Predeploy -> Preinstall (#8964)

* Predeploy -> Preinstall * Update specs/glossary.md Co-authored-by: refcell.eth <abigger87@gmail.com> * Update specs/glossary.md Co-authored-by: refcell.eth <abigger87@gmail.com> * Update README.md * Update preinstalls.md --------- Co-authored-by: refcell.eth <abigger87@gmail.com>

Predeploy -> Preinstall (#8964)
* Predeploy -> Preinstall * Update specs/glossary.md Co-authored-by: refcell.eth <abigger87@gmail.com> * Update specs/glossary.md Co-authored-by: refcell.eth <abigger87@gmail.com> * Update README.md * Update preinstalls.md --------- Co-authored-by: refcell.eth <abigger87@gmail.com>
db25f4bc · Wyatt Barnes · GitHub · af4acf1e · db25f4bc · db25f4bc
Commit db25f4bc authored Jan 12, 2024 by Wyatt Barnes Committed by GitHub Jan 12, 2024
Showing with 177 additions and 147 deletions

README.md op-bindings/bindgen/README.md +11 -11

glossary.md specs/glossary.md +11 -0

predeploys.md specs/predeploys.md +6 -136

preinstalls.md specs/preinstalls.md +149 -0

No files found.
--- a/op-bindings/bindgen/README.md
+++ b/op-bindings/bindgen/README.md
@@ -15,12 +15,12 @@ A CLI for generating Go bindings from Forge artifacts and API clients such as Et
    - [Global Flags](#global-flags)
  - [Local Flags](#local-flags)
  - [Remote Flags](#remote-flags)
- [Using BindGen to Add New Predeploys to L2 Genesis](#using-bindgen-to-add-new-predeploys-to-l2-genesis)
+- [Using BindGen to Add New Preinstalls to L2 Genesis](#using-bindgen-to-add-new-preinstalls-to-l2-genesis)
  - [Anatomy of `artifacts.json`](#anatomy-of-artifactsjson)
    - [`"local"` Contracts](#local-contracts)
    - [`"remote"` Contracts](#remote-contracts)
    - [Adding A New `"remote"` Contract](#adding-a-new-remote-contract)
-      - [Contracts that Don't Make Good Predeploys](#contracts-that-dont-make-good-predeploys)
+      - [Contracts that Don't Make Good Preinstalls](#contracts-that-dont-make-good-preinstalls)
    - [Adding the Contract to L2 Genesis](#adding-the-contract-to-l2-genesis)

 # Dependencies
@@ -159,11 +159,11 @@ Flag                   | Type   | Description
 `rpc.url.eth`          | String | This is any HTTP URL that can be used to query an Ethereum Mainnet RPC node | Yes
 `rpc.url.op`           | String | This is any HTTP URL that can be used to query an Optimism Mainnet RPC node | Yes

-# Using BindGen to Add New Predeploys to L2 Genesis
+# Using BindGen to Add New Preinstalls to L2 Genesis

 **Note** While we encourage hacking on the OP stack, we are not actively looking to integrate more contracts to the official OP stack genesis.

-BindGen uses the provided `contracts-list` to generate Go bindings and metadata files which are used when building the L2 genesis. The first step in adding a new predeploy to L2 genesis is adding the contract to your `contracts-list` (by default this list if [artifacts.json](../artifacts.json)).
+BindGen uses the provided `contracts-list` to generate Go bindings and metadata files which are used when building the L2 genesis. The first step in adding a new preinstall to L2 genesis is adding the contract to your `contracts-list` (by default this list if [artifacts.json](../artifacts.json)).

