2aabbed9 (main)
and
7955accd (PR)
+25 -22
+3 -9
{
"capability": "universal",
"daLayer": [
"Ethereum"
],
"hostChain": {
"id": "ethereum",
"slug": "ethereum",
"name": "Ethereum"
},
"layer": "layer2",
"proofSystem": {
"type": "Optimistic"
"type": "Optimistic",
"name": "SP1"
},
"purposes": [
"Universal"
],
"reasonsForBeingOther": [
{
"label": "Closed proofs",
"shortDescription": "There are less than 5 external actors that can submit challenges",
"description": "Projects without a sufficiently decentralized set of challengers rely on few entities to safely update the state. A small set of challengers can collude with the proposer to finalize an invalid state, which can cause loss of funds."
}
],
"stage": "Stage 0",
"type": "Other",
"type": "Optimistic Rollup",
"vm": [
"EVM"
]
}+4 -8
{
"message": {
"type": "underReview",
"text": "The requirement for available node software is under review"
},
"missing": {
"nextStage": "Stage 1",
"requirements": [
"Users' withdrawals can be censored by the permissioned operators.",
"Upgrades executed by actors with more centralized control than a Security Council provide less than 7d for users to exit if the permissioned operator is down or censoring.",
"The Security Council is not properly set up."
],
"principle": "Compromising ≥75% of the Security Council should be the only way (other than bugs) for a rollup to indefinitely block an L2→L1 message (e.g. a withdrawal) or push an invalid L2→L1 message (e.g. an invalid withdrawal) with a <7d exit window."
},
"stage": "Stage 0",
"summary": [
{
"stage": "Stage 0",
"requirements": [
{
"satisfied": true,
"description": "A complete and functional proof system is deployed."
},
{
"satisfied": false,
"description": "Fraud proof submission is not sufficiently decentralized."
"satisfied": true,
"description": "There are at least 5 external actors who can submit fraud proofs."
},
{
"satisfied": true,
"description": "The project calls itself a rollup."
},
{
"satisfied": true,
"description": "State roots are posted to Ethereum L1."
},
{
"satisfied": true,
"description": "Inputs for the state transition function are posted to Ethereum L1."
},
{
"satisfied": "UnderReview",
"description": "A source-available node exists that can recreate the state from Ethereum L1 data. Please note that the L2BEAT team has not verified the validity of the node source code."
"satisfied": true,
"description": "A source-available node exists that can recreate the state from Ethereum L1 data. Please note that the L2BEAT team has not verified the validity of the node source code. [View code](https://github.com/morph-l2/run-morph-node)"
}
]
},
{
"stage": "Stage 1",
"requirements": [
{
"satisfied": false,
"description": "Users' withdrawals can be censored by the permissioned operators."
},
{
"satisfied": false,
"description": "Upgrades executed by actors with more centralized control than a Security Council provide less than 7d for users to exit if the permissioned operator is down or censoring."
},
{
"satisfied": false,
"description": "The Security Council is not properly set up."
}
],
"principle": {
"satisfied": false,
"description": "Compromising ≥75% of the Security Council should be the only way (other than bugs) for a rollup to indefinitely block an L2→L1 message (e.g. a withdrawal) or push an invalid L2→L1 message (e.g. an invalid withdrawal) with a <7d exit window."
}
},
{
"stage": "Stage 2",
"requirements": [
{
"satisfied": false,
"description": "Fraud proof submission is open only to whitelisted actors."
},
{
"satisfied": false,
"description": "Upgrades unrelated to onchain provable bugs provide less than 30d to exit."
},
{
"satisfied": false,
"description": "The Security Council's actions are not confined to onchain provable bugs."
