Source Code
Overview
ETH Balance
0 ETH
More Info
ContractCreator
Multichain Info
N/A
Latest 25 from a total of 5,776 transactions
Transaction Hash |
Method
|
Block
|
From
|
To
|
|||||
---|---|---|---|---|---|---|---|---|---|
Post Commitment | 1580692 | 243 days ago | IN | 0 ETH | 0.00107558 | ||||
Post Commitment | 1580652 | 243 days ago | IN | 0 ETH | 0.00104352 | ||||
Post Commitment | 1580611 | 243 days ago | IN | 0 ETH | 0.00093477 | ||||
Post Commitment | 1580571 | 243 days ago | IN | 0 ETH | 0.00133074 | ||||
Post Commitment | 1580527 | 243 days ago | IN | 0 ETH | 0.00089544 | ||||
Post Commitment | 1580486 | 243 days ago | IN | 0 ETH | 0.00107646 | ||||
Post Commitment | 1580447 | 243 days ago | IN | 0 ETH | 0.00156171 | ||||
Post Commitment | 1580407 | 243 days ago | IN | 0 ETH | 0.00161316 | ||||
Post Commitment | 1580366 | 243 days ago | IN | 0 ETH | 0.00116617 | ||||
Post Commitment | 1580320 | 243 days ago | IN | 0 ETH | 0.00081618 | ||||
Post Commitment | 1580290 | 243 days ago | IN | 0 ETH | 0.00139446 | ||||
Post Commitment | 1580240 | 243 days ago | IN | 0 ETH | 0.00094607 | ||||
Post Commitment | 1580200 | 243 days ago | IN | 0 ETH | 0.00163103 | ||||
Post Commitment | 1580158 | 243 days ago | IN | 0 ETH | 0.00093038 | ||||
Post Commitment | 1580113 | 243 days ago | IN | 0 ETH | 0.00105794 | ||||
Post Commitment | 1580078 | 243 days ago | IN | 0 ETH | 0.00086004 | ||||
Post Commitment | 1580041 | 243 days ago | IN | 0 ETH | 0.00088736 | ||||
Post Commitment | 1580006 | 243 days ago | IN | 0 ETH | 0.00053657 | ||||
Post Commitment | 1579964 | 243 days ago | IN | 0 ETH | 0.00146909 | ||||
Post Commitment | 1579923 | 243 days ago | IN | 0 ETH | 0.00128435 | ||||
Post Commitment | 1579840 | 243 days ago | IN | 0 ETH | 0.00096859 | ||||
Post Commitment | 1579796 | 243 days ago | IN | 0 ETH | 0.00164687 | ||||
Post Commitment | 1579756 | 243 days ago | IN | 0 ETH | 0.00085576 | ||||
Post Commitment | 1579718 | 243 days ago | IN | 0 ETH | 0.00074349 | ||||
Post Commitment | 1579675 | 243 days ago | IN | 0 ETH | 0.00176078 |
View more zero value Internal Transactions in Advanced View mode
Advanced mode:
Loading...
Loading
This contract may be a proxy contract. Click on More Options and select Is this a proxy? to confirm and enable the "Read as Proxy" & "Write as Proxy" tabs.
Contract Name:
MockRollup
Compiler Version
v0.8.12+commit.f00d7308
Optimization Enabled:
Yes with 200 runs
Other Settings:
london EvmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.9; import {EigenDARollupUtils} from "../libraries/EigenDARollupUtils.sol"; import {EigenDAServiceManager} from "../core/EigenDAServiceManager.sol"; import {IEigenDAServiceManager} from "../interfaces/IEigenDAServiceManager.sol"; import {BN254} from "eigenlayer-middleware/libraries/BN254.sol"; struct Commitment { address confirmer; // confirmer who posted the commitment uint32 dataLength; // length of the data BN254.G1Point polynomialCommitment; // commitment to the polynomial } contract MockRollup { IEigenDAServiceManager public eigenDAServiceManager; // EigenDASM contract BN254.G1Point public tau; //power of tau ///@notice mapping of timestamps to commitments mapping(uint256 => Commitment) public commitments; constructor(IEigenDAServiceManager _eigenDAServiceManager, BN254.G1Point memory _tau) { eigenDAServiceManager = _eigenDAServiceManager; tau = _tau; } /** * @notice a function for a confirmer to post a commitment to a blob and verfiy it on EigenDA * @param blobHeader the blob header * @param blobVerificationProof the blob verification proof */ function postCommitment( IEigenDAServiceManager.BlobHeader memory blobHeader, EigenDARollupUtils.BlobVerificationProof memory blobVerificationProof ) external { // require commitment has not already been posted require(commitments[block.timestamp].confirmer == address(0), "MockRollup.postCommitment: Commitment already posted"); // verify that the blob was included in the batch EigenDARollupUtils.verifyBlob(blobHeader, eigenDAServiceManager, blobVerificationProof); // store the commitment commitments[block.timestamp] = Commitment(msg.sender, blobHeader.dataLength, blobHeader.commitment); } /** * @notice a function for users to challenge a commitment against a provided value * @param timestamp the timestamp of the commitment being challenged * @param point the point on the polynomial to evaluate * @param proof revelvant KZG proof * @param challengeValue The value expected upon opening the commitment */ function challengeCommitment(uint256 timestamp, uint256 point, BN254.G2Point memory proof, uint256 challengeValue) external returns (bool) { Commitment memory commitment = commitments[timestamp]; // require the commitment exists require(commitment.confirmer != address(0), "MockRollup.challengeCommitment: Commitment not posted"); // point on the polynomial must be less than the length of the data stored require(point < commitment.dataLength, "MockRollup.challengeCommitment: Point must be less than data length"); // verify that the commitment contains the challenge value return EigenDARollupUtils.openCommitment(point, challengeValue, tau, commitment.polynomialCommitment, proof); } }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.9; import {Merkle} from "eigenlayer-core/contracts/libraries/Merkle.sol"; import {BN254} from "eigenlayer-middleware/libraries/BN254.sol"; import {EigenDAHasher} from "./EigenDAHasher.sol"; import {IEigenDAServiceManager} from "../interfaces/IEigenDAServiceManager.sol"; import {BitmapUtils} from "eigenlayer-middleware/libraries/BitmapUtils.sol"; /** * @title Library of functions to be used by smart contracts wanting to prove blobs on EigenDA and open KZG commitments. * @author Layr Labs, Inc. */ library EigenDARollupUtils { using BN254 for BN254.G1Point; // STRUCTS struct BlobVerificationProof { uint32 batchId; uint8 blobIndex; IEigenDAServiceManager.BatchMetadata batchMetadata; bytes inclusionProof; bytes quorumIndices; } /** * @notice Verifies the inclusion of a blob within a batch confirmed in `eigenDAServiceManager` and its trust assumptions * @param blobHeader the header of the blob containing relevant attributes of the blob * @param eigenDAServiceManager the contract in which the batch was confirmed * @param blobVerificationProof the relevant data needed to prove inclusion of the blob and that the trust assumptions were as expected */ function verifyBlob( IEigenDAServiceManager.BlobHeader calldata blobHeader, IEigenDAServiceManager eigenDAServiceManager, BlobVerificationProof calldata blobVerificationProof ) external view { require( EigenDAHasher.hashBatchMetadata(blobVerificationProof.batchMetadata) == eigenDAServiceManager.batchIdToBatchMetadataHash(blobVerificationProof.batchId), "EigenDARollupUtils.verifyBlob: batchMetadata does not match stored metadata" ); require( Merkle.verifyInclusionKeccak( blobVerificationProof.inclusionProof, blobVerificationProof.batchMetadata.batchHeader.blobHeadersRoot, keccak256(abi.encodePacked(EigenDAHasher.hashBlobHeader(blobHeader))), blobVerificationProof.blobIndex ), "EigenDARollupUtils.verifyBlob: inclusion proof is invalid" ); // bitmap of quorum numbers in all quorumBlobParams uint256 confirmedQuorumsBitmap; // require that the security param in each blob is met for (uint i = 0; i < blobHeader.quorumBlobParams.length; i++) { // make sure that the quorumIndex matches the given quorumNumber require(uint8(blobVerificationProof.batchMetadata.batchHeader.quorumNumbers[uint8(blobVerificationProof.quorumIndices[i])]) == blobHeader.quorumBlobParams[i].quorumNumber, "EigenDARollupUtils.verifyBlob: quorumNumber does not match" ); // make sure that the adversaryThresholdPercentage is less than the given confirmationThresholdPercentage require(blobHeader.quorumBlobParams[i].adversaryThresholdPercentage < blobHeader.quorumBlobParams[i].confirmationThresholdPercentage, "EigenDARollupUtils.verifyBlob: adversaryThresholdPercentage is not valid" ); // make sure that the adversaryThresholdPercentage is at least the given quorumAdversaryThresholdPercentage uint8 _adversaryThresholdPercentage = getQuorumAdversaryThreshold(eigenDAServiceManager, blobHeader.quorumBlobParams[i].quorumNumber); if(_adversaryThresholdPercentage > 0){ require(blobHeader.quorumBlobParams[i].adversaryThresholdPercentage >= _adversaryThresholdPercentage, "EigenDARollupUtils.verifyBlob: adversaryThresholdPercentage is not met" ); } // make sure that the stake signed for is greater than the given confirmationThresholdPercentage require(uint8(blobVerificationProof.batchMetadata.batchHeader.signedStakeForQuorums[uint8(blobVerificationProof.quorumIndices[i])]) >= blobHeader.quorumBlobParams[i].confirmationThresholdPercentage, "EigenDARollupUtils.verifyBlob: confirmationThresholdPercentage is not met" ); // mark confirmed quorum in the bitmap confirmedQuorumsBitmap = BitmapUtils.setBit(confirmedQuorumsBitmap, blobHeader.quorumBlobParams[i].quorumNumber); } // check that required quorums are a subset of the confirmed quorums require( BitmapUtils.isSubsetOf( BitmapUtils.orderedBytesArrayToBitmap( eigenDAServiceManager.quorumNumbersRequired() ), confirmedQuorumsBitmap ), "EigenDARollupUtils.verifyBlob: required quorums are not a subset of the confirmed quorums" ); } /** * @notice gets the adversary threshold percentage for a given quorum * @param eigenDAServiceManager the contract in which the batch was confirmed * @param quorumNumber the quorum number to get the adversary threshold percentage for * @dev returns 0 if the quorumNumber is not found */ function getQuorumAdversaryThreshold( IEigenDAServiceManager eigenDAServiceManager, uint256 quorumNumber ) public view returns(uint8 adversaryThresholdPercentage) { if(eigenDAServiceManager.quorumAdversaryThresholdPercentages().length > quorumNumber){ adversaryThresholdPercentage = uint8(eigenDAServiceManager.quorumAdversaryThresholdPercentages()[quorumNumber]); } } /** * @notice opens the KZG commitment at a point * @param point the point to evaluate the polynomial at * @param evaluation the evaluation of the polynomial at the point * @param tau the power of tau * @param commitment the commitment to the polynomial * @param proof the proof of the commitment */ function openCommitment( uint256 point, uint256 evaluation, BN254.G1Point memory tau, BN254.G1Point memory commitment, BN254.G2Point memory proof ) internal view returns(bool) { BN254.G1Point memory negGeneratorG1 = BN254.generatorG1().negate(); //e([s]_1 - w[1]_1, [pi(x)]_2) = e([p(x)]_1 - p(w)[1]_1, [1]_2) return BN254.pairing( tau.plus(negGeneratorG1.scalar_mul(point)), proof, commitment.plus(negGeneratorG1.scalar_mul(evaluation)), BN254.negGeneratorG2() ); } }
// SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.9; import {Pausable} from "eigenlayer-core/contracts/permissions/Pausable.sol"; import {IPauserRegistry} from "eigenlayer-core/contracts/interfaces/IPauserRegistry.sol"; import {ServiceManagerBase, IAVSDirectory} from "eigenlayer-middleware/ServiceManagerBase.sol"; import {BLSSignatureChecker} from "eigenlayer-middleware/BLSSignatureChecker.sol"; import {IRegistryCoordinator} from "eigenlayer-middleware/interfaces/IRegistryCoordinator.sol"; import {IStakeRegistry} from "eigenlayer-middleware/interfaces/IStakeRegistry.sol"; import {EigenDAServiceManagerStorage} from "./EigenDAServiceManagerStorage.sol"; import {EigenDAHasher} from "../libraries/EigenDAHasher.sol"; /** * @title Primary entrypoint for procuring services from EigenDA. * @author Layr Labs, Inc. * @notice This contract is used for: * - initializing the data store by the disperser * - confirming the data store by the disperser with inferred aggregated signatures of the quorum * - freezing operators as the result of various "challenges" */ contract EigenDAServiceManager is EigenDAServiceManagerStorage, ServiceManagerBase, BLSSignatureChecker, Pausable { using EigenDAHasher for BatchHeader; using EigenDAHasher for ReducedBatchHeader; uint8 internal constant PAUSED_CONFIRM_BATCH = 0; /// @notice when applied to a function, ensures that the function is only callable by the `batchConfirmer`. modifier onlyBatchConfirmer() { require(msg.sender == batchConfirmer, "onlyBatchConfirmer: not from batch confirmer"); _; } constructor( IAVSDirectory __avsDirectory, IRegistryCoordinator __registryCoordinator, IStakeRegistry __stakeRegistry ) BLSSignatureChecker(__registryCoordinator) ServiceManagerBase(__avsDirectory, __registryCoordinator, __stakeRegistry) { _disableInitializers(); } function initialize( IPauserRegistry _pauserRegistry, uint256 _initialPausedStatus, address _initialOwner, address _batchConfirmer ) public initializer { _initializePauser(_pauserRegistry, _initialPausedStatus); _transferOwnership(_initialOwner); _setBatchConfirmer(_batchConfirmer); } /** * @notice This function is used for * - submitting data availabilty certificates, * - check that the aggregate signature is valid, * - and check whether quorum has been achieved or not. */ function confirmBatch( BatchHeader calldata batchHeader, NonSignerStakesAndSignature memory nonSignerStakesAndSignature ) external onlyWhenNotPaused(PAUSED_CONFIRM_BATCH) onlyBatchConfirmer() { // make sure the information needed to derive the non-signers and batch is in calldata to avoid emitting events require(tx.origin == msg.sender, "EigenDAServiceManager.confirmBatch: header and nonsigner data must be in calldata"); // make sure the stakes against which the Batch is being confirmed are not stale require( batchHeader.referenceBlockNumber < block.number, "EigenDAServiceManager.confirmBatch: specified referenceBlockNumber is in future" ); require( (batchHeader.referenceBlockNumber + BLOCK_STALE_MEASURE) >= uint32(block.number), "EigenDAServiceManager.confirmBatch: specified referenceBlockNumber is too far in past" ); //make sure that the quorumNumbers and signedStakeForQuorums are of the same length require( batchHeader.quorumNumbers.length == batchHeader.signedStakeForQuorums.length, "EigenDAServiceManager.confirmBatch: quorumNumbers and signedStakeForQuorums must be of the same length" ); // calculate reducedBatchHeaderHash which nodes signed bytes32 reducedBatchHeaderHash = batchHeader.hashBatchHeaderToReducedBatchHeader(); // check the signature ( QuorumStakeTotals memory quorumStakeTotals, bytes32 signatoryRecordHash ) = checkSignatures( reducedBatchHeaderHash, batchHeader.quorumNumbers, // use list of uint8s instead of uint256 bitmap to not iterate 256 times batchHeader.referenceBlockNumber, nonSignerStakesAndSignature ); // check that signatories own at least a threshold percentage of each quourm for (uint i = 0; i < batchHeader.signedStakeForQuorums.length; i++) { // we don't check that the signedStakeForQuorums are not >100 because a greater value would trivially fail the check, implying // signed stake > total stake require( quorumStakeTotals.signedStakeForQuorum[i] * THRESHOLD_DENOMINATOR >= quorumStakeTotals.totalStakeForQuorum[i] * uint8(batchHeader.signedStakeForQuorums[i]), "EigenDAServiceManager.confirmBatch: signatories do not own at least threshold percentage of a quorum" ); } // store the metadata hash uint32 batchIdMemory = batchId; bytes32 batchHeaderHash = batchHeader.hashBatchHeader(); batchIdToBatchMetadataHash[batchIdMemory] = EigenDAHasher.hashBatchHashedMetadata(batchHeaderHash, signatoryRecordHash, uint32(block.number)); emit BatchConfirmed(reducedBatchHeaderHash, batchIdMemory); // increment the batchId batchId = batchIdMemory + 1; } /// @notice This function is used for changing the batch confirmer function setBatchConfirmer(address _batchConfirmer) external onlyOwner() { _setBatchConfirmer(_batchConfirmer); } /// @notice changes the batch confirmer function _setBatchConfirmer(address _batchConfirmer) internal { address previousBatchConfirmer = batchConfirmer; batchConfirmer = _batchConfirmer; emit BatchConfirmerChanged(previousBatchConfirmer, batchConfirmer); } /// @notice Returns the current batchId function taskNumber() external view returns (uint32) { return batchId; } /// @notice Given a reference block number, returns the block until which operators must serve. function latestServeUntilBlock(uint32 referenceBlockNumber) external view returns (uint32) { return referenceBlockNumber + STORE_DURATION_BLOCKS + BLOCK_STALE_MEASURE; } }
// SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.9; import {IServiceManager} from "eigenlayer-middleware/interfaces/IServiceManager.sol"; import {BLSSignatureChecker} from "eigenlayer-middleware/BLSSignatureChecker.sol"; import {BN254} from "eigenlayer-middleware/libraries/BN254.sol"; interface IEigenDAServiceManager is IServiceManager { // EVENTS /** * @notice Emitted when a Batch is confirmed. * @param batchHeaderHash The hash of the batch header * @param batchId The ID for the Batch inside of the specified duration (i.e. *not* the globalBatchId) */ event BatchConfirmed(bytes32 indexed batchHeaderHash, uint32 batchId); /** * @notice Emitted when the batch confirmer is changed. * @param previousAddress The address of the previous batch confirmer * @param newAddress The address of the new batch confirmer */ event BatchConfirmerChanged(address previousAddress, address newAddress); // STRUCTS struct QuorumBlobParam { uint8 quorumNumber; uint8 adversaryThresholdPercentage; uint8 confirmationThresholdPercentage; uint32 chunkLength; // the length of the chunks in the quorum } struct BlobHeader { BN254.G1Point commitment; // the kzg commitment to the blob uint32 dataLength; // the length of the blob in coefficients of the polynomial QuorumBlobParam[] quorumBlobParams; // the quorumBlobParams for each quorum } struct ReducedBatchHeader { bytes32 blobHeadersRoot; uint32 referenceBlockNumber; } struct BatchHeader { bytes32 blobHeadersRoot; bytes quorumNumbers; // each byte is a different quorum number bytes signedStakeForQuorums; // every bytes is an amount less than 100 specifying the percentage of stake // that has signed in the corresponding quorum in `quorumNumbers` uint32 referenceBlockNumber; } // Relevant metadata for a given datastore struct BatchMetadata { BatchHeader batchHeader; // the header of the data store bytes32 signatoryRecordHash; // the hash of the signatory record uint32 confirmationBlockNumber; // the block number at which the batch was confirmed } // FUNCTIONS /// @notice mapping between the batchId to the hash of the metadata of the corresponding Batch function batchIdToBatchMetadataHash(uint32 batchId) external view returns(bytes32); /** * @notice This function is used for * - submitting data availabilty certificates, * - check that the aggregate signature is valid, * - and check whether quorum has been achieved or not. */ function confirmBatch( BatchHeader calldata batchHeader, BLSSignatureChecker.NonSignerStakesAndSignature memory nonSignerStakesAndSignature ) external; /// @notice This function is used for changing the batch confirmer function setBatchConfirmer(address _batchConfirmer) external; /// @notice Returns the current batchId function taskNumber() external view returns (uint32); /// @notice Given a reference block number, returns the block until which operators must serve. function latestServeUntilBlock(uint32 referenceBlockNumber) external view returns (uint32); /// @notice The maximum amount of blocks in the past that the service will consider stake amounts to still be 'valid'. function BLOCK_STALE_MEASURE() external view returns (uint32); /// @notice Returns the bytes array of quorumAdversaryThresholdPercentages function quorumAdversaryThresholdPercentages() external view returns (bytes memory); /// @notice Returns the bytes array of quorumAdversaryThresholdPercentages function quorumConfirmationThresholdPercentages() external view returns (bytes memory); /// @notice Returns the bytes array of quorumsNumbersRequired function quorumNumbersRequired() external view returns (bytes memory); }
// SPDX-License-Identifier: MIT // several functions are taken or adapted from https://github.com/HarryR/solcrypto/blob/master/contracts/altbn128.sol (MIT license): // Copyright 2017 Christian Reitwiessner // Permission is hereby granted, free of charge, to any person obtaining a copy // of this software and associated documentation files (the "Software"), to // deal in the Software without restriction, including without limitation the // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or // sell copies of the Software, and to permit persons to whom the Software is // furnished to do so, subject to the following conditions: // The above copyright notice and this permission notice shall be included in // all copies or substantial portions of the Software. // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS // IN THE SOFTWARE. // The remainder of the code in this library is written by LayrLabs Inc. and is also under an MIT license pragma solidity =0.8.12; /** * @title Library for operations on the BN254 elliptic curve. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Contains BN254 parameters, common operations (addition, scalar mul, pairing), and BLS signature functionality. */ library BN254 { // modulus for the underlying field F_p of the elliptic curve uint256 internal constant FP_MODULUS = 21888242871839275222246405745257275088696311157297823662689037894645226208583; // modulus for the underlying field F_r of the elliptic curve uint256 internal constant FR_MODULUS = 21888242871839275222246405745257275088548364400416034343698204186575808495617; struct G1Point { uint256 X; uint256 Y; } // Encoding of field elements is: X[1] * i + X[0] struct G2Point { uint256[2] X; uint256[2] Y; } function generatorG1() internal pure returns (G1Point memory) { return G1Point(1, 2); } // generator of group G2 /// @dev Generator point in F_q2 is of the form: (x0 + ix1, y0 + iy1). uint256 internal constant G2x1 = 11559732032986387107991004021392285783925812861821192530917403151452391805634; uint256 internal constant G2x0 = 10857046999023057135944570762232829481370756359578518086990519993285655852781; uint256 internal constant G2y1 = 4082367875863433681332203403145435568316851327593401208105741076214120093531; uint256 internal constant G2y0 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; /// @notice returns the G2 generator /// @dev mind the ordering of the 1s and 0s! /// this is because of the (unknown to us) convention used in the bn254 pairing precompile contract /// "Elements a * i + b of F_p^2 are encoded as two elements of F_p, (a, b)." /// https://github.com/ethereum/EIPs/blob/master/EIPS/eip-197.md#encoding function generatorG2() internal pure returns (G2Point memory) { return G2Point([G2x1, G2x0], [G2y1, G2y0]); } // negation of the generator of group G2 /// @dev Generator point in F_q2 is of the form: (x0 + ix1, y0 + iy1). uint256 internal constant nG2x1 = 11559732032986387107991004021392285783925812861821192530917403151452391805634; uint256 internal constant nG2x0 = 10857046999023057135944570762232829481370756359578518086990519993285655852781; uint256 internal constant nG2y1 = 17805874995975841540914202342111839520379459829704422454583296818431106115052; uint256 internal constant nG2y0 = 13392588948715843804641432497768002650278120570034223513918757245338268106653; function negGeneratorG2() internal pure returns (G2Point memory) { return G2Point([nG2x1, nG2x0], [nG2y1, nG2y0]); } bytes32 internal constant powersOfTauMerkleRoot = 0x22c998e49752bbb1918ba87d6d59dd0e83620a311ba91dd4b2cc84990b31b56f; /** * @param p Some point in G1. * @return The negation of `p`, i.e. p.plus(p.negate()) should be zero. */ function negate(G1Point memory p) internal pure returns (G1Point memory) { // The prime q in the base field F_q for G1 if (p.X == 0 && p.Y == 0) { return G1Point(0, 0); } else { return G1Point(p.X, FP_MODULUS - (p.Y % FP_MODULUS)); } } /** * @return r the sum of two points of G1 */ function plus(G1Point memory p1, G1Point memory p2) internal view returns (G1Point memory r) { uint256[4] memory input; input[0] = p1.X; input[1] = p1.Y; input[2] = p2.X; input[3] = p2.Y; bool success; // solium-disable-next-line security/no-inline-assembly assembly { success := staticcall(sub(gas(), 2000), 6, input, 0x80, r, 0x40) // Use "invalid" to make gas estimation work switch success case 0 { invalid() } } require(success, "ec-add-failed"); } /** * @notice an optimized ecMul implementation that takes O(log_2(s)) ecAdds * @param p the point to multiply * @param s the scalar to multiply by * @dev this function is only safe to use if the scalar is 9 bits or less */ function scalar_mul_tiny(BN254.G1Point memory p, uint16 s) internal view returns (BN254.G1Point memory) { require(s < 2**9, "scalar-too-large"); // if s is 1 return p if(s == 1) { return p; } // the accumulated product to return BN254.G1Point memory acc = BN254.G1Point(0, 0); // the 2^n*p to add to the accumulated product in each iteration BN254.G1Point memory p2n = p; // value of most significant bit uint16 m = 1; // index of most significant bit uint8 i = 0; //loop until we reach the most significant bit while(s >= m){ unchecked { // if the current bit is 1, add the 2^n*p to the accumulated product if ((s >> i) & 1 == 1) { acc = plus(acc, p2n); } // double the 2^n*p for the next iteration p2n = plus(p2n, p2n); // increment the index and double the value of the most significant bit m <<= 1; ++i; } } // return the accumulated product return acc; } /** * @return r the product of a point on G1 and a scalar, i.e. * p == p.scalar_mul(1) and p.plus(p) == p.scalar_mul(2) for all * points p. */ function scalar_mul(G1Point memory p, uint256 s) internal view returns (G1Point memory r) { uint256[3] memory input; input[0] = p.X; input[1] = p.Y; input[2] = s; bool success; // solium-disable-next-line security/no-inline-assembly assembly { success := staticcall(sub(gas(), 2000), 7, input, 0x60, r, 0x40) // Use "invalid" to make gas estimation work switch success case 0 { invalid() } } require(success, "ec-mul-failed"); } /** * @return The result of computing the pairing check * e(p1[0], p2[0]) * .... * e(p1[n], p2[n]) == 1 * For example, * pairing([P1(), P1().negate()], [P2(), P2()]) should return true. */ function pairing( G1Point memory a1, G2Point memory a2, G1Point memory b1, G2Point memory b2 ) internal view returns (bool) { G1Point[2] memory p1 = [a1, b1]; G2Point[2] memory p2 = [a2, b2]; uint256[12] memory input; for (uint256 i = 0; i < 2; i++) { uint256 j = i * 6; input[j + 0] = p1[i].X; input[j + 1] = p1[i].Y; input[j + 2] = p2[i].X[0]; input[j + 3] = p2[i].X[1]; input[j + 4] = p2[i].Y[0]; input[j + 5] = p2[i].Y[1]; } uint256[1] memory out; bool success; // solium-disable-next-line security/no-inline-assembly assembly { success := staticcall(sub(gas(), 2000), 8, input, mul(12, 0x20), out, 0x20) // Use "invalid" to make gas estimation work switch success case 0 { invalid() } } require(success, "pairing-opcode-failed"); return out[0] != 0; } /** * @notice This function is functionally the same as pairing(), however it specifies a gas limit * the user can set, as a precompile may use the entire gas budget if it reverts. */ function safePairing( G1Point memory a1, G2Point memory a2, G1Point memory b1, G2Point memory b2, uint256 pairingGas ) internal view returns (bool, bool) { G1Point[2] memory p1 = [a1, b1]; G2Point[2] memory p2 = [a2, b2]; uint256[12] memory input; for (uint256 i = 0; i < 2; i++) { uint256 j = i * 6; input[j + 0] = p1[i].X; input[j + 1] = p1[i].Y; input[j + 2] = p2[i].X[0]; input[j + 3] = p2[i].X[1]; input[j + 4] = p2[i].Y[0]; input[j + 5] = p2[i].Y[1]; } uint256[1] memory out; bool success; // solium-disable-next-line security/no-inline-assembly assembly { success := staticcall(pairingGas, 8, input, mul(12, 0x20), out, 0x20) } //Out is the output of the pairing precompile, either 0 or 1 based on whether the two pairings are equal. //Success is true if the precompile actually goes through (aka all inputs are valid) return (success, out[0] != 0); } /// @return hashedG1 the keccak256 hash of the G1 Point /// @dev used for BLS signatures function hashG1Point(BN254.G1Point memory pk) internal pure returns (bytes32 hashedG1) { assembly { mstore(0, mload(pk)) mstore(0x20, mload(add(0x20, pk))) hashedG1 := keccak256(0, 0x40) } } /// @return the keccak256 hash of the G2 Point /// @dev used for BLS signatures function hashG2Point( BN254.G2Point memory pk ) internal pure returns (bytes32) { return keccak256(abi.encodePacked(pk.X[0], pk.X[1], pk.Y[0], pk.Y[1])); } /** * @notice adapted from https://github.com/HarryR/solcrypto/blob/master/contracts/altbn128.sol */ function hashToG1(bytes32 _x) internal view returns (G1Point memory) { uint256 beta = 0; uint256 y = 0; uint256 x = uint256(_x) % FP_MODULUS; while (true) { (beta, y) = findYFromX(x); // y^2 == beta if( beta == mulmod(y, y, FP_MODULUS) ) { return G1Point(x, y); } x = addmod(x, 1, FP_MODULUS); } return G1Point(0, 0); } /** * Given X, find Y * * where y = sqrt(x^3 + b) * * Returns: (x^3 + b), y */ function findYFromX(uint256 x) internal view returns (uint256, uint256) { // beta = (x^3 + b) % p uint256 beta = addmod(mulmod(mulmod(x, x, FP_MODULUS), x, FP_MODULUS), 3, FP_MODULUS); // y^2 = x^3 + b // this acts like: y = sqrt(beta) = beta^((p+1) / 4) uint256 y = expMod(beta, 0xc19139cb84c680a6e14116da060561765e05aa45a1c72a34f082305b61f3f52, FP_MODULUS); return (beta, y); } function expMod(uint256 _base, uint256 _exponent, uint256 _modulus) internal view returns (uint256 retval) { bool success; uint256[1] memory output; uint[6] memory input; input[0] = 0x20; // baseLen = new(big.Int).SetBytes(getData(input, 0, 32)) input[1] = 0x20; // expLen = new(big.Int).SetBytes(getData(input, 32, 32)) input[2] = 0x20; // modLen = new(big.Int).SetBytes(getData(input, 64, 32)) input[3] = _base; input[4] = _exponent; input[5] = _modulus; assembly { success := staticcall(sub(gas(), 2000), 5, input, 0xc0, output, 0x20) // Use "invalid" to make gas estimation work switch success case 0 { invalid() } } require(success, "BN254.expMod: call failure"); return output[0]; } }
