Consequence: projects without a proper proof system fully rely on single entities to safely update the state. A malicious proposer can finalize an invalid state, which can cause loss of funds.

Learn more about the recategorisation here.

Value Secured

Canonical

External

Native

Onchain costs

Calldata

Blobs

Compute

Overhead

Milestones & Incidents

Lambda Chain Mainnet Launch

2024 Apr 17th

Lambda Chain is live on mainnet.

Learn more

Risk summary

Critical contracts can be upgraded by an EOA which could result in the loss of all funds.

Sequencer failureState validationData availabilityExit windowProposer failure

Sequencer failure

Self sequence

In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. There can be up to a 12h delay on this operation.

State validation

None

Currently the system permits invalid state roots. More details in project overview.

Data availability

Onchain

All of the data needed for proof construction is published on Ethereum L1.

Exit window

None

There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.

Proposer failure

Cannot withdraw

Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

Rollup stage

Lambda Chain is a

Stage 0

Optimistic Rollup.

Learn more about Rollup stages

Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.

Technology

Fraud proofs are not enabled

OP Stack projects can use the OP fault proof system, already being deployed on some. This project though is not using fault proofs yet and is relying on the honesty of the permissioned Proposer and Challengers to ensure state correctness. The smart contract system permits invalid state roots.

Funds can be stolen if an invalid state root is submitted to the system (CRITICAL).

L2OutputOracle.sol - source code, deleteL2Outputs function

All data required for proofs is published on chain

All the data that is used to construct the system state is published on chain in the form of cheap blobs or calldata. This ensures that it will be available for enough time.

Operator

The system has a centralized operator

The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.

MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

Users can force any transaction

Because the state of the system is based on transactions submitted on the underlying host chain and anyone can submit their transactions there it allows the users to circumvent censorship by interacting with the smart contract on the host chain directly.

Withdrawals

Regular exit

The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is finalized the funds become available for withdrawal on L1. The process of block finalization takes a challenge period of 7d to complete. Finally the user submits an L1 transaction to claim the funds. This transaction requires a merkle proof.

Funds can be frozen if the centralized validator goes down. Users cannot produce blocks themselves and exiting the system requires new block production (CRITICAL).

Forced exit

If the user experiences censorship from the operator with regular exit they can submit their withdrawal requests directly on L1. The system is then obliged to service this request or halt all withdrawals, including forced withdrawals from L1 and regular withdrawals initiated on L2. Once the force operation is submitted and if the request is serviced, the operation follows the flow of a regular exit.

Forced withdrawal from an OP Stack blockchain

Other considerations

EVM compatible smart contracts are supported

OP stack chains are pursuing the EVM Equivalence model. No changes to smart contracts are required regardless of the language they are written in, i.e. anything deployed on L1 can be deployed on L2.

Introducing EVM Equivalence

Permissions

The system uses the following set of permissioned addresses:

Challenger EOA 2

Challenger is an actor allowed to challenge or delete state roots proposed by a Proposer.

Guardian EOA 1

Guardian is an actor allowed to pause deposits and withdrawals.

Proposer EOA 3

Proposer is an actor allowed to post new state roots of the current layer to the host chain.

Sequencer EOA 4

Sequencer is an actor allowed to commit transactions from the current layer to the host chain.

GnosisSafe 0x0b48…a501

A Gnosis Safe with 1 / 1 threshold.
Can act on behalf of ProxyAdmin.

Participants (1):

EOA 1

EOA 2 0x864A…9043

A Challenger.

EOA 3 0xC16E…1907

A Proposer.

EOA 1 0xD5FD…Ea40

Member of GnosisSafe.
Can change the configuration of AddressManager (acting via ProxyAdmin, GnosisSafe) - set and change address mappings.
Can change the configuration of SystemConfig - it can update the preconfer address, the batch submitter (Sequencer) address and the gas configuration of the system.
A Guardian.
Can upgrade the implementation of SuperchainConfig, L2OutputOracle, OptimismMintableERC20Factory, OptimismPortal, L1ERC721Bridge, SystemConfig (acting via ProxyAdmin, GnosisSafe).
Can upgrade the implementation of L1StandardBridge (acting via ProxyAdmin, GnosisSafe) - upgrading the bridge implementation can give access to all funds escrowed therein.

EOA 4 0xDeC2…12Fb

A Sequencer.

Smart contracts

A diagram of the smart contract architecture

The system consists of the following smart contracts on the host chain (Ethereum):

SuperchainConfig 0x01Cf…4E2c Implementation (Upgradable)Admin

This is NOT the shared SuperchainConfig contract of the OP stack Superchain but rather a local fork. It manages the PAUSED_SLOT, a boolean value indicating whether the local chain is paused, and GUARDIAN_SLOT, the address of the guardian which can pause and unpause the system.

Can be upgraded by:

EOA 1

Upgrade delay: No delay

ProxyAdmin 0x04d5…EB9f

Can be used to configure AddressManager - set and change address mappings.
Can be used to upgrade implementation of SuperchainConfig, L2OutputOracle, OptimismMintableERC20Factory, OptimismPortal, L1ERC721Bridge, SystemConfig.
Can be used to upgrade implementation of L1StandardBridge - upgrading the bridge implementation can give access to all funds escrowed therein.

L2OutputOracle 0x2297…594A Implementation (Upgradable)Admin

Contains a list of proposed state roots which Proposers assert to be a result of block execution. Currently only the PROPOSER address can submit new state roots.

Can be upgraded by:

EOA 1

Upgrade delay: No delay

OptimismMintableERC20Factory 0x5C3D…75A4 Implementation (Upgradable)Admin

A helper contract that generates OptimismMintableERC20 contracts on the network it’s deployed to. OptimismMintableERC20 is a standard extension of the base ERC20 token contract designed to allow the L1StandardBridge contracts to mint and burn tokens. This makes it possible to use an OptimismMintablERC20 as this chain’s representation of a token on the host chain, or vice-versa.

Can be upgraded by:

EOA 1

Upgrade delay: No delay

AddressManager 0x6248…0376

Legacy contract used to manage a mapping of string names to addresses. Modern OP stack uses a different standard proxy system instead, but this contract is still necessary for backwards compatibility with several older contracts.

OptimismPortal 0x7288…0054 Implementation (Upgradable)Admin

The main entry point to deposit funds from host chain to this chain. It also allows to prove and finalize withdrawals. This contract stores the following tokens: ETH.

Can be upgraded by:

EOA 1

Upgrade delay: No delay

L1CrossDomainMessenger 0x78B5…8EB7 Implementation (Upgradable)

Sends messages from host chain to this chain, and relays messages back onto host chain. In the event that a message sent from host chain to this chain is rejected for exceeding this chain’s epoch gas limit, it can be resubmitted via this contract’s replay function.

L1ERC721Bridge 0x8334…2D94 Implementation (Upgradable)Admin

Used to bridge ERC-721 tokens from host chain to this chain.

Can be upgraded by:

EOA 1

Upgrade delay: No delay

SystemConfig 0xae80…a7a8 Implementation (Upgradable)Admin

Contains configuration parameters such as the Sequencer address, gas limit on this chain and the unsafe block signer address.

Can be upgraded by:

EOA 1

Upgrade delay: No delay

L1StandardBridge 0xEEBd…408F Implementation (Upgradable)Admin

The main entry point to deposit ERC20 tokens from host chain to this chain. This contract can store any token.