diff --git a/Makefile b/Makefile index 2dcbcdce..ed412519 100644 --- a/Makefile +++ b/Makefile @@ -119,7 +119,7 @@ checkout-base-contracts-commit: ## # Task Signer Tool ## -SIGNER_TOOL_COMMIT=abbfa09210582eca32ad4873d862994a5957fbc2 +SIGNER_TOOL_COMMIT=6ec0ba6546ea8672ba0062580db65542550346d0 SIGNER_TOOL_PATH=signer-tool .PHONY: checkout-signer-tool diff --git a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/.env b/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/.env deleted file mode 100644 index 59d7f7f2..00000000 --- a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/.env +++ /dev/null @@ -1,9 +0,0 @@ -OP_COMMIT=8d0dd96e494b2ba154587877351e87788336a4ec -BASE_CONTRACTS_COMMIT=6ca464d118d2d33331ea44893f0930f753663f60 - -L1_SAFE=0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c -TARGET=0xb3C2f9fC2727078EC3A2255410e83BA5B62c5B5f - -OWNER_SAFE=0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940 -CB_SIGNER_SAFE_ADDR=0x6e1DFd5C1E22A4677663A81D24C6BA03561ef0f6 -OP_SIGNER_SAFE_ADDR=0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0 diff --git a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/Makefile b/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/Makefile deleted file mode 100644 index 17eca2d6..00000000 --- a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/Makefile +++ /dev/null @@ -1,38 +0,0 @@ -include ../../Makefile -include ../.env -include .env - -L2_RPC_URL=https://mainnet.optimism.io - -ifndef LEDGER_ACCOUNT -override LEDGER_ACCOUNT = 0 -endif - -.PHONY: sign-cb -sign-cb: - $(GOPATH)/bin/eip712sign --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" -- \ - forge script --rpc-url $(L2_RPC_URL) InitOwnershipTransfer \ - --sig "sign(address)" $(CB_SIGNER_SAFE_ADDR) - -.PHONY: sign-op -sign-op: - $(GOPATH)/bin/eip712sign --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" -- \ - forge script --rpc-url $(L2_RPC_URL) InitOwnershipTransfer \ - --sig "sign(address)" $(OP_SIGNER_SAFE_ADDR) - -.PHONY: approve-cb -approve-cb: - forge script --rpc-url $(L2_RPC_URL) InitOwnershipTransfer \ - --sig "approve(address,bytes)" $(CB_SIGNER_SAFE_ADDR) $(SIGNATURES) \ - --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv - -.PHONY: approve-op -approve-op: - forge script --rpc-url $(L2_RPC_URL) InitOwnershipTransfer \ - --sig "approve(address,bytes)" $(OP_SIGNER_SAFE_ADDR) $(SIGNATURES) \ - --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv - -.PHONY: execute -execute: - forge script --rpc-url $(L2_RPC_URL) InitOwnershipTransfer \ - --sig "run()" --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv diff --git a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/README.md b/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/README.md deleted file mode 100644 index 71db014e..00000000 --- a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/README.md +++ /dev/null @@ -1,174 +0,0 @@ -# Initiate SmartEscrow Ownership Transfer - -Status: PENDING - -## Description - -We wish to update the owner of our [SmartEscrow](https://optimistic.etherscan.io/address/0xb3c2f9fc2727078ec3a2255410e83ba5b62c5b5f) contract on OP Mainnet to be the aliased address of our L1 [ProxyAdminOwner](https://etherscan.io/address/0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c). The `SmartEscrow` contract inherits access control mechanisms from OpenZeppelin's `AccessControlDefaultAdminRules`, which requires an ownership transfer to be invoked in two separate steps: - -1. Initiate the transfer to a new owner from the existing owner -2. Accept the transfer from the pending new owner after a configured delay - -This task represents the initiation step. A subsequent task will be written for ownership acceptance after a 5 day delay. - -## Procedure - -### 1. Update repo: - -```bash -cd contract-deployments -git pull -cd mainnet/2025-04-07-init-smart-escrow-ownership-transfer -make deps -``` - -### 2. Setup Ledger - -Your Ledger needs to be connected and unlocked. The Ethereum -application needs to be opened on Ledger with the message "Application -is ready". - -### 3. Run relevant script(s) - -#### Sign the transaction - -Coinbase signer: - -```bash -make sign-cb -``` - -Op signer: - -```bash -make sign-op -``` - -You will see a "Simulation link" from the output. - -Paste this URL in your browser. A prompt may ask you to choose a -project, any project will do. You can create one if necessary. - -Click "Simulate Transaction". - -We will be performing 3 validations and extract the domain hash and message hash to approve on your Ledger: - -1. Validate integrity of the simulation. -2. Validate correctness of the