c2812ac0 (main)
and
62af1457 (PR)
+53 -22
+49 -18
{
"ethereum": {
"roles": [],
"actors": [
{
"id": "",
"name": "",
"accounts": [
{
"address": "eth:0x7153803C06d6a36D6d91aEB3C1ed8e5b934Df601",
"type": "Contract",
"isVerified": false,
"name": "0x7153…f601",
"url": "https://etherscan.io/address/0x7153803C06d6a36D6d91aEB3C1ed8e5b934Df601"
}
],
"chain": "ethereum",
"description": "* Can upgrade **with no delay**\n * PredicateServiceManager ",
"discoveryDrivenData": true
},
{
"id": "GnosisSafe",
"name": "GnosisSafe",
"description": "A Multisig with 2/4 threshold. \n* Can interact with PredicateServiceManager\n * can add and remove permissioned operators, deregister regular operators, register new policies, override existing policies, and in general manage the AVS (e.g. thresholds, strategies) and the connection to EigenLayer ",
"accounts": [
{
"address": "eth:0x8A3c2193521Cf895D77c8Dedb290fC5E19126fdE",
"type": "Contract",
"isVerified": true,
"name": "0x8A3c…6fdE",
"url": "https://etherscan.io/address/0x8A3c2193521Cf895D77c8Dedb290fC5E19126fdE"
}
],
"chain": "ethereum",
"references": [],
"participants": [
{
"address": "eth:0xa283Ad6f064227944061442Ba4975aad315985e5",
"type": "EOA",
"isVerified": true,
"name": "0xa283…85e5",
"url": "https://etherscan.io/address/0xa283Ad6f064227944061442Ba4975aad315985e5"
},
{
"address": "eth:0x949A718aca94eB060aBB4C59B05995e257666F7F",
"type": "EOA",
"isVerified": true,
"name": "0x949A…6F7F",
"url": "https://etherscan.io/address/0x949A718aca94eB060aBB4C59B05995e257666F7F"
},
{
"address": "eth:0xFb37A6BC0DC1c52900a8E50A2D6d1b7a59CEa02c",
"type": "EOA",
"isVerified": true,
"name": "0xFb37…a02c",
"url": "https://etherscan.io/address/0xFb37A6BC0DC1c52900a8E50A2D6d1b7a59CEa02c"
},
{
"address": "eth:0x110b66ea6F97c0391eEfFDd19CD0cFd73e9871fA",
"type": "EOA",
"isVerified": true,
"name": "0x110b…71fA",
"url": "https://etherscan.io/address/0x110b66ea6F97c0391eEfFDd19CD0cFd73e9871fA"
}
],
"discoveryDrivenData": true
},
{
"id": "PredicateServiceManager",
"name": "PredicateServiceManager",
"accounts": [
{
"address": "eth:0xf6f4A30EeF7cf51Ed4Ee1415fB3bFDAf3694B0d2",
"type": "Contract",
"isVerified": true,
"name": "0xf6f4…B0d2",
"url": "https://etherscan.io/address/0xf6f4A30EeF7cf51Ed4Ee1415fB3bFDAf3694B0d2"
}
],
"chain": "ethereum",
"description": "* Can interact with Liquidity\n * approves deposits through AML checks [via: PredicatePermitter]",
"discoveryDrivenData": true
},
{
"id": "INTMAX Multisig 1",
"name": "INTMAX Multisig 1",
"description": "A Multisig with 2/4 threshold. ",
"accounts": [
{
"address": "eth:0xA3C2a579af4cF3853172058e5c76d273DC1542DD",
"type": "Contract",
"isVerified": true,
"name": "0xA3C2…42DD",
"url": "https://etherscan.io/address/0xA3C2a579af4cF3853172058e5c76d273DC1542DD"
}
],
"chain": "ethereum",
"references": [],
"participants": [
{
"address": "eth:0x2EAB2633c6180Ec592fB7A22EDAF323ccA51F85A",
"type": "EOA",
"isVerified": true,
"name": "EOA 2",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
},
{
"address": "eth:0x1eB7d5898A9b3dCB8145e37B564ef00bC4cB794D",
"type": "EOA",
"isVerified": true,
"name": "EOA 1",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
},
{
"address": "eth:0xB89001Ef513E10482B2667a0fC70F06cfF3a7418",
"type": "EOA",
"isVerified": true,
"name": "EOA 5",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
},
{
"address": "eth:0x5C044174cC9bcA35b933a2B5107b494BAFf34Bb6",
"type": "EOA",
"isVerified": true,
"name": "EOA 3",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
}
],
"discoveryDrivenData": true
},
{
"id": "INTMAX Multisig 3",
"name": "INTMAX Multisig 3",
"description": "A Multisig with 1/4 threshold. ",
"accounts": [
{
"address": "eth:0xe147e23753505e2C83b5f9ef229a9B7e7B3F50Ea",
"type": "Contract",
"isVerified": true,
"name": "0xe147…50Ea",
"url": "https://etherscan.io/address/0xe147e23753505e2C83b5f9ef229a9B7e7B3F50Ea"
}
],
"chain": "ethereum",
"references": [],
"participants": [
{
"address": "eth:0x2EAB2633c6180Ec592fB7A22EDAF323ccA51F85A",
"type": "EOA",
"isVerified": true,
"name": "EOA 2",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
