Search

Search for projects by name

Ham logoHam

Badges

About

Ham Chain is an OP stack Optimium L3 on Base enabling Tips and SocialFi on the Farcaster social network.


Value Locked
$734.60 K19.9%
Canonically Bridged
$734.60 K
Externally Bridged
$0.00
Natively Minted
$0.00

  • Tokens
  • Daily UOPS
    0.977.71%
  • 30D ops count
    2.48 M

  • Type
    Optimium
  • Purposes
    Universal, Social
  • Host chain
    Base
  • Sequencer failureState validationData availabilityExit windowProposer failure

    Badges

    About

    Ham Chain is an OP stack Optimium L3 on Base enabling Tips and SocialFi on the Farcaster social network.


    Recategorisation

    179d
    10h
    04m
    58s

    The project will be classified as "Other" due to its specific risks that set it apart from the standard classifications.

    The project will move to Others because:

    The proof system isn't fully functional

    Consequence: projects without a proper proof system fully rely on single entities to safely update the state. A malicious proposer can finalize an invalid state, which can cause loss of funds.

    There is no data availability bridge

    Consequence: projects without a data availability bridge fully rely on single entities (the sequencer) to honestly rely available data roots on Ethereum. A malicious sequencer can collude with the proposer to finalize an unavailable state, which can cause loss of funds.

    Learn more about the recategorisation here.

    Value Locked
    Canonical
    External
    Native
    Activity
    Ham
    Ethereum
    Risk summary
    There are 3 additional risks coming from the hostchain Base logoBase
    Fraud proof system is currently under development. Users need to trust the block proposer to submit correct L1 state roots.
    Risk analysis
    The L3 risks depend on the individual properties of L3 and those of the host chain combined.
    Fraud proof system is currently under development. Users need to trust the block proposer to submit correct L1 state roots.
    SEQUENCER
    FAILURE
    STATE
    VALIDATION
    DATA
    AVAILABILITY
    EXIT WINDOWPROPOSER
    FAILURE
    Base
    L2
    Self sequenceFraud proofs (INT)OnchainNoneSelf propose
    Ham
    L3 • Individual
    Self sequenceNoneExternalNoneCannot withdraw
    Ham
    L3 • Combined
    Self sequenceNoneExternalNoneCannot withdraw
    L2 & L3 individual risks
    Sequencer failureState validationData availabilityExit windowProposer failure
    L3 combined risks
    Sequencer failureState validationData availabilityExit windowProposer failure

    L3 combined risks
    The information below reflects combined L2 & L3 risks.

    Sequencer failure

    Self sequence

    In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. There is a 1d delay on this operation.

    State validation

    None

    Currently the system permits invalid state roots. More details in project overview.

    Data availability

    External

    Proof construction and state derivation fully rely on data that is posted on Celestia. Sequencer tx roots are not checked against the Blobstream bridge data roots onchain, but L2 nodes can verify data availability by running a Celestia light client.

    Exit window

    None

    There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.

    Proposer failure

    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    Technology
    The section considers only the L3 properties. For more details please refer to Base logoBase

    Fraud proofs are not enabled

    OP Stack projects can use the OP fault proof system, already being deployed on some. This project though is not using fault proofs yet and is relying on the honesty of the permissioned Proposer and Challengers to ensure state correctness. The smart contract system permits invalid state roots.

    • Funds can be stolen if an invalid state root is submitted to the system (CRITICAL).

    1. L2OutputOracle.sol - Etherscan source code, deleteL2Outputs function

    Data is posted to Celestia

    Transactions roots are posted onchain and the full data is posted on Celestia. Since the Blobstream bridge is not used, availability of the data is not verified against Celestia validators, meaning that the Sequencer can single-handedly publish unavailable roots.

    • Funds can be lost if the sequencer posts an unavailable transaction root (CRITICAL).

    • Funds can be lost if the data is not available on the external provider (CRITICAL).

    1. Introducing Blobstream: streaming modular DA to Ethereum
    2. Derivation: Batch submission - OP Mainnet specs
    3. BatchInbox - Etherscan address
    4. OptimismPortal.sol - Etherscan source code, depositTransaction function
    Learn more about the DA layer here: Celestia logoCelestia
    Operator
    The section considers only the L3 properties. For more details please refer to Base logoBase

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    1. L2OutputOracle.sol - Etherscan source code, CHALLENGER address
    2. L2OutputOracle.sol - Etherscan source code, PROPOSER address

    Users can force any transaction

    Because the state of the system is based on transactions submitted on the underlying host chain and anyone can submit their transactions there it allows the users to circumvent censorship by interacting with the smart contract on the host chain directly.

    1. Sequencing Window - OP Mainnet Specs
    2. OptimismPortal.sol - Etherscan source code, depositTransaction function
    Withdrawals
    The section considers only the L3 properties. For more details please refer to Base logoBase

    Regular exit

    The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is finalized the funds become available for withdrawal on L1. The process of block finalization takes a challenge period of 7d to complete. Finally the user submits an L1 transaction to claim the funds. This transaction requires a merkle proof.

    • Funds can be frozen if the centralized validator goes down. Users cannot produce blocks themselves and exiting the system requires new block production (CRITICAL).

