SummaryChartMilestonesDescriptionRisk analysisRollup stageTechnologyState derivationOperatorWithdrawalsOther considerationsPermissionsSmart contractsKnowledge nuggets

Base logoBase

Value Locked

$628 M

7.01%

Canonically Bridged
$467 M (75%)
Externally Bridged
$2.02 M (0%)
Natively Minted
$158 M (25%)
View TVL Breakdown
  • Breakdown
  • Daily TPS
    2.3218.45%
  • 30D tx count
    7.24 M
  • Stage
    Stage 0
  • Technology
    Optimistic Rollup
  • Purpose
    Universal

    • Chart

    ...

    Tokens

    Choose token

    Natively Minted Tokens
    USD Coin (USDC)
    Externally Bridged Tokens
    SmarDex (SDEX)
    Canonically Bridged Tokens (Top 15)
    Ether (ETH)
    USD Coin (USDbC)
    Dai Stablecoin (DAI)
    Wrapped liquid staked Ether 2.0 (wstETH)
    Rocket Pool ETH (rETH)
    Curve DAO Token (CRV)
    Balancer (BAL)
    Compound (COMP)
    yearn.finance (YFI)
    Reserve Rights (RSR)
    LUSD Stablecoin (LUSD)
    SushiToken (SUSHI)
    Kyber Network Crystal v2 (KNC)
    1INCH Token (1INCH)
    Synthetix Network Token (SNX)
    View TVL Breakdown

    Milestones

    Base Mainnet Launch

    2023 Jul 13th

    Base is live on mainnet.

    Learn more
    Show more

    Description

    Fraud proof system is currently under development. Users need to trust the block proposer to submit correct L1 state roots.

    Base is an Optimistic Rollup that has been developed on the Ethereum network, utilizing OP Stack technology.

    If you find something wrong on this page you can submit an issue or edit the information.

    Risk analysis

    Sequencer failureState validationData availabilityUpgradeabilityProposer failure

    State validation

    In development

    Currently the system permits invalid state roots. More details in project overview.

    Data availability

    On chain

    All of the data needed for proof construction is published on chain.

    Upgradeability

    Yes

    The code that secures the system can be changed arbitrarily and without notice.

    Sequencer failure

    Self sequence

    In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. There is a 12h delay on this operation.

    Proposer failure

    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    Rollup stage

    BaseBase is a
    Stage 0
    Optimistic Rollup.
    Learn more about Rollup stages
    Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.

    Technology

    Fraud proofs are in development

    Ultimately, OP stack chains will use interactive fraud proofs to enforce state correctness. This feature is currently in development and the system permits invalid state roots.

    • Funds can be stolen if an invalid state root is submitted to the system (CRITICAL).

    1. L2OutputOracle.sol#L141 - Etherscan source code, deleteL2Outputs function

    All transaction data is recorded on chain

    All executed transactions are submitted to an on chain smart contract. The execution of the rollup is based entirely on the submitted transactions, so anyone monitoring the contract can know the correct state of the rollup chain.

    1. BatchInbox - Etherscan address
    2. OptimismPortal.sol#L434 - Etherscan source code, depositTransaction function

    State derivation

    Node software

    Base node is open-sourced and built on Optimism’s open-source OP Stack with no modification. The configuration file for Base Mainnet can be found here.

    Compression scheme

    Data batches are compressed using the zlib algorithm with best compression level.

    Genesis state

    The genesis file can be found here.

    Data format

    Batch submission format can be found here.

    Operator

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    1. L2OutputOracle.sol#L30 - Etherscan source code, CHALLENGER address
    2. L2OutputOracle.sol#L35 - Etherscan source code, PROPOSER address
    3. Decentralizing the sequencer - OP Stack docs

    Users can force any transaction

    Because the state of the system is based on transactions submitted on-chain and anyone can submit their transactions there it allows the users to circumvent censorship by interacting with the smart contract directly.

    1. OptimismPortal.sol#L434 - Etherscan source code, depositTransaction function

    Withdrawals

    Regular exit

    The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is finalized the funds become available for withdrawal on L1. The process of block finalization usually takes several days to complete. Finally the user submits an L1 transaction to claim the funds. This transaction requires a merkle proof.

    • Funds can be frozen if the centralized validator goes down. Users cannot produce blocks themselves and exiting the system requires new block production (CRITICAL).

    1. OptimismPortal.sol#L242 - Etherscan source code, proveWithdrawalTransaction function
    2. OptimismPortal.sol#325 - Etherscan source code, finalizeWithdrawalTransaction function
    3. L2OutputOracle.sol#L185 - Etherscan source code, PROPOSER check

    Forced exit

    If the user experiences censorship from the operator with regular exit they can submit their withdrawal requests directly on L1. The system is then obliged to service this request or halt all withdrawals, including forced withdrawals from L1 and regular withdrawals initated on L2. Once the force operation is submitted and if the request is serviced, the operation follows the flow of a regular exit.

    1. Forced withdrawal from an OP Stack blockchain

    Other considerations

    EVM compatible smart contracts are supported

    OP stack chains are pursuing the EVM Equivalence model. No changes to smart contracts are required regardless of the language they are written in, i.e. anything deployed on L1 can be deployed on L2.

