Search

Search for projects by name

SummaryValue SecuredActivityMilestones & IncidentsRisk summaryRisk analysisData availabilityState validationOperatorWithdrawalsOther considerationsPermissionsSmart contracts

Manta Pacific logoManta Pacific

Badges

About

Manta Pacific is an Optimium empowering EVM-native zero-knowledge (ZK) applications and general dapps.

Value secured
$308.32 M3.26%
Canonically Bridged
$87.89 M
Natively Minted
$86.17 M
Externally Bridged
$134.26 M
View TVS Breakdown
  • Tokens
  • Past day UOPS
    1.4130.7%
  • 30D ops count
    4.74 M
  • Gas token
    ETH
  • Type
    Optimium
  • Purpose
    Universal
    • Sequencer failureState validationData availabilityExit windowProposer failure

    Badges

    About

    Manta Pacific is an Optimium empowering EVM-native zero-knowledge (ZK) applications and general dapps.

    Recategorisation

    44d
    06h
    28m
    55s

    The project will be classified as "Other" due to its specific risks that set it apart from the standard classifications.

    The project will move to Others because:

    The proof system isn't fully functional

    Consequence: projects without a proper proof system fully rely on single entities to safely update the state. A malicious proposer can finalize an invalid state, which can cause loss of funds.

    There is no data availability bridge

    Consequence: projects without a data availability bridge fully rely on single entities (the sequencer) to honestly rely available data roots on Ethereum. A malicious sequencer can collude with the proposer to finalize an unavailable state, which can cause loss of funds.

    Learn more about the recategorisation
    Value Secured

    2024 May 05 — 2025 May 05

    Total value securedTotal
    $308.32 M3.26%
    Canonically BridgedCanonically Bridged ValueCanonical
    $87.89 M1.11%
    Natively MintedNatively Minted TokensNative
    $86.17 M12.0%
    Externally BridgedExternally Bridged ValueExternal
    $134.26 M0.32%
    View TVS breakdown
    Activity

    2024 May 05 — 2025 May 04

    Milestones & Incidents

    Manta Pacific Network Launch

    2023 Sep 12th

    Manta Pacific is live on mainnet.

    Learn more
    Risk summary

    Funds can be lost if

    1. the sequencer posts an unavailable transaction root (CRITICAL),
    2. the data is not available on the external provider (CRITICAL).

    Funds can be frozen if

    1. the centralized validator goes down. Users cannot produce blocks themselves and exiting the system requires new block production (CRITICAL).

    MEV can be extracted if

    1. the operator exploits their centralized position and frontruns user transactions.
    Risk analysis
    Sequencer failureState validationData availabilityExit windowProposer failure
    Sequencer failure
    Self sequence

    In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. There can be up to a 12h delay on this operation.

    State validation
    None

    Currently the system permits invalid state roots. More details in project overview.

    Data availability
    External

    Proof construction and state derivation fully rely on data that is posted on Celestia. Sequencer tx roots are not checked against the Blobstream bridge data roots onchain, but L2 nodes can verify data availability by running a Celestia light client.

    Exit window
    None

    There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.

    Proposer failure
    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    Data availability

    Data is posted to Celestia

    Transactions roots are posted onchain and the full data is posted on Celestia. Since the Blobstream bridge is not used, availability of the data is not verified against Celestia validators, meaning that the Sequencer can single-handedly publish unavailable roots.

    • Funds can be lost if the sequencer posts an unavailable transaction root (CRITICAL).

    • Funds can be lost if the data is not available on the external provider (CRITICAL).

    1. Introducing Blobstream: streaming modular DA to Ethereum
    2. Derivation: Batch submission - OP Mainnet specs
    3. BatchInbox - address
    4. OptimismPortal.sol - source code, depositTransaction function
    State validation
    No state validation

    OP Stack projects can use the OP fault proof system, already being deployed on some. This project though is not using fault proofs yet and is relying on the honesty of the permissioned Proposer and Challengers to ensure state correctness. The smart contract system permits invalid state roots.

    • Funds can be stolen if an invalid state root is submitted to the system (CRITICAL).

    1. L2OutputOracle.sol - source code, deleteL2Outputs function
    Operator

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    1. L2OutputOracle.sol - source code, CHALLENGER address
    2. L2OutputOracle.sol - source code, PROPOSER address

    Users can force any transaction

    Because the state of the system is based on transactions submitted on the underlying host chain and anyone can submit their transactions there it allows the users to circumvent censorship by interacting with the smart contract on the host chain directly.

    1. Sequencing Window - OP Mainnet Specs
    2. OptimismPortal.sol - source code, depositTransaction function
    Withdrawals

    Regular messaging

    The user initiates L2->L1 messages by submitting a regular transaction on this chain. When the block containing that transaction is settled, the message becomes available for processing on L1. The process of block finalization takes a challenge period of 3d to complete.