}
]
}
]
}+2 -2
{
"self": {
"stateValidation": {
"value": "Fraud proofs (1R, ZK)",
"description": "Fraud proofs allow actors watching the chain to prove that the state is incorrect. Single round proofs (1R) only require a single transaction to resolve. ZK proofs are used to prove the correctness of the state transition. The system currently operates with a single whitelisted challenger.",
"sentiment": "bad",
"description": "Fraud proofs allow actors watching the chain to prove that the state is incorrect. Single round proofs (1R) only require a single transaction to resolve. ZK proofs are used to prove the correctness of the state transition. The system currently operates with at least 5 whitelisted challengers external to the team.",
"sentiment": "warning",
"orderHint": null,
"challengeDelay": 172800,
"initialBond": "1.0",
"secondLine": "2d challenge period"
},
"dataAvailability": {
"value": "Onchain",
"description": "All of the data needed for proof construction is published on Ethereum L1.",
"sentiment": "good",
"orderHint": null
},
"exitWindow": {
"value": "None",
"description": "There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.",
"sentiment": "bad",
"orderHint": 0
},
"sequencerFailure": {
"value": "No mechanism",
"description": "There is no mechanism to have transactions be included if the sequencer is down or censoring.",
"sentiment": "bad"
},
"proposerFailure": {
"value": "Cannot withdraw",
"description": "Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.",
"sentiment": "bad",
"orderHint": null
}
}
}+5 -1
{
"dataAvailability": [
{
"name": "All data required for proofs is published on chain",
"description": "All the data that is used to construct the system state is published on chain in the form of cheap blobs or calldata. This ensures that it will be available for enough time.",
"risks": [],
"references": [
{
"title": "Rollup.sol - Etherscan source code commitBatch() and commitBatchWithBlobProof() functions",
"url": "https://etherscan.io/address/0x759894Ced0e6af42c26668076Ffa84d02E3CeF60#code"
}
]
}
],
"exitMechanisms": [
{
"name": "Regular messaging",
"description": "The user initiates L2->L1 messages by submitting a regular transaction on this chain. When the block containing that transaction is settled, the message becomes available for processing on L1. The process of block finalization takes a challenge period of 2d to complete.",
"risks": [
{
"category": "Funds can be frozen if",
"text": "the operator censors withdrawal transaction."
}
],
"references": [
{
"title": "L1ETHGateway.sol - Etherscan source code, finalizeWithdrawETH function",
"url": "https://etherscan.io/address/0x63eeCb6bE6087B094c2CBAA34f2902593eAE979c#code"
}
]
}
],
"forceTransactions": {
"name": "Users can't force any transaction",
"description": "There is no general mechanism to force the sequencer to include the transaction.",
"risks": [
{
"category": "Users can be censored if",
"text": "the operator refuses to include their transactions."
}
],
"references": [
{
"title": "EnforcedTxGateway proxy - PAUSED - Etherscan source code",
"url": "https://etherscan.io/address//0xc5Fa3b8968c7FAbEeA2B530a20b88d0C2eD8abb7#readProxyContract#F7"
},
{
"title": "EnforcedTxGateway.sol implementation - Etherscan source code",
"url": "https://etherscan.io/address/0xCb13746Fc891fC2e7D824870D00a26F43fE6123e#code"
},
{
"title": "Rollup.sol - Sequencer decides if / how many transactions to dequeue",
"url": "https://etherscan.io/address/0xDF0749e688AE74508D84699Ba2405ED610Aaf8c5#code#F1#L534"
}
]
},
"operator": {
"name": "Morph uses decentralised sequencer network",
"description": "The system uses a decentralised sequencer/proposer network. At the moment all sequencers are run by Morph and - from the point of Ethereum - they don't need to reach consensus on a block as any one of them can propose a block with an L2 state root on Ethereum. There is a plan to use tendermint with BLS signatures to verify consensus after Petra upgrade.",
"references": [
{
"title": "L1Staking.sol - Etherscan source code, verifySignature() function",
"url": "https://etherscan.io/address/0xDb0734109051DaAB5c32E45e9a5ad0548B2df714#code"
}
],
"risks": [
{
"category": "MEV can be extracted if",
"text": "the operator exploits their centralized position and frontruns user transactions."