},
{
"address": "eth:0x5C044174cC9bcA35b933a2B5107b494BAFf34Bb6",
"type": "EOA",
"isVerified": true,
"name": "EOA 3",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
},
{
"address": "eth:0xB89001Ef513E10482B2667a0fC70F06cfF3a7418",
"type": "EOA",
"isVerified": true,
"name": "EOA 5",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
},
{
"address": "eth:0x1eB7d5898A9b3dCB8145e37B564ef00bC4cB794D",
"type": "EOA",
"isVerified": true,
"name": "EOA 1",
"url": "#EOA-1,-EOA-2,-EOA-3-and-EOA-5"
}
],
"discoveryDrivenData": true
},
{
"id": "EOA-1,-EOA-2,-EOA-3-and-EOA-5",
"name": "EOA 1, EOA 2, EOA 3 and EOA 5",
"accounts": [
{
"address": "eth:0x1eB7d5898A9b3dCB8145e37B564ef00bC4cB794D",
"type": "EOA",
"isVerified": true,
"name": "0x1eB7…794D",
"url": "https://etherscan.io/address/0x1eB7d5898A9b3dCB8145e37B564ef00bC4cB794D"
},
{
"address": "eth:0x2EAB2633c6180Ec592fB7A22EDAF323ccA51F85A",
"type": "EOA",
"isVerified": true,
"name": "0x2EAB…F85A",
"url": "https://etherscan.io/address/0x2EAB2633c6180Ec592fB7A22EDAF323ccA51F85A"
},
{
"address": "eth:0x5C044174cC9bcA35b933a2B5107b494BAFf34Bb6",
"type": "EOA",
"isVerified": true,
"name": "0x5C04…4Bb6",
"url": "https://etherscan.io/address/0x5C044174cC9bcA35b933a2B5107b494BAFf34Bb6"
},
{
"address": "eth:0xB89001Ef513E10482B2667a0fC70F06cfF3a7418",
"type": "EOA",
"isVerified": true,
"name": "0xB890…7418",
"url": "https://etherscan.io/address/0xB89001Ef513E10482B2667a0fC70F06cfF3a7418"
}
],
"chain": "ethereum",
"description": "Member of INTMAX Multisig 1, INTMAX Multisig 3.\n* Can upgrade **with no delay**\n * PredicatePermitter [via: INTMAX Multisig 3]",
"discoveryDrivenData": true
},
{
"id": "EOA-4",
"name": "EOA 4",
"accounts": [
{
"address": "eth:0xA8E0Db294aD54E9187CeE41c4d471186bf5Aa7A6",
"type": "EOA",
"isVerified": true,
"name": "0xA8E0…a7A6",
"url": "https://etherscan.io/address/0xA8E0Db294aD54E9187CeE41c4d471186bf5Aa7A6"
}
],
"chain": "ethereum",
"description": "* Can interact with Liquidity\n * can relay deposits to the main rollup contract on Scroll ",
"discoveryDrivenData": true
},
{
"id": "EOA-6",
"name": "EOA 6",
"accounts": [
{
"address": "eth:0xFb37A6BC0DC1c52900a8E50A2D6d1b7a59CEa02c",
"type": "EOA",
"isVerified": true,
"name": "0xFb37…a02c",
"url": "https://etherscan.io/address/0xFb37A6BC0DC1c52900a8E50A2D6d1b7a59CEa02c"
}
],
"chain": "ethereum",
"description": "* Can interact with PredicateServiceManager\n * can add and remove permissioned operators, deregister regular operators, register new policies, override existing policies, and in general manage the AVS (e.g. thresholds, strategies) and the connection to EigenLayer ",
"discoveryDrivenData": true
}
]
},
"scroll": {
"roles": [],
"actors": [
{
"id": "INTMAX Multisig 2",
"name": "INTMAX Multisig 2",
"description": "A Multisig with 2/4 threshold. \n* Can upgrade **with no delay**\n * Rollup \n * Claim \n * Withdrawal \n* Can interact with Claim\n * can update the verifier address \n* Can interact with Withdrawal\n * can update the verifier address and the list of tokens that can be withdrawn automatically, in contrast to those that have to be actively claimed ",
"accounts": [
{
"address": "scr:0xA3C2a579af4cF3853172058e5c76d273DC1542DD",
"type": "Contract",
"isVerified": true,
"name": "0xA3C2…42DD",
"url": "https://scrollscan.com/address/0xA3C2a579af4cF3853172058e5c76d273DC1542DD"
}
],
"chain": "scroll",
"references": [],
"participants": [
{
"address": "scr:0x2EAB2633c6180Ec592fB7A22EDAF323ccA51F85A",
"type": "EOA",
"isVerified": true,
"name": "0x2EAB…F85A",
"url": "https://scrollscan.com/address/0x2EAB2633c6180Ec592fB7A22EDAF323ccA51F85A"
},
{
"address": "scr:0x1eB7d5898A9b3dCB8145e37B564ef00bC4cB794D",
"type": "EOA",
"isVerified": true,
"name": "0x1eB7…794D",
"url": "https://scrollscan.com/address/0x1eB7d5898A9b3dCB8145e37B564ef00bC4cB794D"
},
{
"address": "scr:0xB89001Ef513E10482B2667a0fC70F06cfF3a7418",
"type": "EOA",
"isVerified": true,
"name": "0xB890…7418",
"url": "https://scrollscan.com/address/0xB89001Ef513E10482B2667a0fC70F06cfF3a7418"
},
{