// SPDX-License-Identifier: MIT // Adapted from OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/MerkleProof.sol) pragma solidity ^0.8.0; /** * @dev These functions deal with verification of Merkle Tree proofs. * * The tree and the proofs can be generated using our * https://github.com/OpenZeppelin/merkle-tree[JavaScript library]. * You will find a quickstart guide in the readme. * * WARNING: You should avoid using leaf values that are 64 bytes long prior to * hashing, or use a hash function other than keccak256 for hashing leaves. * This is because the concatenation of a sorted pair of internal nodes in * the merkle tree could be reinterpreted as a leaf value. * OpenZeppelin's JavaScript library generates merkle trees that are safe * against this attack out of the box. */ library Merkle { /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * * Note this is for a Merkle tree using the keccak/sha3 hash function */ function verifyInclusionKeccak( bytes memory proof, bytes32 root, bytes32 leaf, uint256 index ) internal pure returns (bool) { return processInclusionProofKeccak(proof, leaf, index) == root; } /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * * _Available since v4.4._ * * Note this is for a Merkle tree using the keccak/sha3 hash function */ function processInclusionProofKeccak( bytes memory proof, bytes32 leaf, uint256 index ) internal pure returns (bytes32) { require( proof.length != 0 && proof.length % 32 == 0, "Merkle.processInclusionProofKeccak: proof length should be a non-zero multiple of 32" ); bytes32 computedHash = leaf; for (uint256 i = 32; i <= proof.length; i += 32) { if (index % 2 == 0) { // if ith bit of index is 0, then computedHash is a left sibling assembly { mstore(0x00, computedHash) mstore(0x20, mload(add(proof, i))) computedHash := keccak256(0x00, 0x40) index := div(index, 2) } } else { // if ith bit of index is 1, then computedHash is a right sibling assembly { mstore(0x00, mload(add(proof, i))) mstore(0x20, computedHash) computedHash := keccak256(0x00, 0x40) index := div(index, 2) } } } return computedHash; } /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * * Note this is for a Merkle tree using the sha256 hash function */ function verifyInclusionSha256( bytes memory proof, bytes32 root, bytes32 leaf, uint256 index ) internal view returns (bool) { return processInclusionProofSha256(proof, leaf, index) == root; } /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * * _Available since v4.4._ * * Note this is for a Merkle tree using the sha256 hash function */ function processInclusionProofSha256( bytes memory proof, bytes32 leaf, uint256 index ) internal view returns (bytes32) { require( proof.length != 0 && proof.length % 32 == 0, "Merkle.processInclusionProofSha256: proof length should be a non-zero multiple of 32" ); bytes32[1] memory computedHash = [leaf]; for (uint256 i = 32; i <= proof.length; i += 32) { if (index % 2 == 0) { // if ith bit of index is 0, then computedHash is a left sibling assembly { mstore(0x00, mload(computedHash)) mstore(0x20, mload(add(proof, i))) if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) } index := div(index, 2) } } else { // if ith bit of index is 1, then computedHash is a right sibling assembly { mstore(0x00, mload(add(proof, i))) mstore(0x20, mload(computedHash)) if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) } index := div(index, 2) } } } return computedHash[0]; } /** @notice this function returns the merkle root of a tree created from a set of leaves using sha256 as its hash function @param leaves the leaves of the merkle tree @return The computed Merkle root of the tree. @dev A pre-condition to this function is that leaves.length is a power of two. If not, the function will merkleize the inputs incorrectly. */ function merkleizeSha256(bytes32[] memory leaves) internal pure returns (bytes32) { //there are half as many nodes in the layer above the leaves uint256 numNodesInLayer = leaves.length / 2; //create a layer to store the internal nodes bytes32[] memory layer = new bytes32[](numNodesInLayer); //fill the layer with the pairwise hashes of the leaves for (uint256 i = 0; i < numNodesInLayer; i++) { layer[i] = sha256(abi.encodePacked(leaves[2 * i], leaves[2 * i + 1])); } //the next layer above has half as many nodes numNodesInLayer /= 2; //while we haven't computed the root while (numNodesInLayer != 0) { //overwrite the first numNodesInLayer nodes in layer with the pairwise hashes of their children for (uint256 i = 0; i < numNodesInLayer; i++) { layer[i] = sha256(abi.encodePacked(layer[2 * i], layer[2 * i + 1])); } //the next layer above has half as many nodes numNodesInLayer /= 2; } //the first node in the layer is the root return layer[0]; } }
// SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.9; import {IEigenDAServiceManager} from "../interfaces/IEigenDAServiceManager.sol"; /** * @title Library of functions for hashing various EigenDA structs. * @author Layr Labs, Inc. */ library EigenDAHasher { /** * @notice hashes the given metdata into the commitment that will be stored in the contract * @param batchHeaderHash the hash of the batchHeader * @param signatoryRecordHash the hash of the signatory record * @param blockNumber the block number at which the batch was confirmed */ function hashBatchHashedMetadata( bytes32 batchHeaderHash, bytes32 signatoryRecordHash, uint32 blockNumber ) internal pure returns(bytes32) { return keccak256(abi.encodePacked(batchHeaderHash, signatoryRecordHash, blockNumber)); } /** * @notice hashes the given metdata into the commitment that will be stored in the contract * @param batchHeaderHash the hash of the batchHeader * @param confirmationData the confirmation data of the batch * @param blockNumber the block number at which the batch was confirmed */ function hashBatchHashedMetadata( bytes32 batchHeaderHash, bytes memory confirmationData, uint32 blockNumber ) internal pure returns(bytes32) { return keccak256(abi.encodePacked(batchHeaderHash, confirmationData, blockNumber)); } /** * @notice given the a batchHeader in the provided metdata, calculates the hash of the batchMetadata * @param batchMetadata the metadata of the batch * @return the hash of the batchMetadata */ function hashBatchMetadata( IEigenDAServiceManager.BatchMetadata memory batchMetadata ) internal pure returns(bytes32) { return hashBatchHashedMetadata( keccak256(abi.encode(batchMetadata.batchHeader)), batchMetadata.signatoryRecordHash, batchMetadata.confirmationBlockNumber ); } /** * @notice hashes the given batch header * @param batchHeader the batch header to hash */ function hashBatchHeaderMemory(IEigenDAServiceManager.BatchHeader memory batchHeader) internal pure returns(bytes32) { return keccak256(abi.encode(batchHeader)); } /** * @notice hashes the given batch header * @param batchHeader the batch header to hash */ function hashBatchHeader(IEigenDAServiceManager.BatchHeader calldata batchHeader) internal pure returns(bytes32) { return keccak256(abi.encode(batchHeader)); } /** * @notice hashes the given reduced batch header * @param reducedBatchHeader the reduced batch header to hash */ function hashReducedBatchHeader(IEigenDAServiceManager.ReducedBatchHeader memory reducedBatchHeader) internal pure returns(bytes32) { return keccak256(abi.encode(reducedBatchHeader)); } /** * @notice hashes the given blob header * @param blobHeader the blob header to hash */ function hashBlobHeader(IEigenDAServiceManager.BlobHeader memory blobHeader) internal pure returns(bytes32) { return keccak256(abi.encode(blobHeader)); } /** * @notice converts a batch header to a reduced batch header * @param batchHeader the batch header to convert */ function convertBatchHeaderToReducedBatchHeader(IEigenDAServiceManager.BatchHeader memory batchHeader) internal pure returns(IEigenDAServiceManager.ReducedBatchHeader memory) { return IEigenDAServiceManager.ReducedBatchHeader({ blobHeadersRoot: batchHeader.blobHeadersRoot, referenceBlockNumber: batchHeader.referenceBlockNumber }); } /** * @notice converts the given batch header to a reduced batch header and then hashes it * @param batchHeader the batch header to hash */ function hashBatchHeaderToReducedBatchHeader(IEigenDAServiceManager.BatchHeader memory batchHeader) internal pure returns(bytes32) { return keccak256(abi.encode(convertBatchHeaderToReducedBatchHeader(batchHeader))); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; /** * @title Library for Bitmap utilities such as converting between an array of bytes and a bitmap and finding the number of 1s in a bitmap. * @author Layr Labs, Inc. */ library BitmapUtils { /** * @notice Byte arrays are meant to contain unique bytes. * If the array length exceeds 256, then it's impossible for all entries to be unique. * This constant captures the max allowed array length (inclusive, i.e. 256 is allowed). */ uint256 internal constant MAX_BYTE_ARRAY_LENGTH = 256; /** * @notice Converts an ordered array of bytes into a bitmap. * @param orderedBytesArray The array of bytes to convert/compress into a bitmap. Must be in strictly ascending order. * @return The resulting bitmap. * @dev Each byte in the input is processed as indicating a single bit to flip in the bitmap. * @dev This function will eventually revert in the event that the `orderedBytesArray` is not properly ordered (in ascending order). * @dev This function will also revert if the `orderedBytesArray` input contains any duplicate entries (i.e. duplicate bytes). */ function orderedBytesArrayToBitmap(bytes memory orderedBytesArray) internal pure returns (uint256) { // sanity-check on input. a too-long input would fail later on due to having duplicate entry(s) require(orderedBytesArray.length <= MAX_BYTE_ARRAY_LENGTH, "BitmapUtils.orderedBytesArrayToBitmap: orderedBytesArray is too long"); // return empty bitmap early if length of array is 0 if (orderedBytesArray.length == 0) { return uint256(0); } // initialize the empty bitmap, to be built inside the loop uint256 bitmap; // initialize an empty uint256 to be used as a bitmask inside the loop uint256 bitMask; // perform the 0-th loop iteration with the ordering check *omitted* (since it is unnecessary / will always pass) // construct a single-bit mask from the numerical value of the 0th byte of the array, and immediately add it to the bitmap bitmap = uint256(1 << uint8(orderedBytesArray[0])); // loop through each byte in the array to construct the bitmap for (uint256 i = 1; i < orderedBytesArray.length; ++i) { // construct a single-bit mask from the numerical value of the next byte of the array bitMask = uint256(1 << uint8(orderedBytesArray[i])); // check strictly ascending array ordering by comparing the mask to the bitmap so far (revert if mask isn't greater than bitmap) require(bitMask > bitmap, "BitmapUtils.orderedBytesArrayToBitmap: orderedBytesArray is not ordered"); // add the entry to the bitmap bitmap = (bitmap | bitMask); } return bitmap; } /** * @notice Converts an ordered byte array to a bitmap, validating that all bits are less than `bitUpperBound` * @param orderedBytesArray The array to convert to a bitmap; must be in strictly ascending order * @param bitUpperBound The exclusive largest bit. Each bit must be strictly less than this value. * @dev Reverts if bitmap contains a bit greater than or equal to `bitUpperBound` */ function orderedBytesArrayToBitmap(bytes memory orderedBytesArray, uint8 bitUpperBound) internal pure returns (uint256) { uint256 bitmap = orderedBytesArrayToBitmap(orderedBytesArray); require((1 << bitUpperBound) > bitmap, "BitmapUtils.orderedBytesArrayToBitmap: bitmap exceeds max value" ); return bitmap; } /** * @notice Utility function for checking if a bytes array is strictly ordered, in ascending order. * @param bytesArray the bytes array of interest * @return Returns 'true' if the array is ordered in strictly ascending order, and 'false' otherwise. * @dev This function returns 'true' for the edge case of the `bytesArray` having zero length. * It also returns 'false' early for arrays with length in excess of MAX_BYTE_ARRAY_LENGTH (i.e. so long that they cannot be strictly ordered) */ function isArrayStrictlyAscendingOrdered(bytes calldata bytesArray) internal pure returns (bool) { // Return early if the array is too long, or has a length of 0 if (bytesArray.length > MAX_BYTE_ARRAY_LENGTH) { return false; } if (bytesArray.length == 0) { return true; } // Perform the 0-th loop iteration by pulling the 0th byte out of the array bytes1 singleByte = bytesArray[0]; // For each byte, validate that each entry is *strictly greater than* the previous // If it isn't, return false as the array is not ordered for (uint256 i = 1; i < bytesArray.length; ++i) { if (uint256(uint8(bytesArray[i])) <= uint256(uint8(singleByte))) { return false; } // Pull the next byte out of the array singleByte = bytesArray[i]; } return true; } /** * @notice Converts a bitmap into an array of bytes. * @param bitmap The bitmap to decompress/convert to an array of bytes. * @return bytesArray The resulting bitmap array of bytes. * @dev Each byte in the input is processed as indicating a single bit to flip in the bitmap */ function bitmapToBytesArray(uint256 bitmap) internal pure returns (bytes memory /*bytesArray*/) { // initialize an empty uint256 to be used as a bitmask inside the loop uint256 bitMask; // allocate only the needed amount of memory bytes memory bytesArray = new bytes(countNumOnes(bitmap)); // track the array index to assign to uint256 arrayIndex = 0; /** * loop through each index in the bitmap to construct the array, * but short-circuit the loop if we reach the number of ones and thus are done * assigning to memory */ for (uint256 i = 0; (arrayIndex < bytesArray.length) && (i < 256); ++i) { // construct a single-bit mask for the i-th bit bitMask = uint256(1 << i); // check if the i-th bit is flipped in the bitmap if (bitmap & bitMask != 0) { // if the i-th bit is flipped, then add a byte encoding the value 'i' to the `bytesArray` bytesArray[arrayIndex] = bytes1(uint8(i)); // increment the bytesArray slot since we've assigned one more byte of memory unchecked{ ++arrayIndex; } } } return bytesArray; } /// @return count number of ones in binary representation of `n` function countNumOnes(uint256 n) internal pure returns (uint16) { uint16 count = 0; while (n > 0) { n &= (n - 1); // Clear the least significant bit (turn off the rightmost set bit). count++; // Increment the count for each cleared bit (each one encountered). } return count; // Return the total count of ones in the binary representation of n. } /// @notice Returns `true` if `bit` is in `bitmap`. Returns `false` otherwise. function isSet(uint256 bitmap, uint8 bit) internal pure returns (bool) { return 1 == ((bitmap >> bit) & 1); } /** * @notice Returns a copy of `bitmap` with `bit` set. * @dev IMPORTANT: we're dealing with stack values here, so this doesn't modify * the original bitmap. Using this correctly requires an assignment statement: * `bitmap = bitmap.setBit(bit);` */ function setBit(uint256 bitmap, uint8 bit) internal pure returns (uint256) { return bitmap | (1 << bit); } /** * @notice Returns true if `bitmap` has no set bits */ function isEmpty(uint256 bitmap) internal pure returns (bool) { return bitmap == 0; } /** * @notice Returns true if `a` and `b` have no common set bits */ function noBitsInCommon(uint256 a, uint256 b) internal pure returns (bool) { return a & b == 0; } /** * @notice Returns true if `a` is a subset of `b`: ALL of the bits in `a` are also in `b` */ function isSubsetOf(uint256 a, uint256 b) internal pure returns (bool) { return a & b == a; } /** * @notice Returns a new bitmap that contains all bits set in either `a` or `b` * @dev Result is the union of `a` and `b` */ function plus(uint256 a, uint256 b) internal pure returns (uint256) { return a | b; } /** * @notice Returns a new bitmap that clears all set bits of `b` from `a` * @dev Negates `b` and returns the intersection of the result with `a` */ function minus(uint256 a, uint256 b) internal pure returns (uint256) { return a & ~b; } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import "../interfaces/IPausable.sol"; /** * @title Adds pausability to a contract, with pausing & unpausing controlled by the `pauser` and `unpauser` of a PauserRegistry contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Contracts that inherit from this contract may define their own `pause` and `unpause` (and/or related) functions. * These functions should be permissioned as "onlyPauser" which defers to a `PauserRegistry` for determining access control. * @dev Pausability is implemented using a uint256, which allows up to 256 different single bit-flags; each bit can potentially pause different functionality. * Inspiration for this was taken from the NearBridge design here https://etherscan.io/address/0x3FEFc5A4B1c02f21cBc8D3613643ba0635b9a873#code. * For the `pause` and `unpause` functions we've implemented, if you pause, you can only flip (any number of) switches to on/1 (aka "paused"), and if you unpause, * you can only flip (any number of) switches to off/0 (aka "paused"). * If you want a pauseXYZ function that just flips a single bit / "pausing flag", it will: * 1) 'bit-wise and' (aka `&`) a flag with the current paused state (as a uint256) * 2) update the paused state to this new value * @dev We note as well that we have chosen to identify flags by their *bit index* as opposed to their numerical value, so, e.g. defining `DEPOSITS_PAUSED = 3` * indicates specifically that if the *third bit* of `_paused` is flipped -- i.e. it is a '1' -- then deposits should be paused */ contract Pausable is IPausable { /// @notice Address of the `PauserRegistry` contract that this contract defers to for determining access control (for pausing). IPauserRegistry public pauserRegistry; /// @dev whether or not the contract is currently paused uint256 private _paused; uint256 internal constant UNPAUSE_ALL = 0; uint256 internal constant PAUSE_ALL = type(uint256).max; /// @notice modifier onlyPauser() { require(pauserRegistry.isPauser(msg.sender), "msg.sender is not permissioned as pauser"); _; } modifier onlyUnpauser() { require(msg.sender == pauserRegistry.unpauser(), "msg.sender is not permissioned as unpauser"); _; } /// @notice Throws if the contract is paused, i.e. if any of the bits in `_paused` is flipped to 1. modifier whenNotPaused() { require(_paused == 0, "Pausable: contract is paused"); _; } /// @notice Throws if the `indexed`th bit of `_paused` is 1, i.e. if the `index`th pause switch is flipped. modifier onlyWhenNotPaused(uint8 index) { require(!paused(index), "Pausable: index is paused"); _; } /// @notice One-time function for setting the `pauserRegistry` and initializing the value of `_paused`. function _initializePauser(IPauserRegistry _pauserRegistry, uint256 initPausedStatus) internal { require( address(pauserRegistry) == address(0) && address(_pauserRegistry) != address(0), "Pausable._initializePauser: _initializePauser() can only be called once" ); _paused = initPausedStatus; emit Paused(msg.sender, initPausedStatus); _setPauserRegistry(_pauserRegistry); } /** * @notice This function is used to pause an EigenLayer contract's functionality. * It is permissioned to the `pauser` address, which is expected to be a low threshold multisig. * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once. * @dev This function can only pause functionality, and thus cannot 'unflip' any bit in `_paused` from 1 to 0. */ function pause(uint256 newPausedStatus) external onlyPauser { // verify that the `newPausedStatus` does not *unflip* any bits (i.e. doesn't unpause anything, all 1 bits remain) require((_paused & newPausedStatus) == _paused, "Pausable.pause: invalid attempt to unpause functionality"); _paused = newPausedStatus; emit Paused(msg.sender, newPausedStatus); } /** * @notice Alias for `pause(type(uint256).max)`. */ function pauseAll() external onlyPauser { _paused = type(uint256).max; emit Paused(msg.sender, type(uint256).max); } /** * @notice This function is used to unpause an EigenLayer contract's functionality. * It is permissioned to the `unpauser` address, which is expected to be a high threshold multisig or governance contract. * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once. * @dev This function can only unpause functionality, and thus cannot 'flip' any bit in `_paused` from 0 to 1. */ function unpause(uint256 newPausedStatus) external onlyUnpauser { // verify that the `newPausedStatus` does not *flip* any bits (i.e. doesn't pause anything, all 0 bits remain) require( ((~_paused) & (~newPausedStatus)) == (~_paused), "Pausable.unpause: invalid attempt to pause functionality" ); _paused = newPausedStatus; emit Unpaused(msg.sender, newPausedStatus); } /// @notice Returns the current paused status as a uint256. function paused() public view virtual returns (uint256) { return _paused; } /// @notice Returns 'true' if the `indexed`th bit of `_paused` is 1, and 'false' otherwise function paused(uint8 index) public view virtual returns (bool) { uint256 mask = 1 << index; return ((_paused & mask) == mask); } /// @notice Allows the unpauser to set a new pauser registry function setPauserRegistry(IPauserRegistry newPauserRegistry) external onlyUnpauser { _setPauserRegistry(newPauserRegistry); } /// internal function for setting pauser registry function _setPauserRegistry(IPauserRegistry newPauserRegistry) internal { require( address(newPauserRegistry) != address(0), "Pausable._setPauserRegistry: newPauserRegistry cannot be the zero address" ); emit PauserRegistrySet(pauserRegistry, newPauserRegistry); pauserRegistry = newPauserRegistry; } /** * @dev This empty reserved space is put in place to allow future versions to add new * variables without shifting down storage in the inheritance chain. * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps */ uint256[48] private __gap; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; /** * @title Interface for the `PauserRegistry` contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service */ interface IPauserRegistry { event PauserStatusChanged(address pauser, bool canPause); event UnpauserChanged(address previousUnpauser, address newUnpauser); /// @notice Mapping of addresses to whether they hold the pauser role. function isPauser(address pauser) external view returns (bool); /// @notice Unique address that holds the unpauser role. Capable of changing *both* the pauser and unpauser addresses. function unpauser() external view returns (address); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import {OwnableUpgradeable} from "@openzeppelin-upgrades/contracts/access/OwnableUpgradeable.sol"; import {BitmapUtils} from "./libraries/BitmapUtils.sol"; import {ISignatureUtils} from "eigenlayer-contracts/src/contracts/interfaces/ISignatureUtils.sol"; import {IAVSDirectory} from "eigenlayer-contracts/src/contracts/interfaces/IAVSDirectory.sol"; import {IServiceManager} from "./interfaces/IServiceManager.sol"; import {IRegistryCoordinator} from "./interfaces/IRegistryCoordinator.sol"; import {IStakeRegistry} from "./interfaces/IStakeRegistry.sol"; /** * @title Minimal implementation of a ServiceManager-type contract. * This contract can be inherited from or simply used as a point-of-reference. * @author Layr Labs, Inc. */ abstract contract ServiceManagerBase is IServiceManager, OwnableUpgradeable { using BitmapUtils for *; IRegistryCoordinator internal immutable _registryCoordinator; IStakeRegistry internal immutable _stakeRegistry; IAVSDirectory internal immutable _avsDirectory; /// @notice when applied to a function, only allows the RegistryCoordinator to call it modifier onlyRegistryCoordinator() { require( msg.sender == address(_registryCoordinator), "ServiceManagerBase.onlyRegistryCoordinator: caller is not the registry coordinator" ); _; } /// @notice Sets the (immutable) `_registryCoordinator` address constructor( IAVSDirectory __avsDirectory, IRegistryCoordinator __registryCoordinator, IStakeRegistry __stakeRegistry ) { _avsDirectory = __avsDirectory; _registryCoordinator = __registryCoordinator; _stakeRegistry = __stakeRegistry; _disableInitializers(); } function __ServiceManagerBase_init(address initialOwner) internal virtual onlyInitializing { _transferOwnership(initialOwner); } /** * @notice Updates the metadata URI for the AVS * @param _metadataURI is the metadata URI for the AVS * @dev only callable by the owner */ function updateAVSMetadataURI(string memory _metadataURI) public virtual onlyOwner { _avsDirectory.updateAVSMetadataURI(_metadataURI); } /** * @notice Forwards a call to EigenLayer's AVSDirectory contract to confirm operator registration with the AVS * @param operator The address of the operator to register. * @param operatorSignature The signature, salt, and expiry of the operator's signature. */ function registerOperatorToAVS( address operator, ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature ) public virtual onlyRegistryCoordinator { _avsDirectory.registerOperatorToAVS(operator, operatorSignature); } /** * @notice Forwards a call to EigenLayer's AVSDirectory contract to confirm operator deregistration from the AVS * @param operator The address of the operator to deregister. */ function deregisterOperatorFromAVS(address operator) public virtual onlyRegistryCoordinator { _avsDirectory.deregisterOperatorFromAVS(operator); } /** * @notice Returns the list of strategies that the AVS supports for restaking * @dev This function is intended to be called off-chain * @dev No guarantee is made on uniqueness of each element in the returned array. * The off-chain service should do that validation separately */ function getRestakeableStrategies() external view returns (address[] memory) { uint256 quorumCount = _registryCoordinator.quorumCount(); if (quorumCount == 0) { return new address[](0); } uint256 strategyCount; for(uint256 i = 0; i < quorumCount; i++) { strategyCount += _stakeRegistry.strategyParamsLength(uint8(i)); } address[] memory restakedStrategies = new address[](strategyCount); uint256 index = 0; for(uint256 i = 0; i < _registryCoordinator.quorumCount(); i++) { uint256 strategyParamsLength = _stakeRegistry.strategyParamsLength(uint8(i)); for (uint256 j = 0; j < strategyParamsLength; j++) { restakedStrategies[index] = address(_stakeRegistry.strategyParamsByIndex(uint8(i), j).strategy); index++; } } return restakedStrategies; } /** * @notice Returns the list of strategies that the operator has potentially restaked on the AVS * @param operator The address of the operator to get restaked strategies for * @dev This function is intended to be called off-chain * @dev No guarantee is made on whether the operator has shares for a strategy in a quorum or uniqueness * of each element in the returned array. The off-chain service should do that validation separately */ function getOperatorRestakedStrategies(address operator) external view returns (address[] memory) { bytes32 operatorId = _registryCoordinator.getOperatorId(operator); uint192 operatorBitmap = _registryCoordinator.getCurrentQuorumBitmap(operatorId); if (operatorBitmap == 0 || _registryCoordinator.quorumCount() == 0) { return new address[](0); } // Get number of strategies for each quorum in operator bitmap bytes memory operatorRestakedQuorums = BitmapUtils.bitmapToBytesArray(operatorBitmap); uint256 strategyCount; for(uint256 i = 0; i < operatorRestakedQuorums.length; i++) { strategyCount += _stakeRegistry.strategyParamsLength(uint8(operatorRestakedQuorums[i])); } // Get strategies for each quorum in operator bitmap address[] memory restakedStrategies = new address[](strategyCount); uint256 index = 0; for(uint256 i = 0; i < operatorRestakedQuorums.length; i++) { uint8 quorum = uint8(operatorRestakedQuorums[i]); uint256 strategyParamsLength = _stakeRegistry.strategyParamsLength(quorum); for (uint256 j = 0; j < strategyParamsLength; j++) { restakedStrategies[index] = address(_stakeRegistry.strategyParamsByIndex(quorum, j).strategy); index++; } } return restakedStrategies; } /// @notice Returns the EigenLayer AVSDirectory contract. function avsDirectory() external view override returns (address) { return address(_avsDirectory); } // storage gap for upgradeability // slither-disable-next-line shadowing-state uint256[50] private __GAP; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import {IBLSSignatureChecker} from "./interfaces/IBLSSignatureChecker.sol"; import {IRegistryCoordinator} from "./interfaces/IRegistryCoordinator.sol"; import {IBLSApkRegistry} from "./interfaces/IBLSApkRegistry.sol"; import {IStakeRegistry, IDelegationManager} from "./interfaces/IStakeRegistry.sol"; import {BitmapUtils} from "./libraries/BitmapUtils.sol"; import {BN254} from "./libraries/BN254.sol"; /** * @title Used for checking BLS aggregate signatures from the operators of a `BLSRegistry`. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice This is the contract for checking the validity of aggregate operator signatures. */ contract BLSSignatureChecker is IBLSSignatureChecker { using BN254 for BN254.G1Point; // CONSTANTS & IMMUTABLES // gas cost of multiplying 2 pairings uint256 internal constant PAIRING_EQUALITY_CHECK_GAS = 120000; IRegistryCoordinator public immutable registryCoordinator; IStakeRegistry public immutable stakeRegistry; IBLSApkRegistry public immutable blsApkRegistry; IDelegationManager public immutable delegation; /// @notice If true, check the staleness of the operator stakes and that its within the delegation withdrawalDelayBlocks window. bool public staleStakesForbidden; modifier onlyCoordinatorOwner() { require(msg.sender == registryCoordinator.owner(), "BLSSignatureChecker.onlyCoordinatorOwner: caller is not the owner of the registryCoordinator"); _; } constructor(IRegistryCoordinator _registryCoordinator) { registryCoordinator = _registryCoordinator; stakeRegistry = _registryCoordinator.stakeRegistry(); blsApkRegistry = _registryCoordinator.blsApkRegistry(); delegation = stakeRegistry.delegation(); staleStakesForbidden = true; } /** * RegistryCoordinator owner can either enforce or not that operator stakes are staler * than the delegation.minWithdrawalDelayBlocks() window. * @param value to toggle staleStakesForbidden */ function setStaleStakesForbidden(bool value) external onlyCoordinatorOwner { staleStakesForbidden = value; emit StaleStakesForbiddenUpdate(value); } struct NonSignerInfo { uint256[] quorumBitmaps; bytes32[] pubkeyHashes; } /** * @notice This function is called by disperser when it has aggregated all the signatures of the operators * that are part of the quorum for a particular taskNumber and is asserting them into onchain. The function * checks that the claim for aggregated signatures are valid. * * The thesis of this procedure entails: * - getting the aggregated pubkey of all registered nodes at the time of pre-commit by the * disperser (represented by apk in the parameters), * - subtracting the pubkeys of all the signers not in the quorum (nonSignerPubkeys) and storing * the output in apk to get aggregated pubkey of all operators that are part of quorum. * - use this aggregated pubkey to verify the aggregated signature under BLS scheme. * * @dev Before signature verification, the function verifies operator stake information. This includes ensuring that the provided `referenceBlockNumber` * is correct, i.e., ensure that the stake returned from the specified block number is recent enough and that the stake is either the most recent update * for the total stake (of the operator) or latest before the referenceBlockNumber. * @param msgHash is the hash being signed * @dev NOTE: Be careful to ensure `msgHash` is collision-resistant! This method does not hash * `msgHash` in any way, so if an attacker is able to pass in an arbitrary value, they may be able * to tamper with signature verification. * @param quorumNumbers is the bytes array of quorum numbers that are being signed for * @param referenceBlockNumber is the block number at which the stake information is being verified * @param params is the struct containing information on nonsigners, stakes, quorum apks, and the aggregate signature * @return quorumStakeTotals is the struct containing the total and signed stake for each quorum * @return signatoryRecordHash is the hash of the signatory record, which is used for fraud proofs */ function checkSignatures( bytes32 msgHash, bytes calldata quorumNumbers, uint32 referenceBlockNumber, NonSignerStakesAndSignature memory params ) public view returns ( QuorumStakeTotals memory, bytes32 ) { require(quorumNumbers.length != 0, "BLSSignatureChecker.checkSignatures: empty quorum input"); require( (quorumNumbers.length == params.quorumApks.length) && (quorumNumbers.length == params.quorumApkIndices.length) && (quorumNumbers.length == params.totalStakeIndices.length) && (quorumNumbers.length == params.nonSignerStakeIndices.length), "BLSSignatureChecker.checkSignatures: input quorum length mismatch" ); require( params.nonSignerPubkeys.length == params.nonSignerQuorumBitmapIndices.length, "BLSSignatureChecker.checkSignatures: input nonsigner length mismatch" ); require(referenceBlockNumber < uint32(block.number), "BLSSignatureChecker.checkSignatures: invalid reference block"); // This method needs to calculate the aggregate pubkey for all signing operators across // all signing quorums. To do that, we can query the aggregate pubkey for each quorum // and subtract out the pubkey for each nonsigning operator registered to that quorum. // // In practice, we do this in reverse - calculating an aggregate pubkey for all nonsigners, // negating that pubkey, then adding the aggregate pubkey for each quorum. BN254.G1Point memory apk = BN254.G1Point(0, 0); // For each quorum, we're also going to query the total stake for all registered operators // at the referenceBlockNumber, and derive the stake held by signers by subtracting out // stakes held by nonsigners. QuorumStakeTotals memory stakeTotals; stakeTotals.totalStakeForQuorum = new uint96[](quorumNumbers.length); stakeTotals.signedStakeForQuorum = new uint96[](quorumNumbers.length); NonSignerInfo memory nonSigners; nonSigners.quorumBitmaps = new uint256[](params.nonSignerPubkeys.length); nonSigners.pubkeyHashes = new bytes32[](params.nonSignerPubkeys.length); { // Get a bitmap of the quorums signing the message, and validate that // quorumNumbers contains only unique, valid quorum numbers uint256 signingQuorumBitmap = BitmapUtils.orderedBytesArrayToBitmap(quorumNumbers, registryCoordinator.quorumCount()); for (uint256 j = 0; j < params.nonSignerPubkeys.length; j++) { // The nonsigner's pubkey hash doubles as their operatorId // The check below validates that these operatorIds are sorted (and therefore // free of duplicates) nonSigners.pubkeyHashes[j] = params.nonSignerPubkeys[j].hashG1Point(); if (j != 0) { require( uint256(nonSigners.pubkeyHashes[j]) > uint256(nonSigners.pubkeyHashes[j - 1]), "BLSSignatureChecker.checkSignatures: nonSignerPubkeys not sorted" ); } // Get the quorums the nonsigner was registered for at referenceBlockNumber nonSigners.quorumBitmaps[j] = registryCoordinator.getQuorumBitmapAtBlockNumberByIndex({ operatorId: nonSigners.pubkeyHashes[j], blockNumber: referenceBlockNumber, index: params.nonSignerQuorumBitmapIndices[j] }); // Add the nonsigner's pubkey to the total apk, multiplied by the number // of quorums they have in common with the signing quorums, because their // public key will be a part of each signing quorum's aggregate pubkey apk = apk.plus( params.nonSignerPubkeys[j] .scalar_mul_tiny( BitmapUtils.countNumOnes(nonSigners.quorumBitmaps[j] & signingQuorumBitmap) ) ); } } // Negate the sum of the nonsigner aggregate pubkeys - from here, we'll add the // total aggregate pubkey from each quorum. Because the nonsigners' pubkeys are // in these quorums, this initial negation ensures they're cancelled out apk = apk.negate(); /** * For each quorum (at referenceBlockNumber): * - add the apk for all registered operators * - query the total stake for each quorum * - subtract the stake for each nonsigner to calculate the stake belonging to signers */ { bool _staleStakesForbidden = staleStakesForbidden; uint256 withdrawalDelayBlocks = _staleStakesForbidden ? delegation.minWithdrawalDelayBlocks() : 0; for (uint256 i = 0; i < quorumNumbers.length; i++) { // If we're disallowing stale stake updates, check that each quorum's last update block // is within withdrawalDelayBlocks if (_staleStakesForbidden) { require( registryCoordinator.quorumUpdateBlockNumber(uint8(quorumNumbers[i])) + withdrawalDelayBlocks >= referenceBlockNumber, "BLSSignatureChecker.checkSignatures: StakeRegistry updates must be within withdrawalDelayBlocks window" ); } // Validate params.quorumApks is correct for this quorum at the referenceBlockNumber, // then add it to the total apk require( bytes24(params.quorumApks[i].hashG1Point()) == blsApkRegistry.getApkHashAtBlockNumberAndIndex({ quorumNumber: uint8(quorumNumbers[i]), blockNumber: referenceBlockNumber, index: params.quorumApkIndices[i] }), "BLSSignatureChecker.checkSignatures: quorumApk hash in storage does not match provided quorum apk" ); apk = apk.plus(params.quorumApks[i]); // Get the total and starting signed stake for the quorum at referenceBlockNumber stakeTotals.totalStakeForQuorum[i] = stakeRegistry.getTotalStakeAtBlockNumberFromIndex({ quorumNumber: uint8(quorumNumbers[i]), blockNumber: referenceBlockNumber, index: params.totalStakeIndices[i] }); stakeTotals.signedStakeForQuorum[i] = stakeTotals.totalStakeForQuorum[i]; // Keep track of the nonSigners index in the quorum uint256 nonSignerForQuorumIndex = 0; // loop through all nonSigners, checking that they are a part of the quorum via their quorumBitmap // if so, load their stake at referenceBlockNumber and subtract it from running stake signed for (uint256 j = 0; j < params.nonSignerPubkeys.length; j++) { // if the nonSigner is a part of the quorum, subtract their stake from the running total if (BitmapUtils.isSet(nonSigners.quorumBitmaps[j], uint8(quorumNumbers[i]))) { stakeTotals.signedStakeForQuorum[i] -= stakeRegistry.getStakeAtBlockNumberAndIndex({ quorumNumber: uint8(quorumNumbers[i]), blockNumber: referenceBlockNumber, operatorId: nonSigners.pubkeyHashes[j], index: params.nonSignerStakeIndices[i][nonSignerForQuorumIndex] }); unchecked { ++nonSignerForQuorumIndex; } } } } } { // verify the signature (bool pairingSuccessful, bool signatureIsValid) = trySignatureAndApkVerification( msgHash, apk, params.apkG2, params.sigma ); require(pairingSuccessful, "BLSSignatureChecker.checkSignatures: pairing precompile call failed"); require(signatureIsValid, "BLSSignatureChecker.checkSignatures: signature is invalid"); } // set signatoryRecordHash variable used for fraudproofs bytes32 signatoryRecordHash = keccak256(abi.encodePacked(referenceBlockNumber, nonSigners.pubkeyHashes)); // return the total stakes that signed for each quorum, and a hash of the information required to prove the exact signers and stake return (stakeTotals, signatoryRecordHash); } /** * trySignatureAndApkVerification verifies a BLS aggregate signature and the veracity of a calculated G1 Public key * @param msgHash is the hash being signed * @param apk is the claimed G1 public key * @param apkG2 is provided G2 public key * @param sigma is the G1 point signature * @return pairingSuccessful is true if the pairing precompile call was successful * @return siganatureIsValid is true if the signature is valid */ function trySignatureAndApkVerification( bytes32 msgHash, BN254.G1Point memory apk, BN254.G2Point memory apkG2, BN254.G1Point memory sigma ) public view returns(bool pairingSuccessful, bool siganatureIsValid) { // gamma = keccak256(abi.encodePacked(msgHash, apk, apkG2, sigma)) uint256 gamma = uint256(keccak256(abi.encodePacked(msgHash, apk.X, apk.Y, apkG2.X[0], apkG2.X[1], apkG2.Y[0], apkG2.Y[1], sigma.X, sigma.Y))) % BN254.FR_MODULUS; // verify the signature (pairingSuccessful, siganatureIsValid) = BN254.safePairing( sigma.plus(apk.scalar_mul(gamma)), BN254.negGeneratorG2(), BN254.hashToG1(msgHash).plus(BN254.generatorG1().scalar_mul(gamma)), apkG2, PAIRING_EQUALITY_CHECK_GAS ); } // storage gap for upgradeability // slither-disable-next-line shadowing-state uint256[49] private __GAP; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import {IBLSApkRegistry} from "./IBLSApkRegistry.sol"; import {IStakeRegistry} from "./IStakeRegistry.sol"; import {IIndexRegistry} from "./IIndexRegistry.sol"; import {BN254} from "../libraries/BN254.sol"; /** * @title Interface for a contract that coordinates between various registries for an AVS. * @author Layr Labs, Inc. */ interface IRegistryCoordinator { // EVENTS /// Emits when an operator is registered event OperatorRegistered(address indexed operator, bytes32 indexed operatorId); /// Emits when an operator is deregistered event OperatorDeregistered(address indexed operator, bytes32 indexed operatorId); event OperatorSetParamsUpdated(uint8 indexed quorumNumber, OperatorSetParam operatorSetParams); event ChurnApproverUpdated(address prevChurnApprover, address newChurnApprover); event EjectorUpdated(address prevEjector, address newEjector); /// @notice emitted when all the operators for a quorum are updated at once event QuorumBlockNumberUpdated(uint8 indexed quorumNumber, uint256 blocknumber); // DATA STRUCTURES enum OperatorStatus { // default is NEVER_REGISTERED NEVER_REGISTERED, REGISTERED, DEREGISTERED } // STRUCTS /** * @notice Data structure for storing info on operators */ struct OperatorInfo { // the id of the operator, which is likely the keccak256 hash of the operator's public key if using BLSRegistry bytes32 operatorId; // indicates whether the operator is actively registered for serving the middleware or not OperatorStatus status; } /** * @notice Data structure for storing info on quorum bitmap updates where the `quorumBitmap` is the bitmap of the * quorums the operator is registered for starting at (inclusive)`updateBlockNumber` and ending at (exclusive) `nextUpdateBlockNumber` * @dev nextUpdateBlockNumber is initialized to 0 for the latest update */ struct QuorumBitmapUpdate { uint32 updateBlockNumber; uint32 nextUpdateBlockNumber; uint192 quorumBitmap; } /** * @notice Data structure for storing operator set params for a given quorum. Specifically the * `maxOperatorCount` is the maximum number of operators that can be registered for the quorum, * `kickBIPsOfOperatorStake` is the basis points of a new operator needs to have of an operator they are trying to kick from the quorum, * and `kickBIPsOfTotalStake` is the basis points of the total stake of the quorum that an operator needs to be below to be kicked. */ struct OperatorSetParam { uint32 maxOperatorCount; uint16 kickBIPsOfOperatorStake; uint16 kickBIPsOfTotalStake; } /** * @notice Data structure for the parameters needed to kick an operator from a quorum with number `quorumNumber`, used during registration churn. * `operator` is the address of the operator to kick */ struct OperatorKickParam { uint8 quorumNumber; address operator; } /// @notice Returns the operator set params for the given `quorumNumber` function getOperatorSetParams(uint8 quorumNumber) external view returns (OperatorSetParam memory); /// @notice the Stake registry contract that will keep track of operators' stakes function stakeRegistry() external view returns (IStakeRegistry); /// @notice the BLS Aggregate Pubkey Registry contract that will keep track of operators' BLS aggregate pubkeys per quorum function blsApkRegistry() external view returns (IBLSApkRegistry); /// @notice the index Registry contract that will keep track of operators' indexes function indexRegistry() external view returns (IIndexRegistry); /** * @notice Ejects the provided operator from the provided quorums from the AVS * @param operator is the operator to eject * @param quorumNumbers are the quorum numbers to eject the operator from */ function ejectOperator( address operator, bytes calldata quorumNumbers ) external; /// @notice Returns the number of quorums the registry coordinator has created function quorumCount() external view returns (uint8); /// @notice Returns the operator struct for the given `operator` function getOperator(address operator) external view returns (OperatorInfo memory); /// @notice Returns the operatorId for the given `operator` function getOperatorId(address operator) external view returns (bytes32); /// @notice Returns the operator address for the given `operatorId` function getOperatorFromId(bytes32 operatorId) external view returns (address operator); /// @notice Returns the status for the given `operator` function getOperatorStatus(address operator) external view returns (IRegistryCoordinator.OperatorStatus); /// @notice Returns the indices of the quorumBitmaps for the provided `operatorIds` at the given `blockNumber` function getQuorumBitmapIndicesAtBlockNumber(uint32 blockNumber, bytes32[] memory operatorIds) external view returns (uint32[] memory); /** * @notice Returns the quorum bitmap for the given `operatorId` at the given `blockNumber` via the `index` * @dev reverts if `index` is incorrect */ function getQuorumBitmapAtBlockNumberByIndex(bytes32 operatorId, uint32 blockNumber, uint256 index) external view returns (uint192); /// @notice Returns the `index`th entry in the operator with `operatorId`'s bitmap history function getQuorumBitmapUpdateByIndex(bytes32 operatorId, uint256 index) external view returns (QuorumBitmapUpdate memory); /// @notice Returns the current quorum bitmap for the given `operatorId` function getCurrentQuorumBitmap(bytes32 operatorId) external view returns (uint192); /// @notice Returns the length of the quorum bitmap history for the given `operatorId` function getQuorumBitmapHistoryLength(bytes32 operatorId) external view returns (uint256); /// @notice Returns the registry at the desired index function registries(uint256) external view returns (address); /// @notice Returns the number of registries function numRegistries() external view returns (uint256); /** * @notice Returns the message hash that an operator must sign to register their BLS public key. * @param operator is the address of the operator registering their BLS public key */ function pubkeyRegistrationMessageHash(address operator) external view returns (BN254.G1Point memory); /// @notice returns the blocknumber the quorum was last updated all at once for all operators function quorumUpdateBlockNumber(uint8 quorumNumber) external view returns (uint256); /// @notice The owner of the registry coordinator function owner() external view returns (address); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import {IDelegationManager} from "eigenlayer-contracts/src/contracts/interfaces/IDelegationManager.sol"; import {IStrategy} from "eigenlayer-contracts/src/contracts/interfaces/IStrategy.sol"; import {IRegistry} from "./IRegistry.sol"; /** * @title Interface for a `Registry` that keeps track of stakes of operators for up to 256 quorums. * @author Layr Labs, Inc. */ interface IStakeRegistry is IRegistry { // DATA STRUCTURES /// @notice struct used to store the stakes of an individual operator or the sum of all operators' stakes, for storage struct StakeUpdate { // the block number at which the stake amounts were updated and stored uint32 updateBlockNumber; // the block number at which the *next update* occurred. /// @notice This entry has the value **0** until another update takes place. uint32 nextUpdateBlockNumber; // stake weight for the quorum uint96 stake; } /** * @notice In weighing a particular strategy, the amount of underlying asset for that strategy is * multiplied by its multiplier, then divided by WEIGHTING_DIVISOR */ struct StrategyParams { IStrategy strategy; uint96 multiplier; } // EVENTS /// @notice emitted whenever the stake of `operator` is updated event OperatorStakeUpdate( bytes32 indexed operatorId, uint8 quorumNumber, uint96 stake ); /// @notice emitted when the minimum stake for a quorum is updated event MinimumStakeForQuorumUpdated(uint8 indexed quorumNumber, uint96 minimumStake); /// @notice emitted when a new quorum is created event QuorumCreated(uint8 indexed quorumNumber); /// @notice emitted when `strategy` has been added to the array at `strategyParams[quorumNumber]` event StrategyAddedToQuorum(uint8 indexed quorumNumber, IStrategy strategy); /// @notice emitted when `strategy` has removed from the array at `strategyParams[quorumNumber]` event StrategyRemovedFromQuorum(uint8 indexed quorumNumber, IStrategy strategy); /// @notice emitted when `strategy` has its `multiplier` updated in the array at `strategyParams[quorumNumber]` event StrategyMultiplierUpdated(uint8 indexed quorumNumber, IStrategy strategy, uint256 multiplier); /** * @notice Registers the `operator` with `operatorId` for the specified `quorumNumbers`. * @param operator The address of the operator to register. * @param operatorId The id of the operator to register. * @param quorumNumbers The quorum numbers the operator is registering for, where each byte is an 8 bit integer quorumNumber. * @return The operator's current stake for each quorum, and the total stake for each quorum * @dev access restricted to the RegistryCoordinator * @dev Preconditions (these are assumed, not validated in this contract): * 1) `quorumNumbers` has no duplicates * 2) `quorumNumbers.length` != 0 * 3) `quorumNumbers` is ordered in ascending order * 4) the operator is not already registered */ function registerOperator( address operator, bytes32 operatorId, bytes memory quorumNumbers ) external returns (uint96[] memory, uint96[] memory); /** * @notice Deregisters the operator with `operatorId` for the specified `quorumNumbers`. * @param operatorId The id of the operator to deregister. * @param quorumNumbers The quorum numbers the operator is deregistering from, where each byte is an 8 bit integer quorumNumber. * @dev access restricted to the RegistryCoordinator * @dev Preconditions (these are assumed, not validated in this contract): * 1) `quorumNumbers` has no duplicates * 2) `quorumNumbers.length` != 0 * 3) `quorumNumbers` is ordered in ascending order * 4) the operator is not already deregistered * 5) `quorumNumbers` is a subset of the quorumNumbers that the operator is registered for */ function deregisterOperator(bytes32 operatorId, bytes memory quorumNumbers) external; /** * @notice Initialize a new quorum created by the registry coordinator by setting strategies, weights, and minimum stake */ function initializeQuorum(uint8 quorumNumber, uint96 minimumStake, StrategyParams[] memory strategyParams) external; /// @notice Adds new strategies and the associated multipliers to the @param quorumNumber. function addStrategies( uint8 quorumNumber, StrategyParams[] memory strategyParams ) external; /** * @notice This function is used for removing strategies and their associated weights from the * mapping strategyParams for a specific @param quorumNumber. * @dev higher indices should be *first* in the list of @param indicesToRemove, since otherwise * the removal of lower index entries will cause a shift in the indices of the other strategiesToRemove */ function removeStrategies(uint8 quorumNumber, uint256[] calldata indicesToRemove) external; /** * @notice This function is used for modifying the weights of strategies that are already in the * mapping strategyParams for a specific * @param quorumNumber is the quorum number to change the strategy for * @param strategyIndices are the indices of the strategies to change * @param newMultipliers are the new multipliers for the strategies */ function modifyStrategyParams( uint8 quorumNumber, uint256[] calldata strategyIndices, uint96[] calldata newMultipliers ) external; /// @notice Constant used as a divisor in calculating weights. function WEIGHTING_DIVISOR() external pure returns (uint256); /// @notice Returns the EigenLayer delegation manager contract. function delegation() external view returns (IDelegationManager); /// @notice In order to register for a quorum i, an operator must have at least `minimumStakeForQuorum[i]` function minimumStakeForQuorum(uint8 quorumNumber) external view returns (uint96); /// @notice Returns the length of the dynamic array stored in `strategyParams[quorumNumber]`. function strategyParamsLength(uint8 quorumNumber) external view returns (uint256); /// @notice Returns the strategy and weight multiplier for the `index`'th strategy in the quorum `quorumNumber` function strategyParamsByIndex( uint8 quorumNumber, uint256 index ) external view returns (StrategyParams memory); /** * @notice This function computes the total weight of the @param operator in the quorum @param quorumNumber. * @dev reverts in the case that `quorumNumber` is greater than or equal to `quorumCount` */ function weightOfOperatorForQuorum(uint8 quorumNumber, address operator) external view returns (uint96); /** * @notice Returns the entire `operatorIdToStakeHistory[operatorId][quorumNumber]` array. * @param operatorId The id of the operator of interest. * @param quorumNumber The quorum number to get the stake for. */ function getStakeHistory(bytes32 operatorId, uint8 quorumNumber) external view returns (StakeUpdate[] memory); function getTotalStakeHistoryLength(uint8 quorumNumber) external view returns (uint256); /** * @notice Returns the `index`-th entry in the dynamic array of total stake, `totalStakeHistory` for quorum `quorumNumber`. * @param quorumNumber The quorum number to get the stake for. * @param index Array index for lookup, within the dynamic array `totalStakeHistory[quorumNumber]`. */ function getTotalStakeUpdateAtIndex(uint8 quorumNumber, uint256 index) external view returns (StakeUpdate memory); /// @notice Returns the indices of the operator stakes for the provided `quorumNumber` at the given `blockNumber` function getStakeUpdateIndexAtBlockNumber(bytes32 operatorId, uint8 quorumNumber, uint32 blockNumber) external view returns (uint32); /// @notice Returns the indices of the total stakes for the provided `quorumNumbers` at the given `blockNumber` function getTotalStakeIndicesAtBlockNumber(uint32 blockNumber, bytes calldata quorumNumbers) external view returns(uint32[] memory) ; /** * @notice Returns the `index`-th entry in the `operatorIdToStakeHistory[operatorId][quorumNumber]` array. * @param quorumNumber The quorum number to get the stake for. * @param operatorId The id of the operator of interest. * @param index Array index for lookup, within the dynamic array `operatorIdToStakeHistory[operatorId][quorumNumber]`. * @dev Function will revert if `index` is out-of-bounds. */ function getStakeUpdateAtIndex(uint8 quorumNumber, bytes32 operatorId, uint256 index) external view returns (StakeUpdate memory); /** * @notice Returns the most recent stake weight for the `operatorId` for a certain quorum * @dev Function returns an StakeUpdate struct with **every entry equal to 0** in the event that the operator has no stake history */ function getLatestStakeUpdate(bytes32 operatorId, uint8 quorumNumber) external view returns (StakeUpdate memory); /** * @notice Returns the stake weight corresponding to `operatorId` for quorum `quorumNumber`, at the * `index`-th entry in the `operatorIdToStakeHistory[operatorId][quorumNumber]` array if the entry * corresponds to the operator's stake at `blockNumber`. Reverts otherwise. * @param quorumNumber The quorum number to get the stake for. * @param operatorId The id of the operator of interest. * @param index Array index for lookup, within the dynamic array `operatorIdToStakeHistory[operatorId][quorumNumber]`. * @param blockNumber Block number to make sure the stake is from. * @dev Function will revert if `index` is out-of-bounds. * @dev used the BLSSignatureChecker to get past stakes of signing operators */ function getStakeAtBlockNumberAndIndex(uint8 quorumNumber, uint32 blockNumber, bytes32 operatorId, uint256 index) external view returns (uint96); /** * @notice Returns the total stake weight for quorum `quorumNumber`, at the `index`-th entry in the * `totalStakeHistory[quorumNumber]` array if the entry corresponds to the total stake at `blockNumber`. * Reverts otherwise. * @param quorumNumber The quorum number to get the stake for. * @param index Array index for lookup, within the dynamic array `totalStakeHistory[quorumNumber]`. * @param blockNumber Block number to make sure the stake is from. * @dev Function will revert if `index` is out-of-bounds. * @dev used the BLSSignatureChecker to get past stakes of signing operators */ function getTotalStakeAtBlockNumberFromIndex(uint8 quorumNumber, uint32 blockNumber, uint256 index) external view returns (uint96); /** * @notice Returns the most recent stake weight for the `operatorId` for quorum `quorumNumber` * @dev Function returns weight of **0** in the event that the operator has no stake history */ function getCurrentStake(bytes32 operatorId, uint8 quorumNumber) external view returns (uint96); /// @notice Returns the stake of the operator for the provided `quorumNumber` at the given `blockNumber` function getStakeAtBlockNumber(bytes32 operatorId, uint8 quorumNumber, uint32 blockNumber) external view returns (uint96); /** * @notice Returns the stake weight from the latest entry in `_totalStakeHistory` for quorum `quorumNumber`. * @dev Will revert if `_totalStakeHistory[quorumNumber]` is empty. */ function getCurrentTotalStake(uint8 quorumNumber) external view returns (uint96); /** * @notice Called by the registry coordinator to update an operator's stake for one * or more quorums. * * If the operator no longer has the minimum stake required for a quorum, they are * added to the * @return A bitmap of quorums where the operator no longer meets the minimum stake * and should be deregistered. */ function updateOperatorStake( address operator, bytes32 operatorId, bytes calldata quorumNumbers ) external returns (uint192); }
// SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.9; import {IEigenDAServiceManager} from "../interfaces/IEigenDAServiceManager.sol"; /** * @title Storage variables for the `EigenDAServiceManager` contract. * @author Layr Labs, Inc. * @notice This storage contract is separate from the logic to simplify the upgrade process. */ abstract contract EigenDAServiceManagerStorage is IEigenDAServiceManager { // CONSTANTS uint256 public constant THRESHOLD_DENOMINATOR = 100; //TODO: mechanism to change any of these values? /// @notice Unit of measure (in blocks) for which data will be stored for after confirmation. uint32 public constant STORE_DURATION_BLOCKS = 2 weeks / 12 seconds; /** * @notice The maximum amount of blocks in the past that the service will consider stake amounts to still be 'valid'. * @dev To clarify edge cases, the middleware can look `BLOCK_STALE_MEASURE` blocks into the past, i.e. it may trust stakes from the interval * [block.number - BLOCK_STALE_MEASURE, block.number] (specifically, *inclusive* of the block that is `BLOCK_STALE_MEASURE` before the current one) * @dev BLOCK_STALE_MEASURE should be greater than the number of blocks till finalization, but not too much greater, as it is the amount of * time that nodes can be active after they have deregistered. The larger it is, the farther back stakes can be used, but the longer operators * have to serve after they've deregistered. */ uint32 public constant BLOCK_STALE_MEASURE = 150; /** * @notice The quorum adversary threshold percentages stored as an ordered bytes array * this is the percentage of the total stake that must be adversarial to consider a blob invalid */ bytes public constant quorumAdversaryThresholdPercentages = hex"2121"; /** * @notice The quorum confirmation threshold percentages stored as an ordered bytes array * this is the percentage of the total stake needed to confirm a blob */ bytes public constant quorumConfirmationThresholdPercentages = hex"4242"; /** * @notice The quorum numbers required for confirmation stored as an ordered bytes array * these quorum numbers have respective canonical thresholds in the * quorumConfirmationThresholdPercentages and quorumAdversaryThresholdPercentages above */ bytes public constant quorumNumbersRequired = hex"0001"; /// @notice The current batchId uint32 public batchId; /// @notice mapping between the batchId to the hash of the metadata of the corresponding Batch mapping(uint32 => bytes32) public batchIdToBatchMetadataHash; /// @notice address that is permissioned to confirm batches address public batchConfirmer; // storage gap for upgradeability // slither-disable-next-line shadowing-state uint256[47] private __GAP; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import {ISignatureUtils} from "eigenlayer-contracts/src/contracts/interfaces/ISignatureUtils.sol"; import {IDelegationManager} from "eigenlayer-contracts/src/contracts/interfaces/IDelegationManager.sol"; /** * @title Minimal interface for a ServiceManager-type contract that forms the single point for an AVS to push updates to EigenLayer * @author Layr Labs, Inc. */ interface IServiceManager { /** * @notice Updates the metadata URI for the AVS * @param _metadataURI is the metadata URI for the AVS */ function updateAVSMetadataURI(string memory _metadataURI) external; /** * @notice Forwards a call to EigenLayer's DelegationManager contract to confirm operator registration with the AVS * @param operator The address of the operator to register. * @param operatorSignature The signature, salt, and expiry of the operator's signature. */ function registerOperatorToAVS( address operator, ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature ) external; /** * @notice Forwards a call to EigenLayer's DelegationManager contract to confirm operator deregistration from the AVS * @param operator The address of the operator to deregister. */ function deregisterOperatorFromAVS(address operator) external; /** * @notice Returns the list of strategies that the operator has potentially restaked on the AVS * @param operator The address of the operator to get restaked strategies for * @dev This function is intended to be called off-chain * @dev No guarantee is made on whether the operator has shares for a strategy in a quorum or uniqueness * of each element in the returned array. The off-chain service should do that validation separately */ function getOperatorRestakedStrategies(address operator) external view returns (address[] memory); /** * @notice Returns the list of strategies that the AVS supports for restaking * @dev This function is intended to be called off-chain * @dev No guarantee is made on uniqueness of each element in the returned array. * The off-chain service should do that validation separately */ function getRestakeableStrategies() external view returns (address[] memory); /// @notice Returns the EigenLayer AVSDirectory contract. function avsDirectory() external view returns (address); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "../interfaces/IPauserRegistry.sol"; /** * @title Adds pausability to a contract, with pausing & unpausing controlled by the `pauser` and `unpauser` of a PauserRegistry contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Contracts that inherit from this contract may define their own `pause` and `unpause` (and/or related) functions. * These functions should be permissioned as "onlyPauser" which defers to a `PauserRegistry` for determining access control. * @dev Pausability is implemented using a uint256, which allows up to 256 different single bit-flags; each bit can potentially pause different functionality. * Inspiration for this was taken from the NearBridge design here https://etherscan.io/address/0x3FEFc5A4B1c02f21cBc8D3613643ba0635b9a873#code. * For the `pause` and `unpause` functions we've implemented, if you pause, you can only flip (any number of) switches to on/1 (aka "paused"), and if you unpause, * you can only flip (any number of) switches to off/0 (aka "paused"). * If you want a pauseXYZ function that just flips a single bit / "pausing flag", it will: * 1) 'bit-wise and' (aka `&`) a flag with the current paused state (as a uint256) * 2) update the paused state to this new value * @dev We note as well that we have chosen to identify flags by their *bit index* as opposed to their numerical value, so, e.g. defining `DEPOSITS_PAUSED = 3` * indicates specifically that if the *third bit* of `_paused` is flipped -- i.e. it is a '1' -- then deposits should be paused */ interface IPausable { /// @notice Emitted when the `pauserRegistry` is set to `newPauserRegistry`. event PauserRegistrySet(IPauserRegistry pauserRegistry, IPauserRegistry newPauserRegistry); /// @notice Emitted when the pause is triggered by `account`, and changed to `newPausedStatus`. event Paused(address indexed account, uint256 newPausedStatus); /// @notice Emitted when the pause is lifted by `account`, and changed to `newPausedStatus`. event Unpaused(address indexed account, uint256 newPausedStatus); /// @notice Address of the `PauserRegistry` contract that this contract defers to for determining access control (for pausing). function pauserRegistry() external view returns (IPauserRegistry); /** * @notice This function is used to pause an EigenLayer contract's functionality. * It is permissioned to the `pauser` address, which is expected to be a low threshold multisig. * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once. * @dev This function can only pause functionality, and thus cannot 'unflip' any bit in `_paused` from 1 to 0. */ function pause(uint256 newPausedStatus) external; /** * @notice Alias for `pause(type(uint256).max)`. */ function pauseAll() external; /** * @notice This function is used to unpause an EigenLayer contract's functionality. * It is permissioned to the `unpauser` address, which is expected to be a high threshold multisig or governance contract. * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once. * @dev This function can only unpause functionality, and thus cannot 'flip' any bit in `_paused` from 0 to 1. */ function unpause(uint256 newPausedStatus) external; /// @notice Returns the current paused status as a uint256. function paused() external view returns (uint256); /// @notice Returns 'true' if the `indexed`th bit of `_paused` is 1, and 'false' otherwise function paused(uint8 index) external view returns (bool); /// @notice Allows the unpauser to set a new pauser registry function setPauserRegistry(IPauserRegistry newPauserRegistry) external; }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol) pragma solidity ^0.8.0; import "../utils/ContextUpgradeable.sol"; import "../proxy/utils/Initializable.sol"; /** * @dev Contract module which provides a basic access control mechanism, where * there is an account (an owner) that can be granted exclusive access to * specific functions. * * By default, the owner account will be the one that deploys the contract. This * can later be changed with {transferOwnership}. * * This module is used through inheritance. It will make available the modifier * `onlyOwner`, which can be applied to your functions to restrict their use to * the owner. */ abstract contract OwnableUpgradeable is Initializable, ContextUpgradeable { address private _owner; event OwnershipTransferred(address indexed previousOwner, address indexed newOwner); /** * @dev Initializes the contract setting the deployer as the initial owner. */ function __Ownable_init() internal onlyInitializing { __Ownable_init_unchained(); } function __Ownable_init_unchained() internal onlyInitializing { _transferOwnership(_msgSender()); } /** * @dev Throws if called by any account other than the owner. */ modifier onlyOwner() { _checkOwner(); _; } /** * @dev Returns the address of the current owner. */ function owner() public view virtual returns (address) { return _owner; } /** * @dev Throws if the sender is not the owner. */ function _checkOwner() internal view virtual { require(owner() == _msgSender(), "Ownable: caller is not the owner"); } /** * @dev Leaves the contract without owner. It will not be possible to call * `onlyOwner` functions anymore. Can only be called by the current owner. * * NOTE: Renouncing ownership will leave the contract without an owner, * thereby removing any functionality that is only available to the owner. */ function renounceOwnership() public virtual onlyOwner { _transferOwnership(address(0)); } /** * @dev Transfers ownership of the contract to a new account (`newOwner`). * Can only be called by the current owner. */ function transferOwnership(address newOwner) public virtual onlyOwner { require(newOwner != address(0), "Ownable: new owner is the zero address"); _transferOwnership(newOwner); } /** * @dev Transfers ownership of the contract to a new account (`newOwner`). * Internal function without access restriction. */ function _transferOwnership(address newOwner) internal virtual { address oldOwner = _owner; _owner = newOwner; emit OwnershipTransferred(oldOwner, newOwner); } /** * @dev This empty reserved space is put in place to allow future versions to add new * variables without shifting down storage in the inheritance chain. * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps */ uint256[49] private __gap; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; /** * @title The interface for common signature utilities. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service */ interface ISignatureUtils { // @notice Struct that bundles together a signature and an expiration time for the signature. Used primarily for stack management. struct SignatureWithExpiry { // the signature itself, formatted as a single bytes object bytes signature; // the expiration timestamp (UTC) of the signature uint256 expiry; } // @notice Struct that bundles together a signature, a salt for uniqueness, and an expiration time for the signature. Used primarily for stack management. struct SignatureWithSaltAndExpiry { // the signature itself, formatted as a single bytes object bytes signature; // the salt used to generate the signature bytes32 salt; // the expiration timestamp (UTC) of the signature uint256 expiry; } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "./ISignatureUtils.sol"; interface IAVSDirectory is ISignatureUtils { /// @notice Enum representing the status of an operator's registration with an AVS enum OperatorAVSRegistrationStatus { UNREGISTERED, // Operator not registered to AVS REGISTERED // Operator registered to AVS } /** * @notice Emitted when @param avs indicates that they are updating their MetadataURI string * @dev Note that these strings are *never stored in storage* and are instead purely emitted in events for off-chain indexing */ event AVSMetadataURIUpdated(address indexed avs, string metadataURI); /// @notice Emitted when an operator's registration status for an AVS is updated event OperatorAVSRegistrationStatusUpdated(address indexed operator, address indexed avs, OperatorAVSRegistrationStatus status); /** * @notice Called by an avs to register an operator with the avs. * @param operator The address of the operator to register. * @param operatorSignature The signature, salt, and expiry of the operator's signature. */ function registerOperatorToAVS( address operator, ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature ) external; /** * @notice Called by an avs to deregister an operator with the avs. * @param operator The address of the operator to deregister. */ function deregisterOperatorFromAVS(address operator) external; /** * @notice Called by an AVS to emit an `AVSMetadataURIUpdated` event indicating the information has updated. * @param metadataURI The URI for metadata associated with an AVS * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `AVSMetadataURIUpdated` event */ function updateAVSMetadataURI(string calldata metadataURI) external; /** * @notice Returns whether or not the salt has already been used by the operator. * @dev Salts is used in the `registerOperatorToAVS` function. */ function operatorSaltIsSpent(address operator, bytes32 salt) external view returns (bool); /** * @notice Calculates the digest hash to be signed by an operator to register with an AVS * @param operator The account registering as an operator * @param avs The AVS the operator is registering to * @param salt A unique and single use value associated with the approver signature. * @param expiry Time after which the approver's signature becomes invalid */ function calculateOperatorAVSRegistrationDigestHash( address operator, address avs, bytes32 salt, uint256 expiry ) external view returns (bytes32); /// @notice The EIP-712 typehash for the Registration struct used by the contract function OPERATOR_AVS_REGISTRATION_TYPEHASH() external view returns (bytes32); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import {IRegistryCoordinator} from "./IRegistryCoordinator.sol"; import {IBLSApkRegistry} from "./IBLSApkRegistry.sol"; import {IStakeRegistry, IDelegationManager} from "./IStakeRegistry.sol"; import {BN254} from "../libraries/BN254.sol"; /** * @title Used for checking BLS aggregate signatures from the operators of a EigenLayer AVS with the RegistryCoordinator/BLSApkRegistry/StakeRegistry architechture. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice This is the contract for checking the validity of aggregate operator signatures. */ interface IBLSSignatureChecker { // DATA STRUCTURES struct NonSignerStakesAndSignature { uint32[] nonSignerQuorumBitmapIndices; // is the indices of all nonsigner quorum bitmaps BN254.G1Point[] nonSignerPubkeys; // is the G1 pubkeys of all nonsigners BN254.G1Point[] quorumApks; // is the aggregate G1 pubkey of each quorum BN254.G2Point apkG2; // is the aggregate G2 pubkey of all signers BN254.G1Point sigma; // is the aggregate G1 signature of all signers uint32[] quorumApkIndices; // is the indices of each quorum aggregate pubkey uint32[] totalStakeIndices; // is the indices of each quorums total stake uint32[][] nonSignerStakeIndices; // is the indices of each non signers stake within a quorum } /** * @notice this data structure is used for recording the details on the total stake of the registered * operators and those operators who are part of the quorum for a particular taskNumber */ struct QuorumStakeTotals { // total stake of the operators in each quorum uint96[] signedStakeForQuorum; // total amount staked by all operators in each quorum uint96[] totalStakeForQuorum; } // EVENTS /// @notice Emitted when `staleStakesForbiddenUpdate` is set event StaleStakesForbiddenUpdate(bool value); // CONSTANTS & IMMUTABLES function registryCoordinator() external view returns (IRegistryCoordinator); function stakeRegistry() external view returns (IStakeRegistry); function blsApkRegistry() external view returns (IBLSApkRegistry); function delegation() external view returns (IDelegationManager); /** * @notice This function is called by disperser when it has aggregated all the signatures of the operators * that are part of the quorum for a particular taskNumber and is asserting them into onchain. The function * checks that the claim for aggregated signatures are valid. * * The thesis of this procedure entails: * - getting the aggregated pubkey of all registered nodes at the time of pre-commit by the * disperser (represented by apk in the parameters), * - subtracting the pubkeys of all the signers not in the quorum (nonSignerPubkeys) and storing * the output in apk to get aggregated pubkey of all operators that are part of quorum. * - use this aggregated pubkey to verify the aggregated signature under BLS scheme. * * @dev Before signature verification, the function verifies operator stake information. This includes ensuring that the provided `referenceBlockNumber` * is correct, i.e., ensure that the stake returned from the specified block number is recent enough and that the stake is either the most recent update * for the total stake (or the operator) or latest before the referenceBlockNumber. */ function checkSignatures( bytes32 msgHash, bytes calldata quorumNumbers, uint32 referenceBlockNumber, NonSignerStakesAndSignature memory nonSignerStakesAndSignature ) external view returns ( QuorumStakeTotals memory, bytes32 ); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import {IRegistry} from "./IRegistry.sol"; import {BN254} from "../libraries/BN254.sol"; /** * @title Minimal interface for a registry that keeps track of aggregate operator public keys across many quorums. * @author Layr Labs, Inc. */ interface IBLSApkRegistry is IRegistry { // STRUCTS /// @notice Data structure used to track the history of the Aggregate Public Key of all operators struct ApkUpdate { // first 24 bytes of keccak256(apk_x0, apk_x1, apk_y0, apk_y1) bytes24 apkHash; // block number at which the update occurred uint32 updateBlockNumber; // block number at which the next update occurred uint32 nextUpdateBlockNumber; } /** * @notice Struct used when registering a new public key * @param pubkeyRegistrationSignature is the registration message signed by the private key of the operator * @param pubkeyG1 is the corresponding G1 public key of the operator * @param pubkeyG2 is the corresponding G2 public key of the operator */ struct PubkeyRegistrationParams { BN254.G1Point pubkeyRegistrationSignature; BN254.G1Point pubkeyG1; BN254.G2Point pubkeyG2; } // EVENTS /// @notice Emitted when `operator` registers with the public keys `pubkeyG1` and `pubkeyG2`. event NewPubkeyRegistration(address indexed operator, BN254.G1Point pubkeyG1, BN254.G2Point pubkeyG2); // @notice Emitted when a new operator pubkey is registered for a set of quorums event OperatorAddedToQuorums( address operator, bytes32 operatorId, bytes quorumNumbers ); // @notice Emitted when an operator pubkey is removed from a set of quorums event OperatorRemovedFromQuorums( address operator, bytes32 operatorId, bytes quorumNumbers ); /** * @notice Registers the `operator`'s pubkey for the specified `quorumNumbers`. * @param operator The address of the operator to register. * @param quorumNumbers The quorum numbers the operator is registering for, where each byte is an 8 bit integer quorumNumber. * @dev access restricted to the RegistryCoordinator * @dev Preconditions (these are assumed, not validated in this contract): * 1) `quorumNumbers` has no duplicates * 2) `quorumNumbers.length` != 0 * 3) `quorumNumbers` is ordered in ascending order * 4) the operator is not already registered */ function registerOperator(address operator, bytes calldata quorumNumbers) external; /** * @notice Deregisters the `operator`'s pubkey for the specified `quorumNumbers`. * @param operator The address of the operator to deregister. * @param quorumNumbers The quorum numbers the operator is deregistering from, where each byte is an 8 bit integer quorumNumber. * @dev access restricted to the RegistryCoordinator * @dev Preconditions (these are assumed, not validated in this contract): * 1) `quorumNumbers` has no duplicates * 2) `quorumNumbers.length` != 0 * 3) `quorumNumbers` is ordered in ascending order * 4) the operator is not already deregistered * 5) `quorumNumbers` is a subset of the quorumNumbers that the operator is registered for */ function deregisterOperator(address operator, bytes calldata quorumNumbers) external; /** * @notice Initializes a new quorum by pushing its first apk update * @param quorumNumber The number of the new quorum */ function initializeQuorum(uint8 quorumNumber) external; /** * @notice mapping from operator address to pubkey hash. * Returns *zero* if the `operator` has never registered, and otherwise returns the hash of the public key of the operator. */ function operatorToPubkeyHash(address operator) external view returns (bytes32); /** * @notice mapping from pubkey hash to operator address. * Returns *zero* if no operator has ever registered the public key corresponding to `pubkeyHash`, * and otherwise returns the (unique) registered operator who owns the BLS public key that is the preimage of `pubkeyHash`. */ function pubkeyHashToOperator(bytes32 pubkeyHash) external view returns (address); /** * @notice Called by the RegistryCoordinator register an operator as the owner of a BLS public key. * @param operator is the operator for whom the key is being registered * @param params contains the G1 & G2 public keys of the operator, and a signature proving their ownership * @param pubkeyRegistrationMessageHash is a hash that the operator must sign to prove key ownership */ function registerBLSPublicKey( address operator, PubkeyRegistrationParams calldata params, BN254.G1Point calldata pubkeyRegistrationMessageHash ) external returns (bytes32 operatorId); /** * @notice Returns the pubkey and pubkey hash of an operator * @dev Reverts if the operator has not registered a valid pubkey */ function getRegisteredPubkey(address operator) external view returns (BN254.G1Point memory, bytes32); /// @notice Returns the current APK for the provided `quorumNumber ` function getApk(uint8 quorumNumber) external view returns (BN254.G1Point memory); /// @notice Returns the index of the quorumApk index at `blockNumber` for the provided `quorumNumber` function getApkIndicesAtBlockNumber(bytes calldata quorumNumbers, uint256 blockNumber) external view returns(uint32[] memory); /// @notice Returns the `ApkUpdate` struct at `index` in the list of APK updates for the `quorumNumber` function getApkUpdateAtIndex(uint8 quorumNumber, uint256 index) external view returns (ApkUpdate memory); /// @notice Returns the operator address for the given `pubkeyHash` function getOperatorFromPubkeyHash(bytes32 pubkeyHash) external view returns (address); /** * @notice get 24 byte hash of the apk of `quorumNumber` at `blockNumber` using the provided `index`; * called by checkSignatures in BLSSignatureChecker.sol. * @param quorumNumber is the quorum whose ApkHash is being retrieved * @param blockNumber is the number of the block for which the latest ApkHash will be retrieved * @param index is the index of the apkUpdate being retrieved from the list of quorum apkUpdates in storage */ function getApkHashAtBlockNumberAndIndex(uint8 quorumNumber, uint32 blockNumber, uint256 index) external view returns (bytes24); /// @notice returns the ID used to identify the `operator` within this AVS. /// @dev Returns zero in the event that the `operator` has never registered for the AVS function getOperatorId(address operator) external view returns (bytes32); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity =0.8.12; import {IRegistry} from "./IRegistry.sol"; /** * @title Interface for a `Registry`-type contract that keeps track of an ordered list of operators for up to 256 quorums. * @author Layr Labs, Inc. */ interface IIndexRegistry is IRegistry { // EVENTS // emitted when an operator's index in the ordered operator list for the quorum with number `quorumNumber` is updated event QuorumIndexUpdate(bytes32 indexed operatorId, uint8 quorumNumber, uint32 newOperatorIndex); // DATA STRUCTURES // struct used to give definitive ordering to operators at each blockNumber. struct OperatorUpdate { // blockNumber number from which `operatorIndex` was the operators index // the operator's index is the first entry such that `blockNumber >= entry.fromBlockNumber` uint32 fromBlockNumber; // the operator at this index bytes32 operatorId; } // struct used to denote the number of operators in a quorum at a given blockNumber struct QuorumUpdate { // The total number of operators at a `blockNumber` is the first entry such that `blockNumber >= entry.fromBlockNumber` uint32 fromBlockNumber; // The number of operators at `fromBlockNumber` uint32 numOperators; } /** * @notice Registers the operator with the specified `operatorId` for the quorums specified by `quorumNumbers`. * @param operatorId is the id of the operator that is being registered * @param quorumNumbers is the quorum numbers the operator is registered for * @return numOperatorsPerQuorum is a list of the number of operators (including the registering operator) in each of the quorums the operator is registered for * @dev access restricted to the RegistryCoordinator * @dev Preconditions (these are assumed, not validated in this contract): * 1) `quorumNumbers` has no duplicates * 2) `quorumNumbers.length` != 0 * 3) `quorumNumbers` is ordered in ascending order * 4) the operator is not already registered */ function registerOperator(bytes32 operatorId, bytes calldata quorumNumbers) external returns(uint32[] memory); /** * @notice Deregisters the operator with the specified `operatorId` for the quorums specified by `quorumNumbers`. * @param operatorId is the id of the operator that is being deregistered * @param quorumNumbers is the quorum numbers the operator is deregistered for * @dev access restricted to the RegistryCoordinator * @dev Preconditions (these are assumed, not validated in this contract): * 1) `quorumNumbers` has no duplicates * 2) `quorumNumbers.length` != 0 * 3) `quorumNumbers` is ordered in ascending order * 4) the operator is not already deregistered * 5) `quorumNumbers` is a subset of the quorumNumbers that the operator is registered for */ function deregisterOperator(bytes32 operatorId, bytes calldata quorumNumbers) external; /** * @notice Initialize a quorum by pushing its first quorum update * @param quorumNumber The number of the new quorum */ function initializeQuorum(uint8 quorumNumber) external; /// @notice Returns the OperatorUpdate entry for the specified `operatorIndex` and `quorumNumber` at the specified `arrayIndex` function getOperatorUpdateAtIndex( uint8 quorumNumber, uint32 operatorIndex, uint32 arrayIndex ) external view returns (OperatorUpdate memory); /// @notice Returns the QuorumUpdate entry for the specified `quorumNumber` at the specified `quorumIndex` function getQuorumUpdateAtIndex(uint8 quorumNumber, uint32 quorumIndex) external view returns (QuorumUpdate memory); /// @notice Returns the most recent OperatorUpdate entry for the specified quorumNumber and operatorIndex function getLatestOperatorUpdate(uint8 quorumNumber, uint32 operatorIndex) external view returns (OperatorUpdate memory); /// @notice Returns the most recent QuorumUpdate entry for the specified quorumNumber function getLatestQuorumUpdate(uint8 quorumNumber) external view returns (QuorumUpdate memory); /// @notice Returns the current number of operators of this service for `quorumNumber`. function totalOperatorsForQuorum(uint8 quorumNumber) external view returns (uint32); /// @notice Returns an ordered list of operators of the services for the given `quorumNumber` at the given `blockNumber` function getOperatorListAtBlockNumber(uint8 quorumNumber, uint32 blockNumber) external view returns (bytes32[] memory); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "./IStrategy.sol"; import "./ISignatureUtils.sol"; import "./IStrategyManager.sol"; /** * @title DelegationManager * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice This is the contract for delegation in EigenLayer. The main functionalities of this contract are * - enabling anyone to register as an operator in EigenLayer * - allowing operators to specify parameters related to stakers who delegate to them * - enabling any staker to delegate its stake to the operator of its choice (a given staker can only delegate to a single operator at a time) * - enabling a staker to undelegate its assets from the operator it is delegated to (performed as part of the withdrawal process, initiated through the StrategyManager) */ interface IDelegationManager is ISignatureUtils { // @notice Struct used for storing information about a single operator who has registered with EigenLayer struct OperatorDetails { // @notice address to receive the rewards that the operator earns via serving applications built on EigenLayer. address earningsReceiver; /** * @notice Address to verify signatures when a staker wishes to delegate to the operator, as well as controlling "forced undelegations". * @dev Signature verification follows these rules: * 1) If this address is left as address(0), then any staker will be free to delegate to the operator, i.e. no signature verification will be performed. * 2) If this address is an EOA (i.e. it has no code), then we follow standard ECDSA signature verification for delegations to the operator. * 3) If this address is a contract (i.e. it has code) then we forward a call to the contract and verify that it returns the correct EIP-1271 "magic value". */ address delegationApprover; /** * @notice A minimum delay -- measured