}
]
},
"stateValidation": {
"categories": [
{
"title": "Fraud proofs",
"description": "Morph uses an one round fault proof system where whitelisted Challengers, if they find a faulty state root within the 2d challenge window, can post a 1 WEI bond and request a ZK proof of the state transition. After the challenge, during a 3d proving window, a ZK proof must be delivered, otherwise the state root is considered invalid and the root proposer bond, which is set currently to 1 ETH, is slashed. The zkEVM used is SP1 from Succinct. If the valid proof is delivered, the Challenger loses the challenge bond. The MorphAdminMSig can override any batch (both unfinalized and finalized), potentially preventing the ability to provide valid ZK proofs.",
"description": "Morph uses a one round fault proof system where whitelisted Challengers, if they find a faulty state root within the 2d challenge window, can post a 1 WEI bond and request a ZK proof of the state transition. At least 5 Challengers are operated by entities external to the team. After the challenge, during a 3d proving window, a ZK proof must be delivered, otherwise the state root is considered invalid and the root proposer bond, which is currently set to 1 ETH, is slashed. The zkVM used is SP1 from Succinct. If the valid proof is delivered, the Challenger loses the challenge bond. The Morph Multisig can override any batch (both unfinalized and finalized), potentially preventing the ability to provide valid ZK proofs.",
"references": [
{
"title": "Whitelisted Challengers - Morph Docs",
"url": "https://docs.morphl2.io/docs/how-morph-works/optimistic-zkevm/#challenger-address-list"
},
{
"title": "Rollup.sol - Etherscan source code, commitBatch(), challengeState(), proveState() functions",
"url": "https://etherscan.io/address/0xDF0749e688AE74508D84699Ba2405ED610Aaf8c5"
}
],
"risks": [
{
"category": "Funds can be stolen if",
"text": "whitelisted challenger does not post a challenge of an incorrect state root."
},
{
"category": "Funds can be lost if",
"text": "the owner overrides finalized batches."
}
]
}
]
}
}+10 -1
{
"addresses": {
"ethereum": [
{
"name": "ZkEvmVerifierV1",
"isVerified": true,
"address": "eth:0x045d4BC73Bd1918192f34e98532A5272Ef620423",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "",
"description": "A snark verifier based on SP1 by Succinct. It verifies RISC-V execution in a PLONK proof. Used to verify the validity of L2 state transitions for single round fraud proofs.\n",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x045d4BC73Bd1918192f34e98532A5272Ef620423#code"
},
{
"name": "L1Staking",
"isVerified": true,
"address": "eth:0x0Dc417F8AF88388737c5053FF73f345f080543F7",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0xDb0734109051DaAB5c32E45e9a5ad0548B2df714"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729307471,
"transactionHash": "0x1184a06402e7bed7d9e76ce14a8ccd05035dd81ee433218d852596ce74f43dae",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729342187,
"transactionHash": "0xda523669421a8ec4aa45ad0ef9a43d5bb42bfdf56ac9806c295fc8bf68405b1f",
"implementations": [
"eth:0xDb0734109051DaAB5c32E45e9a5ad0548B2df714"
]
}
],
"description": "Contract keeping track of stakers which act as sequencers/proposes. It is responsible for stakers registering and withdrawals and for verifying BLS signatures of stakers (currently not implemented).\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1\n * **getActiveStakers**: EOA 12, EOA 17, EOA 29, EOA 39, EOA 7",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x0Dc417F8AF88388737c5053FF73f345f080543F7#code"
},
{
"name": "L1ETHGateway",
"isVerified": true,
"address": "eth:0x1C1Ffb5828c3A48B54E8910F1c75256a498aDE68",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0x63eeCb6bE6087B094c2CBAA34f2902593eAE979c"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729307603,
"transactionHash": "0x2054355788d3d4ae212cb29348eee2664d126305b4ace5fe2269871cd9165713",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729341335,