"address": "scr:0x5C044174cC9bcA35b933a2B5107b494BAFf34Bb6",
"type": "EOA",
"isVerified": true,
"name": "0x5C04…4Bb6",
"url": "https://scrollscan.com/address/0x5C044174cC9bcA35b933a2B5107b494BAFf34Bb6"
}
],
"discoveryDrivenData": true
},
{
"id": "EOA-7",
"name": "EOA 7",
"id": "EOA-6",
"name": "EOA 6",
"accounts": [
{
"address": "scr:0x0000000000000000000000000000000000000000",
"type": "EOA",
"isVerified": true,
"name": "0x0000…0000",
"url": "https://scrollscan.com/address/0x0000000000000000000000000000000000000000"
}
],
"chain": "scroll",
"description": "* Can upgrade **with no delay**\n * Contribution ",
"discoveryDrivenData": true
}
]
}
}+3 -3
{
"addresses": {
"ethereum": [
{
"name": "PredicatePermitter",
"isVerified": true,
"address": "eth:0x11D58231A79D866674EaAa043Fdaeae9A3dF4c0E",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0xe147e23753505e2C83b5f9ef229a9B7e7B3F50Ea"
],
"implementations": [
"eth:0xef082Ff43805B93Ed375Fd47A964Fe136cCB9021"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1750501451,
"transactionHash": "0x1171a710716e4ea09dd241bd14fad955a99e5bc2dc7662530f1b25c3b4f1020f",
"implementations": [
"eth:0xef082Ff43805B93Ed375Fd47A964Fe136cCB9021"
]
}
],
"description": "Contract that connects INTMAX deposits to the Predicate AVS that ultimately checks AML requirements. It stores a policy ID to be then referenced by the Predicate AVS.\n* Roles:\n * **admin**: INTMAX Multisig 3; ultimately EOA 1, EOA 2, EOA 3, EOA 5\n * **getPredicateManager**: PredicateServiceManager",
"upgradableBy": [
{
"id": "EOA-1,-EOA-2,-EOA-3-and-EOA-5",
"name": "EOA 1",
"delay": "no"
},
{
"id": "EOA-1,-EOA-2,-EOA-3-and-EOA-5",
"name": "EOA 2",
"delay": "no"
},
{
"id": "EOA-1,-EOA-2,-EOA-3-and-EOA-5",
"name": "EOA 3",
"delay": "no"
},
{
"id": "EOA-1,-EOA-2,-EOA-3-and-EOA-5",
"name": "EOA 5",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x11D58231A79D866674EaAa043Fdaeae9A3dF4c0E#code"
},
{
"name": "Contribution",
"isVerified": true,
"address": "eth:0x4c614C7BB9420caA1F19cB2C58B00864f2125Ce2",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x0000000000000000000000000000000000000000"
],
"implementations": [
"eth:0x09665baEFbfaAE3E9b3AC854717C2ab5534d2D25"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1750500551,
"transactionHash": "0x8650dce84d7ab72b87aebbc5655861fa2734ef95c3046485f40dc2901b291656",
"implementations": [
"eth:0x09665baEFbfaAE3E9b3AC854717C2ab5534d2D25"
]
}
],
"description": "Records a set of 'contribution' actions by saving addresses with a tag of their action (e.g. propose blocks, claim withdrawals, deposit...).\n",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x4c614C7BB9420caA1F19cB2C58B00864f2125Ce2#code"
},
{
"name": "Liquidity",
"isVerified": true,
"address": "eth:0xF65e73aAc9182e353600a916a6c7681F810f79C3",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x0000000000000000000000000000000000000000"
],
"implementations": [
"eth:0xD31F61281A4b262aEa79cbBE09A436975a8b63EA"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1750500599,
"transactionHash": "0xbb35cae7bb4711e7e2db56c10d3f09f1c2d482bb00912b6593577d4dd744a86e",
"implementations": [
"eth:0x0fE3E6018E53cb90020b5C06BC4c7c4FcEa1eBF0"
]
},
{
"timestamp": 1752761087,
"transactionHash": "0x305d92e409c58e4ce7facda3e759b383326706f81af0bf530fca37cdff758c1e",
"implementations": [
"eth:0x4fd8BF5f45832a007448fcDE29049919F8cf6D0d"
]
},
{
"timestamp": 1756560323,
"transactionHash": "0x93f7c96b159e82cd555266aa0451fb2d3a7eb8475edf83f66a15fa617de1eca0",
"implementations": [
"eth:0xD31F61281A4b262aEa79cbBE09A436975a8b63EA"
]
}
],
"description": "Entry point of the project. Handles deposits, withdrawals, and the communication from and to the main rollup contract on Scroll. Deposits are gated by an AML check.\n* Roles:\n * **amlPermitter**: PredicatePermitter; ultimately PredicateServiceManager\n * **relayer**: EOA 4",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xF65e73aAc9182e353600a916a6c7681F810f79C3#code"
}
],
"scroll": [
{
"name": "Rollup",
"isVerified": true,
