op-deployer: bugfix: Chain ownership roles (#12556)

* op-deployer: bugfix: Chain ownership roles * update tests and owner slot

op-deployer: bugfix: Chain ownership roles (#12556)
* op-deployer: bugfix: Chain ownership roles * update tests and owner slot
d8012e05 · Matthew Slipper · GitHub · d0350963 · d8012e05 · d8012e05
Commit d8012e05 authored Oct 21, 2024 by Matthew Slipper Committed by GitHub Oct 21, 2024
5 changed files
--- a/op-deployer/pkg/deployer/init.go
+++ b/op-deployer/pkg/deployer/init.go
@@ -124,13 +124,13 @@ func Init(cfg InitConfig) error {
 			Eip1559Denominator:         50,
 			Eip1559Elasticity:          6,
 			Roles: state.ChainRoles{
-				ProxyAdminOwner:      addrFor(devkeys.L2ProxyAdminOwnerRole.Key(l2ChainIDBig)),
-				SystemConfigOwner:    addrFor(devkeys.SystemConfigOwner.Key(l2ChainIDBig)),
-				GovernanceTokenOwner: addrFor(devkeys.L2ProxyAdminOwnerRole.Key(l2ChainIDBig)),
-				UnsafeBlockSigner:    addrFor(devkeys.SequencerP2PRole.Key(l2ChainIDBig)),
-				Batcher:              addrFor(devkeys.BatcherRole.Key(l2ChainIDBig)),
-				Proposer:             addrFor(devkeys.ProposerRole.Key(l2ChainIDBig)),
-				Challenger:           addrFor(devkeys.ChallengerRole.Key(l2ChainIDBig)),
+				L1ProxyAdminOwner: addrFor(devkeys.L1ProxyAdminOwnerRole.Key(l2ChainIDBig)),
+				L2ProxyAdminOwner: addrFor(devkeys.L2ProxyAdminOwnerRole.Key(l2ChainIDBig)),
+				SystemConfigOwner: addrFor(devkeys.SystemConfigOwner.Key(l2ChainIDBig)),
+				UnsafeBlockSigner: addrFor(devkeys.SequencerP2PRole.Key(l2ChainIDBig)),
+				Batcher:           addrFor(devkeys.BatcherRole.Key(l2ChainIDBig)),
+				Proposer:          addrFor(devkeys.ProposerRole.Key(l2ChainIDBig)),
+				Challenger:        addrFor(devkeys.ChallengerRole.Key(l2ChainIDBig)),
 			},
 		})
 	}

--- a/op-deployer/pkg/deployer/integration_test/apply_test.go
+++ b/op-deployer/pkg/deployer/integration_test/apply_test.go
@@ -260,13 +260,13 @@ func newChainIntent(t *testing.T, dk *devkeys.MnemonicDevKeys, l1ChainID *big.In
 		Eip1559Denominator:         50,
 		Eip1559Elasticity:          6,
 		Roles: state.ChainRoles{
-			ProxyAdminOwner:      addrFor(t, dk, devkeys.L2ProxyAdminOwnerRole.Key(l1ChainID)),
-			SystemConfigOwner:    addrFor(t, dk, devkeys.SystemConfigOwner.Key(l1ChainID)),
-			GovernanceTokenOwner: addrFor(t, dk, devkeys.L2ProxyAdminOwnerRole.Key(l1ChainID)),
-			UnsafeBlockSigner:    addrFor(t, dk, devkeys.SequencerP2PRole.Key(l1ChainID)),
-			Batcher:              addrFor(t, dk, devkeys.BatcherRole.Key(l1ChainID)),
-			Proposer:             addrFor(t, dk, devkeys.ProposerRole.Key(l1ChainID)),
-			Challenger:           addrFor(t, dk, devkeys.ChallengerRole.Key(l1ChainID)),
+			L1ProxyAdminOwner: addrFor(t, dk, devkeys.L2ProxyAdminOwnerRole.Key(l1ChainID)),
+			L2ProxyAdminOwner: addrFor(t, dk, devkeys.L2ProxyAdminOwnerRole.Key(l1ChainID)),
+			SystemConfigOwner: addrFor(t, dk, devkeys.SystemConfigOwner.Key(l1ChainID)),
+			UnsafeBlockSigner: addrFor(t, dk, devkeys.SequencerP2PRole.Key(l1ChainID)),
+			Batcher:           addrFor(t, dk, devkeys.BatcherRole.Key(l1ChainID)),
+			Proposer:          addrFor(t, dk, devkeys.ProposerRole.Key(l1ChainID)),
+			Challenger:        addrFor(t, dk, devkeys.ChallengerRole.Key(l1ChainID)),
 		},
 	}
 }
@@ -335,7 +335,7 @@ func validateOPChainDeployment(t *testing.T, cg codeGetter, st *state.State, int
 		require.NotEmpty(t, code, "contract %s at %s has no code", addr.name, addr.addr)
 	}