in blocks -- enforced between: * 1) the operator signalling their intent to register for a service, via calling `Slasher.optIntoSlashing` * and * 2) the operator completing registration for the service, via the service ultimately calling `Slasher.recordFirstStakeUpdate` * @dev note that for a specific operator, this value *cannot decrease*, i.e. if the operator wishes to modify their OperatorDetails, * then they are only allowed to either increase this value or keep it the same. */ uint32 stakerOptOutWindowBlocks; } /** * @notice Abstract struct used in calculating an EIP712 signature for a staker to approve that they (the staker themselves) delegate to a specific operator. * @dev Used in computing the `STAKER_DELEGATION_TYPEHASH` and as a reference in the computation of the stakerDigestHash in the `delegateToBySignature` function. */ struct StakerDelegation { // the staker who is delegating address staker; // the operator being delegated to address operator; // the staker's nonce uint256 nonce; // the expiration timestamp (UTC) of the signature uint256 expiry; } /** * @notice Abstract struct used in calculating an EIP712 signature for an operator's delegationApprover to approve that a specific staker delegate to the operator. * @dev Used in computing the `DELEGATION_APPROVAL_TYPEHASH` and as a reference in the computation of the approverDigestHash in the `_delegate` function. */ struct DelegationApproval { // the staker who is delegating address staker; // the operator being delegated to address operator; // the operator's provided salt bytes32 salt; // the expiration timestamp (UTC) of the signature uint256 expiry; } /** * Struct type used to specify an existing queued withdrawal. Rather than storing the entire struct, only a hash is stored. * In functions that operate on existing queued withdrawals -- e.g. completeQueuedWithdrawal`, the data is resubmitted and the hash of the submitted * data is computed by `calculateWithdrawalRoot` and checked against the stored hash in order to confirm the integrity of the submitted data. */ struct Withdrawal { // The address that originated the Withdrawal address staker; // The address that the staker was delegated to at the time that the Withdrawal was created address delegatedTo; // The address that can complete the Withdrawal + will receive funds when completing the withdrawal address withdrawer; // Nonce used to guarantee that otherwise identical withdrawals have unique hashes uint256 nonce; // Block number when the Withdrawal was created uint32 startBlock; // Array of strategies that the Withdrawal contains IStrategy[] strategies; // Array containing the amount of shares in each Strategy in the `strategies` array uint256[] shares; } struct QueuedWithdrawalParams { // Array of strategies that the QueuedWithdrawal contains IStrategy[] strategies; // Array containing the amount of shares in each Strategy in the `strategies` array uint256[] shares; // The address of the withdrawer address withdrawer; } // @notice Emitted when a new operator registers in EigenLayer and provides their OperatorDetails. event OperatorRegistered(address indexed operator, OperatorDetails operatorDetails); /// @notice Emitted when an operator updates their OperatorDetails to @param newOperatorDetails event OperatorDetailsModified(address indexed operator, OperatorDetails newOperatorDetails); /** * @notice Emitted when @param operator indicates that they are updating their MetadataURI string * @dev Note that these strings are *never stored in storage* and are instead purely emitted in events for off-chain indexing */ event OperatorMetadataURIUpdated(address indexed operator, string metadataURI); /// @notice Emitted whenever an operator's shares are increased for a given strategy. Note that shares is the delta in the operator's shares. event OperatorSharesIncreased(address indexed operator, address staker, IStrategy strategy, uint256 shares); /// @notice Emitted whenever an operator's shares are decreased for a given strategy. Note that shares is the delta in the operator's shares. event OperatorSharesDecreased(address indexed operator, address staker, IStrategy strategy, uint256 shares); /// @notice Emitted when @param staker delegates to @param operator. event StakerDelegated(address indexed staker, address indexed operator); /// @notice Emitted when @param staker undelegates from @param operator. event StakerUndelegated(address indexed staker, address indexed operator); /// @notice Emitted when @param staker is undelegated via a call not originating from the staker themself event StakerForceUndelegated(address indexed staker, address indexed operator); /** * @notice Emitted when a new withdrawal is queued. * @param withdrawalRoot Is the hash of the `withdrawal`. * @param withdrawal Is the withdrawal itself. */ event WithdrawalQueued(bytes32 withdrawalRoot, Withdrawal withdrawal); /// @notice Emitted when a queued withdrawal is completed event WithdrawalCompleted(bytes32 withdrawalRoot); /// @notice Emitted when a queued withdrawal is *migrated* from the StrategyManager to the DelegationManager event WithdrawalMigrated(bytes32 oldWithdrawalRoot, bytes32 newWithdrawalRoot); /// @notice Emitted when the `minWithdrawalDelayBlocks` variable is modified from `previousValue` to `newValue`. event MinWithdrawalDelayBlocksSet(uint256 previousValue, uint256 newValue); /// @notice Emitted when the `strategyWithdrawalDelayBlocks` variable is modified from `previousValue` to `newValue`. event StrategyWithdrawalDelayBlocksSet(IStrategy strategy, uint256 previousValue, uint256 newValue); /** * @notice Registers the caller as an operator in EigenLayer. * @param registeringOperatorDetails is the `OperatorDetails` for the operator. * @param metadataURI is a URI for the operator's metadata, i.e. a link providing more details on the operator. * * @dev Once an operator is registered, they cannot 'deregister' as an operator, and they will forever be considered "delegated to themself". * @dev This function will revert if the caller attempts to set their `earningsReceiver` to address(0). * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event */ function registerAsOperator( OperatorDetails calldata registeringOperatorDetails, string calldata metadataURI ) external; /** * @notice Updates an operator's stored `OperatorDetails`. * @param newOperatorDetails is the updated `OperatorDetails` for the operator, to replace their current OperatorDetails`. * * @dev The caller must have previously registered as an operator in EigenLayer. * @dev This function will revert if the caller attempts to set their `earningsReceiver` to address(0). */ function modifyOperatorDetails(OperatorDetails calldata newOperatorDetails) external; /** * @notice Called by an operator to emit an `OperatorMetadataURIUpdated` event indicating the information has updated. * @param metadataURI The URI for metadata associated with an operator * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event */ function updateOperatorMetadataURI(string calldata metadataURI) external; /** * @notice Caller delegates their stake to an operator. * @param operator The account (`msg.sender`) is delegating its assets to for use in serving applications built on EigenLayer. * @param approverSignatureAndExpiry Verifies the operator approves of this delegation * @param approverSalt A unique single use value tied to an individual signature. * @dev The approverSignatureAndExpiry is used in the event that: * 1) the operator's `delegationApprover` address is set to a non-zero value. * AND * 2) neither the operator nor their `delegationApprover` is the `msg.sender`, since in the event that the operator * or their delegationApprover is the `msg.sender`, then approval is assumed. * @dev In the event that `approverSignatureAndExpiry` is not checked, its content is ignored entirely; it's recommended to use an empty input * in this case to save on complexity + gas costs */ function delegateTo( address operator, SignatureWithExpiry memory approverSignatureAndExpiry, bytes32 approverSalt ) external; /** * @notice Caller delegates a staker's stake to an operator with valid signatures from both parties. * @param staker The account delegating stake to an `operator` account * @param operator The account (`staker`) is delegating its assets to for use in serving applications built on EigenLayer. * @param stakerSignatureAndExpiry Signed data from the staker authorizing delegating stake to an operator * @param approverSignatureAndExpiry is a parameter that will be used for verifying that the operator approves of this delegation action in the event that: * @param approverSalt Is a salt used to help guarantee signature uniqueness. Each salt can only be used once by a given approver. * * @dev If `staker` is an EOA, then `stakerSignature` is verified to be a valid ECDSA stakerSignature from `staker`, indicating their intention for this action. * @dev If `staker` is a contract, then `stakerSignature` will be checked according to EIP-1271. * @dev the operator's `delegationApprover` address is set to a non-zero value. * @dev neither the operator nor their `delegationApprover` is the `msg.sender`, since in the event that the operator or their delegationApprover * is the `msg.sender`, then approval is assumed. * @dev This function will revert if the current `block.timestamp` is equal to or exceeds the expiry * @dev In the case that `approverSignatureAndExpiry` is not checked, its content is ignored entirely; it's recommended to use an empty input * in this case to save on complexity + gas costs */ function delegateToBySignature( address staker, address operator, SignatureWithExpiry memory stakerSignatureAndExpiry, SignatureWithExpiry memory approverSignatureAndExpiry, bytes32 approverSalt ) external; /** * @notice Undelegates the staker from the operator who they are delegated to. Puts the staker into the "undelegation limbo" mode of the EigenPodManager * and queues a withdrawal of all of the staker's shares in the StrategyManager (to the staker), if necessary. * @param staker The account to be undelegated. * @return withdrawalRoot The root of the newly queued withdrawal, if a withdrawal was queued. Otherwise just bytes32(0). * * @dev Reverts if the `staker` is also an operator, since operators are not allowed to undelegate from themselves. * @dev Reverts if the caller is not the staker, nor the operator who the staker is delegated to, nor the operator's specified "delegationApprover" * @dev Reverts if the `staker` is already undelegated. */ function undelegate(address staker) external returns (bytes32[] memory withdrawalRoot); /** * Allows a staker to withdraw some shares. Withdrawn shares/strategies are immediately removed * from the staker. If the staker is delegated, withdrawn shares/strategies are also removed from * their operator. * * All withdrawn shares/strategies are placed in a queue and can be fully withdrawn after a delay. */ function queueWithdrawals( QueuedWithdrawalParams[] calldata queuedWithdrawalParams ) external returns (bytes32[] memory); /** * @notice Used to complete the specified `withdrawal`. The caller must match `withdrawal.withdrawer` * @param withdrawal The Withdrawal to complete. * @param tokens Array in which the i-th entry specifies the `token` input to the 'withdraw' function of the i-th Strategy in the `withdrawal.strategies` array. * This input can be provided with zero length if `receiveAsTokens` is set to 'false' (since in that case, this input will be unused) * @param middlewareTimesIndex is the index in the operator that the staker who triggered the withdrawal was delegated to's middleware times array * @param receiveAsTokens If true, the shares specified in the withdrawal will be withdrawn from the specified strategies themselves * and sent to the caller, through calls to `withdrawal.strategies[i].withdraw`. If false, then the shares in the specified strategies * will simply be transferred to the caller directly. * @dev middlewareTimesIndex should be calculated off chain before calling this function by finding the first index that satisfies `slasher.canWithdraw` * @dev beaconChainETHStrategy shares are non-transferrable, so if `receiveAsTokens = false` and `withdrawal.withdrawer != withdrawal.staker`, note that * any beaconChainETHStrategy shares in the `withdrawal` will be _returned to the staker_, rather than transferred to the withdrawer, unlike shares in * any other strategies, which will be transferred to the withdrawer. */ function completeQueuedWithdrawal( Withdrawal calldata withdrawal, IERC20[] calldata tokens, uint256 middlewareTimesIndex, bool receiveAsTokens ) external; /** * @notice Array-ified version of `completeQueuedWithdrawal`. * Used to complete the specified `withdrawals`. The function caller must match `withdrawals[...].withdrawer` * @param withdrawals The Withdrawals to complete. * @param tokens Array of tokens for each Withdrawal. See `completeQueuedWithdrawal` for the usage of a single array. * @param middlewareTimesIndexes One index to reference per Withdrawal. See `completeQueuedWithdrawal` for the usage of a single index. * @param receiveAsTokens Whether or not to complete each withdrawal as tokens. See `completeQueuedWithdrawal` for the usage of a single boolean. * @dev See `completeQueuedWithdrawal` for relevant dev tags */ function completeQueuedWithdrawals( Withdrawal[] calldata withdrawals, IERC20[][] calldata tokens, uint256[] calldata middlewareTimesIndexes, bool[] calldata receiveAsTokens ) external; /** * @notice Increases a staker's delegated share balance in a strategy. * @param staker The address to increase the delegated shares for their operator. * @param strategy The strategy in which to increase the delegated shares. * @param shares The number of shares to increase. * * @dev *If the staker is actively delegated*, then increases the `staker`'s delegated shares in `strategy` by `shares`. Otherwise does nothing. * @dev Callable only by the StrategyManager or EigenPodManager. */ function increaseDelegatedShares( address staker, IStrategy strategy, uint256 shares ) external; /** * @notice Decreases a staker's delegated share balance in a strategy. * @param staker The address to increase the delegated shares for their operator. * @param strategy The strategy in which to decrease the delegated shares. * @param shares The number of shares to decrease. * * @dev *If the staker is actively delegated*, then decreases the `staker`'s delegated shares in `strategy` by `shares`. Otherwise does nothing. * @dev Callable only by the StrategyManager or EigenPodManager. */ function decreaseDelegatedShares( address staker, IStrategy strategy, uint256 shares ) external; /** * @notice returns the address of the operator that `staker` is delegated to. * @notice Mapping: staker => operator whom the staker is currently delegated to. * @dev Note that returning address(0) indicates that the staker is not actively delegated to any operator. */ function delegatedTo(address staker) external view returns (address); /** * @notice Returns the OperatorDetails struct associated with an `operator`. */ function operatorDetails(address operator) external view returns (OperatorDetails memory); /* * @notice Returns the earnings receiver address for an operator */ function earningsReceiver(address operator) external view returns (address); /** * @notice Returns the delegationApprover account for an operator */ function delegationApprover(address operator) external view returns (address); /** * @notice Returns the stakerOptOutWindowBlocks for an operator */ function stakerOptOutWindowBlocks(address operator) external view returns (uint256); /** * @notice Given array of strategies, returns array of shares for the operator */ function getOperatorShares( address operator, IStrategy[] memory strategies ) external view returns (uint256[] memory); /** * @notice Given a list of strategies, return the minimum number of blocks that must pass to withdraw * from all the inputted strategies. Return value is >= minWithdrawalDelayBlocks as this is the global min withdrawal delay. * @param strategies The strategies to check withdrawal delays for */ function getWithdrawalDelay(IStrategy[] calldata strategies) external view returns (uint256); /** * @notice returns the total number of shares in `strategy` that are delegated to `operator`. * @notice Mapping: operator => strategy => total number of shares in the strategy delegated to the operator. * @dev By design, the following invariant should hold for each Strategy: * (operator's shares in delegation manager) = sum (shares above zero of all stakers delegated to operator) * = sum (delegateable shares of all stakers delegated to the operator) */ function operatorShares(address operator, IStrategy strategy) external view returns (uint256); /** * @notice Returns 'true' if `staker` *is* actively delegated, and 'false' otherwise. */ function isDelegated(address staker) external view returns (bool); /** * @notice Returns true is an operator has previously registered for delegation. */ function isOperator(address operator) external view returns (bool); /// @notice Mapping: staker => number of signed delegation nonces (used in `delegateToBySignature`) from the staker that the contract has already checked function stakerNonce(address staker) external view returns (uint256); /** * @notice Mapping: delegationApprover => 32-byte salt => whether or not the salt has already been used by the delegationApprover. * @dev Salts are used in the `delegateTo` and `delegateToBySignature` functions. Note that these functions only process the delegationApprover's * signature + the provided salt if the operator being delegated to has specified a nonzero address as their `delegationApprover`. */ function delegationApproverSaltIsSpent(address _delegationApprover, bytes32 salt) external view returns (bool); /** * @notice Minimum delay enforced by this contract for completing queued withdrawals. Measured in blocks, and adjustable by this contract's owner, * up to a maximum of `MAX_WITHDRAWAL_DELAY_BLOCKS`. Minimum value is 0 (i.e. no delay enforced). * Note that strategies each have a separate withdrawal delay, which can be greater than this value. So the minimum number of blocks that must pass * to withdraw a strategy is MAX(minWithdrawalDelayBlocks, strategyWithdrawalDelayBlocks[strategy]) */ function minWithdrawalDelayBlocks() external view returns (uint256); /** * @notice Minimum delay enforced by this contract per Strategy for completing queued withdrawals. Measured in blocks, and adjustable by this contract's owner, * up to a maximum of `MAX_WITHDRAWAL_DELAY_BLOCKS`. Minimum value is 0 (i.e. no delay enforced). */ function strategyWithdrawalDelayBlocks(IStrategy strategy) external view returns (uint256); /** * @notice Calculates the digestHash for a `staker` to sign to delegate to an `operator` * @param staker The signing staker * @param operator The operator who is being delegated to * @param expiry The desired expiry time of the staker's signature */ function calculateCurrentStakerDelegationDigestHash( address staker, address operator, uint256 expiry ) external view returns (bytes32); /** * @notice Calculates the digest hash to be signed and used in the `delegateToBySignature` function * @param staker The signing staker * @param _stakerNonce The nonce of the staker. In practice we use the staker's current nonce, stored at `stakerNonce[staker]` * @param operator The operator who is being delegated to * @param expiry The desired expiry time of the staker's signature */ function calculateStakerDelegationDigestHash( address staker, uint256 _stakerNonce, address operator, uint256 expiry ) external view returns (bytes32); /** * @notice Calculates the digest hash to be signed by the operator's delegationApprove and used in the `delegateTo` and `delegateToBySignature` functions. * @param staker The account delegating their stake * @param operator The account receiving delegated stake * @param _delegationApprover the operator's `delegationApprover` who will be signing the delegationHash (in general) * @param approverSalt A unique and single use value associated with the approver signature. * @param expiry Time after which the approver's signature becomes invalid */ function calculateDelegationApprovalDigestHash( address staker, address operator, address _delegationApprover, bytes32 approverSalt, uint256 expiry ) external view returns (bytes32); /// @notice The EIP-712 typehash for the contract's domain function DOMAIN_TYPEHASH() external view returns (bytes32); /// @notice The EIP-712 typehash for the StakerDelegation struct used by the contract function STAKER_DELEGATION_TYPEHASH() external view returns (bytes32); /// @notice The EIP-712 typehash for the DelegationApproval struct used by the contract function DELEGATION_APPROVAL_TYPEHASH() external view returns (bytes32); /** * @notice Getter function for the current EIP-712 domain separator for this contract. * * @dev The domain separator will change in the event of a fork that changes the ChainID. * @dev By introducing a domain separator the DApp developers are guaranteed that there can be no signature collision. * for more detailed information please read EIP-712. */ function domainSeparator() external view returns (bytes32); /// @notice Mapping: staker => cumulative number of queued withdrawals they have ever initiated. /// @dev This only increments (doesn't decrement), and is used to help ensure that otherwise identical withdrawals have unique hashes. function cumulativeWithdrawalsQueued(address staker) external view returns (uint256); /// @notice Returns the keccak256 hash of `withdrawal`. function calculateWithdrawalRoot(Withdrawal memory withdrawal) external pure returns (bytes32); function migrateQueuedWithdrawals(IStrategyManager.DeprecatedStruct_QueuedWithdrawal[] memory withdrawalsToQueue) external; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; /** * @title Minimal interface for an `Strategy` contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Custom `Strategy` implementations may expand extensively on this interface. */ interface IStrategy { /** * @notice Used to deposit tokens into this Strategy * @param token is the ERC20 token being deposited * @param amount is the amount of token being deposited * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's * `depositIntoStrategy` function, and individual share balances are recorded in the strategyManager as well. * @return newShares is the number of new shares issued at the current exchange ratio. */ function deposit(IERC20 token, uint256 amount) external returns (uint256); /** * @notice Used to withdraw tokens from this Strategy, to the `recipient`'s address * @param recipient is the address to receive the withdrawn funds * @param token is the ERC20 token being transferred out * @param amountShares is the amount of shares being withdrawn * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's * other functions, and individual share balances are recorded in the strategyManager as well. */ function withdraw(address recipient, IERC20 token, uint256 amountShares) external; /** * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy. * @notice In contrast to `sharesToUnderlyingView`, this function **may** make state modifications * @param amountShares is the amount of shares to calculate its conversion into the underlying token * @return The amount of underlying tokens corresponding to the input `amountShares` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function sharesToUnderlying(uint256 amountShares) external returns (uint256); /** * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy. * @notice In contrast to `underlyingToSharesView`, this function **may** make state modifications * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares * @return The amount of underlying tokens corresponding to the input `amountShares` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function underlyingToShares(uint256 amountUnderlying) external returns (uint256); /** * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in * this strategy. In contrast to `userUnderlyingView`, this function **may** make state modifications */ function userUnderlying(address user) external returns (uint256); /** * @notice convenience function for fetching the current total shares of `user` in this strategy, by * querying the `strategyManager` contract */ function shares(address user) external view returns (uint256); /** * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy. * @notice In contrast to `sharesToUnderlying`, this function guarantees no state modifications * @param amountShares is the amount of shares to calculate its conversion into the underlying token * @return The amount of shares corresponding to the input `amountUnderlying` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function sharesToUnderlyingView(uint256 amountShares) external view returns (uint256); /** * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy. * @notice In contrast to `underlyingToShares`, this function guarantees no state modifications * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares * @return The amount of shares corresponding to the input `amountUnderlying` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function underlyingToSharesView(uint256 amountUnderlying) external view returns (uint256); /** * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in * this strategy. In contrast to `userUnderlying`, this function guarantees no state modifications */ function userUnderlyingView(address user) external view returns (uint256); /// @notice The underlying token for shares in this Strategy function underlyingToken() external view returns (IERC20); /// @notice The total number of extant shares in this Strategy function totalShares() external view returns (uint256); /// @notice Returns either a brief string explaining the strategy's goal & purpose, or a link to metadata that explains in more detail. function explanation() external view returns (string memory); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; /** * @title Minimal interface for a `Registry`-type contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Functions related to the registration process itself have been intentionally excluded * because their function signatures may vary significantly. */ interface IRegistry { function registryCoordinator() external view returns (address); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (utils/Context.sol) pragma solidity ^0.8.0; import "../proxy/utils/Initializable.sol"; /** * @dev Provides information about the current execution context, including the * sender of the transaction and its data. While these are generally available * via msg.sender and msg.data, they should not be accessed in such a direct * manner, since when dealing with meta-transactions the account sending and * paying for execution may not be the actual sender (as far as an application * is concerned). * * This contract is only required for intermediate, library-like contracts. */ abstract contract ContextUpgradeable is Initializable { function __Context_init() internal onlyInitializing { } function __Context_init_unchained() internal onlyInitializing { } function _msgSender() internal view virtual returns (address) { return msg.sender; } function _msgData() internal view virtual returns (bytes calldata) { return msg.data; } /** * @dev This empty reserved space is put in place to allow future versions to add new * variables without shifting down storage in the inheritance chain. * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps */ uint256[50] private __gap; }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.7.0) (proxy/utils/Initializable.sol) pragma solidity ^0.8.2; import "../../utils/AddressUpgradeable.sol"; /** * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect. * * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be * reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in * case an upgrade adds a module that needs to be initialized. * * For example: * * [.hljs-theme-light.nopadding] * ``` * contract MyToken is ERC20Upgradeable { * function initialize() initializer public { * __ERC20_init("MyToken", "MTK"); * } * } * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable { * function initializeV2() reinitializer(2) public { * __ERC20Permit_init("MyToken"); * } * } * ``` * * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}. * * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity. * * [CAUTION] * ==== * Avoid leaving a contract uninitialized. * * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed: * * [.hljs-theme-light.nopadding] * ``` * /// @custom:oz-upgrades-unsafe-allow constructor * constructor() { * _disableInitializers(); * } * ``` * ==== */ abstract contract Initializable { /** * @dev Indicates that the contract has been initialized. * @custom:oz-retyped-from bool */ uint8 private _initialized; /** * @dev Indicates that the contract is in the process of being initialized. */ bool private _initializing; /** * @dev Triggered when the contract has been initialized or reinitialized. */ event Initialized(uint8 version); /** * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope, * `onlyInitializing` functions can be used to initialize parent contracts. Equivalent to `reinitializer(1)`. */ modifier initializer() { bool isTopLevelCall = !