state diff. -3. Validate and extract domain hash and message hash to approve. - -##### 3.1 Validate integrity of the simulation. - -Make sure you are on the "Overview" tab of the tenderly simulation, to -validate integrity of the simulation, we need to check the following: - -1. "Network": Check the network is OP Mainnet. -2. "Timestamp": Check the simulation is performed on a block with a - recent timestamp (i.e. close to when you run the script). -3. "Sender": Check the address shown is your signer account. If not see the derivation path Note above. - -##### 3.2. Validate correctness of the state diff. - -Now click on the "State" tab, and refer to the [State Validations](./VALIDATION.md) instructions for the transaction you are signing. -Once complete return to this document to complete the signing. - -##### 3.3. Extract the domain hash and the message hash to approve. - -Now that we have verified the transaction performs the right -operation, we need to extract the domain hash and the message hash to -approve. - -Go back to the "Overview" tab, and find the -`GnosisSafe.checkSignatures` call. This call's `data` parameter -contains both the domain hash and the message hash that will show up -in your Ledger. - -It will be a concatenation of `0x1901`, the domain hash, and the -message hash: `0x1901[domain hash][message hash]`. - -Note down this value. You will need to compare it with the ones -displayed on the Ledger screen at signing. - -Once the validations are done, it's time to actually sign the -transaction. - -> [!WARNING] -> This is the most security critical part of the playbook: make sure the -> domain hash and message hash in the following two places match: -> -> 1. On your Ledger screen. -> 2. In the Tenderly simulation. You should use the same Tenderly -> simulation as the one you used to verify the state diffs, instead -> of opening the new one printed in the console. -> -> There is no need to verify anything printed in the console. There is -> no need to open the new Tenderly simulation link either. - -After verification, sign the transaction. You will see the `Data`, -`Signer` and `Signature` printed in the console. Format should be -something like this: - -```shell -Data: -Signer:
-Signature: -``` - -Double check the signer address is the right one. - -##### 3.4 Send the output to Facilitator(s) - -Nothing has occurred onchain - these are offchain signatures which -will be collected by Facilitators for execution. Execution can occur -by anyone once a threshold of signatures are collected, so a -Facilitator will do the final execution for convenience. - -Share the `Data`, `Signer` and `Signature` with the Facilitator, and -congrats, you are done! - -### [For Facilitator ONLY] How to execute - -#### Approve the transaction - -1. IMPORTANT: Ensure op-challenger has been updated before executing. -1. Collect outputs from all participating signers. -1. Concatenate all signatures and export it as the `SIGNATURES` - environment variable, i.e. `export -SIGNATURES="[SIGNATURE1][SIGNATURE2]..."`. -1. Run the `make approve` command as described below to execute the transaction. - -For example, if the quorum is 2 and you get the following outputs: - -```shell -Data: 0xDEADBEEF -Signer: 0xC0FFEE01 -Signature: AAAA -``` - -```shell -Data: 0xDEADBEEF -Signer: 0xC0FFEE02 -Signature: BBBB -``` - -Then you should run: - -Coinbase facilitator: - -```bash -SIGNATURES=AAAABBBB make approve-cb -``` - -Optimism facilitator: - -```bash -SIGNATURES=AAAABBBB make approve-op -``` - -#### Execute the transaction - -Once the signatures have been submitted approving the transaction for all nested Safes run: - -```bash -make execute -``` diff --git a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/VALIDATION.md b/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/VALIDATION.md deleted file mode 100644 index a245b331..00000000 --- a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/VALIDATION.md +++ /dev/null @@ -1,144 +0,0 @@ -# Validation - -This document can be used to validate the inputs and result of the execution of the upgrade transaction which you are -signing. - -The steps are: - -1. [Validate the Domain and Message Hashes](#expected-domain-and-message-hashes) -2. [Verifying the state changes](#state-changes) - -## Expected Domain and Message Hashes - -First, we need to validate the domain and message hashes. These values should match both the values on your ledger and -the values printed to the terminal when you run the task. - -> [!CAUTION] -> -> Before signing, ensure the below hashes match what is on your ledger. -> -> ### Child Safe 