-	for _, chainState := range st.Chains {
+	for i, chainState := range st.Chains {
 		chainAddrs := []struct {
 			name string
 			addr common.Address
@@ -366,13 +366,23 @@ func validateOPChainDeployment(t *testing.T, cg codeGetter, st *state.State, int

 		alloc := chainState.Allocs.Data.Accounts

-		firstChainIntent := intent.Chains[0]
-		checkImmutable(t, alloc, predeploys.BaseFeeVaultAddr, firstChainIntent.BaseFeeVaultRecipient)
-		checkImmutable(t, alloc, predeploys.L1FeeVaultAddr, firstChainIntent.L1FeeVaultRecipient)
-		checkImmutable(t, alloc, predeploys.SequencerFeeVaultAddr, firstChainIntent.SequencerFeeVaultRecipient)
-
-		require.Equal(t, int(firstChainIntent.Eip1559Denominator), 50, "EIP1559Denominator should be set")
-		require.Equal(t, int(firstChainIntent.Eip1559Elasticity), 6, "EIP1559Elasticity should be set")
+		chainIntent := intent.Chains[i]
+		checkImmutable(t, alloc, predeploys.BaseFeeVaultAddr, chainIntent.BaseFeeVaultRecipient)
+		checkImmutable(t, alloc, predeploys.L1FeeVaultAddr, chainIntent.L1FeeVaultRecipient)
+		checkImmutable(t, alloc, predeploys.SequencerFeeVaultAddr, chainIntent.SequencerFeeVaultRecipient)
+
+		// ownership slots
+		var addrAsSlot common.Hash
+		addrAsSlot.SetBytes(chainIntent.Roles.L1ProxyAdminOwner.Bytes())
+		// slot 0
+		ownerSlot := common.Hash{}
+		checkStorageSlot(t, alloc, predeploys.ProxyAdminAddr, ownerSlot, addrAsSlot)
+		var defaultGovOwner common.Hash
+		defaultGovOwner.SetBytes(common.HexToAddress("0xDeaDDEaDDeAdDeAdDEAdDEaddeAddEAdDEAdDEad").Bytes())
+		checkStorageSlot(t, alloc, predeploys.GovernanceTokenAddr, common.Hash{31: 0x0a}, defaultGovOwner)
+
+		require.Equal(t, int(chainIntent.Eip1559Denominator), 50, "EIP1559Denominator should be set")
+		require.Equal(t, int(chainIntent.Eip1559Elasticity), 6, "EIP1559Elasticity should be set")
 	}
 }

@@ -396,6 +406,18 @@ func checkImmutable(t *testing.T, allocations types.GenesisAlloc, proxyContract
 	)
 }

+func checkStorageSlot(t *testing.T, allocs types.GenesisAlloc, address common.Address, slot common.Hash, expected common.Hash) {
+	account, ok := allocs[address]
+	require.True(t, ok, "account not found for address %s", address)
+	value, ok := account.Storage[slot]
+	if expected == (common.Hash{}) {
+		require.False(t, ok, "slot %s for account %s should not be set", slot, address)
+		return
+	}
+	require.True(t, ok, "slot %s not found for account %s", slot, address)
+	require.Equal(t, expected, value, "slot %s for account %s should be %s", slot, address, expected)
+}
+
 func TestApplyExistingOPCM(t *testing.T) {
 	anvil.Test(t)


--- a/op-deployer/pkg/deployer/pipeline/opchain.go
+++ b/op-deployer/pkg/deployer/pipeline/opchain.go
@@ -173,7 +173,7 @@ func DeployOPChainGenesisStrategy(env *Env, intent *state.Intent, st *state.Stat

 func makeDCI(thisIntent *state.ChainIntent, chainID common.Hash, st *state.State) opcm.DeployOPChainInput {
 	return opcm.DeployOPChainInput{
-		OpChainProxyAdminOwner:  thisIntent.Roles.ProxyAdminOwner,
+		OpChainProxyAdminOwner:  thisIntent.Roles.L1ProxyAdminOwner,
 		SystemConfigOwner:       thisIntent.Roles.SystemConfigOwner,
 		Batcher:                 thisIntent.Roles.Batcher,
 		UnsafeBlockSigner:       thisIntent.Roles.UnsafeBlockSigner,