_initializing; require( (isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1), "Initializable: contract is already initialized" ); _initialized = 1; if (isTopLevelCall) { _initializing = true; } _; if (isTopLevelCall) { _initializing = false; emit Initialized(1); } } /** * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be * used to initialize parent contracts. * * `initializer` is equivalent to `reinitializer(1)`, so a reinitializer may be used after the original * initialization step. This is essential to configure modules that are added through upgrades and that require * initialization. * * Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in * a contract, executing them in the right order is up to the developer or operator. */ modifier reinitializer(uint8 version) { require(!_initializing && _initialized < version, "Initializable: contract is already initialized"); _initialized = version; _initializing = true; _; _initializing = false; emit Initialized(version); } /** * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the * {initializer} and {reinitializer} modifiers, directly or indirectly. */ modifier onlyInitializing() { require(_initializing, "Initializable: contract is not initializing"); _; } /** * @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call. * Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized * to any version. It is recommended to use this to lock implementation contracts that are designed to be called * through proxies. */ function _disableInitializers() internal virtual { require(!_initializing, "Initializable: contract is initializing"); if (_initialized < type(uint8).max) { _initialized = type(uint8).max; emit Initialized(type(uint8).max); } } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "./IStrategy.sol"; import "./ISlasher.sol"; import "./IDelegationManager.sol"; import "./IEigenPodManager.sol"; /** * @title Interface for the primary entrypoint for funds into EigenLayer. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice See the `StrategyManager` contract itself for implementation details. */ interface IStrategyManager { /** * @notice Emitted when a new deposit occurs on behalf of `staker`. * @param staker Is the staker who is depositing funds into EigenLayer. * @param strategy Is the strategy that `staker` has deposited into. * @param token Is the token that `staker` deposited. * @param shares Is the number of new shares `staker` has been granted in `strategy`. */ event Deposit(address staker, IERC20 token, IStrategy strategy, uint256 shares); /// @notice Emitted when `thirdPartyTransfersForbidden` is updated for a strategy and value by the owner event UpdatedThirdPartyTransfersForbidden(IStrategy strategy, bool value); /// @notice Emitted when the `strategyWhitelister` is changed event StrategyWhitelisterChanged(address previousAddress, address newAddress); /// @notice Emitted when a strategy is added to the approved list of strategies for deposit event StrategyAddedToDepositWhitelist(IStrategy strategy); /// @notice Emitted when a strategy is removed from the approved list of strategies for deposit event StrategyRemovedFromDepositWhitelist(IStrategy strategy); /** * @notice Deposits `amount` of `token` into the specified `strategy`, with the resultant shares credited to `msg.sender` * @param strategy is the specified strategy where deposit is to be made, * @param token is the denomination in which the deposit is to be made, * @param amount is the amount of token to be deposited in the strategy by the staker * @return shares The amount of new shares in the `strategy` created as part of the action. * @dev The `msg.sender` must have previously approved this contract to transfer at least `amount` of `token` on their behalf. * @dev Cannot be called by an address that is 'frozen' (this function will revert if the `msg.sender` is frozen). * * WARNING: Depositing tokens that allow reentrancy (eg. ERC-777) into a strategy is not recommended. This can lead to attack vectors * where the token balance and corresponding strategy shares are not in sync upon reentrancy. */ function depositIntoStrategy(IStrategy strategy, IERC20 token, uint256 amount) external returns (uint256 shares); /** * @notice Used for depositing an asset into the specified strategy with the resultant shares credited to `staker`, * who must sign off on the action. * Note that the assets are transferred out/from the `msg.sender`, not from the `staker`; this function is explicitly designed * purely to help one address deposit 'for' another. * @param strategy is the specified strategy where deposit is to be made, * @param token is the denomination in which the deposit is to be made, * @param amount is the amount of token to be deposited in the strategy by the staker * @param staker the staker that the deposited assets will be credited to * @param expiry the timestamp at which the signature expires * @param signature is a valid signature from the `staker`. either an ECDSA signature if the `staker` is an EOA, or data to forward * following EIP-1271 if the `staker` is a contract * @return shares The amount of new shares in the `strategy` created as part of the action. * @dev The `msg.sender` must have previously approved this contract to transfer at least `amount` of `token` on their behalf. * @dev A signature is required for this function to eliminate the possibility of griefing attacks, specifically those * targeting stakers who may be attempting to undelegate. * @dev Cannot be called if thirdPartyTransfersForbidden is set to true for this strategy * * WARNING: Depositing tokens that allow reentrancy (eg. ERC-777) into a strategy is not recommended. This can lead to attack vectors * where the token balance and corresponding strategy shares are not in sync upon reentrancy */ function depositIntoStrategyWithSignature( IStrategy strategy, IERC20 token, uint256 amount, address staker, uint256 expiry, bytes memory signature ) external returns (uint256 shares); /// @notice Used by the DelegationManager to remove a Staker's shares from a particular strategy when entering the withdrawal queue function removeShares(address staker, IStrategy strategy, uint256 shares) external; /// @notice Used by the DelegationManager to award a Staker some shares that have passed through the withdrawal queue function addShares(address staker, IERC20 token, IStrategy strategy, uint256 shares) external; /// @notice Used by the DelegationManager to convert withdrawn shares to tokens and send them to a recipient function withdrawSharesAsTokens(address recipient, IStrategy strategy, uint256 shares, IERC20 token) external; /// @notice Returns the current shares of `user` in `strategy` function stakerStrategyShares(address user, IStrategy strategy) external view returns (uint256 shares); /** * @notice Get all details on the staker's deposits and corresponding shares * @return (staker's strategies, shares in these strategies) */ function getDeposits(address staker) external view returns (IStrategy[] memory, uint256[] memory); /// @notice Simple getter function that returns `stakerStrategyList[staker].length`. function stakerStrategyListLength(address staker) external view returns (uint256); /** * @notice Owner-only function that adds the provided Strategies to the 'whitelist' of strategies that stakers can deposit into * @param strategiesToWhitelist Strategies that will be added to the `strategyIsWhitelistedForDeposit` mapping (if they aren't in it already) * @param thirdPartyTransfersForbiddenValues bool values to set `thirdPartyTransfersForbidden` to for each strategy */ function addStrategiesToDepositWhitelist( IStrategy[] calldata strategiesToWhitelist, bool[] calldata thirdPartyTransfersForbiddenValues ) external; /** * @notice Owner-only function that removes the provided Strategies from the 'whitelist' of strategies that stakers can deposit into * @param strategiesToRemoveFromWhitelist Strategies that will be removed to the `strategyIsWhitelistedForDeposit` mapping (if they are in it) */ function removeStrategiesFromDepositWhitelist(IStrategy[] calldata strategiesToRemoveFromWhitelist) external; /// @notice Returns the single, central Delegation contract of EigenLayer function delegation() external view returns (IDelegationManager); /// @notice Returns the single, central Slasher contract of EigenLayer function slasher() external view returns (ISlasher); /// @notice Returns the EigenPodManager contract of EigenLayer function eigenPodManager() external view returns (IEigenPodManager); /// @notice Returns the address of the `strategyWhitelister` function strategyWhitelister() external view returns (address); /** * @notice Returns bool for whether or not `strategy` enables credit transfers. i.e enabling * depositIntoStrategyWithSignature calls or queueing withdrawals to a different address than the staker. */ function thirdPartyTransfersForbidden(IStrategy strategy) external view returns (bool); // LIMITED BACKWARDS-COMPATIBILITY FOR DEPRECATED FUNCTIONALITY // packed struct for queued withdrawals; helps deal with stack-too-deep errors struct DeprecatedStruct_WithdrawerAndNonce { address withdrawer; uint96 nonce; } /** * Struct type used to specify an existing queued withdrawal. Rather than storing the entire struct, only a hash is stored. * In functions that operate on existing queued withdrawals -- e.g. `startQueuedWithdrawalWaitingPeriod` or `completeQueuedWithdrawal`, * the data is resubmitted and the hash of the submitted data is computed by `calculateWithdrawalRoot` and checked against the * stored hash in order to confirm the integrity of the submitted data. */ struct DeprecatedStruct_QueuedWithdrawal { IStrategy[] strategies; uint256[] shares; address staker; DeprecatedStruct_WithdrawerAndNonce withdrawerAndNonce; uint32 withdrawalStartBlock; address delegatedAddress; } function migrateQueuedWithdrawal(DeprecatedStruct_QueuedWithdrawal memory queuedWithdrawal) external returns (bool, bytes32); function calculateWithdrawalRoot(DeprecatedStruct_QueuedWithdrawal memory queuedWithdrawal) external pure returns (bytes32); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC20 standard as defined in the EIP. */ interface IERC20 { /** * @dev Emitted when `value` tokens are moved from one account (`from`) to * another (`to`). * * Note that `value` may be zero. */ event Transfer(address indexed from, address indexed to, uint256 value); /** * @dev Emitted when the allowance of a `spender` for an `owner` is set by * a call to {approve}. `value` is the new allowance. */ event Approval(address indexed owner, address indexed spender, uint256 value); /** * @dev Returns the amount of tokens in existence. */ function totalSupply() external view returns (uint256); /** * @dev Returns the amount of tokens owned by `account`. */ function balanceOf(address account) external view returns (uint256); /** * @dev Moves `amount` tokens from the caller's account to `to`. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transfer(address to, uint256 amount) external returns (bool); /** * @dev Returns the remaining number of tokens that `spender` will be * allowed to spend on behalf of `owner` through {transferFrom}. This is * zero by default. * * This value changes when {approve} or {transferFrom} are called. */ function allowance(address owner, address spender) external view returns (uint256); /** * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. * * Returns a boolean value indicating whether the operation succeeded. * * IMPORTANT: Beware that changing an allowance with this method brings the risk * that someone may use both the old and the new allowance by unfortunate * transaction ordering. One possible solution to mitigate this race * condition is to first reduce the spender's allowance to 0 and set the * desired value afterwards: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * * Emits an {Approval} event. */ function approve(address spender, uint256 amount) external returns (bool); /** * @dev Moves `amount` tokens from `from` to `to` using the * allowance mechanism. `amount` is then deducted from the caller's * allowance. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transferFrom( address from, address to, uint256 amount ) external returns (bool); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.7.0) (utils/Address.sol) pragma solidity ^0.8.1; /** * @dev Collection of functions related to the address type */ library AddressUpgradeable { /** * @dev Returns true if `account` is a contract. * * [IMPORTANT] * ==== * It is unsafe to assume that an address for which this function returns * false is an externally-owned account (EOA) and not a contract. * * Among others, `isContract` will return false for the following * types of addresses: * * - an externally-owned account * - a contract in construction * - an address where a contract will be created * - an address where a contract lived, but was destroyed * ==== * * [IMPORTANT] * ==== * You shouldn't rely on `isContract` to protect against flash loan attacks! * * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract * constructor. * ==== */ function isContract(address account) internal view returns (bool) { // This method relies on extcodesize/address.code.length, which returns 0 // for contracts in construction, since the code is only stored at the end // of the constructor execution. return account.code.length > 0; } /** * @dev Replacement for Solidity's `transfer`: sends `amount` wei to * `recipient`, forwarding all available gas and reverting on errors. * * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost * of certain opcodes, possibly making contracts go over the 2300 gas limit * imposed by `transfer`, making them unable to receive funds via * `transfer`. {sendValue} removes this limitation. * * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more]. * * IMPORTANT: because control is transferred to `recipient`, care must be * taken to not create reentrancy vulnerabilities. Consider using * {ReentrancyGuard} or the * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. */ function sendValue(address payable recipient, uint256 amount) internal { require(address(this).balance >= amount, "Address: insufficient balance"); (bool success, ) = recipient.call{value: amount}(""); require(success, "Address: unable to send value, recipient may have reverted"); } /** * @dev Performs a Solidity function call using a low level `call`. A * plain `call` is an unsafe replacement for a function call: use this * function instead. * * If `target` reverts with a revert reason, it is bubbled up by this * function (like regular Solidity function calls). * * Returns the raw returned data. To convert to the expected return value, * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. * * Requirements: * * - `target` must be a contract. * - calling `target` with `data` must not revert. * * _Available since v3.1._ */ function functionCall(address target, bytes memory data) internal returns (bytes memory) { return functionCall(target, data, "Address: low-level call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with * `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCall( address target, bytes memory data, string memory errorMessage ) internal returns (bytes memory) { return functionCallWithValue(target, data, 0, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but also transferring `value` wei to `target`. * * Requirements: * * - the calling contract must have an ETH balance of at least `value`. * - the called Solidity function must be `payable`. * * _Available since v3.1._ */ function functionCallWithValue( address target, bytes memory data, uint256 value ) internal returns (bytes memory) { return functionCallWithValue(target, data, value, "Address: low-level call with value failed"); } /** * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but * with `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCallWithValue( address target, bytes memory data, uint256 value, string memory errorMessage ) internal returns (bytes memory) { require(address(this).balance >= value, "Address: insufficient balance for call"); require(isContract(target), "Address: call to non-contract"); (bool success, bytes memory returndata) = target.call{value: value}(data); return verifyCallResult(success, returndata, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) { return functionStaticCall(target, data, "Address: low-level static call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall( address target, bytes memory data, string memory errorMessage ) internal view returns (bytes memory) { require(isContract(target), "Address: static call to non-contract"); (bool success, bytes memory returndata) = target.staticcall(data); return verifyCallResult(success, returndata, errorMessage); } /** * @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the * revert reason using the provided one. * * _Available since v4.3._ */ function verifyCallResult( bool success, bytes memory returndata, string memory errorMessage ) internal pure returns (bytes memory) { if (success) { return returndata; } else { // Look for revert reason and bubble it up if present if (returndata.length > 0) { // The easiest way to bubble the revert reason is using memory via assembly /// @solidity memory-safe-assembly assembly { let returndata_size := mload(returndata) revert(add(32, returndata), returndata_size) } } else { revert(errorMessage); } } } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "./IStrategyManager.sol"; import "./IDelegationManager.sol"; /** * @title Interface for the primary 'slashing' contract for EigenLayer. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice See the `Slasher` contract itself for implementation details. */ interface ISlasher { // struct used to store information about the current state of an operator's obligations to middlewares they are serving struct MiddlewareTimes { // The update block for the middleware whose most recent update was earliest, i.e. the 'stalest' update out of all middlewares the operator is serving uint32 stalestUpdateBlock; // The latest 'serveUntilBlock' from all of the middleware that the operator is serving uint32 latestServeUntilBlock; } // struct used to store details relevant to a single middleware that an operator has opted-in to serving struct MiddlewareDetails { // the block at which the contract begins being able to finalize the operator's registration with the service via calling `recordFirstStakeUpdate` uint32 registrationMayBeginAtBlock; // the block before which the contract is allowed to slash the user uint32 contractCanSlashOperatorUntilBlock; // the block at which the middleware's view of the operator's stake was most recently updated uint32 latestUpdateBlock; } /// @notice Emitted when a middleware times is added to `operator`'s array. event MiddlewareTimesAdded( address operator, uint256 index, uint32 stalestUpdateBlock, uint32 latestServeUntilBlock ); /// @notice Emitted when `operator` begins to allow `contractAddress` to slash them. event OptedIntoSlashing(address indexed operator, address indexed contractAddress); /// @notice Emitted when `contractAddress` signals that it will no longer be able to slash `operator` after the `contractCanSlashOperatorUntilBlock`. event SlashingAbilityRevoked( address indexed operator, address indexed contractAddress, uint32 contractCanSlashOperatorUntilBlock ); /** * @notice Emitted when `slashingContract` 'freezes' the `slashedOperator`. * @dev The `slashingContract` must have permission to slash the `slashedOperator`, i.e. `canSlash(slasherOperator, slashingContract)` must return 'true'. */ event OperatorFrozen(address indexed slashedOperator, address indexed slashingContract); /// @notice Emitted when `previouslySlashedAddress` is 'unfrozen', allowing them to again move deposited funds within EigenLayer. event FrozenStatusReset(address indexed previouslySlashedAddress); /** * @notice Gives the `contractAddress` permission to slash the funds of the caller. * @dev Typically, this function must be called prior to registering for a middleware. */ function optIntoSlashing(address contractAddress) external; /** * @notice Used for 'slashing' a certain operator. * @param toBeFrozen The operator to be frozen. * @dev Technically the operator is 'frozen' (hence the name of this function), and then subject to slashing pending a decision by a human-in-the-loop. * @dev The operator must have previously given the caller (which should be a contract) the ability to slash them, through a call to `optIntoSlashing`. */ function freezeOperator(address toBeFrozen) external; /** * @notice Removes the 'frozen' status from each of the `frozenAddresses` * @dev Callable only by the contract owner (i.e. governance). */ function resetFrozenStatus(address[] calldata frozenAddresses) external; /** * @notice this function is a called by middlewares during an operator's registration to make sure the operator's stake at registration * is slashable until serveUntil * @param operator the operator whose stake update is being recorded * @param serveUntilBlock the block until which the operator's stake at the current block is slashable * @dev adds the middleware's slashing contract to the operator's linked list */ function recordFirstStakeUpdate(address operator, uint32 serveUntilBlock) external; /** * @notice this function is a called by middlewares during a stake update for an operator (perhaps to free pending withdrawals) * to make sure the operator's stake at updateBlock is slashable until serveUntil * @param operator the operator whose stake update is being recorded * @param updateBlock the block for which the stake update is being recorded * @param serveUntilBlock the block until which the operator's stake at updateBlock is slashable * @param insertAfter the element of the operators linked list that the currently updating middleware should be inserted after * @dev insertAfter should be calculated offchain before making the transaction that calls this. this is subject to race conditions, * but it is anticipated to be rare and not detrimental. */ function recordStakeUpdate( address operator, uint32 updateBlock, uint32 serveUntilBlock, uint256 insertAfter ) external; /** * @notice this function is a called by middlewares during an operator's deregistration to make sure the operator's stake at deregistration * is slashable until serveUntil * @param operator the operator whose stake update is being recorded * @param serveUntilBlock the block until which the operator's stake at the current block is slashable * @dev removes the middleware's slashing contract to the operator's linked list and revokes the middleware's (i.e. caller's) ability to * slash `operator` once `serveUntil` is reached */ function recordLastStakeUpdateAndRevokeSlashingAbility(address operator, uint32 serveUntilBlock) external; /// @notice The StrategyManager contract of EigenLayer function strategyManager() external view returns (IStrategyManager); /// @notice The DelegationManager contract of EigenLayer function delegation() external view returns (IDelegationManager); /** * @notice Used to determine whether `staker` is actively 'frozen'. If a staker is frozen, then they are potentially subject to * slashing of their funds, and cannot cannot deposit or withdraw from the strategyManager until the slashing process is completed * and the staker's status is reset (to 'unfrozen'). * @param staker The staker of interest. * @return Returns 'true' if `staker` themselves has their status set to frozen, OR if the staker is delegated * to an operator who has their status set to frozen. Otherwise returns 'false'. */ function isFrozen(address staker) external view returns (bool); /// @notice Returns true if `slashingContract` is currently allowed to slash `toBeSlashed`. function canSlash(address toBeSlashed, address slashingContract) external view returns (bool); /// @notice Returns the block until which `serviceContract` is allowed to slash the `operator`. function contractCanSlashOperatorUntilBlock( address operator, address serviceContract ) external view returns (uint32); /// @notice Returns the block at which the `serviceContract` last updated its view of the `operator`'s stake function latestUpdateBlock(address operator, address serviceContract) external view returns (uint32); /// @notice A search routine for finding the correct input value of `insertAfter` to `recordStakeUpdate` / `_updateMiddlewareList`. function getCorrectValueForInsertAfter(address operator, uint32 updateBlock) external view returns (uint256); /** * @notice Returns 'true' if `operator` can currently complete a withdrawal started at the `withdrawalStartBlock`, with `middlewareTimesIndex` used * to specify the index of a `MiddlewareTimes` struct in the operator's list (i.e. an index in `operatorToMiddlewareTimes[operator]`). The specified * struct is consulted as proof of the `operator`'s ability (or lack thereof) to complete the withdrawal. * This function will return 'false' if the operator cannot currently complete a withdrawal started at the `withdrawalStartBlock`, *or* in the event * that an incorrect `middlewareTimesIndex` is supplied, even if one or more correct inputs exist. * @param operator Either the operator who queued the withdrawal themselves, or if the withdrawing party is a staker who delegated to an operator, * this address is the operator *who the staker was delegated to* at the time of the `withdrawalStartBlock`. * @param withdrawalStartBlock The block number at which the withdrawal was initiated. * @param middlewareTimesIndex Indicates an index in `operatorToMiddlewareTimes[operator]` to consult as proof of the `operator`'s ability to withdraw * @dev The correct `middlewareTimesIndex` input should be computable off-chain. */ function canWithdraw( address operator, uint32 withdrawalStartBlock, uint256 middlewareTimesIndex ) external returns (bool); /** * operator => * [ * ( * the least recent update block of all of the middlewares it's serving/served, * latest time that the stake bonded at that update needed to serve until * ) * ] */ function operatorToMiddlewareTimes( address operator, uint256 arrayIndex ) external view returns (MiddlewareTimes memory); /// @notice Getter function for fetching `operatorToMiddlewareTimes[operator].length` function middlewareTimesLength(address operator) external view returns (uint256); /// @notice Getter function for fetching `operatorToMiddlewareTimes[operator][index].stalestUpdateBlock`. function getMiddlewareTimesIndexStalestUpdateBlock(address operator, uint32 index) external view returns (uint32); /// @notice Getter function for fetching `operatorToMiddlewareTimes[operator][index].latestServeUntil`. function getMiddlewareTimesIndexServeUntilBlock(address operator, uint32 index) external view returns (uint32); /// @notice Getter function for fetching `_operatorToWhitelistedContractsByUpdate[operator].size`. function operatorWhitelistedContractsLinkedListSize(address operator) external view returns (uint256); /// @notice Getter function for fetching a single node in the operator's linked list (`_operatorToWhitelistedContractsByUpdate[operator]`). function operatorWhitelistedContractsLinkedListEntry( address operator, address node ) external view returns (bool, uint256, uint256); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "@openzeppelin/contracts/proxy/beacon/IBeacon.sol"; import "./IETHPOSDeposit.sol"; import "./IStrategyManager.sol"; import "./IEigenPod.sol"; import "./IBeaconChainOracle.sol"; import "./IPausable.sol"; import "./ISlasher.sol"; import "./IStrategy.sol"; /** * @title Interface for factory that creates and manages solo staking pods that have their withdrawal credentials pointed to EigenLayer. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service */ interface IEigenPodManager is IPausable { /// @notice Emitted to notify the update of the beaconChainOracle address event BeaconOracleUpdated(address indexed newOracleAddress); /// @notice Emitted to notify the deployment of an EigenPod event PodDeployed(address indexed eigenPod, address indexed podOwner); /// @notice Emitted to notify a deposit of beacon chain ETH recorded in the strategy manager event BeaconChainETHDeposited(address indexed podOwner, uint256 amount); /// @notice Emitted when the balance of an EigenPod is updated event PodSharesUpdated(address indexed podOwner, int256 sharesDelta); /// @notice Emitted when a withdrawal of beacon chain ETH is completed event BeaconChainETHWithdrawalCompleted( address indexed podOwner, uint256 shares, uint96 nonce, address delegatedAddress, address withdrawer, bytes32 withdrawalRoot ); event DenebForkTimestampUpdated(uint64 newValue); /** * @notice Creates an EigenPod for the sender. * @dev Function will revert if the `msg.sender` already has an EigenPod. * @dev Returns EigenPod address */ function createPod() external returns (address); /** * @notice Stakes for a new beacon chain validator on the sender's EigenPod. * Also creates an EigenPod for the sender if they don't have one already. * @param pubkey The 48 bytes public key of the beacon chain validator. * @param signature The validator's signature of the deposit data. * @param depositDataRoot The root/hash of the deposit data for the validator's deposit. */ function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable; /** * @notice Changes the `podOwner`'s shares by `sharesDelta` and performs a call to the DelegationManager * to ensure that delegated shares are also tracked correctly * @param podOwner is the pod owner whose balance is being updated. * @param sharesDelta is the change in podOwner's beaconChainETHStrategy shares * @dev Callable only by the podOwner's EigenPod contract. * @dev Reverts if `sharesDelta` is not a whole Gwei amount */ function recordBeaconChainETHBalanceUpdate(address podOwner, int256 sharesDelta) external; /** * @notice Updates the oracle contract that provides the beacon chain state root * @param newBeaconChainOracle is the new oracle contract being pointed to * @dev Callable only by the owner of this contract (i.e. governance) */ function updateBeaconChainOracle(IBeaconChainOracle newBeaconChainOracle) external; /// @notice Returns the address of the `podOwner`'s EigenPod if it has been deployed. function ownerToPod(address podOwner) external view returns (IEigenPod); /// @notice Returns the address of the `podOwner`'s EigenPod (whether it is deployed yet or not). function getPod(address podOwner) external view returns (IEigenPod); /// @notice The ETH2 Deposit Contract function ethPOS() external view returns (IETHPOSDeposit); /// @notice Beacon proxy to which the EigenPods point function eigenPodBeacon() external view returns (IBeacon); /// @notice Oracle contract that provides updates to the beacon chain's state function beaconChainOracle() external view returns (IBeaconChainOracle); /// @notice Returns the beacon block root at `timestamp`. Reverts if the Beacon block root at `timestamp` has not yet been finalized. function getBlockRootAtTimestamp(uint64 timestamp) external view returns (bytes32); /// @notice EigenLayer's StrategyManager contract function strategyManager() external view returns (IStrategyManager); /// @notice EigenLayer's Slasher contract function slasher() external view returns (ISlasher); /// @notice Returns 'true' if the `podOwner` has created an EigenPod, and 'false' otherwise. function hasPod(address podOwner) external view returns (bool); /// @notice Returns the number of EigenPods that have been created function numPods() external view returns (uint256); /** * @notice Mapping from Pod owner owner to the number of shares they have in the virtual beacon chain ETH strategy. * @dev The share amount can become negative. This is necessary to accommodate the fact that a pod owner's virtual beacon chain ETH shares can * decrease between the pod owner queuing and completing a withdrawal. * When the pod owner's shares would otherwise increase, this "deficit" is decreased first _instead_. * Likewise, when a withdrawal is completed, this "deficit" is decreased and the withdrawal amount is decreased; We can think of this * as the withdrawal "paying off the deficit". */ function podOwnerShares(address podOwner) external view returns (int256); /// @notice returns canonical, virtual beaconChainETH strategy function beaconChainETHStrategy() external view returns (IStrategy); /** * @notice Used by the DelegationManager to remove a pod owner's shares while they're in the withdrawal queue. * Simply decreases the `podOwner`'s shares by `shares`, down to a minimum of zero. * @dev This function reverts if it would result in `podOwnerShares[podOwner]` being less than zero, i.e. it is forbidden for this function to * result in the `podOwner` incurring a "share deficit". This behavior prevents a Staker from queuing a withdrawal which improperly removes excessive * shares from the operator to whom the staker is delegated. * @dev Reverts if `shares` is not a whole Gwei amount */ function removeShares(address podOwner, uint256 shares) external; /** * @notice Increases the `podOwner`'s shares by `shares`, paying off deficit if possible. * Used by the DelegationManager to award a pod owner shares on exiting the withdrawal queue * @dev Returns the number of shares added to `podOwnerShares[podOwner]` above zero, which will be less than the `shares` input * in the event that the podOwner has an existing shares deficit (i.e. `podOwnerShares[podOwner]` starts below zero) * @dev Reverts if `shares` is not a whole Gwei amount */ function addShares(address podOwner, uint256 shares) external returns (uint256); /** * @notice Used by the DelegationManager to complete a withdrawal, sending tokens to some destination address * @dev Prioritizes decreasing the podOwner's share deficit, if they have one * @dev Reverts if `shares` is not a whole Gwei amount */ function withdrawSharesAsTokens(address podOwner, address destination, uint256 shares) external; /** * @notice the deneb hard fork timestamp used to determine which proof path to use for proving a withdrawal */ function denebForkTimestamp() external view returns (uint64); /** * setting the deneb hard fork timestamp by the eigenPodManager owner * @dev this function is designed to be called twice. Once, it is set to type(uint64).max * prior to the actual deneb fork timestamp being set, and then the second time it is set * to the actual deneb fork timestamp. */ function setDenebForkTimestamp(uint64 newDenebForkTimestamp) external; }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol) pragma solidity ^0.8.0; /** * @dev This is the interface that {BeaconProxy} expects of its beacon. */ interface IBeacon { /** * @dev Must return an address that can be used as a delegate call target. * * {BeaconProxy} will check that this address is a contract. */ function implementation() external view returns (address); }
// ┏━━━┓━┏┓━┏┓━━┏━━━┓━━┏━━━┓━━━━┏━━━┓━━━━━━━━━━━━━━━━━━━┏┓━━━━━┏━━━┓━━━━━━━━━┏┓━━━━━━━━━━━━━━┏┓━ // ┃┏━━┛┏┛┗┓┃┃━━┃┏━┓┃━━┃┏━┓┃━━━━┗┓┏┓┃━━━━━━━━━━━━━━━━━━┏┛┗┓━━━━┃┏━┓┃━━━━━━━━┏┛┗┓━━━━━━━━━━━━┏┛┗┓ // ┃┗━━┓┗┓┏┛┃┗━┓┗┛┏┛┃━━┃┃━┃┃━━━━━┃┃┃┃┏━━┓┏━━┓┏━━┓┏━━┓┏┓┗┓┏┛━━━━┃┃━┗┛┏━━┓┏━┓━┗┓┏┛┏━┓┏━━┓━┏━━┓┗┓┏┛ // ┃┏━━┛━┃┃━┃┏┓┃┏━┛┏┛━━┃┃━┃┃━━━━━┃┃┃┃┃┏┓┃┃┏┓┃┃┏┓┃┃━━┫┣┫━┃┃━━━━━┃┃━┏┓┃┏┓┃┃┏┓┓━┃┃━┃┏┛┗━┓┃━┃┏━┛━┃┃━ // ┃┗━━┓━┃┗┓┃┃┃┃┃┃┗━┓┏┓┃┗━┛┃━━━━┏┛┗┛┃┃┃━┫┃┗┛┃┃┗┛┃┣━━┃┃┃━┃┗┓━━━━┃┗━┛┃┃┗┛┃┃┃┃┃━┃┗┓┃┃━┃┗┛┗┓┃┗━┓━┃┗┓ // ┗━━━┛━┗━┛┗┛┗┛┗━━━┛┗┛┗━━━┛━━━━┗━━━┛┗━━┛┃┏━┛┗━━┛┗━━┛┗┛━┗━┛━━━━┗━━━┛┗━━┛┗┛┗┛━┗━┛┗┛━┗━━━┛┗━━┛━┗━┛ // ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┃┃━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ // ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┗┛━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ // SPDX-License-Identifier: CC0-1.0 pragma solidity >=0.5.0; // This interface is designed to be compatible with the Vyper version. /// @notice This is the Ethereum 2.0 deposit contract interface. /// For more information see the Phase 0 specification under https://github.com/ethereum/eth2.0-specs interface IETHPOSDeposit { /// @notice A processed deposit event. event DepositEvent(bytes pubkey, bytes withdrawal_credentials, bytes amount, bytes signature, bytes index); /// @notice Submit a Phase 0 DepositData object. /// @param pubkey A BLS12-381 public key. /// @param withdrawal_credentials Commitment to a public key for withdrawals. /// @param signature A BLS12-381 signature. /// @param deposit_data_root The SHA-256 hash of the SSZ-encoded DepositData object. /// Used as a protection against malformed input. function deposit( bytes calldata pubkey, bytes calldata withdrawal_credentials, bytes calldata signature, bytes32 deposit_data_root ) external payable; /// @notice Query the current deposit root hash. /// @return The deposit root hash. function get_deposit_root() external view returns (bytes32); /// @notice Query the current deposit count. /// @return The deposit count encoded as a little endian 64-bit number. function get_deposit_count() external view returns (bytes memory); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "../libraries/BeaconChainProofs.sol"; import "./IEigenPodManager.sol"; import "./IBeaconChainOracle.sol"; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; /** * @title The implementation contract used for restaking beacon chain ETH on EigenLayer * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice The main functionalities are: * - creating new ETH validators with their withdrawal credentials pointed to this contract * - proving from beacon chain state roots that withdrawal credentials are pointed to this contract * - proving from beacon chain state roots the balances of ETH validators with their withdrawal credentials * pointed to this contract * - updating aggregate balances in the EigenPodManager * - withdrawing eth when withdrawals are initiated * @dev Note that all beacon chain balances are stored as gwei within the beacon chain datastructures. We choose * to account balances in terms of gwei in the EigenPod contract and convert to wei when making calls to other contracts */ interface IEigenPod { enum VALIDATOR_STATUS { INACTIVE, // doesnt exist ACTIVE, // staked on ethpos and withdrawal credentials are pointed to the EigenPod WITHDRAWN // withdrawn from the Beacon Chain } struct ValidatorInfo { // index of the validator in the beacon chain uint64 validatorIndex; // amount of beacon chain ETH restaked on EigenLayer in gwei uint64 restakedBalanceGwei; //timestamp of the validator's most recent balance update uint64 mostRecentBalanceUpdateTimestamp; // status of the validator VALIDATOR_STATUS status; } /** * @notice struct used to store amounts related to proven withdrawals in memory. Used to help * manage stack depth and optimize the number of external calls, when batching withdrawal operations. */ struct VerifiedWithdrawal { // amount to send to a podOwner from a proven withdrawal uint256 amountToSendGwei; // difference in shares to be recorded in the eigenPodManager, as a result of the withdrawal int256 sharesDeltaGwei; } enum PARTIAL_WITHDRAWAL_CLAIM_STATUS { REDEEMED, PENDING, FAILED } /// @notice Emitted when an ETH validator stakes via this eigenPod event EigenPodStaked(bytes pubkey); /// @notice Emitted when an ETH validator's withdrawal credentials are successfully verified to be pointed to this eigenPod event ValidatorRestaked(uint40 validatorIndex); /// @notice Emitted when an ETH validator's balance is proven to be updated. Here newValidatorBalanceGwei // is the validator's balance that is credited on EigenLayer. event ValidatorBalanceUpdated(uint40 validatorIndex, uint64 balanceTimestamp, uint64 newValidatorBalanceGwei); /// @notice Emitted when an ETH validator is prove to have withdrawn from the beacon chain event FullWithdrawalRedeemed( uint40 validatorIndex, uint64 withdrawalTimestamp, address indexed recipient, uint64 withdrawalAmountGwei ); /// @notice Emitted when a partial withdrawal claim is successfully redeemed event PartialWithdrawalRedeemed( uint40 validatorIndex, uint64 withdrawalTimestamp, address indexed recipient, uint64 partialWithdrawalAmountGwei ); /// @notice Emitted when restaked beacon chain ETH is withdrawn from the eigenPod. event RestakedBeaconChainETHWithdrawn(address indexed recipient, uint256 amount); /// @notice Emitted when podOwner enables restaking event RestakingActivated(address indexed podOwner); /// @notice Emitted when ETH is received via the `receive` fallback event NonBeaconChainETHReceived(uint256 amountReceived); /// @notice Emitted when ETH that was previously received via the `receive` fallback is withdrawn event NonBeaconChainETHWithdrawn(address indexed recipient, uint256 amountWithdrawn); /// @notice The max amount of eth, in gwei, that can be restaked per validator function MAX_RESTAKED_BALANCE_GWEI_PER_VALIDATOR() external view returns (uint64); /// @notice the amount of execution layer ETH in this contract that is staked in EigenLayer (i.e. withdrawn from beaconchain but not EigenLayer), function withdrawableRestakedExecutionLayerGwei() external view returns (uint64); /// @notice any ETH deposited into the EigenPod contract via the `receive` fallback function function nonBeaconChainETHBalanceWei() external view returns (uint256); /// @notice Used to initialize the pointers to contracts crucial to the pod's functionality, in beacon proxy construction from EigenPodManager function initialize(address owner) external; /// @notice Called by EigenPodManager when the owner wants to create another ETH validator. function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable; /** * @notice Transfers `amountWei` in ether from this contract to the specified `recipient` address * @notice Called by EigenPodManager to withdrawBeaconChainETH that has been added to the EigenPod's balance due to a withdrawal from the beacon chain. * @dev The podOwner must have already proved sufficient withdrawals, so that this pod's `withdrawableRestakedExecutionLayerGwei` exceeds the * `amountWei` input (when converted to GWEI). * @dev Reverts if `amountWei` is not a whole Gwei amount */ function withdrawRestakedBeaconChainETH(address recipient, uint256 amount) external; /// @notice The single EigenPodManager for EigenLayer function eigenPodManager() external view returns (IEigenPodManager); /// @notice The owner of this EigenPod function podOwner() external view returns (address); /// @notice an indicator of whether or not the podOwner has ever "fully restaked" by successfully calling `verifyCorrectWithdrawalCredentials`. function hasRestaked() external view returns (bool); /** * @notice The latest timestamp at which the pod owner withdrew the balance of the pod, via calling `withdrawBeforeRestaking`. * @dev This variable is only updated when the `withdrawBeforeRestaking` function is called, which can only occur before `hasRestaked` is set to true for this pod. * Proofs for this pod are only valid against Beacon Chain state roots corresponding to timestamps after the stored `mostRecentWithdrawalTimestamp`. */ function mostRecentWithdrawalTimestamp() external view returns (uint64); /// @notice Returns the validatorInfo struct for the provided pubkeyHash function validatorPubkeyHashToInfo(bytes32 validatorPubkeyHash) external view returns (ValidatorInfo memory); /// @notice Returns the validatorInfo struct for the provided pubkey function validatorPubkeyToInfo(bytes calldata validatorPubkey) external view returns (ValidatorInfo memory); ///@notice mapping that tracks proven withdrawals function provenWithdrawal(bytes32 validatorPubkeyHash, uint64 slot) external view returns (bool); /// @notice This returns the status of a given validator function validatorStatus(bytes32 pubkeyHash) external view returns (VALIDATOR_STATUS); /// @notice This returns the status of a given validator pubkey function validatorStatus(bytes calldata validatorPubkey) external view returns (VALIDATOR_STATUS); /** * @notice This function verifies that the withdrawal credentials of validator(s) owned by the podOwner are pointed to * this contract. It also verifies the effective balance of the validator. It verifies the provided proof of the ETH validator against the beacon chain state * root, marks the validator as 'active' in EigenLayer, and credits the restaked ETH in Eigenlayer. * @param oracleTimestamp is the Beacon Chain timestamp whose state root the `proof` will be proven against. * @param validatorIndices is the list of indices of the validators being proven, refer to consensus specs * @param withdrawalCredentialProofs is an array of proofs, where each proof proves each ETH validator's balance and withdrawal credentials * against a beacon chain state root * @param validatorFields are the fields of the "Validator Container", refer to consensus specs * for details: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator */ function verifyWithdrawalCredentials( uint64 oracleTimestamp, BeaconChainProofs.StateRootProof calldata stateRootProof, uint40[] calldata validatorIndices, bytes[] calldata withdrawalCredentialProofs, bytes32[][] calldata validatorFields ) external; /** * @notice This function records an update (either increase or decrease) in the pod's balance in the StrategyManager. It also verifies a merkle proof of the validator's current beacon chain balance. * @param oracleTimestamp The oracleTimestamp whose state root the `proof` will be proven against. * Must be within `VERIFY_BALANCE_UPDATE_WINDOW_SECONDS` of the current block. * @param validatorIndices is the list of indices of the validators being proven, refer to consensus specs * @param validatorFieldsProofs proofs against the `beaconStateRoot` for each validator in `validatorFields` * @param validatorFields are the fields of the "Validator Container", refer to consensus specs * @dev For more details on the Beacon Chain spec, see: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator */ function verifyBalanceUpdates( uint64 oracleTimestamp, uint40[] calldata validatorIndices, BeaconChainProofs.StateRootProof calldata stateRootProof, bytes[] calldata validatorFieldsProofs, bytes32[][] calldata validatorFields ) external; /** * @notice This function records full and partial withdrawals on behalf of one of the Ethereum validators for this EigenPod * @param oracleTimestamp is the timestamp of the oracle slot that the withdrawal is being proven against * @param withdrawalProofs is the information needed to check the veracity of the block numbers and withdrawals being proven * @param validatorFieldsProofs is the proof of the validator's fields' in the validator tree * @param withdrawalFields are the fields of the withdrawals being proven * @param validatorFields are the fields of the validators being proven */ function verifyAndProcessWithdrawals( uint64 oracleTimestamp, BeaconChainProofs.StateRootProof calldata stateRootProof, BeaconChainProofs.WithdrawalProof[] calldata withdrawalProofs, bytes[] calldata validatorFieldsProofs, bytes32[][] calldata validatorFields, bytes32[][] calldata withdrawalFields ) external; /** * @notice Called by the pod owner to activate restaking by withdrawing * all existing ETH from the pod and preventing further withdrawals via * "withdrawBeforeRestaking()" */ function activateRestaking() external; /// @notice Called by the pod owner to withdraw the balance of the pod when `hasRestaked` is set to false function withdrawBeforeRestaking() external; /// @notice Called by the pod owner to withdraw the nonBeaconChainETHBalanceWei function withdrawNonBeaconChainETHBalanceWei(address recipient, uint256 amountToWithdraw) external; /// @notice called by owner of a pod to remove any ERC20s deposited in the pod function recoverTokens(IERC20[] memory tokenList, uint256[] memory amountsToWithdraw, address recipient) external; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; /** * @title Interface for the BeaconStateOracle contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service */ interface IBeaconChainOracle { /// @notice The block number to state root mapping. function timestampToBlockRoot(uint256 timestamp) external view returns (bytes32); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.0; import "./Merkle.sol"; import "../libraries/Endian.sol"; //Utility library for parsing and PHASE0 beacon chain block headers //SSZ Spec: https://github.com/ethereum/consensus-specs/blob/dev/ssz/simple-serialize.md#merkleization //BeaconBlockHeader Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader //BeaconState Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconstate library BeaconChainProofs { // constants are the number of fields and the heights of the different merkle trees used in merkleizing beacon chain containers uint256 internal constant BEACON_BLOCK_HEADER_FIELD_TREE_HEIGHT = 3; uint256 internal constant BEACON_BLOCK_BODY_FIELD_TREE_HEIGHT = 4; uint256 internal constant BEACON_STATE_FIELD_TREE_HEIGHT = 5; uint256 internal constant VALIDATOR_FIELD_TREE_HEIGHT = 3; //Note: changed in the deneb hard fork from 4->5 uint256 internal constant EXECUTION_PAYLOAD_HEADER_FIELD_TREE_HEIGHT_DENEB = 5; uint256 internal constant EXECUTION_PAYLOAD_HEADER_FIELD_TREE_HEIGHT_CAPELLA = 4; // SLOTS_PER_HISTORICAL_ROOT = 2**13, so tree height is 13 uint256 internal constant BLOCK_ROOTS_TREE_HEIGHT = 13; //HISTORICAL_ROOTS_LIMIT = 2**24, so tree height is 24 uint256 internal constant HISTORICAL_SUMMARIES_TREE_HEIGHT = 24; //Index of block_summary_root in historical_summary container uint256 internal constant BLOCK_SUMMARY_ROOT_INDEX = 0; // tree height for hash tree of an individual withdrawal container uint256 internal constant WITHDRAWAL_FIELD_TREE_HEIGHT = 2; uint256 internal constant VALIDATOR_TREE_HEIGHT = 40; // MAX_WITHDRAWALS_PER_PAYLOAD = 2**4, making tree height = 4 uint256 internal constant WITHDRAWALS_TREE_HEIGHT = 4; //in beacon block body https://github.com/ethereum/consensus-specs/blob/dev/specs/capella/beacon-chain.md#beaconblockbody uint256 internal constant EXECUTION_PAYLOAD_INDEX = 9; // in beacon block header https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader uint256 internal constant SLOT_INDEX = 0; uint256 internal constant STATE_ROOT_INDEX = 3; uint256 internal constant BODY_ROOT_INDEX = 4; // in beacon state https://github.com/ethereum/consensus-specs/blob/dev/specs/capella/beacon-chain.md#beaconstate uint256 internal constant VALIDATOR_TREE_ROOT_INDEX = 11; uint256 internal constant HISTORICAL_SUMMARIES_INDEX = 27; // in validator https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator uint256 internal constant VALIDATOR_PUBKEY_INDEX = 0; uint256 internal constant VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX = 1; uint256 internal constant VALIDATOR_BALANCE_INDEX = 2; uint256 internal constant VALIDATOR_WITHDRAWABLE_EPOCH_INDEX = 7; // in execution payload header uint256 internal constant TIMESTAMP_INDEX = 9; //in execution payload uint256 internal constant WITHDRAWALS_INDEX = 14; // in withdrawal uint256 internal constant WITHDRAWAL_VALIDATOR_INDEX_INDEX = 1; uint256 internal constant WITHDRAWAL_VALIDATOR_AMOUNT_INDEX = 3; //Misc Constants /// @notice The number of slots each epoch in the beacon chain uint64 internal constant SLOTS_PER_EPOCH = 32; /// @notice The number of seconds in a slot in the beacon chain uint64 internal constant SECONDS_PER_SLOT = 12; /// @notice Number of seconds per epoch: 384 == 32 slots/epoch * 12 seconds/slot uint64 internal constant SECONDS_PER_EPOCH = SLOTS_PER_EPOCH * SECONDS_PER_SLOT; bytes8 internal constant UINT64_MASK = 0xffffffffffffffff; /// @notice This struct contains the merkle proofs and leaves needed to verify a partial/full withdrawal struct WithdrawalProof { bytes withdrawalProof; bytes slotProof; bytes executionPayloadProof; bytes timestampProof; bytes historicalSummaryBlockRootProof; uint64 blockRootIndex; uint64 historicalSummaryIndex; uint64 withdrawalIndex; bytes32 blockRoot; bytes32 slotRoot; bytes32 timestampRoot; bytes32 executionPayloadRoot; } /// @notice This struct contains the root and proof for verifying the state root against the oracle block root struct StateRootProof { bytes32 beaconStateRoot; bytes proof; } /** * @notice This function verifies merkle proofs of the fields of a certain validator against a beacon chain state root * @param validatorIndex the index of the proven validator * @param beaconStateRoot is the beacon chain state root to be proven against. * @param validatorFieldsProof is the data used in proving the validator's fields * @param validatorFields the claimed fields of the validator */ function verifyValidatorFields( bytes32 beaconStateRoot, bytes32[] calldata validatorFields, bytes calldata validatorFieldsProof, uint40 validatorIndex ) internal view { require( validatorFields.length == 2 ** VALIDATOR_FIELD_TREE_HEIGHT, "BeaconChainProofs.verifyValidatorFields: Validator fields has incorrect length" ); /** * Note: the length of the validator merkle proof is BeaconChainProofs.VALIDATOR_TREE_HEIGHT + 1. * There is an additional layer added by hashing the root with the length of the validator list */ require( validatorFieldsProof.length == 32 * ((VALIDATOR_TREE_HEIGHT + 1) + BEACON_STATE_FIELD_TREE_HEIGHT), "BeaconChainProofs.verifyValidatorFields: Proof has incorrect length" ); uint256 index = (VALIDATOR_TREE_ROOT_INDEX << (VALIDATOR_TREE_HEIGHT + 1)) | uint256(validatorIndex); // merkleize the validatorFields to get the leaf to prove bytes32 validatorRoot = Merkle.merkleizeSha256(validatorFields); // verify the proof of the validatorRoot against the beaconStateRoot require( Merkle.verifyInclusionSha256({ proof: validatorFieldsProof, root: beaconStateRoot, leaf: validatorRoot, index: index }), "BeaconChainProofs.verifyValidatorFields: Invalid merkle proof" ); } /** * @notice This function verifies the latestBlockHeader against the state root. the latestBlockHeader is * a tracked in the beacon state. * @param beaconStateRoot is the beacon chain state root to be proven against. * @param stateRootProof is the provided merkle proof * @param latestBlockRoot is hashtree root of the latest block header in the beacon state */ function verifyStateRootAgainstLatestBlockRoot( bytes32 latestBlockRoot, bytes32 beaconStateRoot, bytes calldata stateRootProof ) internal view { require( stateRootProof.length == 32 * (BEACON_BLOCK_HEADER_FIELD_TREE_HEIGHT), "BeaconChainProofs.verifyStateRootAgainstLatestBlockRoot: Proof has incorrect length" ); //Next we verify the slot against the blockRoot require( Merkle.verifyInclusionSha256({ proof: stateRootProof, root: latestBlockRoot, leaf: beaconStateRoot, index: STATE_ROOT_INDEX }), "BeaconChainProofs.verifyStateRootAgainstLatestBlockRoot: Invalid latest block header root merkle proof" ); } /** * @notice This function verifies the slot and the withdrawal fields for a given withdrawal * @param withdrawalProof is the provided set of merkle proofs * @param withdrawalFields is the serialized withdrawal container to be proven */ function verifyWithdrawal( bytes32 beaconStateRoot, bytes32[] calldata withdrawalFields, WithdrawalProof calldata withdrawalProof, uint64 denebForkTimestamp ) internal view { require( withdrawalFields.length == 2 ** WITHDRAWAL_FIELD_TREE_HEIGHT, "BeaconChainProofs.verifyWithdrawal: withdrawalFields has incorrect length" ); require( withdrawalProof.blockRootIndex < 2 ** BLOCK_ROOTS_TREE_HEIGHT, "BeaconChainProofs.verifyWithdrawal: blockRootIndex is too large" ); require( withdrawalProof.withdrawalIndex < 2 ** WITHDRAWALS_TREE_HEIGHT, "BeaconChainProofs.verifyWithdrawal: withdrawalIndex is too large" ); require( withdrawalProof.historicalSummaryIndex < 2 ** HISTORICAL_SUMMARIES_TREE_HEIGHT, "BeaconChainProofs.verifyWithdrawal: historicalSummaryIndex is too large" ); //Note: post deneb hard fork, the number of exection payload header fields increased from 15->17, adding an extra level to the tree height uint256 executionPayloadHeaderFieldTreeHeight = (getWithdrawalTimestamp(withdrawalProof) < denebForkTimestamp) ? EXECUTION_PAYLOAD_HEADER_FIELD_TREE_HEIGHT_CAPELLA : EXECUTION_PAYLOAD_HEADER_FIELD_TREE_HEIGHT_DENEB; require( withdrawalProof.withdrawalProof.length == 32 * (executionPayloadHeaderFieldTreeHeight + WITHDRAWALS_TREE_HEIGHT + 1), "BeaconChainProofs.verifyWithdrawal: withdrawalProof has incorrect length" ); require( withdrawalProof.executionPayloadProof.length == 32 * (BEACON_BLOCK_HEADER_FIELD_TREE_HEIGHT + BEACON_BLOCK_BODY_FIELD_TREE_HEIGHT), "BeaconChainProofs.verifyWithdrawal: executionPayloadProof has incorrect length" ); require( withdrawalProof.slotProof.length == 32 * (BEACON_BLOCK_HEADER_FIELD_TREE_HEIGHT), "BeaconChainProofs.verifyWithdrawal: slotProof has incorrect length" ); require( withdrawalProof.timestampProof.length == 32 * (executionPayloadHeaderFieldTreeHeight), "BeaconChainProofs.verifyWithdrawal: timestampProof has incorrect length" ); require( withdrawalProof.historicalSummaryBlockRootProof.length == 32 * (BEACON_STATE_FIELD_TREE_HEIGHT + (HISTORICAL_SUMMARIES_TREE_HEIGHT + 1) + 1 + (BLOCK_ROOTS_TREE_HEIGHT)), "BeaconChainProofs.verifyWithdrawal: historicalSummaryBlockRootProof has incorrect length" ); /** * Note: Here, the "1" in "1 + (BLOCK_ROOTS_TREE_HEIGHT)" signifies that extra step of choosing the "block_root_summary" within the individual * "historical_summary". Everywhere else it signifies merkelize_with_mixin, where the length of an array is hashed with the root of the array, * but not here. */ uint256 historicalBlockHeaderIndex = (HISTORICAL_SUMMARIES_INDEX << ((HISTORICAL_SUMMARIES_TREE_HEIGHT + 1) + 1 + (BLOCK_ROOTS_TREE_HEIGHT))) | (uint256(withdrawalProof.historicalSummaryIndex) << (1 + (BLOCK_ROOTS_TREE_HEIGHT))) | (BLOCK_SUMMARY_ROOT_INDEX << (BLOCK_ROOTS_TREE_HEIGHT)) | uint256(withdrawalProof.blockRootIndex); require( Merkle.verifyInclusionSha256({ proof: withdrawalProof.historicalSummaryBlockRootProof, root: beaconStateRoot, leaf: withdrawalProof.blockRoot, index: historicalBlockHeaderIndex }), "BeaconChainProofs.verifyWithdrawal: Invalid historicalsummary merkle proof" ); //Next we verify the slot against the blockRoot require( Merkle.verifyInclusionSha256({ proof: withdrawalProof.slotProof, root: withdrawalProof.blockRoot, leaf: withdrawalProof.slotRoot, index: SLOT_INDEX }), "BeaconChainProofs.verifyWithdrawal: Invalid slot merkle proof" ); { // Next we verify the executionPayloadRoot against the blockRoot uint256 executionPayloadIndex = (BODY_ROOT_INDEX << (BEACON_BLOCK_BODY_FIELD_TREE_HEIGHT)) | EXECUTION_PAYLOAD_INDEX; require( Merkle.verifyInclusionSha256({ proof: withdrawalProof.executionPayloadProof, root: withdrawalProof.blockRoot, leaf: withdrawalProof.executionPayloadRoot, index: executionPayloadIndex }), "BeaconChainProofs.verifyWithdrawal: Invalid executionPayload merkle proof" ); } // Next we verify the timestampRoot against the executionPayload root require( Merkle.verifyInclusionSha256({ proof: withdrawalProof.timestampProof, root: withdrawalProof.executionPayloadRoot, leaf: withdrawalProof.timestampRoot, index: TIMESTAMP_INDEX }), "BeaconChainProofs.verifyWithdrawal: Invalid timestamp merkle proof" ); { /** * Next we verify the withdrawal fields against the executionPayloadRoot: * First we compute the withdrawal_index, then we merkleize the * withdrawalFields container to calculate the withdrawalRoot. * * Note: Merkleization of the withdrawals root tree uses MerkleizeWithMixin, i.e., the length of the array is hashed with the root of * the array. Thus we shift the WITHDRAWALS_INDEX over by WITHDRAWALS_TREE_HEIGHT + 1 and not just WITHDRAWALS_TREE_HEIGHT. */ uint256 withdrawalIndex = (WITHDRAWALS_INDEX << (WITHDRAWALS_TREE_HEIGHT + 1)) | uint256(withdrawalProof.withdrawalIndex); bytes32 withdrawalRoot = Merkle.merkleizeSha256(withdrawalFields); require( Merkle.verifyInclusionSha256({ proof: withdrawalProof.withdrawalProof, root: withdrawalProof.executionPayloadRoot, leaf: withdrawalRoot, index: withdrawalIndex }), "BeaconChainProofs.verifyWithdrawal: Invalid withdrawal merkle proof" ); } } /** * @notice This function replicates the ssz hashing of a validator's pubkey, outlined below: * hh := ssz.NewHasher() * hh.PutBytes(validatorPubkey[:]) * validatorPubkeyHash := hh.Hash() * hh.Reset() */ function hashValidatorBLSPubkey(bytes memory validatorPubkey) internal pure returns (bytes32 pubkeyHash) { require(validatorPubkey.length == 48, "Input should be 48 bytes in length"); return sha256(abi.encodePacked(validatorPubkey, bytes16(0))); } /** * @dev Retrieve the withdrawal timestamp */ function getWithdrawalTimestamp(WithdrawalProof memory withdrawalProof) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(withdrawalProof.timestampRoot); } /** * @dev Converts the withdrawal's slot to an epoch */ function getWithdrawalEpoch(WithdrawalProof memory withdrawalProof) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(withdrawalProof.slotRoot) / SLOTS_PER_EPOCH; } /** * Indices for validator fields (refer to consensus specs): * 0: pubkey * 1: withdrawal credentials * 2: effective balance * 3: slashed? * 4: activation elligibility epoch * 5: activation epoch * 6: exit epoch * 7: withdrawable epoch */ /** * @dev Retrieves a validator's pubkey hash */ function getPubkeyHash(bytes32[] memory validatorFields) internal pure returns (bytes32) { return validatorFields[VALIDATOR_PUBKEY_INDEX]; } function getWithdrawalCredentials(bytes32[] memory validatorFields) internal pure returns (bytes32) { return validatorFields[VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX]; } /** * @dev Retrieves a validator's effective balance (in gwei) */ function getEffectiveBalanceGwei(bytes32[] memory validatorFields) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_BALANCE_INDEX]); } /** * @dev Retrieves a validator's withdrawable epoch */ function getWithdrawableEpoch(bytes32[] memory validatorFields) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_WITHDRAWABLE_EPOCH_INDEX]); } /** * Indices for withdrawal fields (refer to consensus specs): * 0: withdrawal index * 1: validator index * 2: execution address * 3: withdrawal amount */ /** * @dev Retrieves a withdrawal's validator index */ function getValidatorIndex(bytes32[] memory withdrawalFields) internal pure returns (uint40) { return uint40(Endian.fromLittleEndianUint64(withdrawalFields[WITHDRAWAL_VALIDATOR_INDEX_INDEX])); } /** * @dev Retrieves a withdrawal's withdrawal amount (in gwei) */ function getWithdrawalAmountGwei(bytes32[] memory withdrawalFields) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(withdrawalFields[WITHDRAWAL_VALIDATOR_AMOUNT_INDEX]); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.0; library Endian { /** * @notice Converts a little endian-formatted uint64 to a big endian-formatted uint64 * @param lenum little endian-formatted uint64 input, provided as 'bytes32' type * @return n The big endian-formatted uint64 * @dev Note that the input is formatted as a 'bytes32' type (i.e. 256 bits), but it is immediately truncated to a uint64 (i.e. 64 bits) * through a right-shift/shr operation. */ function fromLittleEndianUint64(bytes32 lenum) internal pure returns (uint64 n) { // the number needs to be stored in little-endian encoding (ie in bytes 0-8) n = uint64(uint256(lenum >> 192)); return (n >> 56) | ((0x00FF000000000000 & n) >> 40) | ((0x0000FF0000000000 & n) >> 24) | ((0x000000FF00000000 & n) >> 8) | ((0x00000000FF000000 & n) << 8) | ((0x0000000000FF0000 & n) << 24) | ((0x000000000000FF00 & n) << 40) | ((0x00000000000000FF & n) << 56); } }