1: `0x6e1DFd5C1E22A4677663A81D24C6BA03561ef0f6` (Base) -> -> - Domain Hash: `0x4ac8f60706331537a33c4a4cbda024cb722855e6b160a3e8b28ab487510598b1` -> - Message Hash: `0x3a25fa618752b5d5408cef7c063ff8f08f6a833e3ac131666452d099c4cb1896` -> -> ### Child Safe 2: `0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0` (Optimism Foundation) -> -> - Domain Hash: `0xb34978142f4478f3e5633915597a756daa58a1a59a3e0234f9acd5444f1ca70e` -> - Message Hash: `0x810c12369f2efe81a2a6825b3b41e8d9b4315ba44fdf286ff23d5c4637755689` - -# State Validations - -For each contract listed in the state diff, please verify that no contracts or state changes shown in the Tenderly diff are missing from this document. Additionally, please verify that for each contract: - -- The following state changes (and none others) are made to that contract. This validates that no unexpected state - changes occur. -- All addresses (in section headers and storage values) match the provided name, using the Etherscan and Superchain - Registry links provided. This validates the bytecode deployed at the addresses contains the correct logic. -- All key values match the semantic meaning provided, which can be validated using the storage layout links provided. - -## State Overrides - -### `0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940` (`ProxyAdminOwner` on OP Mainnet) - -- **Key**: `0x0000000000000000000000000000000000000000000000000000000000000004`
- **Override**: `0x0000000000000000000000000000000000000000000000000000000000000001`
- **Meaning**: Override the threshold to 1 so the transaction simulation can occur. - -### Nested Safe - -[For CB Signers] `0x6e1DFd5C1E22A4677663A81D24C6BA03561ef0f6` (`CB Nested Safe`) -[For OP Signers] `0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0` (`OP Nested Safe`) - -- **Key**: `0x0000000000000000000000000000000000000000000000000000000000000003`
- **Override**: `0x0000000000000000000000000000000000000000000000000000000000000001`
- **Meaning**: Override the owner count to 1 so the transaction simulation can occur. - -- **Key**: `0x0000000000000000000000000000000000000000000000000000000000000004`
- **Override**: `0x0000000000000000000000000000000000000000000000000000000000000001`
- **Meaning**: Override the threshold to 1 so the transaction simulation can occur. - -- **Key**: `0x316a0aac0d94f5824f0b66f5bbe94a8c360a17699a1d3a233aafcf7146e9f11c`
- **Override**: `0x0000000000000000000000000000000000000000000000000000000000000001`
- **Meaning**: This is owners[0xca11bde05977b3631167028862be2a173976ca11] -> 1, so the key can be derived from cast index address 0xca11bde05977b3631167028862be2a173976ca11 2. - -- **Key**: `0xe90b7bceb6e7df5418fb78d8ee546e97c83a08bbccc01a0644d599ccd2a7c2e0`
- **Override**: `0x000000000000000000000000ca11bde05977b3631167028862be2a173976ca11`
- **Meaning**: This is owners[1] -> 0xca11bde05977b3631167028862be2a173976ca11, so the key can be derived from cast index address 0x0000000000000000000000000000000000000001 2. - -## Task State Changes - -
-
------ DecodedStateDiff[0] -----
-  Who:               0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940
-  Contract:          ProxyAdminOwner - OP Mainnet
-  Chain ID:          10
-  Raw Slot:          0x0000000000000000000000000000000000000000000000000000000000000005
-  Raw Old Value:     0x0000000000000000000000000000000000000000000000000000000000000002
-  Raw New Value:     0x0000000000000000000000000000000000000000000000000000000000000003
-  Decoded Kind:      uint256
-  Decoded Old Value: 2
-  Decoded New Value: 3
-
-  Summary:           Increment nonce in ProxyAdminOwner
-
------ DecodedStateDiff[1] -----
-  Who:               0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940
-  Contract:          ProxyAdminOwner - OP Mainnet
-  Chain ID:          10
-  Raw Slot:          0xe23f453082938f6d8fda616d15a8d5919aec431dff18fc69ddf7fd4cd01bd59e
-  Raw Old Value:     0x0000000000000000000000000000000000000000000000000000000000000000
-  Raw New Value:     0x0000000000000000000000000000000000000000000000000000000000000001
-  Decoded Kind:      uint256
-  Decoded Old Value: 0
-  Decoded New Value: 1
-
-  Summary:           Transaction approval
-  Detail:            Approves the ownership transfer initiation transaction on behalf of the signing safe. The slot derivation depends on which safe is being signed for. This can be derived with `cast index bytes32 0xd806ab578902502aa5b3caf2d4a5d03b14a9e9522c8b9214ba4e05af1c39e2f4 $(cast index address $SIGNER_SAFE 8)`. For OP signers, the slot should be `0x8f6ea3dc592330bb5d3d2f07897e65e16fda3259be1ad4bc00d0033f29399eee`.