"transactionHash": "0x0bff29c5d35495d0e9c22547b91c8e9e468edbfa2e8ccf1872de99a9f06e63ef",
"implementations": [
"eth:0x63eeCb6bE6087B094c2CBAA34f2902593eAE979c"
]
}
],
"description": "Contract used to bridge ETH from L1 to L2.\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x1C1Ffb5828c3A48B54E8910F1c75256a498aDE68#code"
},
{
"name": "ProxyAdmin",
"isVerified": true,
"address": "eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "* Roles:\n * **owner**: Morph Multisig 1",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0#code"
},
{
"name": "L1MessageQueueWithGasPriceOracle",
"isVerified": true,
"address": "eth:0x3931Ade842F5BB8763164bDd81E5361DcE6cC1EF",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0xa3b5bFB885FF92EB8445f262c289548e77c3c0aA"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729307207,
"transactionHash": "0xed442ee7f96c1151761ddca9e4b923adff4e0703bc9ae42ca30bf4356f195f5d",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729330799,
"transactionHash": "0xae27c6c83cea4ce8b8a923fddfb122f66e63139e514ba0624a5373b1a1f2829c",
"implementations": [
"eth:0x828F68e2E05a34fA836416F124350E25021876ac"
]
},
{
"timestamp": 1736755919,
"transactionHash": "0x60cc38cb058516da361ecd5f548fc9216fbcda9eb08255b529ebbf78dac44f7b",
"implementations": [
"eth:0xa3b5bFB885FF92EB8445f262c289548e77c3c0aA"
]
}
],
"description": "Contains the array of queued L1 -> L2 messages, either appended using the L1Messenger or the EnforcedTxGateway.\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x3931Ade842F5BB8763164bDd81E5361DcE6cC1EF#code"
},
{
"name": "L1StandardERC20Gateway",
"isVerified": true,
"address": "eth:0x44c28f61A5C2Dd24Fc71D7Df8E85e18af4ab2Bd8",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0x75BC012fA81DF052baFc4EF9255Af29B6C4e5301"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729307651,
"transactionHash": "0x588ba3041901915cf5dda72776946664559ea839ead325836697c3d6764608b4",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729341383,
"transactionHash": "0xecc550f05d2956f7b7782408e784270c2dd858fd1add437f7292309f9be0795e",
"implementations": [
"eth:0x75BC012fA81DF052baFc4EF9255Af29B6C4e5301"
]
}
],
"description": "Contract used to bridge ERC20 tokens from L1 to L2. It uses a fixed token list.\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x44c28f61A5C2Dd24Fc71D7Df8E85e18af4ab2Bd8#code"
},
{
"name": "MultipleVersionRollupVerifier",
"isVerified": true,
"address": "eth:0x5d1584c27b4aD233283c6da1ca1B825d6f220EC1",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "Used to update the verifier and keep track of current and old versions.\n",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x5d1584c27b4aD233283c6da1ca1B825d6f220EC1#code"
},
{
"name": "L1GatewayRouter",
"isVerified": true,
"address": "eth:0x7497756ADA7e656aE9f00781aF49Fc0fD08f8A8a",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0x6D9623d44C4A1629815D9d6236FF25C4f82Cc819"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729307555,
"transactionHash": "0x47781299a90c1fdd6771fbf104e0433f05cc7b610d63ce9368349a41f563b3c8",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729331927,
"transactionHash": "0xeda36c4631ff08b30a6812f16d35626894001ea8259fe51f1e38fa8ea78d3d37",
"implementations": [
"eth:0x6D9623d44C4A1629815D9d6236FF25C4f82Cc819"
]
}
],
"description": "Main entry point for depositing ETH and ERC20 tokens, which are then forwarded to the correct gateway.\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x7497756ADA7e656aE9f00781aF49Fc0fD08f8A8a#code"
},
{
"name": "MorphRollup",
"isVerified": true,
"address": "eth:0x759894Ced0e6af42c26668076Ffa84d02E3CeF60",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0xDF0749e688AE74508D84699Ba2405ED610Aaf8c5"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729307507,
"transactionHash": "0xfb3bc602abb088d5d94e6869d56417de3c16a3966e5c6abfa4d157dfbcc36cba",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729331495,
"transactionHash": "0xeb4cc4248a0b3f459f4d7ab5877114fd4f55fd073c78347df548a9f03013068e",
"implementations": [