    1. OptimismPortal.sol - Etherscan source code, proveWithdrawalTransaction function
    2. OptimismPortal.sol - Etherscan source code, finalizeWithdrawalTransaction function
    3. L2OutputOracle.sol - Etherscan source code, PROPOSER check

    Forced exit

    If the user experiences censorship from the operator with regular exit they can submit their withdrawal requests directly on L1. The system is then obliged to service this request or halt all withdrawals, including forced withdrawals from L1 and regular withdrawals initiated on L2. Once the force operation is submitted and if the request is serviced, the operation follows the flow of a regular exit.

    1. Forced withdrawal from an OP Stack blockchain
    Other considerations

    EVM compatible smart contracts are supported

    OP stack chains are pursuing the EVM Equivalence model. No changes to smart contracts are required regardless of the language they are written in, i.e. anything deployed on L1 can be deployed on L2.

    1. Introducing EVM Equivalence
    Permissions

    The system uses the following set of permissioned addresses:

    Guardian is an actor allowed to pause deposits and withdrawals.

    Used in:

    Challenger EOA 1

    Challenger is an actor allowed to challenge or delete state roots proposed by a Proposer.

    Proposer EOA 3

    Proposer is an actor allowed to post new state roots of the current layer to the host chain.

    Sequencer EOA 2

    Sequencer is an actor allowed to commit transactions from the current layer to the host chain.

    HamMultisig1 0x211A…6aEA
    • A Gnosis Safe with 3 / 4 threshold.
    • Can act on behalf of ProxyAdmin.
    • Can change the configuration of AddressManager (acting via ProxyAdmin) - set and change address mappings.
    • Can upgrade the implementation of L2OutputOracle, OptimismMintableERC20Factory, L1ERC721Bridge, SystemConfig, OptimismPortal, SuperchainConfig (acting via ProxyAdmin).
    • Can upgrade the implementation of L1StandardBridge (acting via ProxyAdmin) - upgrading the bridge implementation can give access to all funds escrowed therein.

    Those are the participants of the HamMultisig1.

    Caldera Multisig 2 0x87Ef…156d
    • A Gnosis Safe with 2 / 3 threshold.
    • Can change the configuration of SystemConfig - it can update the preconfer address, the batch submitter (Sequencer) address and the gas configuration of the system.
    • A Guardian.

    Used in:

    Caldera Multisig 2 participants (3) 0xD616…E9A90x3560…03910x12ee…C76A

    Those are the participants of the Caldera Multisig 2.

    A Challenger.

    Smart contracts

    The system consists of the following smart contracts on the host chain (Base):

    Contains a list of proposed state roots which Proposers assert to be a result of block execution. Currently only the PROPOSER address can submit new state roots.

    Can be upgraded by:

    Upgrade delay: No delay

    A helper contract that generates OptimismMintableERC20 contracts on the network it’s deployed to. OptimismMintableERC20 is a standard extension of the base ERC20 token contract designed to allow the L1StandardBridge contracts to mint and burn tokens. This makes it possible to use an OptimismMintablERC20 as this chain’s representation of a token on the host chain, or vice-versa.

    Can be upgraded by:

    Upgrade delay: No delay

    Sends messages from host chain to this chain, and relays messages back onto host chain. In the event that a message sent from host chain to this chain is rejected for exceeding this chain’s epoch gas limit, it can be resubmitted via this contract’s replay function.

    ProxyAdmin 0x5eC2…7B49
    • Can be used to configure AddressManager - set and change address mappings.
    • Can be used to upgrade implementation of L2OutputOracle, OptimismMintableERC20Factory, L1ERC721Bridge, SystemConfig, OptimismPortal, SuperchainConfig.
    • Can be used to upgrade implementation of L1StandardBridge - upgrading the bridge implementation can give access to all funds escrowed therein.

    Used to bridge ERC-721 tokens from host chain to this chain.

    Can be upgraded by:

    Upgrade delay: No delay

    The main entry point to deposit ERC20 tokens from host chain to this chain. This contract can store any token. This contract can store any token.

    Can be upgraded by:

    Upgrade delay: No delay

    Contains configuration parameters such as the Sequencer address, gas limit on this chain and the unsafe block signer address.

    Can be upgraded by:

    Upgrade delay: No delay

    AddressManager 0xd2e0…25eE

    Legacy contract used to manage a mapping of string names to addresses. Modern OP stack uses a different standard proxy system instead, but this contract is still necessary for backwards compatibility with several older contracts.

    The main entry point to deposit funds from host chain to this chain. It also allows to prove and finalize withdrawals. This contract stores the following tokens: ETH.

    Can be upgraded by:

    Upgrade delay: No delay

    This is NOT the shared SuperchainConfig contract of the OP stack Superchain but rather a local fork. It manages the PAUSED_SLOT, a boolean value indicating whether the local chain is paused, and GUARDIAN_SLOT, the address of the guardian which can pause and unpause the system.

    Can be upgraded by:

    Upgrade delay: No delay

    Value Locked is calculated based on these smart contracts and tokens:

    Main entry point for users depositing ERC20 token that do not require custom gateway.

    Can be upgraded by:

    Upgrade delay: No delay

    Main entry point for users depositing ETH.

    Can be upgraded by:

    Upgrade delay: No delay

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Knowledge nuggets