------ DecodedStateDiff[2] -----
-  Who:               0x6e1DFd5C1E22A4677663A81D24C6BA03561ef0f6 or 0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0
-  Contract:          Signer Safe - OP Mainnet
-  Chain ID:          10
-  Raw Slot:          0x0000000000000000000000000000000000000000000000000000000000000005
-  Raw Old Value:     0x0000000000000000000000000000000000000000000000000000000000000000
-  Raw New Value:     0x0000000000000000000000000000000000000000000000000000000000000001
-  Decoded Kind:      uint256
-  Decoded Old Value: 0
-  Decoded New Value: 1
-
-  Summary:           Increment nonce in Signer safe
-
------ DecodedStateDiff[3] -----
-  Who:               0xb3C2f9fC2727078EC3A2255410e83BA5B62c5B5f
-  Contract:          SmartEscrow - OP Mainnet
-  Chain ID:          10
-  Raw Slot:          0x0000000000000000000000000000000000000000000000000000000000000001
-  Raw Old Value:     0x0000000697800000000000000000000000000000000000000000000000000000
-  Raw New Value:     0x000000069780000067fba22c8cc51c3008b3f03fe483b28b8db90e19cf076a6d
-  Decoded Kind:      uint48, uint48, address
-  Decoded Old Value: 432000, 0, 0x0000000000000000000000000000000000000000
-  Decoded New Value: 432000, 1744544300, 0x8cC51c3008b3f03Fe483B28B8Db90e19cF076a6d
-
-  Summary:           Sets the pending default admin for SmartEscrow
-  Detail:            This is a packed storage slot containing three values: `_currentDelay`, `_pendingDefaultAdminSchedule` and `_pendingDefaultAdmin`. The `_currentDelay` is set to 432000 which is 5 days (in seconds). `_pendingDefaultAdminSchedule` gets set to `block.timestamp + _currentDelay`. NOTE: the `_pendingDefaultAdminSchedule` may be different from what you see in you Tenderly simulation - this is ok! It's derived based on the current block.timestamp. The `_pendingDefaultAdmin` address gets set to `0x8cC51c3008b3f03Fe483B28B8Db90e19cF076a6d` which is the aliased address of `0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c` (`ProxyAdminOwner`).
-
-ATTENTION TASK REVIEWER: It is safe to continue if `_pendingDefaultAdminSchedule` is different than what is seen in the Tenderly state diff.
-
------ Additional Balance Changes -----
-  Who:               0x420000000000000000000000000000000000001A
-  Contract:          L1FeeValue - OP Mainnet
-  Chain ID:          10
-  Old Balance:       1892652089755161
-  New Balance:       1892663085405498
-
-  Summary:           L1 fees collected from the transaction
-  Detail:            Note: these values may differ from what you see in the Tenderly simulation - that is ok!
-
------ Additional Nonce Changes -----
-  Who:               0x6CD3850756b7894774Ab715D136F9dD02837De50
-
-  Details:           Nonce Updates for all addresses listed above.
-  Summary:
-    - 0x6CD3850756b7894774Ab715D136F9dD02837De50 is the caller
-
diff --git a/mainnet/2025-11-21-transfer-smart-escrow-ownership/.env b/mainnet/2025-11-21-transfer-smart-escrow-ownership/.env new file mode 100644 index 00000000..b0e395d5 --- /dev/null +++ b/mainnet/2025-11-21-transfer-smart-escrow-ownership/.env @@ -0,0 +1,11 @@ +OP_COMMIT=d09c836f818c73ae139f60b717654c4e53712743 +BASE_CONTRACTS_COMMIT=51788f920e368e72c63cef24a5e1ea0f6562d9a5 + +RECORD_STATE_DIFF=true + +L1_OWNER_SAFE=0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c + +SMART_ESCROW=0xb3C2f9fC2727078EC3A2255410e83BA5B62c5B5f +OWNER_SAFE=0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940 +CB_SIGNER_SAFE_ADDR=0x6e1DFd5C1E22A4677663A81D24C6BA03561ef0f6 +OP_SIGNER_SAFE_ADDR=0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0 diff --git a/mainnet/2025-11-21-transfer-smart-escrow-ownership/FACILITATORS.md b/mainnet/2025-11-21-transfer-smart-escrow-ownership/FACILITATORS.md new file mode 100644 index 00000000..e075503d --- /dev/null +++ b/mainnet/2025-11-21-transfer-smart-escrow-ownership/FACILITATORS.md @@ -0,0 +1,47 @@ +#### Execute the transaction + +1. Collect outputs from all participating signers. +1. Concatenate all signatures and export it as the `SIGNATURES` + environment variable, i.e. `export +SIGNATURES="[SIGNATURE1][SIGNATURE2]..."