fix: proposer sign digest of attestations#16753
Merged
Conversation
Contributor
Author
LHerskind
force-pushed
the
lh/tmnt-207-proposer-griefing-dos
branch
2 times, most recently
from
18fb2e7 to
87a808d
Compare
LHerskind
commented
Sep 5, 2025
LHerskind
force-pushed
the
lh/tmnt-207-proposer-griefing-dos
branch
from
87a808d to
e9f577f
Compare
This was referenced Sep 8, 2025
LHerskind
force-pushed
the
lh/tmnt-207-proposer-griefing-dos
branch
from
e9f577f to
2f71e44
Compare
just-mitch
reviewed
Sep 8, 2025
|
|
||
| const timer = new Timer(); | ||
| let collectedAttestionsCount: number = 0; | ||
| let collectedAttestationsCount: number = 0; |
just-mitch
reviewed
Sep 8, 2025
| logger: Logger, | ||
| ) => { | ||
| logger.info(`Deploying shared contracts for network configration: ${networkName}`); | ||
| logger.info(`Deploying shared contracts for network configuration: ${networkName}`); |
Collaborator
There was a problem hiding this comment.
If you didn't install cspell, my mind is absolutely blown hahah
just-mitch
approved these changes
Sep 8, 2025
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
github-merge-queue bot
pushed a commit
that referenced
this pull request
Sep 9, 2025
To avoid a potential frontrunning issue, we need the proposer sign over the (attestaions, signers) data such that someone else cannot alter it to make an invalid block and dos. This does increase the cost of propose 😭 Some things I ran into when during this: - There were a bunch of tech debt for the propose in the sequencer, it would pass along the `txHashes` but that is not something we have done for quite some time now. So I removed those. - I got rid of the `PackAttestation` in rollup.ts and had separate class to easily have the digest computation etc
This was referenced Sep 10, 2025
Merged
PhilWindle
pushed a commit
that referenced
this pull request
Sep 30, 2025
Plenty contract PR's have been implemented since the cut of V2. I'm taking a look into them to figure out if we need all of them. And can make a potential monster cherry pick. ```bash git --no-pager log --oneline v2..next -- "l1-contracts/" 44e3f64 fix: tmnt 412 70f004d fix: tmnt 405, 411, 413, 414, 418, 419, 421, 425 b02160b fix: Fix the hash to point function randomness 5cd8f41 fix: gas boundary and removal of isOnCurve a310dd9 chore: fix misc issues for clarity 46e3dd7 chore: update gse deposit natspec (#17247) 7a12a96 chore: add comment to addRollup 3887ea2 feat: queue flushing update a3e23b9 Checkpoint circuits. 545904b (origin/saleel/zkpassport-update) chore: add validity period check on zkpassport (#17054) 10e4df4 chore: update zkpassport version (#17044) ffd05ca (tag: v3.0.0-nightly.20250915) chore: update coin issuer rate (#16985) ac300f4 chore: Fix governance vote test (#17023) e7136e6 chore: Fix governance vote test 4502f07 fix: unbounded lock delay (#16951) ba13aa6 (origin/gh-readonly-queue/next/pr-16971-0fcfb7625e38cd58b602a8b09b1f6b48cfbc693a) feat: Allow vetoer to disable slasher temporarily (#16971) cf3afa8 (origin/palla/disable-slashing) feat: Allow vetoer to disable slasher 0fcfb76 (origin/gh-readonly-queue/next/pr-16950-d6cff17e9a10e8305925d1cd1020c30a0e3eb6bf) fix: error prefix (#16950) 50b0c1d chore: reject gov deposit into gov (#16917) 1175713 chore: update coin issuer rate 45e3bdb fix: unbounded lock delay 93976d6 fix: error prefix 95c296f chore: reject gov deposit into gov b208c8e (origin/09-11-refactor_fixing_offchain_onchain_naming) refactor: fixing offchain/onchain naming e87438b chore: minor misc solidity changes a29ccaa fix: align timestamps for sample values 31331e2 (origin/gh-readonly-queue/next/pr-16934-7188c46c1b4a151b77c3ec5a4a8817a19b74927c) chore: Fix slash veto demo flake (#16934) b59e100 (origin/palla/try-fix-veto-demo-flake) chore: Try fix slash veto demo flake 2695b7b fix: never use cache in `verifyProposer` 9193dfb chore: add few extra checks f85a17f feat: local ejection threshold 97928de (origin/gh-readonly-queue/next/pr-16753-5475f5b912ae31492bb93c783f08ca6f7d38b2c6) fix: proposer sign digest of attestations (#16753) 87038a3 chore: silence unhelpful forge lints (#16809) 1305503 (origin/tf/silence-forge-lints) chore: silence unhelpful forge lints 2f71e44 fix: proposer sign digest of attestations f4b78b5 Merge branch 'next' into merge-train/avm ``` I'll be cherry picking these with a few exceptions, namely: ```bash a3e23b9 Checkpoint circuits. b208c8e (origin/09-11-refactor_fixing_offchain_onchain_naming) refactor: fixing offchain/onchain naming ``` as these are touching so so many files. a3e23b9 deals with the checkpoint building, which we don't really need for ignition. And the other is just spelling in the comments. And to be frank, I'm not feeling all that great about doing a 125 file commit backport just for spelling in the comments --------- Co-authored-by: TomAFrench <15848336+TomAFrench@users.noreply.github.com> Co-authored-by: Santiago Palladino <santiago@aztec-labs.com> Co-authored-by: saleel <saleel@saleel.xyz>
| CommitteeAttestations memory _attestations, | ||
| address[] calldata _signers, | ||
| Signature memory _attestationsAndSignersSignature, | ||
| bytes32 _digest, |
There was a problem hiding this comment.
Missing natspec for _attestationsAndSignersSignature here.
| CommitteeAttestations memory _attestations, | ||
| address[] memory _signers, | ||
| Signature calldata _attestationsAndSignersSignature, | ||
| bytes calldata _blobsInput, |
There was a problem hiding this comment.
Missing natspec for _attestationsAndSignersSignature here.
ludamad
pushed a commit
that referenced
this pull request
Dec 16, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
To avoid a potential frontrunning issue, we need the proposer sign over the (attestaions, signers) data such that someone else cannot alter it to make an invalid block and dos.
This does increase the cost of propose 😭
Some things I ran into when during this:
txHashesbut that is not something we have done for quite some time now. So I removed those.PackAttestationin rollup.ts and had separate class to easily have the digest computation etc