"address": "scr:0x1c88459D014e571c332BF9199aD2D35C93219A2e",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"scr:0xA3C2a579af4cF3853172058e5c76d273DC1542DD"
],
"implementations": [
"scr:0xF34299210fB8505232649e9BEa14a84DD75e746b"
]
},
"chain": "scroll",
"pastUpgrades": [
{
"timestamp": 1752665870,
"transactionHash": "0x00ed05b1421c07fc3016adada820d7e853df1a1898e4b8636b1139c6712b1ffd",
"implementations": [
"scr:0xF34299210fB8505232649e9BEa14a84DD75e746b"
]
}
],
"description": "Main rollup contract used to submit blocks and process deposits. It saves block hashes to be then referenced by the Withdrawal contract.\n* Roles:\n * **admin**: INTMAX Multisig 2",
"upgradableBy": [
{
"name": "INTMAX Multisig 2",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://scrollscan.com/address/scr:0x1c88459D014e571c332BF9199aD2D35C93219A2e#code"
},
{
"name": "PlonkVerifier",
"isVerified": true,
"address": "scr:0x1d38545a33740Ab3480d9035bB3126914404423d",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "scroll",
"description": "A wrapper verifier that can check both withdrawal zk proofs to exit from INTMAX network and zk proofs for claiming rewards of the privacy mining program.\n",
"discoveryDrivenData": true,
"url": "https://scrollscan.com/address/scr:0x1d38545a33740Ab3480d9035bB3126914404423d#code"
},
{
"name": "Claim",
"isVerified": true,
"address": "scr:0x22ac649b3229eC099C32D790e9e46FbA2CE6C9A5",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"scr:0xA3C2a579af4cF3853172058e5c76d273DC1542DD"
],
"implementations": [
"scr:0x5216C8D0F2188a91aD07Fe4F334F220b2F7b59EA"
]
},
"chain": "scroll",
"pastUpgrades": [
{
"timestamp": 1752740586,
"transactionHash": "0x51f594e6a45f74ba5ca4a9536e7911be101f6a9ee7efb1471ee6e359af36c6ef",
"implementations": [
"scr:0x1899bF9D0e40Dd1bB6C3CCF2123A0Bd1DE0F0548"
]
},
{
"timestamp": 1755322929,
"transactionHash": "0xcb1b6cb53aeb3e3946facae2aa425a1b82068dcdeb41deeaaacae2948c3e4f3a",
"implementations": [
"scr:0x5216C8D0F2188a91aD07Fe4F334F220b2F7b59EA"
]
}
],
"description": "* Roles:\n * **admin**: INTMAX Multisig 2\n * **owner**: INTMAX Multisig 2",
"upgradableBy": [
{
"name": "INTMAX Multisig 2",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://scrollscan.com/address/scr:0x22ac649b3229eC099C32D790e9e46FbA2CE6C9A5#code"
},
{
"name": "Contribution",
"isVerified": true,
"address": "scr:0x42Fe7Db60c4C70eBb7597dB9a0959F9fCa0114af",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"scr:0x0000000000000000000000000000000000000000"
],
"implementations": [
"scr:0x8305Ca6756b0edb49ed9503C1Cf39Cb64a00b955"
]
},
"chain": "scroll",
"pastUpgrades": [
{
"timestamp": 1750500006,
"transactionHash": "0x80b8d8e13d4baaf9f60d6487bc220584103ae955efb88bea6c95cdff57ebb46c",
"implementations": [
"scr:0x8305Ca6756b0edb49ed9503C1Cf39Cb64a00b955"
]
}
],
"description": "Records a set of 'contribution' actions by saving addresses with a tag of their action (e.g. propose blocks, claim withdrawals, deposit...).\n* Roles:\n * **admin**: EOA 7",
"description": "Records a set of 'contribution' actions by saving addresses with a tag of their action (e.g. propose blocks, claim withdrawals, deposit...).\n* Roles:\n * **admin**: EOA 6",
"upgradableBy": [
{
"id": "EOA-7",
"name": "EOA 7",
"id": "EOA-6",
"name": "EOA 6",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://scrollscan.com/address/scr:0x42Fe7Db60c4C70eBb7597dB9a0959F9fCa0114af#code"
},
{
"name": "Withdrawal",
"isVerified": true,
"address": "scr:0x86B06D2604D9A6f9760E8f691F86d5B2a7C9c449",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"scr:0xA3C2a579af4cF3853172058e5c76d273DC1542DD"
],
"implementations": [
"scr:0x614ef91D1971A4dB458ABde03c62247afc57A753"
]
},
"chain": "scroll",
"pastUpgrades": [
{
"timestamp": 1752665900,
"transactionHash": "0x42a803443a8cce32af6abb340909910f95b82c9e4b62d9002ce8c5554bf6ad8a",
"implementations": [
"scr:0xDFC6EB6642FEAF99629c6629b2f7dC7eB9F1a0A3"
]
},
{
"timestamp": 1755322929,
"transactionHash": "0xcb1b6cb53aeb3e3946facae2aa425a1b82068dcdeb41deeaaacae2948c3e4f3a",
"implementations": [
"scr:0x614ef91D1971A4dB458ABde03c62247afc57A753"
]
}
],