 ## Anatomy of `artifacts.json`

@@ -297,7 +297,7 @@ If you contract is verified on Etherscan, doesn't contain any Solidity `immutabl
 2. Compares the retrieved deployed bytecode from Etherscan against the response of `eth_codeAt` from an RPC node for each network specified in `RemoteContract.deployments` (this is a sanity check to verify Etherscan is returning correct data)
 3. If applicable, removes the provided `RemoteContract.deploymentSalt` from the initialization bytecode
 4. Compares the initialization bytecode retrieved from Etherscan on Ethereum Mainnet against the bytecode retrieved from Etherscan on Optimism Mainnet
-  - This is an important sanity check! If the initialization bytecode from Ethereum differs from Optimism, then there's a big chance the deployment from Ethereum may not behave as expected if predeployed to an OP stack L2
+  - This is an important sanity check! If the initialization bytecode from Ethereum differs from Optimism, then there's a big chance the deployment from Ethereum may not behave as expected if preinstalled to an OP stack L2
 5. Compares the deployment bytecode retrieved from Etherscan on Ethereum Mainnet against the bytecode retrieved from Etherscan on Optimism Mainnet
  - This has the same concern as differing initialization bytecode
 6. Lastly, the Go bindings are generated and the metadata file is written to the path provided as `metadata-out` CLI flag
@@ -308,16 +308,16 @@ All other default `"remote"` contract have some variation of the above execution
 - `MultiSend_v130` has an `immutable` Solidity variable the resolves to `address(this)`, so we can't use the deployment bytecode from Ethereum Mainnet, we must get it's deployment bytecode from Optimism Mainnet
 - `SenderCreator` is deployed by `EntryPoint`, so it's initialization bytecode is provided in [artifacts.json](../artifacts.json) and not being fetched from Etherscan like other contracts

-#### Contracts that Don't Make Good Predeploys
+#### Contracts that Don't Make Good Preinstalls

-Not every contract can be added as a predeploy, and some contracts have nuances that make them potentially dangerous or troublesome to predeploy. Below are some examples of contracts that wouldn't make good predeploys. This is not a comprehensive list, so make sure to use judgment for each contract added as a predeploy.
+Not every contract can be added as a preinstall, and some contracts have nuances that make them potentially dangerous or troublesome to preinstall. Below are some examples of contracts that wouldn't make good preinstalls. This is not a comprehensive list, so make sure to use judgment for each contract added as a preinstall.

 - Contracts that haven't been audited or stood the test of time
-  - Once a contract is predeployed and a network is started, if a vulnerability is discovered for the contract and there is no way to easily disable the contract, the only options to "disable" the vulnerable contract are to either (A) remove it from the L2 genesis and restart the L2 network, (B) Hardfork the network to remove/replace the predeploy, or (C) Warn users not to use the vulnerable predeploy
+  - Once a contract is preinstalled and a network is started, if a vulnerability is discovered for the contract and there is no way to easily disable the contract, the only options to "disable" the vulnerable contract are to either (A) remove it from the L2 genesis and restart the L2 network, (B) Hardfork the network to remove/replace the preinstall, or (C) Warn users not to use the vulnerable preinstall
 - Related to above, contracts that may become deprecated/unsupported relatively soon
  - As mentioned above, you're limited to options A, B, or C
 - Upgradeable Contracts
-  - While it's certainly feasible to predeploy an upgradeable contract, great care should be taken to minimize security risks to users if the contract is upgraded to a malicious or buggy implementation. Understanding who has the ability to upgrade the contract is key to avoiding this. Additionally, user's might be expecting a predeploy to do something and may be caught off guard if the implementation was upgraded without their knowledge
+  - While it's certainly feasible to preinstall an upgradeable contract, great care should be taken to minimize security risks to users if the contract is upgraded to a malicious or buggy implementation. Understanding who has the ability to upgrade the contract is key to avoiding this. Additionally, user's might be expecting a preinstall to do something and may be caught off guard if the implementation was upgraded without their knowledge
 - Contracts with Privileged Roles and Configuration Parameters
  - Similar to the upgradeable contracts, simply having an owner or other privileged role with the ability to make configuration changes can present a security risk and result in unexpected different behaviors across chains.
 - Contracts that have dependencies
@@ -329,9 +329,9 @@ Not every contract can be added as a predeploy, and some contracts have nuances

 ### Adding the Contract to L2 Genesis

-Once you've configured the `contracts-list` to include the contracts you'd like to add as predeploys, the next step is utilizing the BindGen outputs to configure the L2 genesis.
+Once you've configured the `contracts-list` to include the contracts you'd like to add as preinstalls, the next step is utilizing the BindGen outputs to configure the L2 genesis.