"eth:0xcffdDbcb5B9EA2ee45ABA121e0849ADc87c38326"
]
},
{
"timestamp": 1729432115,
"transactionHash": "0xd60de4a76f275ec7931bc430b7440f07c15f30028195405f855bd98c33ad72d6",
"implementations": [
"eth:0x073403E147a8e607b80985fe458c0B527287278F"
]
},
{
"timestamp": 1732765919,
"transactionHash": "0xa452e20183f6860f105cb398bccc9d75dd3758444b956061b3031d1f0a33c424",
"implementations": [
"eth:0xaD900dB30Bcdf84c38Df0067eA327bbEccCF071A"
]
},
{
"timestamp": 1736753519,
"transactionHash": "0x809b1d9bba9fd8f61c038603ddf7a6f0a079db83a4a6d341cf23d2af5764a9be",
"implementations": [
"eth:0x43190DfD1F572Cb56B1942B44482d1774151D77A"
]
},
{
"timestamp": 1747033883,
"transactionHash": "0x1cd98e49b0d0c30a39c97683c374f5d3541d1ed02b14272a7113709fe01700d7",
"implementations": [
"eth:0x9C79e8F5d0fE910d84a6a0d4A03E8136d036eBec"
]
},
{
"timestamp": 1764060695,
"transactionHash": "0x27b0e1b46f9878a502c68e414bc6fea028c3a551760e5687c56bdd4eda4f31c9",
"implementations": [
"eth:0xDF0749e688AE74508D84699Ba2405ED610Aaf8c5"
]
}
],
"description": "The main contract of the Morph chain. Allows to post transaction data and state roots, implements challenge mechanism along with proofs. Sequencing and proposing are behind a whitelist.\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1\n * **challengers**: EOA 1, EOA 10, EOA 11, EOA 13, EOA 14, EOA 15, EOA 16, EOA 18, EOA 19, EOA 2, EOA 20, EOA 21, EOA 22, EOA 23, EOA 24, EOA 25, EOA 26, EOA 27, EOA 28, EOA 3, EOA 30, EOA 31, EOA 32, EOA 33, EOA 34, EOA 35, EOA 36, EOA 37, EOA 38, EOA 4, EOA 40, EOA 41, EOA 42, EOA 5, EOA 6, EOA 8, EOA 9, Morph Multisig 2\n * **owner**: Morph Multisig 2",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x759894Ced0e6af42c26668076Ffa84d02E3CeF60#code"
},
{
"name": "EnforcedTxGateway",
"isVerified": true,
"address": "eth:0xc5Fa3b8968c7FAbEeA2B530a20b88d0C2eD8abb7",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0xCb13746Fc891fC2e7D824870D00a26F43fE6123e"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729308143,
"transactionHash": "0x42f9fb783f90953e26e04d4f27a703daa2992362fe44c5e11d646dae054e1e6b",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729341695,
"transactionHash": "0x52cd27aa90911acebc0bec090cf04928fd3663207dc55381d57c4a47e1dda26a",
"implementations": [
"eth:0xCb13746Fc891fC2e7D824870D00a26F43fE6123e"
]
}
],
"description": "Contracts to force L1 -> L2 messages with the proper sender. Currently paused: true.\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1\n * **owner**: Morph Multisig 2",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xc5Fa3b8968c7FAbEeA2B530a20b88d0C2eD8abb7#code"
},
{
"name": "L1CrossDomainMessenger",
"isVerified": true,
"address": "eth:0xDc71366EFFA760804DCFC3EDF87fa2A6f1623304",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x31110622D6CA24c9FF307d6ae1715F16E47F16A0"
],
"implementations": [
"eth:0x0cC37d5239F9027A1269f53D83c73084D538f3a9"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1729307111,
"transactionHash": "0xf29bb9908992a7c79573ffb28d3783584653f43095b1b2278fc8951f567bebe7",
"implementations": [
"eth:0x98dF320641C2E65ab4BbeF1e6f6C66D9B50EdE5F"
]
},
{
"timestamp": 1729330715,
"transactionHash": "0x63ce107f943635805762c4ccd98b13cf1977f8ed1e13bd98821ebb545b9ed38e",
"implementations": [
"eth:0xB8F0871bc0832cb756f07fFC4bDdC8b6bf8577b5"
]
},
{
"timestamp": 1736755823,
"transactionHash": "0x908d9fce8cd9a787900543daabf45936a8873b543f593030f3edceeca35543f8",
"implementations": [
"eth:0x0cC37d5239F9027A1269f53D83c73084D538f3a9"
]
}
],
"description": "Contract used to send L1 -> L2 and relay messages from L2. It allows to replay failed messages and to drop skipped messages. L1 -> L2 messages sent using this contract pay for L2 gas on L1 and will have the aliased address of this contract as the sender.\n* Roles:\n * **admin**: ProxyAdmin; ultimately Morph Multisig 1",
"upgradableBy": [
{
"name": "Morph Multisig 1",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xDc71366EFFA760804DCFC3EDF87fa2A6f1623304#code"
},
{
"name": "Whitelist",
"isVerified": true,