"description": "Contract handling withdrawal requests, which require a validity proof of sufficient balance. It tracks amount of funds already withdrawn to prevent double withdrawals.\n* Roles:\n * **admin**: INTMAX Multisig 2\n * **owner**: INTMAX Multisig 2",
"upgradableBy": [
{
"name": "INTMAX Multisig 2",
"delay": "no"
}
],
"discoveryDrivenData": true,
"url": "https://scrollscan.com/address/scr:0x86B06D2604D9A6f9760E8f691F86d5B2a7C9c449#code"
}
]
},
"escrows": [
{
"address": "0xF65e73aAc9182e353600a916a6c7681F810f79C3",
"sinceTimestamp": 1750500599,
"tokens": "*",
"contract": {
"isVerified": true,
"address": "eth:0xF65e73aAc9182e353600a916a6c7681F810f79C3",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x0000000000000000000000000000000000000000"
],
"implementations": [
"eth:0xD31F61281A4b262aEa79cbBE09A436975a8b63EA"
]
},
"chain": "ethereum",
"pastUpgrades": [
{
"timestamp": 1750500599,
"transactionHash": "0xbb35cae7bb4711e7e2db56c10d3f09f1c2d482bb00912b6593577d4dd744a86e",
"implementations": [
"eth:0x0fE3E6018E53cb90020b5C06BC4c7c4FcEa1eBF0"
]
},
{
"timestamp": 1752761087,
"transactionHash": "0x305d92e409c58e4ce7facda3e759b383326706f81af0bf530fca37cdff758c1e",
"implementations": [
"eth:0x4fd8BF5f45832a007448fcDE29049919F8cf6D0d"
]
},
{
"timestamp": 1756560323,
"transactionHash": "0x93f7c96b159e82cd555266aa0451fb2d3a7eb8475edf83f66a15fa617de1eca0",
"implementations": [
"eth:0xD31F61281A4b262aEa79cbBE09A436975a8b63EA"
]
}
],
"url": "https://etherscan.io/address/0xF65e73aAc9182e353600a916a6c7681F810f79C3#code"
},
"chain": "ethereum",
"includeInTotal": true,
"chainId": 1
}
],
"risks": [
{
"category": "Funds can be stolen if",
"text": "a contract receives a malicious code upgrade. There is no delay on code upgrades.",
"isCritical": true
},
{
"category": "Funds can be stolen if",
"text": "the source code of unverified contracts contains malicious code.",
"isCritical": true
}
]
}+1 -1
{
"baseTimestamp": 1767783841,
"baseTimestamp": 1768216753,
"contractsDiscoDriven": true,
"hasDiscoUi": true,
"isDiscoDriven": true,
"permissionsDiscoDriven": true
}+3 -3
+1 -1
{
"dataAvailability": [
{
"name": "All data required for forced exits is published onchain",
"description": "All the data needed to recover the latest accounts state (represented by the Account Tree) and construct the zk proof necessary for forced exits is published onchain in the form of blobs. Only data that leads to state changes is posted.",
"risks": [],
"references": []
}
],
"exitMechanisms": [
{
"name": "Regular exit",
"description": "The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is settled the funds become available for withdrawal on L1. ZK proofs are required to settle blocks. Finally the user submits an L1 transaction to claim the funds.",
"risks": [],
"references": []
},
{
"name": "Escape hatch through ZK proofs",
"description": "If the centralized operators fail to process forced transactions after the deadline, the system can be frozen (desert mode) and users can exit by reconstructing the latest settled state using the data available on L1 and providing a ZK proof of balance.",
"risks": [],
"references": []
}
],
"forceTransactions": {
"name": "Users can force their transactions on L1",
"description": "If the centralized operators fail to include user transactions, users can force them themselves through L1. The possible transaction types that users can force are: deposits, withdrawals, order creation, order cancellation, and burning of pool shares. If the operators do not process forced transactions within 14d, the system can be frozen (desert mode) and users can exit using the latest settled state. All open positions are settled using the latest index price.",
"risks": [],
"references": []
},
"operator": {
"name": "Centralized operators",
"description": "Only the centralized operators can submit batches and verify them with a ZK proof, i.e. advance the state of the protocol.",
"risks": [
{
"category": "MEV can be extracted if",
"text": "the operator exploits their centralized position and frontruns user transactions."