{ "remappings": [ "@openzeppelin-upgrades/=lib/openzeppelin-contracts-upgradeable/", "@openzeppelin/=lib/openzeppelin-contracts/", "eigenlayer-middleware/=lib/eigenlayer-middleware/src/", "eigenlayer-core/=lib/eigenlayer-middleware/lib/eigenlayer-contracts/src/", "eigenlayer-scripts/=lib/eigenlayer-middleware/lib/eigenlayer-contracts/script/", "forge-std/=lib/forge-std/src/", "ds-test/=lib/forge-std/lib/ds-test/src/", "eigenlayer-contracts/=lib/eigenlayer-middleware/lib/eigenlayer-contracts/", "openzeppelin-contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/", "openzeppelin-contracts/=lib/openzeppelin-contracts/" ], "optimizer": { "enabled": true, "runs": 200 }, "metadata": { "useLiteralContent": false, "bytecodeHash": "ipfs" }, "outputSelection": { "*": { "*": [ "evm.bytecode", "evm.deployedBytecode", "devdoc", "userdoc", "metadata", "abi" ] } }, "evmVersion": "london", "viaIR": false, "libraries": { "src/libraries/EigenDARollupUtils.sol": { "EigenDARollupUtils": "0xa880e13Cfe86209100dC9D7Ccf83a1630D4e1c1A" } } }
[{"inputs":[{"internalType":"contract IEigenDAServiceManager","name":"_eigenDAServiceManager","type":"address"},{"components":[{"internalType":"uint256","name":"X","type":"uint256"},{"internalType":"uint256","name":"Y","type":"uint256"}],"internalType":"struct BN254.G1Point","name":"_tau","type":"tuple"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[{"internalType":"uint256","name":"timestamp","type":"uint256"},{"internalType":"uint256","name":"point","type":"uint256"},{"components":[{"internalType":"uint256[2]","name":"X","type":"uint256[2]"},{"internalType":"uint256[2]","name":"Y","type":"uint256[2]"}],"internalType":"struct BN254.G2Point","name":"proof","type":"tuple"},{"internalType":"uint256","name":"challengeValue","type":"uint256"}],"name":"challengeCommitment","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"","type":"uint256"}],"name":"commitments","outputs":[{"internalType":"address","name":"confirmer","type":"address"},{"internalType":"uint32","name":"dataLength","type":"uint32"},{"components":[{"internalType":"uint256","name":"X","type":"uint256"},{"internalType":"uint256","name":"Y","type":"uint256"}],"internalType":"struct BN254.G1Point","name":"polynomialCommitment","type":"tuple"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"eigenDAServiceManager","outputs":[{"internalType":"contract IEigenDAServiceManager","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"components":[{"internalType":"uint256","name":"X","type":"uint256"},{"internalType":"uint256","name":"Y","type":"uint256"}],"internalType":"struct BN254.G1Point","name":"commitment","type":"tuple"},{"internalType":"uint32","name":"dataLength","type":"uint32"},{"components":[{"internalType":"uint8","name":"quorumNumber","type":"uint8"},{"internalType":"uint8","name":"adversaryThresholdPercentage","type":"uint8"},{"internalType":"uint8","name":"confirmationThresholdPercentage","type":"uint8"},{"internalType":"uint32","name":"chunkLength","type":"uint32"}],"internalType":"struct IEigenDAServiceManager.QuorumBlobParam[]","name":"quorumBlobParams","type":"tuple[]"}],"internalType":"struct IEigenDAServiceManager.BlobHeader","name":"blobHeader","type":"tuple"},{"components":[{"internalType":"uint32","name":"batchId","type":"uint32"},{"internalType":"uint8","name":"blobIndex","type":"uint8"},{"components":[{"components":[{"internalType":"bytes32","name":"blobHeadersRoot","type":"bytes32"},{"internalType":"bytes","name":"quorumNumbers","type":"bytes"},{"internalType":"bytes","name":"signedStakeForQuorums","type":"bytes"},{"internalType":"uint32","name":"referenceBlockNumber","type":"uint32"}],"internalType":"struct IEigenDAServiceManager.BatchHeader","name":"batchHeader","type":"tuple"},{"internalType":"bytes32","name":"signatoryRecordHash","type":"bytes32"},{"internalType":"uint32","name":"confirmationBlockNumber","type":"uint32"}],"internalType":"struct IEigenDAServiceManager.BatchMetadata","name":"batchMetadata","type":"tuple"},{"internalType":"bytes","name":"inclusionProof","type":"bytes"},{"internalType":"bytes","name":"quorumIndices","type":"bytes"}],"internalType":"struct EigenDARollupUtils.BlobVerificationProof","name":"blobVerificationProof","type":"tuple"}],"name":"postCommitment","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"tau","outputs":[{"internalType":"uint256","name":"X","type":"uint256"},{"internalType":"uint256","name":"Y","type":"uint256"}],"stateMutability":"view","type":"function"}]
Contract Creation Code
608060405234801561001057600080fd5b5060405161140f38038061140f83398101604081905261002f91610061565b600080546001600160a01b0319166001600160a01b0393909316929092179091558051600155602001516002556100ef565b600080828403606081121561007557600080fd5b83516001600160a01b038116811461008c57600080fd5b92506040601f19820112156100a057600080fd5b50604080519081016001600160401b03811182821017156100d157634e487b7160e01b600052604160045260246000fd5b60409081526020858101518352940151938101939093525092909150565b611311806100fe6000396000f3fe608060405234801561001057600080fd5b50600436106100575760003560e01c806349ce89971461005c5780635a191f72146100cf578063cfc4af55146100e4578063d2d16eb214610107578063fc30cad01461012a575b600080fd5b6100b761006a366004610aab565b6003602090815260009182526040918290208054835180850190945260018201548452600290910154918301919091526001600160a01b03811691600160a01b90910463ffffffff169083565b6040516100c693929190610ac4565b60405180910390f35b6100e26100dd366004610ded565b610155565b005b6001546002546100f2919082565b604080519283526020830191909152016100c6565b61011a610115366004610fca565b6102d3565b60405190151581526020016100c6565b60005461013d906001600160a01b031681565b6040516001600160a01b0390911681526020016100c6565b426000908152600360205260409020546001600160a01b0316156101dd5760405162461bcd60e51b815260206004820152603460248201527f4d6f636b526f6c6c75702e706f7374436f6d6d69746d656e743a20436f6d6d696044820152731d1b595b9d08185b1c9958591e481c1bdcdd195960621b60648201526084015b60405180910390fd5b60005460405163219460e160e21b815273a880e13cfe86209100dc9d7ccf83a1630d4e1c1a916386518384916102259186916001600160a01b03909116908690600401611159565b60006040518083038186803b15801561023d57600080fd5b505af4158015610251573d6000803e3d6000fd5b50506040805160608101825233815260208681015163ffffffff90811682840190815297518385019081524260009081526003845294909420925183549851909116600160a01b026001600160c01b03199098166001600160a01b03919091161796909617815590518051600183015590940151600290940193909355505050565b6000848152600360209081526040808320815160608101835281546001600160a01b038082168352600160a01b90910463ffffffff168286015283518085018552600184015481526002909301549483019490945291820152805190911661039b5760405162461bcd60e51b815260206004820152603560248201527f4d6f636b526f6c6c75702e6368616c6c656e6765436f6d6d69746d656e743a2060448201527410dbdb5b5a5d1b595b9d081b9bdd081c1bdcdd1959605a1b60648201526084016101d4565b806020015163ffffffff1685106104265760405162461bcd60e51b815260206004820152604360248201527f4d6f636b526f6c6c75702e6368616c6c656e6765436f6d6d69746d656e743a2060448201527f506f696e74206d757374206265206c657373207468616e2064617461206c656e6064820152620cee8d60eb1b608482015260a4016101d4565b604080518082018252600154815260025460208201529082015161044f9187918691908861045b565b9150505b949350505050565b60008061049261048d604080518082018252600080825260209182015281518083019092526001825260029082015290565b6104d8565b90506104cd6104ab6104a4838a610597565b879061062e565b846104c06104b9858b610597565b889061062e565b6104c86106c2565b610782565b979650505050505050565b604080518082019091526000808252602082015281511580156104fd57506020820151155b1561051b575050604080518082019091526000808252602082015290565b6040518060400160405280836000015181526020017f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4784602001516105609190611224565b61058a907f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4761125c565b905292915050565b919050565b60408051808201909152600080825260208201526105b36109ef565b835181526020808501519082015260408082018490526000908360608460076107d05a03fa90508080156105e6576105e8565bfe5b50806106265760405162461bcd60e51b815260206004820152600d60248201526c1958cb5b5d5b0b59985a5b1959609a1b60448201526064016101d4565b505092915050565b604080518082019091526000808252602082015261064a610a0d565b835181526020808501518183015283516040808401919091529084015160608301526000908360808460066107d05a03fa90508080156105e65750806106265760405162461bcd60e51b815260206004820152600d60248201526c1958cb5859190b59985a5b1959609a1b60448201526064016101d4565b6106ca610a2b565b50604080516080810182527f198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c28183019081527f1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed6060830152815281518083019092527f275dc4a288d1afb3cbb1ac09187524c7db36395df7be3b99e673b13a075a65ec82527f1d9befcd05a5323e6da4d435f3b617cdb3af83285c2df711ef39c01571827f9d60208381019190915281019190915290565b6040805180820182528581526020808201859052825180840190935285835282018390526000916107b1610a50565b60005b60028110156109765760006107ca826006611289565b90508482600281106107de576107de611273565b602002015151836107f08360006112a8565b600c811061080057610800611273565b602002015284826002811061081757610817611273565b6020020151602001518382600161082e91906112a8565b600c811061083e5761083e611273565b602002015283826002811061085557610855611273565b60200201515151836108688360026112a8565b600c811061087857610878611273565b602002015283826002811061088f5761088f611273565b60200201515160016020020151836108a88360036112a8565b600c81106108b8576108b8611273565b60200201528382600281106108cf576108cf611273565b6020020151602001516000600281106108ea576108ea611273565b6020020151836108fb8360046112a8565b600c811061090b5761090b611273565b602002015283826002811061092257610922611273565b60200201516020015160016002811061093d5761093d611273565b60200201518361094e8360056112a8565b600c811061095e5761095e611273565b6020020152508061096e816112c0565b9150506107b4565b5061097f610a6f565b60006020826101808560086107d05a03fa90508080156105e65750806109df5760405162461bcd60e51b81526020600482015260156024820152741c185a5c9a5b99cb5bdc18dbd9194b59985a5b1959605a1b60448201526064016101d4565b5051151598975050505050505050565b60405180606001604052806003906020820280368337509192915050565b60405180608001604052806004906020820280368337509192915050565b6040518060400160405280610a3e610a8d565b8152602001610a4b610a8d565b905290565b604051806101800160405280600c906020820280368337509192915050565b60405180602001604052806001906020820280368337509192915050565b60405180604001604052806002906020820280368337509192915050565b600060208284031215610abd57600080fd5b5035919050565b6001600160a01b038416815263ffffffff8316602082015260808101610453604083018480518252602090810151910152565b634e487b7160e01b600052604160045260246000fd5b6040516060810167ffffffffffffffff81118282101715610b3057610b30610af7565b60405290565b6040516080810167ffffffffffffffff81118282101715610b3057610b30610af7565b60405160a0810167ffffffffffffffff81118282101715610b3057610b30610af7565b6040805190810167ffffffffffffffff81118282101715610b3057610b30610af7565b604051601f8201601f1916810167ffffffffffffffff81118282101715610bc857610bc8610af7565b604052919050565b803563ffffffff8116811461059257600080fd5b803560ff8116811461059257600080fd5b600082601f830112610c0657600080fd5b813567ffffffffffffffff811115610c2057610c20610af7565b610c33601f8201601f1916602001610b9f565b818152846020838601011115610c4857600080fd5b816020850160208301376000918101602001919091529392505050565b600060608284031215610c7757600080fd5b610c7f610b0d565b9050813567ffffffffffffffff80821115610c9957600080fd5b9083019060808286031215610cad57600080fd5b610cb5610b36565b82358152602083013582811115610ccb57600080fd5b610cd787828601610bf5565b602083015250604083013582811115610cef57600080fd5b610cfb87828601610bf5565b604083015250610d0d60608401610bd0565b60608201528352505060208281013590820152610d2c60408301610bd0565b604082015292915050565b600060a08284031215610d4957600080fd5b610d51610b59565b9050610d5c82610bd0565b8152610d6a60208301610be4565b6020820152604082013567ffffffffffffffff80821115610d8a57600080fd5b610d9685838601610c65565b60408401526060840135915080821115610daf57600080fd5b610dbb85838601610bf5565b60608401526080840135915080821115610dd457600080fd5b50610de184828501610bf5565b60808301525092915050565b6000806040808486031215610e0157600080fd5b833567ffffffffffffffff80821115610e1957600080fd5b90850190818703608080821215610e2f57600080fd5b610e37610b0d565b85831215610e4457600080fd5b610e4c610b7c565b92508435835260208086013581850152838252610e6a878701610bd0565b81830152606093508386013585811115610e8357600080fd5b8087019650508a601f870112610e9857600080fd5b853585811115610eaa57610eaa610af7565b610eb8828260051b01610b9f565b81815260079190911b8701820190828101908d831115610ed757600080fd5b978301975b82891015610f435785898f031215610ef45760008081fd5b610efc610b36565b610f058a610be4565b8152610f12858b01610be4565b85820152610f218b8b01610be4565b8b820152610f30888b01610bd0565b8189015282529785019790830190610edc565b98840198909852509097508801359450505080831115610f6257600080fd5b5050610f7085828601610d37565b9150509250929050565b600082601f830112610f8b57600080fd5b610f93610b7c565b806040840185811115610fa557600080fd5b845b81811015610fbf578035845260209384019301610fa7565b509095945050505050565b60008060008084860360e0811215610fe157600080fd5b85359450602086013593506080603f1982011215610ffe57600080fd5b50611007610b7c565b6110148760408801610f7a565b81526110238760808801610f7a565b60208201529396929550929360c00135925050565b6000815180845260005b8181101561105e57602081850181015186830182015201611042565b81811115611070576000602083870101525b50601f01601f19169290920160200192915050565b600063ffffffff80835116845260ff6020840151166020850152604083015160a060408601528051606060a08701528051610100870152602081015160806101208801526110d7610180880182611038565b9050604082015160ff19888303016101408901526110f58282611038565b91505083606083015116610160880152602083015160c08801528360408401511660e08801526060860151935086810360608801526111348185611038565b9350505050608083015184820360808601526111508282611038565b95945050505050565b6060808252845180518383015260200151608083015260009060e0830160208088015163ffffffff80821660a088015260409150818a015160808060c08a01528582518088526101008b0191508684019750600093505b808410156111f3578751805160ff9081168452888201518116898501528782015116878401528901518516898301529686019660019390930192908201906111b0565b506001600160a01b038c168a870152898103858b0152611213818c611085565b9d9c50505050505050505050505050565b60008261124157634e487b7160e01b600052601260045260246000fd5b500690565b634e487b7160e01b600052601160045260246000fd5b60008282101561126e5761126e611246565b500390565b634e487b7160e01b600052603260045260246000fd5b60008160001904831182151516156112a3576112a3611246565b500290565b600082198211156112bb576112bb611246565b500190565b60006000198214156112d4576112d4611246565b506001019056fea2646970667358221220eefed6b6987515689d6d4570dfd8fc829230801dc6f49919506cecc6c9134c2764736f6c634300080c003300000000000000000000000054a03db2784e3d0acc08344d05385d0b62d4f432030644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd315ed738c0e0a7c92e7845f96b2ae9c0a68a6a449e3538fc7ff3ebf7a5a18a2c4
Deployed Bytecode
0x608060405234801561001057600080fd5b50600436106100575760003560e01c806349ce89971461005c5780635a191f72146100cf578063cfc4af55146100e4578063d2d16eb214610107578063fc30cad01461012a575b600080fd5b6100b761006a366004610aab565b6003602090815260009182526040918290208054835180850190945260018201548452600290910154918301919091526001600160a01b03811691600160a01b90910463ffffffff169083565b6040516100c693929190610ac4565b60405180910390f35b6100e26100dd366004610ded565b610155565b005b6001546002546100f2919082565b604080519283526020830191909152016100c6565b61011a610115366004610fca565b6102d3565b60405190151581526020016100c6565b60005461013d906001600160a01b031681565b6040516001600160a01b0390911681526020016100c6565b426000908152600360205260409020546001600160a01b0316156101dd5760405162461bcd60e51b815260206004820152603460248201527f4d6f636b526f6c6c75702e706f7374436f6d6d69746d656e743a20436f6d6d696044820152731d1b595b9d08185b1c9958591e481c1bdcdd195960621b60648201526084015b60405180910390fd5b60005460405163219460e160e21b815273a880e13cfe86209100dc9d7ccf83a1630d4e1c1a916386518384916102259186916001600160a01b03909116908690600401611159565b60006040518083038186803b15801561023d57600080fd5b505af4158015610251573d6000803e3d6000fd5b50506040805160608101825233815260208681015163ffffffff90811682840190815297518385019081524260009081526003845294909420925183549851909116600160a01b026001600160c01b03199098166001600160a01b03919091161796909617815590518051600183015590940151600290940193909355505050565b6000848152600360209081526040808320815160608101835281546001600160a01b038082168352600160a01b90910463ffffffff168286015283518085018552600184015481526002909301549483019490945291820152805190911661039b5760405162461bcd60e51b815260206004820152603560248201527f4d6f636b526f6c6c75702e6368616c6c656e6765436f6d6d69746d656e743a2060448201527410dbdb5b5a5d1b595b9d081b9bdd081c1bdcdd1959605a1b60648201526084016101d4565b806020015163ffffffff1685106104265760405162461bcd60e51b815260206004820152604360248201527f4d6f636b526f6c6c75702e6368616c6c656e6765436f6d6d69746d656e743a2060448201527f506f696e74206d757374206265206c657373207468616e2064617461206c656e6064820152620cee8d60eb1b608482015260a4016101d4565b604080518082018252600154815260025460208201529082015161044f9187918691908861045b565b9150505b949350505050565b60008061049261048d604080518082018252600080825260209182015281518083019092526001825260029082015290565b6104d8565b90506104cd6104ab6104a4838a610597565b879061062e565b846104c06104b9858b610597565b889061062e565b6104c86106c2565b610782565b979650505050505050565b604080518082019091526000808252602082015281511580156104fd57506020820151155b1561051b575050604080518082019091526000808252602082015290565b6040518060400160405280836000015181526020017f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4784602001516105609190611224565b61058a907f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4761125c565b905292915050565b919050565b60408051808201909152600080825260208201526105b36109ef565b835181526020808501519082015260408082018490526000908360608460076107d05a03fa90508080156105e6576105e8565bfe5b50806106265760405162461bcd60e51b815260206004820152600d60248201526c1958cb5b5d5b0b59985a5b1959609a1b60448201526064016101d4565b505092915050565b604080518082019091526000808252602082015261064a610a0d565b835181526020808501518183015283516040808401919091529084015160608301526000908360808460066107d05a03fa90508080156105e65750806106265760405162461bcd60e51b815260206004820152600d60248201526c1958cb5859190b59985a5b1959609a1b60448201526064016101d4565b6106ca610a2b565b50604080516080810182527f198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c28183019081527f1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed6060830152815281518083019092527f275dc4a288d1afb3cbb1ac09187524c7db36395df7be3b99e673b13a075a65ec82527f1d9befcd05a5323e6da4d435f3b617cdb3af83285c2df711ef39c01571827f9d60208381019190915281019190915290565b6040805180820182528581526020808201859052825180840190935285835282018390526000916107b1610a50565b60005b60028110156109765760006107ca826006611289565b90508482600281106107de576107de611273565b602002015151836107f08360006112a8565b600c811061080057610800611273565b602002015284826002811061081757610817611273565b6020020151602001518382600161082e91906112a8565b600c811061083e5761083e611273565b602002015283826002811061085557610855611273565b60200201515151836108688360026112a8565b600c811061087857610878611273565b602002015283826002811061088f5761088f611273565b60200201515160016020020151836108a88360036112a8565b600c81106108b8576108b8611273565b60200201528382600281106108cf576108cf611273565b6020020151602001516000600281106108ea576108ea611273565b6020020151836108fb8360046112a8565b600c811061090b5761090b611273565b602002015283826002811061092257610922611273565b60200201516020015160016002811061093d5761093d611273565b60200201518361094e8360056112a8565b600c811061095e5761095e611273565b6020020152508061096e816112c0565b9150506107b4565b5061097f610a6f565b60006020826101808560086107d05a03fa90508080156105e65750806109df5760405162461bcd60e51b81526020600482015260156024820152741c185a5c9a5b99cb5bdc18dbd9194b59985a5b1959605a1b60448201526064016101d4565b5051151598975050505050505050565b60405180606001604052806003906020820280368337509192915050565b60405180608001604052806004906020820280368337509192915050565b6040518060400160405280610a3e610a8d565b8152602001610a4b610a8d565b905290565b604051806101800160405280600c906020820280368337509192915050565b60405180602001604052806001906020820280368337509192915050565b60405180604001604052806002906020820280368337509192915050565b600060208284031215610abd57600080fd5b5035919050565b6001600160a01b038416815263ffffffff8316602082015260808101610453604083018480518252602090810151910152565b634e487b7160e01b600052604160045260246000fd5b6040516060810167ffffffffffffffff81118282101715610b3057610b30610af7565b60405290565b6040516080810167ffffffffffffffff81118282101715610b3057610b30610af7565b60405160a0810167ffffffffffffffff81118282101715610b3057610b30610af7565b6040805190810167ffffffffffffffff81118282101715610b3057610b30610af7565b604051601f8201601f1916810167ffffffffffffffff81118282101715610bc857610bc8610af7565b604052919050565b803563ffffffff8116811461059257600080fd5b803560ff8116811461059257600080fd5b600082601f830112610c0657600080fd5b813567ffffffffffffffff811115610c2057610c20610af7565b610c33601f8201601f1916602001610b9f565b818152846020838601011115610c4857600080fd5b816020850160208301376000918101602001919091529392505050565b600060608284031215610c7757600080fd5b610c7f610b0d565b9050813567ffffffffffffffff80821115610c9957600080fd5b9083019060808286031215610cad57600080fd5b610cb5610b36565b82358152602083013582811115610ccb57600080fd5b610cd787828601610bf5565b602083015250604083013582811115610cef57600080fd5b610cfb87828601610bf5565b604083015250610d0d60608401610bd0565b60608201528352505060208281013590820152610d2c60408301610bd0565b604082015292915050565b600060a08284031215610d4957600080fd5b610d51610b59565b9050610d5c82610bd0565b8152610d6a60208301610be4565b6020820152604082013567ffffffffffffffff80821115610d8a57600080fd5b610d9685838601610c65565b60408401526060840135915080821115610daf57600080fd5b610dbb85838601610bf5565b60608401526080840135915080821115610dd457600080fd5b50610de184828501610bf5565b60808301525092915050565b6000806040808486031215610e0157600080fd5b833567ffffffffffffffff80821115610e1957600080fd5b90850190818703608080821215610e2f57600080fd5b610e37610b0d565b85831215610e4457600080fd5b610e4c610b7c565b92508435835260208086013581850152838252610e6a878701610bd0565b81830152606093508386013585811115610e8357600080fd5b8087019650508a601f870112610e9857600080fd5b853585811115610eaa57610eaa610af7565b610eb8828260051b01610b9f565b81815260079190911b8701820190828101908d831115610ed757600080fd5b978301975b82891015610f435785898f031215610ef45760008081fd5b610efc610b36565b610f058a610be4565b8152610f12858b01610be4565b85820152610f218b8b01610be4565b8b820152610f30888b01610bd0565b8189015282529785019790830190610edc565b98840198909852509097508801359450505080831115610f6257600080fd5b5050610f7085828601610d37565b9150509250929050565b600082601f830112610f8b57600080fd5b610f93610b7c565b806040840185811115610fa557600080fd5b845b81811015610fbf578035845260209384019301610fa7565b509095945050505050565b60008060008084860360e0811215610fe157600080fd5b85359450602086013593506080603f1982011215610ffe57600080fd5b50611007610b7c565b6110148760408801610f7a565b81526110238760808801610f7a565b60208201529396929550929360c00135925050565b6000815180845260005b8181101561105e57602081850181015186830182015201611042565b81811115611070576000602083870101525b50601f01601f19169290920160200192915050565b600063ffffffff80835116845260ff6020840151166020850152604083015160a060408601528051606060a08701528051610100870152602081015160806101208801526110d7610180880182611038565b9050604082015160ff19888303016101408901526110f58282611038565b91505083606083015116610160880152602083015160c08801528360408401511660e08801526060860151935086810360608801526111348185611038565b9350505050608083015184820360808601526111508282611038565b95945050505050565b6060808252845180518383015260200151608083015260009060e0830160208088015163ffffffff80821660a088015260409150818a015160808060c08a01528582518088526101008b0191508684019750600093505b808410156111f3578751805160ff9081168452888201518116898501528782015116878401528901518516898301529686019660019390930192908201906111b0565b506001600160a01b038c168a870152898103858b0152611213818c611085565b9d9c50505050505050505050505050565b60008261124157634e487b7160e01b600052601260045260246000fd5b500690565b634e487b7160e01b600052601160045260246000fd5b60008282101561126e5761126e611246565b500390565b634e487b7160e01b600052603260045260246000fd5b60008160001904831182151516156112a3576112a3611246565b500290565b600082198211156112bb576112bb611246565b500190565b60006000198214156112d4576112d4611246565b506001019056fea2646970667358221220eefed6b6987515689d6d4570dfd8fc829230801dc6f49919506cecc6c9134c2764736f6c634300080c0033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
00000000000000000000000054a03db2784e3d0acc08344d05385d0b62d4f432030644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd315ed738c0e0a7c92e7845f96b2ae9c0a68a6a449e3538fc7ff3ebf7a5a18a2c4
-----Decoded View---------------
Arg [0] : _eigenDAServiceManager (address): 0x54A03db2784E3D0aCC08344D05385d0b62d4F432
Arg [1] : _tau (tuple): System.Collections.Generic.List`1[Nethereum.ABI.FunctionEncoding.ParameterOutput]
-----Encoded View---------------
3 Constructor Arguments found :
Arg [0] : 00000000000000000000000054a03db2784e3d0acc08344d05385d0b62d4f432
Arg [1] : 030644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd3
Arg [2] : 15ed738c0e0a7c92e7845f96b2ae9c0a68a6a449e3538fc7ff3ebf7a5a18a2c4
Loading...
Loading
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.