-1. First we must update the [addresses.go](../predeploys/addresses.go) file to include the address we're predeploying our contracts to
+1. First we must update the [addresses.go](../predeploys/addresses.go) file to include the address we're preinstalling our contracts to
 1. Update the `switch` case found in [layer_two.go](../../op-chain-ops/genesis/layer_two.go) to include the `name` of your contracts
 1. Update [immutables.go](../../op-chain-ops/immutables/immutables.go) to include your added contracts
 1. Update [Predeploys.sol](../../packages/contracts-bedrock/src/libraries/Predeploys.sol) to include your added contracts at their expected addresses

--- a/specs/glossary.md
+++ b/specs/glossary.md
@@ -12,6 +12,7 @@
  - [Merkle Patricia Trie](#merkle-patricia-trie)
  - [Chain Re-Organization](#chain-re-organization)
  - [Predeployed Contract ("Predeploy")](#predeployed-contract-predeploy)
+  - [Preinstalled Contract ("Preinstall")](#preinstalled-contract-preinstall)
  - [Receipt](#receipt)
  - [Transaction Type](#transaction-type)
  - [Fork Choice Rule](#fork-choice-rule)
@@ -137,6 +138,16 @@ A contract placed in the L2 genesis state (i.e. at the start of the chain).

 All predeploy contracts are specified in the [predeploys specification][./predeploys.md].

+## Preinstalled Contract ("Preinstall")
+
+[preinstall]: glossary.md#preinstalled-contract-preinstall
+
+A contract placed in the L2 genesis state (i.e. at the start of the chain). These contracts do not share the same
+security guarantees as [predeploys](#predeployed-contract-predeploy), but are general use contracts made
+available to improve the L2's UX.
+
+All preinstall contracts are specified in the [preinstalls specification][./preinstalls.md].
+
 ## Receipt