`. +1. Run the `make execute` or `make approve` command as described below to execute the transaction. + +For example, if the quorum is 3 and you get the following outputs: + +```shell +Data: 0xDEADBEEF +Signer: 0xC0FFEE01 +Signature: AAAA +``` + +```shell +Data: 0xDEADBEEF +Signer: 0xC0FFEE02 +Signature: BBBB +``` + +```shell +Data: 0xDEADBEEF +Signer: 0xC0FFEE03 +Signature: CCCC +``` + +Coinbase facilitator: + +```bash +SIGNATURES=AAAABBBBCCCC make approve-cb +``` + +```bash +SIGNATURES=AAAABBBBCCCC make approve-cb-sc +``` + +```bash +SIGNATURES=AAAABBBBCCCC make approve-op +``` + +Once the signatures have been submitted approving the transaction for all nested Safes run: + +```bash +make execute +``` \ No newline at end of file diff --git a/mainnet/2025-11-21-transfer-smart-escrow-ownership/Makefile b/mainnet/2025-11-21-transfer-smart-escrow-ownership/Makefile new file mode 100644 index 00000000..aafae4d1 --- /dev/null +++ b/mainnet/2025-11-21-transfer-smart-escrow-ownership/Makefile @@ -0,0 +1,55 @@ +include ../../Makefile +include ../../Multisig.mk + +include ../.env +include .env + +ifndef LEDGER_ACCOUNT +override LEDGER_ACCOUNT = 0 +endif + +L2_RPC_URL=https://mainnet.optimism.io +RPC_URL = $(L2_RPC_URL) +SCRIPT_NAME = InitOwnershipTransfer + +# OWNER_SAFE/ +# ├── CB_SIGNER_SAFE_ADDR/ +# │ └── Signers +# └── OP_SIGNER_SAFE_ADDR/ +# └── Signers + +.PHONY: gen-validation-cb +gen-validation-cb: checkout-signer-tool run-script-cb + +.PHONY: run-script-cb +run-script-cb: + cd $(SIGNER_TOOL_PATH); \ + npm ci; \ + bun run scripts/genValidationFile.ts --rpc-url $(RPC_URL) \ + --ledger-id $(LEDGER_ACCOUNT) \ + --workdir .. --forge-cmd 'forge script --rpc-url $(RPC_URL) \ + $(SCRIPT_NAME) --sig "sign(address[])" "[$(CB_SIGNER_SAFE_ADDR)]" --sender 0x6CD3850756b7894774Ab715D136F9dD02837De50' --out ../validations/cb-signer.json; + +.PHONY: gen-validation-op +gen-validation-op: checkout-signer-tool run-script-op + +.PHONY: run-script-op +run-script-op: + cd $(SIGNER_TOOL_PATH); \ + npm ci; \ + bun run scripts/genValidationFile.ts --rpc-url $(RPC_URL) \ + --ledger-id $(LEDGER_ACCOUNT) \ + --workdir .. --forge-cmd 'forge script --rpc-url $(RPC_URL) \ + $(SCRIPT_NAME) --sig "sign(address[])" "[$(OP_SIGNER_SAFE_ADDR)]" --sender 0x4d494C5F61b60752D3A10062276a0eFC22596151' --out ../validations/op-signer.json; + +.PHONY: approve-cb +approve-cb: + $(call MULTISIG_APPROVE,$(CB_SIGNER_SAFE_ADDR),$(SIGNATURES)) + +.PHONY: approve-op +approve-op: + $(call MULTISIG_APPROVE,$(OP_SIGNER_SAFE_ADDR),$(SIGNATURES)) + +.PHONY: execute +execute: + $(call MULTISIG_EXECUTE,0x) diff --git a/mainnet/2025-11-21-transfer-smart-escrow-ownership/README.md b/mainnet/2025-11-21-transfer-smart-escrow-ownership/README.md new file mode 100644 index 00000000..ce7baf33 --- /dev/null +++ b/mainnet/2025-11-21-transfer-smart-escrow-ownership/README.md @@ -0,0 +1,58 @@ +# Initiate SmartEscrow Ownership Transfer + +Status: READY TO SIGN + +## Description + +We wish to update the owner of our [SmartEscrow](https://optimistic.etherscan.io/address/0xb3c2f9fc2727078ec3a2255410e83ba5b62c5b5f) contract on OP Mainnet to be the aliased address of our L1 [ProxyAdminOwner](https://etherscan.io/address/0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c). The `SmartEscrow` contract inherits access control mechanisms from OpenZeppelin's `AccessControlDefaultAdminRules`, which requires an ownership transfer to be invoked in two separate steps: + +1. Initiate the transfer to a new owner from the existing owner +2. Accept the transfer from the pending new owner after a configured delay + +This task represents the initiation step. A subsequent task will be written for ownership acceptance after a 5 day delay. + +## Procedure + +## Install dependencies + +### 1. Update foundry + +```bash +foundryup +``` + +### 2. Install Node.js if needed + +First, check if you have node installed + +```bash +node --version +``` + +If you see a version output from the above command, you can move on. Otherwise, install node + +```bash +brew install node +``` + +## Approving the Update transaction + +### 1. Update repo: + +```bash +cd contract-deployments +git pull +``` + +### 2. Run the signing tool (NOTE: do not enter the task directory. Run this command from the project's root). + +```bash +make sign-task +``` + +### 3. Open the UI at [http://localhost:3000](http://localhost:3000) + +Be sure to select the correct task user