"address": "eth:0xFFafDd9167777C0e5421e0B6789D6d7A5E386984",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "Contract implementing a generic whitelist. Currently used to define the actor that can relay the L2 basefee on L1.\n",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xFFafDd9167777C0e5421e0B6789D6d7A5E386984#code"
}
]
},
"escrows": [
{
"address": "0xDc71366EFFA760804DCFC3EDF87fa2A6f1623304",
"sinceTimestamp": 1729307111,
"tokens": [
"ETH"
],
"chain": "ethereum",
"chainId": 1
},
{
"address": "0x44c28f61A5C2Dd24Fc71D7Df8E85e18af4ab2Bd8",
"sinceTimestamp": 1729307651,
"tokens": "*",
"chain": "ethereum",
"chainId": 1
},
{
"address": "0xA534BAdd09b4C62B7B1C32C41dF310AA17b52ef1",
"sinceTimestamp": 1729307783,
"tokens": "*",
"bridgedUsing": {
"bridges": [
{
"name": "Custom escrow"
}
]
},
"source": "external",
"chain": "ethereum",
"chainId": 1
},
{
"address": "0xc9045350712A1DCC3A74Eca18Bc985424Bbe7535",
"sinceTimestamp": 1729308239,
"tokens": [
"USDC"
],
"bridgedUsing": {
"bridges": [
{
"name": "Custom escrow"
}
]
},
"source": "external",
"chain": "ethereum",
"chainId": 1
},
{
"address": "0x2C8314f5AADa5D7a9D32eeFebFc43aCCAbe1b289",
"sinceTimestamp": 1729308239,
"tokens": [
"USDC"
],
"bridgedUsing": {
"bridges": [
{
"name": "Custom escrow"
}
]
},
"source": "external",
"chain": "ethereum",
"chainId": 1
}
],
"risks": [
{
"category": "Funds can be stolen if",
"text": "a contract receives a malicious code upgrade. There is no delay on code upgrades.",
"isCritical": true
}
],
"zkProgramHashes": [
{
"title": "Morph Guest Program (zkEVM Executor)",
"description": "Proves the correct execution of the Morph L2 state transition function (based on the Geth EVM) for a batch of blocks using the SP1 zkVM.",
"proverSystemProject": "sp1",
"verificationStatus": "notVerified",
"hash": "0x0059b74a8fd03c44462de3916b45ebeedb9f1158e3037e8c40b8941cbe438d7e"
}
]
}+1 -1
{
"baseTimestamp": 1766409308,
"baseTimestamp": 1767086336,
"contractsDiscoDriven": true,
"hasDiscoUi": true,
"isDiscoDriven": true,
"permissionsDiscoDriven": true
}+20 -0
+20 -0
{
"creator": "Succinct",
"projectsForTvs": [
{
"projectId": "forknet",
"sinceTimestamp": 1753882500
},
{
"projectId": "katana",
"sinceTimestamp": 1751328000
},
{
"projectId": "blobstream",
"sinceTimestamp": 1717608107
},
{
"projectId": "vector",
"sinceTimestamp": 1720128227
},
{
"projectId": "sophon",
"sinceTimestamp": 1745341091
},
{
"projectId": "lens",
"sinceTimestamp": 1745359200
},
{
"projectId": "plumenetwork",
"sinceTimestamp": 1746735060
},
{
"projectId": "galxegravity",
"sinceTimestamp": 1745880540
},
{
"projectId": "rari",
"sinceTimestamp": 1734562800
},
{
"projectId": "winr",
"sinceTimestamp": 1747088280
},
{
"projectId": "molten",
"sinceTimestamp": 1731480840
},
{
"projectId": "taiko",
"sinceTimestamp": 1730452800
},
{
"projectId": "lumia",
"sinceTimestamp": 1753882500
},
{
"projectId": "polygonzkevm",
"sinceTimestamp": 1753882500
},
{
"projectId": "xlayer",
"sinceTimestamp": 1753882500
},
{
"projectId": "silicon",
"sinceTimestamp": 1753882500
},
{
"projectId": "facet",
"sinceTimestamp": 1751407200
},
{
"projectId": "ternoa",
"sinceTimestamp": 1753882500
},
{
"projectId": "wirex",
"sinceTimestamp": 1753882500
},
{
"projectId": "penchain",
"sinceTimestamp": 1753882500
},
{
"projectId": "phala",
"sinceTimestamp": 1736290800
},
{
"projectId": "mantle",
"sinceTimestamp": 1757973600
},
{
"projectId": "zircuit",
"sinceTimestamp": 1756072800
},
{
"projectId": "omni",
"sinceTimestamp": 1748856160
},
{
"projectId": "morph",
"sinceTimestamp": 1737359447
},
{
"projectId": "gpt",
"sinceTimestamp": 1753882500
},
{
"projectId": "astarzkevm",
"sinceTimestamp": 1753882500
},
{
"projectId": "witness",
"sinceTimestamp": 1753882500
},
{
"projectId": "kroma",
"sinceTimestamp": 1739228400
},
{
"projectId": "haust",
"sinceTimestamp": 1756808195
},
{
"projectId": "celo",
"sinceTimestamp": 1765324800
}
],