 [receipt]: glossary.md#receipt

--- a/specs/predeploys.md
+++ b/specs/predeploys.md
--- a/specs/preinstalls.md
+++ b/specs/preinstalls.md
+# Preinstalls
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+**Table of Contents**
+
+- [Overview](#overview)
+- [Safe](#safe)
+- [SafeL2](#safel2)
+- [MultiSend](#multisend)
+- [MultiSendCallOnly](#multisendcallonly)
+- [SafeSingletonFactory](#safesingletonfactory)
+- [Multicall3](#multicall3)
+- [Arachnid's Deterministic Deployment Proxy](#arachnids-deterministic-deployment-proxy)
+- [Permit2](#permit2)
+- [ERC-4337 EntryPoint](#erc-4337-entrypoint)
+- [ERC-4337 SenderCreator](#erc-4337-sendercreator)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
+## Overview
+
+[Preinstalled smart contracts](./glossary.md#preinstalled-contract-preinstall) exist on Optimism
+at predetermined addresses in the genesis state. They are similar to precompiles but instead run
+directly in the EVM instead of running native code outside of the EVM and are developed by third
+parties unaffiliated with the Optimism Collective.
+
+These preinstalls are commonly deployed smart contracts that are being placed at genesis for convenience.
+It's important to note that these contracts do not have the same security guarantees
+as [Predeployed smart contracts](./glossary.md#predeployed-contract-predeploy).
+
+The following table includes each of the preinstalls.
+
+| Name                                      | Address                                    |
+| ----------------------------------------- | ------------------------------------------ |
+| Safe                                      | 0x69f4D1788e39c87893C980c06EdF4b7f686e2938 |
+| SafeL2                                    | 0xfb1bffC9d739B8D520DaF37dF666da4C687191EA |
+| MultiSend                                 | 0x998739BFdAAdde7C933B942a68053933098f9EDa |
+| MultiSendCallOnly                         | 0xA1dabEF33b3B82c7814B6D82A79e50F4AC44102B |
+| SafeSingletonFactory                      | 0x914d7Fec6aaC8cd542e72Bca78B30650d45643d7 |
+| Multicall3                                | 0xcA11bde05977b3631167028862bE2a173976CA11 |
+| Arachnid's Deterministic Deployment Proxy | 0x4e59b44847b379578588920cA78FbF26c0B4956C |
+| Permit2                                   | 0x000000000022D473030F116dDEE9F6B43aC78BA3 |
+| ERC-4337 EntryPoint                       | 0x5FF137D4b0FDCD49DcA30c7CF57E578a026d2789 |
+| ERC-4337 SenderCreator                    | 0x7fc98430eaedbb6070b35b39d798725049088348 |
+
+## Safe
+
+[Implementation](https://github.com/safe-global/safe-contracts/blob/v1.3.0/contracts/GnosisSafe.sol)
+
+Address: `0x69f4D1788e39c87893C980c06EdF4b7f686e2938`
+
+A multisignature wallet with support for confirmations using signed messages based on ERC191.
+Differs from [SafeL2](#safel2) by not emitting events to save gas.
+
+## SafeL2
+
+[Implementation](https://github.com/safe-global/safe-contracts/blob/v1.3.0/contracts/GnosisSafeL2.sol)
+
+Address: `0xfb1bffC9d739B8D520DaF37dF666da4C687191EA`
+
+A multisignature wallet with support for confirmations using signed messages based on ERC191.
+Differs from [Safe](#safe) by emitting events.
+
+## MultiSend
+
+[Implementation](https://github.com/safe-global/safe-contracts/blob/v1.3.0/contracts/libraries/MultiSend.sol)
+
+Address: `0x998739BFdAAdde7C933B942a68053933098f9EDa`
+
+Allows to batch multiple transactions into one.
+
+## MultiSendCallOnly
+
+[Implementation](https://github.com/safe-global/safe-contracts/blob/v1.3.0/contracts/libraries/MultiSendCallOnly.sol)
+
+Address: `0xA1dabEF33b3B82c7814B6D82A79e50F4AC44102B`
+
+Allows to batch multiple transactions into one, but only calls.
+
+## SafeSingletonFactory
+
+[Implementation](https://github.com/safe-global/safe-singleton-factory/blob/v1.0.17/source/deterministic-deployment-proxy.yul)
+
+Address: `0x914d7Fec6aaC8cd542e72Bca78B30650d45643d7`
+
+Singleton factory used by Safe-related contracts based on
+[Arachnid's Deterministic Deployment Proxy](#arachnids-deterministic-deployment-proxy).
+
+The original library used a pre-signed transaction without a chain ID to allow deployment on different chains.
+Some chains do not allow such transactions to be submitted; therefore, this contract will provide the same factory
+that can be deployed via a pre-signed transaction that includes the chain ID. The key that is used to sign is
+controlled by the Safe team.
+
+## Multicall3
+
+[Implementation](https://github.com/mds1/multicall/blob/v3.1.0/src/Multicall3.sol)
+
+Address: `0xcA11bde05977b3631167028862bE2a173976CA11`
+
+`Multicall3` has two main use cases:
+
+- Aggregate results from multiple contract reads into a single JSON-RPC request.
+- Execute multiple state-changing calls in a single transaction.
+
+## Arachnid's Deterministic Deployment Proxy
+
+[Implementation](https://github.com/Arachnid/deterministic-deployment-proxy/blob/v1.0.0/source/deterministic-deployment-proxy.yul)
+
+Address: `0x4e59b44847b379578588920cA78FbF26c0B4956C`
+
+This contract can deploy other contracts with a deterministic address on any chain using `CREATE2`. The `CREATE2`
+call will deploy a contract (like `CREATE` opcode) but instead of the address being
+`keccak256(rlp([deployer_address, nonce]))` it instead uses the hash of the contract's bytecode and a salt.
+This means that a given deployer address will deploy the
+same code to the same address no matter when or where they issue the deployment. The deployer is deployed
+ith a one-time-use-account, so no matter what chain the deployer is on, its address will always be the same. This
+means the only variables in determining the address of your contract are its bytecode hash and the provided salt.
+
+Between the use of `CREATE2` opcode and the one-time-use-account for the deployer, this contracts ensures
+that a given contract will exist at the exact same address on every chain, but without having to use the
+same gas pricing or limits every time.
+
+## Permit2
+
+[Implementation](https://github.com/Uniswap/permit2/blob/0x000000000022D473030F116dDEE9F6B43aC78BA3/src/Permit2.sol)
+
+Address: `0x000000000022D473030F116dDEE9F6B43aC78BA3`
+
+Permit2 introduces a low-overhead, next-generation token approval/meta-tx system to make token approvals easier,
+more secure, and more consistent across applications.
+
+## ERC-4337 EntryPoint
+
+[Implementation](https://github.com/eth-infinitism/account-abstraction/blob/v0.6.0/contracts/core/EntryPoint.sol)
+
+Address: `0x5FF137D4b0FDCD49DcA30c7CF57E578a026d2789`
+
+This contract verifies and executes the bundles of ERC-4337
+[UserOperations](https://www.erc4337.io/docs/understanding-ERC-4337/user-operation) sent to it.
+
+## ERC-4337 SenderCreator
+
+[Implementation](https://github.com/eth-infinitism/account-abstraction/blob/v0.6.0/contracts/core/SenderCreator.sol)
+
+Address: `0x7fc98430eaedbb6070b35b39d798725049088348`
+
+Helper contract for [EntryPoint](#erc-4337-entrypoint), to call `userOp.initCode` from a "neutral" address,
+which is explicitly not `EntryPoint` itself.