}
],
"references": []
},
"otherConsiderations": [
{
"name": "External oracles used for index prices",
"description": "Lighter uses a combination of oracles to determine index prices, with Stork as the primary source. External signatures are currently not verified and the sequencer must be trusted to truthfully report data.",
"risks": [
{
"category": "Funds can be lost if",
"text": "the oracle prices are manipulated."
}
],
"references": [
{
"title": "Lighter docs - Fair Price Marking",
"url": "https://docs.lighter.xyz/perpetual-futures/fair-price-marking"
}
]
}
],
"stateValidation": {
"description": "Each update to the system state must be accompanied by a ZK proof that ensures that the new state was derived by correctly applying a series of valid transactions to the previous state. This includes user transactions originating from L1 and L2, as well as internal transactions created by L2 operators. In the desert mode, valid proofs of exit must be generated. These proofs are then verified on Ethereum by a smart contract.",
"categories": [
{
"title": "Prover Architecture",
"description": "[This repo](https://github.com/elliottech/lighter-prover/tree/main) contains the circuits and prover code for normal (i.e. non-desert) operation mode of Lighter. It includes the logic to generate and verify proofs of valid state transition according to the Lighter [matching engine](https://github.com/elliottech/lighter-prover/blob/d0ff2304aea516b22f3a5223881006b6a9af1cc9/circuit/src/matching_engine.rs)."
},
{
"title": "ZK Circuits",
"description": "Lighter transition is proven with custom Plonky2 circuits, compiled into ZK Lighter Verifier and Desert Verifier. ZK Lighter verifier implements the perp DEX and spot trading logic and could be found in this [prover repo](https://github.com/elliottech/lighter-prover/tree/main/circuit/src). Desert verifier consists of circuits proving valid L2 -> L1 withdrawals in the desert mode. More details in [ZK Catalog](https://l2beat.com/zk-catalog/lighterprover#proof-system)."
},
{
"title": "Verification Keys Generation",
"description": "Lighter wraps its validity proof into a Plonk-based proof system which requires a trusted setup. The verification keys are hardcoded in the verifier contract on-chain. Lighter prover repo contains a [script](https://github.com/elliottech/lighter-prover/blob/main/build_circuits.sh) that regenerates circuits and verification keys.",
"references": [
{
"title": "ZK Lighter verifier verification keys",
"url": "https://etherscan.io/address/0x05f8176860955d94f974db0ce8bb4f160ae425a2#code#F1#L54"
"url": "https://etherscan.io/address/0xd42b2D9eFD409c2a3074AE4f874F3f42389DB931#code#F1#L54"
},
{
"title": "Desert verifier verification keys",
"url": "https://etherscan.io/address/0xd4460475F00307845082d3a146f36661354FBc67#code#F1#L39"
}
]
}
]
},
"upgradesAndGovernance": "Regular upgrades are initiated by the \"network governor\" and executed with a 21d delay. The \"security council\" is allowed to reduce the upgrade delay to zero in case of an emergency. The security council does not currently satisfy the Stage 1 requirements. The network governor also retains the ability to add or remove validators.",
"warning": "Jan 5 2026: at the moment of writing, the desert mode circuits source code is not publicly available and therefore it is not possible to fully verify the escape hatch logic."
