feat: backend mechanics for OVM self-upgrades

[ben-chain]

Description
This PR to the 0.3.0 release candidate gives the execution manager access to directly setting account code and storage, so that versioning can be performed from within the L2 state transitions.

Additional context

• Builds on the 0.3.0-rc.
• Does not yet have authentication for the OVM_UpgradeExecutor.
• Most pressing next steps I see:
  • Add integration test which interacts with/uses the new storage and code to make sure we're not just persisting these updates at the eth_getCode/eth_getStorageAt RPC level.
  • Add integration test for upgrading the EM (how to do this? Can I just upgrade to something with a constant return value? This would brick the chain but it's harder to validate/access a "different" EM whose version we can check)

[changeset-bot]

⚠️ No Changeset found

Latest commit: ae262be

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[ben-chain]

Resolving from the L2-compiled AM was a pain here since you need to construct an ovmCALL to the AM to load storage from the correct account. I figured since this will be chugsplash-ified and moved into a storage contract anyways, it's fine to leave for now.

[gakonst]

Think you forgot to finish the sentence :D chugsplash-ified -> what does this mean?

[gakonst]

Maybe better to refactor the address to a constant?

[ben-chain]

Edited -- TLDR: it will be moved to storage.

[smartcontracts]

Can we use storage in the execution manager? If not, I think we should just make it a constant.

[gakonst]

Or an immutable.

[gakonst]

Tests are failing due to the gas cost changing.

[smartcontracts]

Can we use storage in the execution manager? If not, I think we should just make it a constant.

[maurelian]

The authenticated modifier allows calls from either the EM or StateTransitioner.

I think we could reduce the attack surface, and avoid 'implicit behavior' by breaking that check into two modifiers, or perhaps a single modifier which accepts an array of authorized callers (more like the new onlyCallableBy() modifier above).

[ben-chain]

@maurelian Can you make a quick little issue for this? Think it should be dealt with in a separate PR.

[maurelian]

Shouldn't there be some access control on each of these functions?

[ben-chain]

Yeah, this is just a placeholder for the sake of integration testing. I'll add a comment to make this clearer.

[smartcontracts]

This PR is now the base of the v0.4.0 branch. I'm going to update #653 to point to that branch.

[smartcontracts]

Going to close this in favor of simply having it be the base of v0.4.0. Will be fixing any remaining issues with this PR in a separate PR against that branch.

[smartcontracts]

As per conversation with @ben-chain, @snario, and @karlfloersch, we're going to reopen this PR and try to merge it into v0.4.0-rc.

[tynes]

Note that during debug_traceTransaction the EthCallSender is nil and will hit this block. We don't have a good solution to this right now

[ben-chain]

What is the problem you are referring to a solution of here? I added this because the diff proof should include changed accounts if we want to prove fraud on an upgrade tx.

[tynes]

This logline can become very expensive and will pollute the logs with large amounts of code. Could we remove the second half of the logline? code + hex.EncodeToString

[ben-chain]

I have rebased and renamed this branch to reflect intended release version. Closing this one and will re-open there.