from the list of available users to sign. +After completion, the signer tool can be closed by using Ctrl + c + +### 4. Send signature to facilitator \ No newline at end of file diff --git a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/foundry.toml b/mainnet/2025-11-21-transfer-smart-escrow-ownership/foundry.toml similarity index 100% rename from mainnet/2025-04-07-init-smart-escrow-ownership-transfer/foundry.toml rename to mainnet/2025-11-21-transfer-smart-escrow-ownership/foundry.toml diff --git a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/script/InitOwnershipTransfer.s.sol b/mainnet/2025-11-21-transfer-smart-escrow-ownership/script/InitOwnershipTransfer.s.sol similarity index 51% rename from mainnet/2025-04-07-init-smart-escrow-ownership-transfer/script/InitOwnershipTransfer.s.sol rename to mainnet/2025-11-21-transfer-smart-escrow-ownership/script/InitOwnershipTransfer.s.sol index 2b76b950..8f2ea293 100644 --- a/mainnet/2025-04-07-init-smart-escrow-ownership-transfer/script/InitOwnershipTransfer.s.sol +++ b/mainnet/2025-11-21-transfer-smart-escrow-ownership/script/InitOwnershipTransfer.s.sol @@ -2,40 +2,44 @@ pragma solidity 0.8.15; import {Vm} from "forge-std/Vm.sol"; -import {Simulation} from "@base-contracts/script/universal/Simulation.sol"; import {IMulticall3} from "forge-std/interfaces/IMulticall3.sol"; -import {NestedMultisigBuilder} from "@base-contracts/script/universal/NestedMultisigBuilder.sol"; import {AccessControlDefaultAdminRules} from "@openzeppelin/contracts/access/AccessControlDefaultAdminRules.sol"; import {AddressAliasHelper} from "@eth-optimism-bedrock/src/vendor/AddressAliasHelper.sol"; -contract InitOwnershipTransfer is NestedMultisigBuilder { +import {Simulation} from "@base-contracts/script/universal/Simulation.sol"; +import {MultisigScript} from "@base-contracts/script/universal/MultisigScript.sol"; + +contract InitOwnershipTransfer is MultisigScript { using AddressAliasHelper for address; + address public immutable L1_OWNER_SAFE; + address public immutable SMART_ESCROW; address public immutable OWNER_SAFE; - address public immutable L1_SAFE; - address public immutable TARGET; constructor() { + L1_OWNER_SAFE = vm.envAddress("L1_OWNER_SAFE"); OWNER_SAFE = vm.envAddress("OWNER_SAFE"); - L1_SAFE = vm.envAddress("L1_SAFE"); - TARGET = vm.envAddress("TARGET"); + SMART_ESCROW = vm.envAddress("SMART_ESCROW"); } // Confirm the proxy admin owner is now the pending admin of SmartEscrow function _postCheck(Vm.AccountAccess[] memory, Simulation.Payload memory) internal view override { - AccessControlDefaultAdminRules target = AccessControlDefaultAdminRules(TARGET); - (address pendingAdmin,) = target.pendingDefaultAdmin(); - require(pendingAdmin == L1_SAFE.applyL1ToL2Alias(), "Pending admin is not L1_SAFE"); + AccessControlDefaultAdminRules smartEscrow = AccessControlDefaultAdminRules(SMART_ESCROW); + (address pendingAdmin,) = smartEscrow.pendingDefaultAdmin(); + require(pendingAdmin == L1_OWNER_SAFE.applyL1ToL2Alias(), "Pending admin is not L1_OWNER_SAFE"); } - function _buildCalls() internal view override returns (IMulticall3.Call3[] memory) { - IMulticall3.Call3[] memory calls = new IMulticall3.Call3[](1); + function _buildCalls() internal view override returns (IMulticall3.Call3Value[] memory) { + IMulticall3.Call3Value[] memory calls = new IMulticall3.Call3Value[](1); - calls[0] = IMulticall3.Call3({ - target: TARGET, + calls[0] = IMulticall3.Call3Value({ + target: SMART_ESCROW, allowFailure: false, - callData: abi.encodeCall(AccessControlDefaultAdminRules.beginDefaultAdminTransfer, (L1_SAFE.applyL1ToL2Alias())) + callData: abi.encodeCall( + AccessControlDefaultAdminRules.beginDefaultAdminTransfer, (L1_OWNER_SAFE.applyL1ToL2Alias()) + ), + value: 0 }); return calls; diff --git a/mainnet/2025-11-21-transfer-smart-escrow-ownership/validations/cb-signer.json b/mainnet/2025-11-21-transfer-smart-escrow-ownership/validations/cb-signer.json new file mode 100644 index 00000000..4469249e --- /dev/null +++ b/mainnet/2025-11-21-transfer-smart-escrow-ownership/validations/cb-signer.json @@ -0,0 +1,88 @@ +{ + "cmd": "forge script --rpc-url https://mainnet.optimism.io InitOwnershipTransfer --sig sign(address[]) [0x6e1DFd5C1E22A4677663A81D24C6BA03561ef0f6] --sender 