}+1 -1
{
"addresses": {
"ethereum": [
{
"name": "Lighter",
"isVerified": true,
"address": "eth:0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7",
"upgradeability": {
"proxyType": "zkLighter proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0xe5FB592Ef1b620909000Af0D5fb55a3593026142",
"eth:0x9307350AF47B0C0e7f8cA5ED2D57993aF3a6df1d"
]
},
"chain": "ethereum",
"description": "The main rollup contract. It processes L2 batches, manages token deposits and withdrawals, allows users to submit censorship-resistant L2 transactions and controls desert mode (escape hatch). Logic is split between two contracts because of code-size limits, many operations are delegated to AdditionalZKLighter.\n* Roles:\n * **admin**: UpgradeGatekeeper; ultimately Lighter Multisig 2",
"upgradableBy": [
{
"name": "Lighter Multisig 2",
"delay": "21d"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7#code"
},
{
"name": "UpgradeGatekeeper",
"isVerified": true,
"address": "eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "Governance contract functioning like an upgrade timelock for downstream contracts. The current delay is 21d and can be entirely skipped by Lighter Multisig.\n* Roles:\n * **getMaster**: Lighter Multisig 2\n * **securityCouncilAddress**: Lighter Multisig",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67#code"
},
{
"name": "Governance",
"isVerified": true,
"address": "eth:0xa464DA0B43f80EE3FfC4795cbbFC78472b5c81A1",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0x46D3C0c01D5DAae4FE8e3f54f32901d9Fbde1f08"
]
},
"chain": "ethereum",
"pastUpgrades": [],
"description": "Manages the list of validators and the network governor.\n* Roles:\n * **admin**: UpgradeGatekeeper; ultimately Lighter Multisig 2\n * **networkGovernor**: Lighter Multisig 2\n * **validators**: EOA 1, EOA 2, EOA 3",
"upgradableBy": [
{
"name": "Lighter Multisig 2",
"delay": "21d"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xa464DA0B43f80EE3FfC4795cbbFC78472b5c81A1#code"
},
{
"name": "ZkLighterVerifier",
"isVerified": true,
"address": "eth:0xac3Ce44B6ff4E402858C99D5699ff63131572BaA",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0x05F8176860955D94F974dB0CE8BB4F160AE425a2"
"eth:0xd42b2D9eFD409c2a3074AE4f874F3f42389DB931"
]
},
"chain": "ethereum",
"pastUpgrades": [],
"description": "The main ZK verifier of Lighter, settles the proofs of correct L2 state transition in the case of normal rollup operation.\n* Roles:\n * **admin**: UpgradeGatekeeper; ultimately Lighter Multisig 2",
"upgradableBy": [
{
"name": "Lighter Multisig 2",
"delay": "21d"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xac3Ce44B6ff4E402858C99D5699ff63131572BaA#code"
},
{
"name": "DesertVerifier",
"isVerified": true,
"address": "eth:0xd4460475F00307845082d3a146f36661354FBc67",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "ZK verifier used to verify forced exits during desert mode.\n",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xd4460475F00307845082d3a146f36661354FBc67#code"
}
]
},
"escrows": [
{
"address": "0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7",
"sinceTimestamp": 1737090335,
"tokens": [
"USDC",
"ETH",
"LIT"
],
"contract": {
"isVerified": true,
"address": "eth:0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7",
"upgradeability": {
"proxyType": "zkLighter proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0xe5FB592Ef1b620909000Af0D5fb55a3593026142",
"eth:0x9307350AF47B0C0e7f8cA5ED2D57993aF3a6df1d"
]
},
"chain": "ethereum",
"url": "https://etherscan.io/address/0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7#code"
},
"chain": "ethereum",
"includeInTotal": true,
"chainId": 1
}
],
"risks": [
{
"category": "Funds can be stolen if",
"text": "a contract receives a malicious code upgrade. There is no delay on code upgrades.",
"isCritical": true
}
]
}+1 -1
{
"baseTimestamp": 1767970274,
"baseTimestamp": 1768216772,
"contractsDiscoDriven": true,
"hasDiscoUi": true,
"isDiscoDriven": true,
"permissionsDiscoDriven": true
}+18 -0
+18 -0
{
"creator": "Lighter",
"projectsForTvs": [
{
"projectId": "lighter",
"sinceTimestamp": 1759356000
}
],
"proofSystemInfo": "\n## Description\n\nLighter prover is a zk proving system for Lighter L2 based on [Plonky2](https://github.com/0xPolygonZero/plonky2/tree/main) circuits. It verifies the logic for regular state transition of Lighter L2, as well as state transitions in the “desert mode” when L2 is shut down and users exit, using different sets of circuits. The circuits are proven with a STARK which is wrapped into a Plonk SNARK before settling onchain.\n\n## Proof system\n\n[Plonky2](https://github.com/0xPolygonZero/plonky2) implements a circuit aritmetization based on TurboPlonk over Goldilocks field, but it replaces KZG polynomial commitment scheme with a FRI-based polynomial testing scheme. In this way proving Plonky2 circuits requires no trusted setup, i.e. it is a STARK. \n\nHowever Lighter wraps these STARK in a [gnark](https://github.com/Consensys/gnark) implementation of Plonk over BN254 curve, which requires a trusted setup.\n\n### Circuits\n\nThe proof system operates on Lighter STF circuits and desert mode circuits. All published circuits are available [here](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit), note that the Lighter team has not published the desert circuits yet. \n\nLighter proof system defines circuits for proving all transactions, including internal, L1 and L2 transactions. The full list of available transactions that define Lighter STF can be seen [here](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/transactions). \n\nTransaction circuits use custom implementations for arithmetic operations ([bigint](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/bigint), [uint](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/uint)), cryptographic primitives ([ecdsa](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/ecdsa) on the Secp256k1 curve, [eddsa](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/eddsa) on the ECgFp5 curve, [keccak](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/keccak), [poseidon_bn128](https://github.com/elliottech/lighter-prover/tree/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/poseidon_bn128)) and other helper circuits.\n\n### Recursion\n\nLighter prover implements recursive aggregation of transaction proofs to make the whole pipeline more efficient and parallelizable. First, fixed-size blocks of consecutive transactions are processed and proven by [BlockTx circuit](https://github.com/elliottech/lighter-prover/blob/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/block_tx_constraints.rs), which can be done on separate machines. Next, arbitrary number of BlockTx proofs are aggregated into a single proof by [BlockTxChain circuit](https://github.com/elliottech/lighter-prover/blob/053ceda7c59a9a0e05997661ca5a1bb7a92bb267/circuit/src/block_tx_chain_constraints.rs), which includes continuity checks across all BlockTx proofs.\n",
"techStack": {
"snark": [
{
"id": "Plonky2",
"type": "Plonk",
"name": "Plonky2",
"description": "Toolkit for developing transparent SNARKs based on PLONK and FRI developed by Polygon Zero team."