"proofSystemInfo": "\n ## Description\n\n SP1 is a RISC-V zkVM using the [Plonky3](https://github.com/Plonky3/Plonky3) stack. The zkVM execution is proven recursively and is wrapped into a SNARK for final verification. It provides tools to generate onchain Groth16 or Plonk verifiers. SP1 targets [100 bits of security](https://docs.succinct.xyz/docs/sp1/security/security-model#conjectures-for-fris-security).\n\n ## Proof system\n\n SP1 proves execution of a RISC-V VM using several ZK circuits connected by lookup arguments, as implemented in Plonky3. VM execution trace is split into several chunks that could be proven in parallel with a STARK proving system. The parallelized proofs are recursively checked by the next layer of STARK circuits. The correctness of the final STARK proof is verified with the final wrap SNARK program, the wrap SNARK proof is verified onchain.\n\n ### zkVM component\n\n Verifies execution of a RISC-V program in a zkVM. Uses [Plonky3](https://github.com/Plonky3/Plonky3) STARK toolkit with AIR arithmetization and FRI-based polynomial commitment scheme within the [BabyBear field](https://docs.succinct.xyz/docs/sp1/security/security-model#hash-functions-and-the-random-oracle-model).\n\n ### Recursion circuits\n\n SP1 provides tools for recursive proof generation by [verifying proofs in a zkVM](https://docs.succinct.xyz/docs/sp1/writing-programs/proof-aggregation#verifying-proofs-inside-the-zkvm). This uses the same toolkit as top-level proof system, but proves the correct verification of all proofs generated on the previous step.\n\n ### Final wrap\n\n SP1 supports Plonk (with KZG polynomial commitments) or Groth16 final SNARK wrap of the STARK proof for performant onchain proof verification ([link](https://docs.succinct.xyz/docs/sp1/generating-proofs/proof-types#compressed)). The [gnark](https://github.com/Consensys/gnark) implementation of these proof systems over BN254 curve is used. For Plonk, Aztec Ignition trusted setup ceremony is used, for Groth16 Succinct run internal circuit-dependent phase 2 trusted setup, see [below](#trusted-setups) for more details.\n ",
"techStack": {
"zkVM": [
{
"id": "Plonky3",
"type": "STARK",
"name": "Plonky3",
"description": "Toolkit that implements a set of primitives for STARK-based zkVMs developed by Polygon Zero team."
},
{
"id": "RISCV",
"type": "ISA",
"name": "RISC-V",
"description": "Free and open-source universal 32-bit ISA used across a variety of hardware and software."
},
{
"id": "BabyBear",
"type": "Field",
"name": "Baby Bear",
"description": "Prime field of order p = 15 * 2**27 + 1."
}
],
"finalWrap": [
{
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
{
"id": "Gnark",
"type": "Groth16",
"name": "Gnark",
"description": "Consensys implementation of Groth16 proving system written in Go."
},
{
"id": "BN254",
"type": "curve",
"name": "BN254",
"description": "BN254, aka BN256, aka alt_bn128 pairing-friendly 254-bit prime field Weierstrass elliptic curve."
}
]
},
"trustedSetups": [
{
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"id": "AztecIgnition",
"name": "Aztec Ignition",
"risk": "green",
"shortDescription": "Aztec Ignition is a trusted setup ceremony that was run by Aztec for KZG commitment over BN254 curve in 2019. It included 176 participants and was publicly open for participation.",
"longDescription": " \n Aztec Ignition is a trusted setup ceremony for KZG commitments over BN254 curve that was run by Aztec for KZG commitment over BN254 curve in 2019. \n It included 176 participants and was publicly open for participation.\n \n - Github repo to download and verify the ceremony artifacts: [https://github.com/AztecProtocol/ignition-verification](https://github.com/AztecProtocol/ignition-verification).\n - Github repo with instructions for ceremony participants: [https://github.com/AztecProtocol/Setup](https://github.com/AztecProtocol/Setup).\n - Ceremony announcement with a call to participate: [https://aztec.network/blog/announcing-ignition](https://aztec.network/blog/announcing-ignition).\n "
},
{
"proofSystem": {
"id": "Gnark",
"type": "Groth16",
"name": "Gnark",
"description": "Consensys implementation of Groth16 proving system written in Go."
