amount paid to the contract to each recipient. The method reverts if there are zero disbursements, the total amount to forward differs from the amount sent in the transaction, or the _nextDepositId is unexpected. Failed disbursements will not cause the method to revert, but will instead be held by the contract and availabe for the owner to withdraw.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| _nextDepositId | uint256 | The depositId of the first Dispursement.
-| _disbursements | TeleportrDisburser.Disbursement[] | A list of Disbursements to process.
-
-### owner
-
-```solidity
-function owner() external view returns (address)
-```
-
-
-
-*Returns the address of the current owner.*
-
-
-#### Returns
-
-| Name | Type | Description |
-|---|---|---|
-| _0 | address | undefined
-
-### renounceOwnership
-
-```solidity
-function renounceOwnership() external nonpayable
-```
-
-
-
-*Leaves the contract without owner. It will not be possible to call `onlyOwner` functions anymore. Can only be called by the current owner. NOTE: Renouncing ownership will leave the contract without an owner, thereby removing any functionality that is only available to the owner.*
-
-
-### totalDisbursements
-
-```solidity
-function totalDisbursements() external view returns (uint256)
-```
-
-The total number of disbursements processed.
-
-
-
-
-#### Returns
-
-| Name | Type | Description |
-|---|---|---|
-| _0 | uint256 | undefined
-
-### transferOwnership
-
-```solidity
-function transferOwnership(address newOwner) external nonpayable
-```
-
-
-
-*Transfers ownership of the contract to a new account (`newOwner`). Can only be called by the current owner.*
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| newOwner | address | undefined
-
-### withdrawBalance
-
-```solidity
-function withdrawBalance() external nonpayable
-```
-
-Sends the contract's current balance to the owner.
-
-
-
-
-
-
-## Events
-
-### BalanceWithdrawn
-
-```solidity
-event BalanceWithdrawn(address indexed owner, uint256 balance)
-```
-
-Emitted any time the balance is withdrawn by the owner.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| owner `indexed` | address | The current owner and recipient of the funds. |
-| balance  | uint256 | The current contract balance paid to the owner. |
-
-### DisbursementFailed
-
-```solidity
-event DisbursementFailed(uint256 indexed depositId, address indexed to, uint256 amount)
-```
-
-Emitted any time a disbursement fails to send.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| depositId `indexed` | uint256 | The unique sequence number identifying the deposit. |
-| to `indexed` | address | The intended recipient of the disbursement. |
-| amount  | uint256 | The amount intended to be sent to the recipient. |
-
-### DisbursementSuccess
-
-```solidity
-event DisbursementSuccess(uint256 indexed depositId, address indexed to, uint256 amount)
-```
-
-Emitted any time a disbursement is successfuly sent.
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| depositId `indexed` | uint256 | The unique sequence number identifying the deposit. |
-| to `indexed` | address | The recipient of the disbursement. |
-| amount  | uint256 | The amount sent to the recipient. |
-
-### OwnershipTransferred
-
-```solidity
-event OwnershipTransferred(address indexed previousOwner, address indexed newOwner)
-```
-
-
-
-
-
-#### Parameters
-
-| Name | Type | Description |
-|---|---|---|
-| previousOwner `indexed` | address | undefined |
-| newOwner `indexed` | address | undefined |
-
-
-

specs/glossary.md

@@ -605,7 +605,7 @@ The safe L2 head is the highest [safe L2 block][safe-l2-block] that a [rollup no
 [unsafe-l2-block]: glossary.md#unsafe-l2-block
 
 An unsafe L2 block is an L2 block that a [rollup node][rollup-node] knows about, but which was not derived from the L1
-chian. In sequencer mode, this will be a block sequenced by the sequencer itself. In validator mode, this will be a
+chain. In sequencer mode, this will be a block sequenced by the sequencer itself. In validator mode, this will be a
 block acquired from the sequencer via [unsafe sync][unsafe-sync].
 
 ## Unsafe L2 Head