--- a/op-deployer/pkg/deployer/state/deploy_config.go
+++ b/op-deployer/pkg/deployer/state/deploy_config.go
@@ -40,6 +40,7 @@ func DefaultDeployConfig(chainIntent *ChainIntent) genesis.DeployConfig {
 				EnableGovernance:      true,
 				GovernanceTokenSymbol: "OP",
 				GovernanceTokenName:   "Optimism",
+				GovernanceTokenOwner:  common.HexToAddress("0xDeaDDEaDDeAdDeAdDEAdDEaddeAddEAdDEAdDEad"),
 			},
 			GasPriceOracleDeployConfig: genesis.GasPriceOracleDeployConfig{
 				GasPriceOracleBaseFeeScalar:     1368,
@@ -57,7 +58,6 @@ func DefaultDeployConfig(chainIntent *ChainIntent) genesis.DeployConfig {
 				L2GenesisEcotoneTimeOffset:  u64UtilPtr(0),
 				L2GenesisFjordTimeOffset:    u64UtilPtr(0),
 				L2GenesisGraniteTimeOffset:  u64UtilPtr(0),
-				L2GenesisHoloceneTimeOffset: u64UtilPtr(0),
 				UseInterop:                  false,
 			},
 			L2CoreDeployConfig: genesis.L2CoreDeployConfig{
@@ -112,6 +112,10 @@ func CombineDeployConfig(intent *Intent, chainIntent *ChainIntent, state *State,
 		BatchSenderAddress:  chainIntent.Roles.Batcher,
 		P2PSequencerAddress: chainIntent.Roles.UnsafeBlockSigner,
 	}
+	cfg.OwnershipDeployConfig = genesis.OwnershipDeployConfig{
+		ProxyAdminOwner:  chainIntent.Roles.L2ProxyAdminOwner,
+		FinalSystemOwner: chainIntent.Roles.L1ProxyAdminOwner,
+	}
 	cfg.BatchInboxAddress = calculateBatchInboxAddr(chainState.ID)
 	cfg.L1ChainID = intent.L1ChainID


--- a/op-deployer/pkg/deployer/state/intent.go
+++ b/op-deployer/pkg/deployer/state/intent.go
@@ -162,11 +162,11 @@ type ChainIntent struct {
 }

 type ChainRoles struct {
-	ProxyAdminOwner common.Address `json:"proxyAdminOwner" toml:"proxyAdminOwner"`
+	L1ProxyAdminOwner common.Address `json:"l1ProxyAdminOwner" toml:"l1ProxyAdminOwner"`

-	SystemConfigOwner common.Address `json:"systemConfigOwner" toml:"systemConfigOwner"`
+	L2ProxyAdminOwner common.Address `json:"l2ProxyAdminOwner" toml:"l2ProxyAdminOwner"`

-	GovernanceTokenOwner common.Address `json:"governanceTokenOwner" toml:"governanceTokenOwner"`
+	SystemConfigOwner common.Address `json:"systemConfigOwner" toml:"systemConfigOwner"`

 	UnsafeBlockSigner common.Address `json:"unsafeBlockSigner" toml:"unsafeBlockSigner"`

@@ -183,16 +183,16 @@ func (c *ChainIntent) Check() error {
 		return fmt.Errorf("id must be set")
 	}

-	if c.Roles.ProxyAdminOwner == emptyAddress {
+	if c.Roles.L1ProxyAdminOwner == emptyAddress {
 		return fmt.Errorf("proxyAdminOwner must be set")
 	}

 	if c.Roles.SystemConfigOwner == emptyAddress {
-		c.Roles.SystemConfigOwner = c.Roles.ProxyAdminOwner
+		c.Roles.SystemConfigOwner = c.Roles.L1ProxyAdminOwner
 	}

-	if c.Roles.GovernanceTokenOwner == emptyAddress {
-		c.Roles.GovernanceTokenOwner = c.Roles.ProxyAdminOwner
+	if c.Roles.L2ProxyAdminOwner == emptyAddress {
+		return fmt.Errorf("l2ProxyAdminOwner must be set")
 	}

 	if c.Roles.UnsafeBlockSigner == emptyAddress {