fix(ctb): Address DoS vulnerability in OptimismPortal's proveWithdrawalTransaction

[clabby]

Overview

Fixes a high severity vulnerability in OptimismPortal that was introduced in #3836.

Prior to this fix, a malicious party could censor a withdrawal by repeatedly proving it, causing the 7 day timer to reset each time. The solution is to not allow any withdrawalHash to be proven more than once unless the withdrawal is re-proven with a different outputRoot / outputRootProof.

Tests

Added:

• test_proveWithdrawalTransaction_replayProve_reverts
• test_proveWithdrawalTransaction_replayProveChangedOutputRoot_success

Additional context

See November 2022 TOB Audit Week 1 report.

[changeset-bot]

🦋 Changeset detected

Latest commit: 9d06292

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 5 packages

Name	Type
@eth-optimism/contracts-bedrock	Patch
@eth-optimism/actor-tests	Patch
@eth-optimism/sdk	Patch
@eth-optimism/drippie-mon	Patch
@eth-optimism/message-relayer	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[mergify]

Hey @clabby! This PR has merge conflicts. Please fix them before continuing review.

[codecov-commenter]

Codecov Report

Merging #4025 (9f02838) into develop (ee7abf3) will increase coverage by 0.00%.
The diff coverage is 100.00%.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop    #4025   +/-   ##
========================================
  Coverage    43.59%   43.60%           
========================================
  Files          328      328           
  Lines        17156    17158    +2     
  Branches       781      782    +1     
========================================
+ Hits          7480     7482    +2     
- Misses        9171     9172    +1     
+ Partials       505      504    -1     

Flag	Coverage Δ
bedrock-go-tests	37.94% <ø> (ø)
contracts-bedrock-tests	38.51% <100.00%> (+0.17%)	⬆️
contracts-governance-tests	83.05% <ø> (ø)
contracts-periphery-tests	96.49% <ø> (ø)
contracts-tests	98.92% <ø> (ø)
core-utils-tests	60.63% <ø> (ø)
dtl-tests	47.15% <ø> (ø)
fault-detector-tests	34.18% <ø> (ø)
sdk-tests	40.01% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
.../contracts-bedrock/contracts/L1/OptimismPortal.sol	94.73% <100.00%> (+0.29%)	⬆️
op-node/heartbeat/service.go	54.05% <0.00%> (-10.82%)	⬇️
op-node/sources/batching.go	81.25% <0.00%> (-4.47%)	⬇️
op-node/p2p/discovery.go	70.10% <0.00%> (+3.09%)	⬆️

[maurelian]

Left some minor suggestions but generally LGTM

[mergify]

Hey @clabby! This PR has merge conflicts. Please fix them before continuing review.

[clabby]

@smartcontracts @maurelian The *-docker-build actions don't seem to like the branch name here- re-opened under #4057 with a passing CI.