},
"id": "SP1Groth16",
"name": "SP1 Groth16 circuit-specific setup",
"risk": "red",
"shortDescription": "Succinct's internally run trusted setup for SP1 Groth16 final wrap circuits. Ceremony was run among 7 contributors to the SP1 project without public calls to participate.",
"longDescription": "\n Ceremony was run among 7 contributors to the SP1 project without public calls to participate. It generated setup parameters for Groth16 wrapper of SP1 zkVM.\n\n - Ceremony info on Succinct docs page: [https://docs.succinct.xyz/docs/sp1/security/security-model#options](https://docs.succinct.xyz/docs/sp1/security/security-model#options).\n - Ceremony instructions and verification instructions: [https://github.com/succinctlabs/semaphore-gnark-11/tree/main](https://github.com/succinctlabs/semaphore-gnark-11/tree/main).\n - Link to transcript and other artifacts (Note: will immediately start downloading .tar.gz file): [https://sp1-circuits.s3.us-east-2.amazonaws.com/v4.0.0-rc.3-trusted-setup.tar.gz](https://sp1-circuits.s3.us-east-2.amazonaws.com/v4.0.0-rc.3-trusted-setup.tar.gz).\n "
}
],
"verifierHashes": [
{
"hash": "0xd4e8ecd2357dd882209800acd6abb443d231cf287d77ba62b732ce937c8b56e7",
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"knownDeployments": [
{
"address": "0x0459d576A6223fEeA177Fb3DF53C9c77BF84C459",
"chain": "ethereum"
},
{
"address": "0xFF5Adab685362DC4C33536a65aF5873738D1216B",
"chain": "ethereum"
}
],
"verificationStatus": "notVerified"
},
{
"hash": "0x1b34fe11a637737f0c75c88241669dcf9ca3c03713659265b8241f398a2d286d",
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"knownDeployments": [
{
"address": "0xE00a3cBFC45241b33c0A44C78e26168CBc55EC63",
"chain": "ethereum"
}
],
"verificationStatus": "successful",
"verificationSteps": "\n - Check out [sp1 repo](https://github.com/succinctlabs/sp1) at commit `76c28bf986ba102127788ce081c21fa09cf93b18`.\n - Set an environment variable by calling `export SP1_ALLOW_DEPRECATED_HOOKS=true`. It is needed for the correct execution of circuit building.\n - Make sure that you have [go lang installed](https://go.dev/doc/install).\n - From `crates/prover` call `make build-circuits`. Note that the execution could take a while.\n ",
"attesters": [
{
"id": "l2beat",
"name": "L2BEAT",
"link": "https://l2beat.com"
}
]
},
{
"hash": "0xa4594c59bbc142f3b81c3ecb7f50a7c34bc9af7c4c444b5d48b795427e285913",
"proofSystem": {
"id": "Gnark",
"type": "Groth16",
"name": "Gnark",
"description": "Consensys implementation of Groth16 proving system written in Go."
},
"knownDeployments": [
{
"address": "0x50ACFBEdecf4cbe350E1a86fC6f03a821772f1e5",
"chain": "ethereum"
},
{
"address": "0x50ACFBEdecf4cbe350E1a86fC6f03a821772f1e5",
"chain": "arbitrum"
},
{
"address": "0xa5E60dbBAc6A65B654E5A14A5E357da3Fcf139dd",
"chain": "gnosis"
}
],
"verificationStatus": "notVerified"
},
{
"hash": "0xffea2d2e12ed24da258af874d77eee7ee91a1e050ee197052908089e57681e67",
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"knownDeployments": [
{
"address": "0x045d4BC73Bd1918192f34e98532A5272Ef620423",
"chain": "ethereum"
}
],
"verificationStatus": "notVerified"
}
]
}