    1. Introducing EVM Equivalence

    Permissions

    The system uses the following set of permissioned addresses:

    AdminMultisig 0x7bB4…595c

    This address is the owner of the ProxyAdmin. It can upgrade the bridge implementation potentially gaining access to all funds. This is a Gnosis Safe with 2 / 2 threshold.

    AdminMultisig participants 0x9855…46A10x9BA6…6b3A

    Those are the participants of the AdminMultisig.

    GuardianMultisig 0x1453…E056

    Address designated as a Guardian of the OptimismPortal, meaning it can halt withdrawals. It’s the owner of SystemConfig, which allows to update the sequencer address. Moreover, it can challenge state roots without going through the fault proof process. This is a Gnosis Safe with 3 / 6 threshold.

    GuardianMultisig participants 0xa3D3…202D0x8e5d…2C4F0x969f…653D0xa7a5…8a180xBECA…4DE20x4924…3839

    Those are the participants of the GuardianMultisig.

    BaseMultisig 0x9855…46A1

    Core multisig of the Base team, it’s a member of the AdminMultisig, meaning it can upgrade the bridge implementation potentially gaining access to all funds. This is a Gnosis Safe with 3 / 6 threshold.

    BaseMultisig participants 0x6CD3…De500x3cd6…A9a10x1d0D…8Ec50x3Dad…c18E0xB011…62F70xf9e3…177c

    Those are the participants of the BaseMultisig.

    OptimismMultisig 0x9BA6…6b3A

    Core multisig of the Optimism team, it can challenge state roots without going through the fault proof process. It’s also a member of the AdminMultisig, meaning it can upgrade the bridge implementation potentially gaining access to all funds. This is a Gnosis Safe with 5 / 7 threshold.

    OptimismMultisig participants 0x42d2…9c640x3041…16230xE7dE…d02e0xBF93…a2c80x4D01…6d150x7cB0…C54f0x9bbF…31aa

    Those are the participants of the OptimismMultisig.

    ProxyAdmin 0x0475…059E

    Owner of AddressManager. Admin of OptimismPortal, SystemConfig, L2OutputOracle, L1ERC721Bridge, OptimismMintableERC20Factory, L1StandardBridge.

    Sequencer 0x5050…76C9

    Central actor allowed to commit L2 transactions to L1.

    Proposer 0x6422…52c5

    Central actor allowed to post new L2 state roots to L1.

    Challenger 0x6F8C…7824

    Central actor allowed to delete L2 state roots proposed by a Proposer.

    Guardian 0x1453…E056

    Central actor allowed to pause deposits and withdrawals.

    Smart contracts

    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    The system consists of the following smart contracts:

    L2OutputOracle 0x5631…18A0Implementation (Upgradable)Admin

    The L2OutputOracle contract contains a list of proposed state roots which Proposers assert to be a result of block execution. Currently only the PROPOSER address can submit new state roots.

    Can be upgraded by: ProxyAdmin

    Upgrade delay: No delay

    OptimismPortal 0x4904…E97eImplementation (Upgradable)Admin

    The OptimismPortal contract is the main entry point to deposit funds from L1 to L2. It also allows to prove and finalize withdrawals. This contract stores the following tokens: ETH.

    Can be upgraded by: ProxyAdmin

    Upgrade delay: No delay

    SystemConfig 0x73a7…4072Implementation (Upgradable)Admin

    It contains configuration parameters such as the Sequencer address, the L2 gas limit and the unsafe block signer address.

    Can be upgraded by: ProxyAdmin

    Upgrade delay: No delay

    L1CrossDomainMessenger 0x866E…0AfaImplementation (Upgradable)

    The L1CrossDomainMessenger (L1xDM) contract sends messages from L1 to L2, and relays messages from L2 onto L1. In the event that a message sent from L1 to L2 is rejected for exceeding the L2 epoch gas limit, it can be resubmitted via this contract’s replay function.

    Can be upgraded by: ProxyAdmin

    Upgrade delay: No delay

    L1ERC721Bridge 0x608d…1E53Implementation (Upgradable)Admin

    The L1ERC721Bridge contract is the main entry point to deposit ERC721 tokens from L1 to L2.

    Can be upgraded by: ProxyAdmin

    Upgrade delay: No delay

    Challenger1of2 0x6F8C…7824

    This contract is the permissioned challenger of the system. It can delete non finalized roots without going through the fault proof process. It is functionally equivalent to a 1/2 multisig where neither party can remove the other’s permission to execute a Challenger call. It is controlled by the GuardianMultisig and the OptimismMultisig.

    Value Locked is calculated based on these smart contracts and tokens:

    Generic escrow 0x3154…2C35Implementation (Upgradable)Admin

    Main entry point for users depositing ERC20 token that do not require custom gateway.

    Can be upgraded by: ProxyAdmin

    Upgrade delay: No delay

    Escrow for ETH 0x4904…E97eImplementation (Upgradable)Admin

    Main entry point for users depositing ETH.

    Can be upgraded by: ProxyAdmin

    Upgrade delay: No delay

    Escrow for wstETH 0x9de4…1e72Implementation (Upgradable)Admin

    wstETH Vault for custom wstETH Gateway. Fully controlled by Lido governance.

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Knowledge nuggets

    How Optimism compresses data

    Learn more

    Bedrock Explainer

    Learn more

    Modular Rollup Theory

    Learn more