0x6CD3850756b7894774Ab715D136F9dD02837De50", + "ledgerId": 0, + "rpcUrl": "https://mainnet.optimism.io", + "expectedDomainAndMessageHashes": { + "address": "0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940", + "domainHash": "0x4ac8f60706331537a33c4a4cbda024cb722855e6b160a3e8b28ab487510598b1", + "messageHash": "0x04af4c539a7c69a706d87b25d14d0d8475d928667d77a34f603542540ee8e56d" + }, + "stateOverrides": [ + { + "name": "ProxyAdminOwner", + "address": "0x0a7361e734cf3f0394b0fc4a45c74e7a4ec70940", + "overrides": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000004", + "value": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Override the threshold to 1 so the transaction simulation can occur." + } + ] + }, + { + "name": "CB Nested Safe", + "address": "0x6e1dfd5c1e22a4677663a81d24c6ba03561ef0f6", + "overrides": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000004", + "value": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Override the owner count to 1 so the transaction simulation can occur." + }, + { + "key": "0xb5d7f4a9b021adcacae2ef01f46aa0d718216ba1a6fb4dcbcfd290bf7d2801d5", + "value": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Simulates an approval from `msg.sender` (`approvedHashes[msg.sender][hash] = 1`) in order for the task simulation to succeed. The key can be derived from `cast index bytes32 0x457454eeac0e072199caf2775b0b727a35d6c12a900fd9cc81ad7cdbcdf3e066 $(cast index address 0x6CD3850756b7894774Ab715D136F9dD02837De50 8)` where `0x457454eeac0e072199caf2775b0b727a35d6c12a900fd9cc81ad7cdbcdf3e066` is the hash being approved and `0x6CD3850756b7894774Ab715D136F9dD02837De50` is the address of the signer." + } + ] + } + ], + "stateChanges": [ + { + "name": "ProxyAdminOwner", + "address": "0x0a7361e734cf3f0394b0fc4a45c74e7a4ec70940", + "changes": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000005", + "before": "0x0000000000000000000000000000000000000000000000000000000000000002", + "after": "0x0000000000000000000000000000000000000000000000000000000000000003", + "description": "Increment nonce in ProxyAdminOwner", + "allowDifference": false + }, + { + "key": "0x589b10e75485c93819ee57012808f78cf41e641e3b1b5412a2e95e0f4f1a2154", + "before": "0x0000000000000000000000000000000000000000000000000000000000000000", + "after": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Register the approval (`approvedHashes[0x6e1dfd5c1e22a4677663a81d24c6ba03561ef0f6][0xfc9d0dfbf7b2f5f7c0f580da6cc3a640d60356073d62b1c188de9eeda54837a2] = 1`). The key can be derived from `cast index bytes32 0xfc9d0dfbf7b2f5f7c0f580da6cc3a640d60356073d62b1c188de9eeda54837a2 $(cast index address 0x6e1dfd5c1e22a4677663a81d24c6ba03561ef0f6 8)` where `0xfc9d0dfbf7b2f5f7c0f580da6cc3a640d60356073d62b1c188de9eeda54837a2` is the hash being approved and `0x6e1dfd5c1e22a4677663a81d24c6ba03561ef0f6` is the address of the nested safe.", + "allowDifference": false + } + ] + }, + { + "name": "CB Nested Safe", + "address": "0x6e1dfd5c1e22a4677663a81d24c6ba03561ef0f6", + "changes": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000005", + "before": "0x0000000000000000000000000000000000000000000000000000000000000003", + "after": "0x0000000000000000000000000000000000000000000000000000000000000004", + "description": "Increment nonce in CB Nested Safe", + "allowDifference": false + } + ] + }, + { + "name": "SmartEscrow", + "address": "0xb3c2f9fc2727078ec3a2255410e83ba5b62c5b5f", + "changes": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000001", + "before": "0x0000000697800000000000000000000000000000000000000000000000000000", + "after": "0x00000006978000006926ddeb8cc51c3008b3f03fe483b28b8db90e19cf076a6d", + "description": "Set the pending default admin for SmartEscrow to 0x8cC51c3008b3f03Fe483B28B8Db90e19cF076a6d which is the aliased address of 0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c, our ProxyAdminOwner on L1.", + "allowDifference": false + } + ] + } + ], + "balanceChanges": [] +} \ No newline at end of file diff --git a/mainnet/2025-11-21-transfer-smart-escrow-ownership/validations/op-signer.json b/mainnet/2025-11-21-transfer-smart-escrow-ownership/validations/op-signer.json new file mode 100644 index 00000000..a3560891 --- /dev/null +++ b/mainnet/2025-11-21-transfer-smart-escrow-ownership/validations/op-signer.json @@ -0,0 +1,88 @@ +{ + "cmd": "forge script --rpc-url https://mainnet.optimism.io InitOwnershipTransfer --sig sign(address[]) [0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0] --sender 0x4d494C5F61b60752D3A10062276a0eFC22596151", + "ledgerId": 0, + "rpcUrl": "https://mainnet.optimism.io", + "expectedDomainAndMessageHashes": { + "address": "0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940", + "domainHash": "0xb34978142f4478f3e5633915597a756daa58a1a59a3e0234f9acd5444f1ca70e", + "messageHash": "0x127009fecf9fd6173bbd2460ae1425ab82eea4171fab85e25291be4676184833" + }, + "stateOverrides": [ + { + "name": "ProxyAdminOwner", + "address": "0x0a7361e734cf3f0394b0fc4a45c74e7a4ec70940", + "overrides": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000004", + "value": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Override the threshold to 1 so the transaction simulation can occur." + } + ] + }, + { + "name": "OP Nested Safe", + "address": "0x2501c477d0a35545a387aa4a3eee4292a9a8b3f0", + "overrides": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000004", + "value": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Override the owner count to 1 so the transaction simulation can occur." + }, + { + "key": "0x50a140d09108f2dc4ae4fa4c58410b4adb1e52c253a6b77a41745063b0343a59", + "value": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Simulates an approval from `msg.sender` (`approvedHashes[msg.sender][hash] = 1`) in order for the task simulation to succeed. The key can be derived from `cast index bytes32 0x2081e6059acac8fc457c4fbf146c965234b32627571da4cf6c07c46c8d713384 $(cast index address 0x4d494C5F61b60752D3A10062276a0eFC22596151 8)` where `0x457454eeac0e072199caf2775b0b727a35d6c12a900fd9cc81ad7cdbcdf3e066` is the hash being approved and `0x6CD3850756b7894774Ab715D136F9dD02837De50` is the address of the signer." + } + ] + } + ], + "stateChanges": [ + { + "name": "ProxyAdminOwner", + "address": "0x0a7361e734cf3f0394b0fc4a45c74e7a4ec70940", + "changes": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000005", + "before": "0x0000000000000000000000000000000000000000000000000000000000000002", + "after": "0x0000000000000000000000000000000000000000000000000000000000000003", + "description": "Increment nonce in ProxyAdminOwner", + "allowDifference": false + }, + { + "key": "0xf1ebb6ce350faad6ae34a68453032b07244a441354e27a66d4c178c4e14b8490", + "before": "0x0000000000000000000000000000000000000000000000000000000000000000", + "after": "0x0000000000000000000000000000000000000000000000000000000000000001", + "description": "Register the approval (`approvedHashes[0x2501c477d0a35545a387aa4a3eee4292a9a8b3f0][0xfc9d0dfbf7b2f5f7c0f580da6cc3a640d60356073d62b1c188de9eeda54837a2] = 1`). The key can be derived from `cast index bytes32 0xfc9d0dfbf7b2f5f7c0f580da6cc3a640d60356073d62b1c188de9eeda54837a2 $(cast index address 0x2501c477d0a35545a387aa4a3eee4292a9a8b3f0 8)` where `0xfc9d0dfbf7b2f5f7c0f580da6cc3a640d60356073d62b1c188de9eeda54837a2` is the hash being approved and `0x2501c477d0a35545a387aa4a3eee4292a9a8b3f0` is the address of the nested safe.", + "allowDifference": false + } + ] + }, + { + "name": "OP Nested Safe", + "address": "0x2501c477d0a35545a387aa4a3eee4292a9a8b3f0", + "changes": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000005", + "before": "0x00000000000000000000000000000000000000000000000000000000000000b3", + "after": "0x00000000000000000000000000000000000000000000000000000000000000b4", + "description": "Increment nonce in OP Nested Safe", + "allowDifference": false + } + ] + }, + { + "name": "SmartEscrow", + "address": "0xb3c2f9fc2727078ec3a2255410e83ba5b62c5b5f", + "changes": [ + { + "key": "0x0000000000000000000000000000000000000000000000000000000000000001", + "before": "0x0000000697800000000000000000000000000000000000000000000000000000", + "after": "0x00000006978000006926de2b8cc51c3008b3f03fe483b28b8db90e19cf076a6d", + "description": "Set the pending default admin for SmartEscrow to 0x8cC51c3008b3f03Fe483B28B8Db90e19cF076a6d which is the aliased address of 0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c, our ProxyAdminOwner on L1.", + "allowDifference": false + } + ] + } + ], + "balanceChanges": [] +} \ No newline at end of file