},
{
"id": "Goldilocks",
"type": "Field",
"name": "Goldilocks",
"description": "Prime field of order p = 2**64 - 2**32 + 1."
},
{
"id": "CustomCircuits",
"type": "Other",
"name": "App-specific circuits",
"description": "This project uses custom app-specific ZK circuits."
}
],
"finalWrap": [
{
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
{
"id": "BN254",
"type": "curve",
"name": "BN254",
"description": "BN254, aka BN256, aka alt_bn128 pairing-friendly 254-bit prime field Weierstrass elliptic curve."
}
]
},
"trustedSetups": [
{
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"id": "AztecIgnition",
"name": "Aztec Ignition",
"risk": "green",
"shortDescription": "Aztec Ignition is a trusted setup ceremony that was run by Aztec for KZG commitment over BN254 curve in 2019. It included 176 participants and was publicly open for participation.",
"longDescription": " \n Aztec Ignition is a trusted setup ceremony for KZG commitments over BN254 curve that was run by Aztec for KZG commitment over BN254 curve in 2019. \n It included 176 participants and was publicly open for participation.\n \n - Github repo to download and verify the ceremony artifacts: [https://github.com/AztecProtocol/ignition-verification](https://github.com/AztecProtocol/ignition-verification).\n - Github repo with instructions for ceremony participants: [https://github.com/AztecProtocol/Setup](https://github.com/AztecProtocol/Setup).\n - Ceremony announcement with a call to participate: [https://aztec.network/blog/announcing-ignition](https://aztec.network/blog/announcing-ignition).\n "
}
],
"verifierHashes": [
{
"hash": "0x3851046274646dacb2a19e53e45ef7f69f78f052f2033db62cb9c6024d6cd42f",
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"knownDeployments": [
{
"address": "0xd42b2D9eFD409c2a3074AE4f874F3f42389DB931",
"chain": "ethereum"
}
],
"verificationStatus": "unsuccessful",
"verificationSteps": "Jan 12 2026: At the moment of writing, Lighter team has not published the sources of this verifier so it cannot be regenerated.",
"description": "Custom verifier ID: SHA256 hash of all VK_... values from the smart contract, abi packed in the same order they are defined."
},
{
"hash": "0x9e4384e13903411340a32aba01d77482c0d2d7b8ae91ef4fcc8725db2a85683b",
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"knownDeployments": [
{
"address": "0x05F8176860955D94F974dB0CE8BB4F160AE425a2",
"chain": "ethereum"
}
],
"verificationStatus": "successful",
"attesters": [
{
"id": "l2beat",
"name": "L2BEAT",
"link": "https://l2beat.com"
}
],
"verificationSteps": "\nThe verification process below is based on the `build_circuits.sh` [script](https://github.com/elliottech/lighter-prover/blob/main/build_circuits.sh) in the lighter-prover repo. It consumed around 100 GiB of memory at the peak, so we recommend rerunning it on a machine with 128 GiB of RAM.\n\nThe steps below are for Ubuntu 24.04 OS.\n\n1. Install rust, gcc, go.\n\n```\ncurl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh\n. .cargo/env\n\nsudo apt update\nsudo apt install build-essential golang-go\ngo version\n```\n \n2. Run the correct version of the script to regenerate the keys.\n\n```\ngit clone https://github.com/elliottech/lighter-prover.git\ncd lighter-prover\ngit checkout d0ff2304aea516b22f3a5223881006b6a9af1cc9\nchmod +x build_circuits.sh\n./build_circuits.sh\n```\n\nThe script will generate the `final::....sol` file that contains the verifier smart contract with the verification keys.\n ",
"description": "Custom verifier ID: SHA256 hash of all VK_... values from the smart contract, abi packed in the same order they are defined."
},
{
"hash": "0xc3d58029fabf2a93d6cb9b96315c484e4bea2e238aaa081460c9027863c650e7",
"proofSystem": {
"id": "Gnark",
"type": "Plonk",
"name": "Gnark",
"description": "Consensys implementation of Plonk proving system written in Go."
},
"knownDeployments": [
{
"address": "0xd4460475F00307845082d3a146f36661354FBc67",
"chain": "ethereum"
}
],
"verificationStatus": "unsuccessful",
"verificationSteps": "The sources for desert verifier circuits are not published and thus the verifier cannot be independently regenerated.",
"description": "Custom verifier ID: SHA256 hash of all VK_... values from the smart contract, abi packed in the same order they are defined."
}
]
}