    • Funds can be frozen if the centralized validator goes down. Users cannot produce blocks themselves and exiting the system requires new block production (CRITICAL).

    1. OptimismPortal.sol - source code, proveWithdrawalTransaction function
    2. OptimismPortal.sol - source code, finalizeWithdrawalTransaction function
    3. L2OutputOracle.sol - source code, PROPOSER check

    Forced messaging

    If the user experiences censorship from the operator with regular L2->L1 messaging they can submit their messages directly on L1. The system is then obliged to service this request or halt all messages, including forced withdrawals from L1 and regular messages initiated on L2. Once the force operation is submitted and if the request is serviced, the operation follows the flow of a regular message.

    1. Forced withdrawal from an OP Stack blockchain
    Other considerations

    EVM compatible smart contracts are supported

    OP stack chains are pursuing the EVM Equivalence model. No changes to smart contracts are required regardless of the language they are written in, i.e. anything deployed on L1 can be deployed on L2.

    1. Introducing EVM Equivalence
    Permissions

    Ethereum

    Roles:

    Challenger EOA 1

    Allowed to challenge or delete state roots proposed by a Proposer.

    Guardian EOA 1

    Allowed to pause deposits and withdrawals. In op stack systems with a proof system, the Guardian can also blacklist dispute games and set the respected game type (permissioned / permissionless).

    Proposer 0x853b…0aCa

    Allowed to post new state roots of the current layer to the host chain.

    Sequencer 0xA76E…533F

    Allowed to commit transactions from the current layer to the host chain.

    Actors:

    MantaMultisig 0x3c46…a01E
    • A Multisig with 5/7 threshold.
    • Can act on behalf of ProxyAdmin.
    • Is allowed to interact with AddressManager - set and change address mappings - acting via ProxyAdmin.
    • Can upgrade the implementation of L2OutputOracle, SystemConfig, OptimismPortal - acting via ProxyAdmin.
    • Can upgrade the implementation of L1StandardBridge - upgrading the bridge implementation can give access to all funds escrowed therein - acting via ProxyAdmin.

    Participants (7):

    0x12ee…C76AEOA 1Caldera0xB449…07700xDC80…5cdd0x9212…BC6D0x35Ae…4FaD
    EOA 1 0x4b1A…9fe5
    • Member of MantaMultisig.
    • A Challenger.
    • A Guardian.
    • Is allowed to interact with SystemConfig - it can update the preconfer address, the batch submitter (Sequencer) address and the gas configuration of the system.
    Smart contracts
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    Ethereum

    L2OutputOracle 0x30c7…5C1DImplementation (Upgradable)Admin

    Contains a list of proposed state roots which Proposers assert to be a result of block execution. Currently only the PROPOSER address can submit new state roots.

    Can be upgraded by:
    MantaMultisig with no delay
    SystemConfig 0x895E…1a5DImplementation (Upgradable)Admin

    Contains configuration parameters such as the Sequencer address, gas limit on this chain and the unsafe block signer address.

    Can be upgraded by:
    MantaMultisig with no delay
    OptimismPortal 0x9168…7622Implementation (Upgradable)Admin

    The main entry point to deposit funds from host chain to this chain. It also allows to prove and finalize withdrawals. This contract stores the following tokens: ETH.

    Can be upgraded by:
    MantaMultisig with no delay
    L1StandardBridge 0x3B95…15E5Implementation (Upgradable)Admin

    The main entry point to deposit ERC20 tokens from host chain to this chain. This contract can store any token.

    Can be upgraded by:
    MantaMultisig with no delay
    L1CrossDomainMessenger 0x635b…c310Implementation (Upgradable)

    Sends messages from host chain to this chain, and relays messages back onto host chain. In the event that a message sent from host chain to this chain is rejected for exceeding this chain’s epoch gas limit, it can be resubmitted via this contract’s replay function.

    ProxyAdmin 0xa2DC…e8D1
    • Can be used to interact with AddressManager - set and change address mappings.
    • Can be used to upgrade implementation of L2OutputOracle, SystemConfig, OptimismPortal.
    • Can be used to upgrade implementation of L1StandardBridge - upgrading the bridge implementation can give access to all funds escrowed therein.

    Value Secured is calculated based on these smart contracts and tokens:

    Generic escrow 0x3B95…15E5Implementation (Upgradable)Admin

    Main entry point for users depositing ERC20 token that do not require custom gateway.

    Can be upgraded by:
    ProxyAdmin with no delay
    Escrow for ETH 0x9168…7622Implementation (Upgradable)Admin

    Main entry point for users depositing ETH.

    Can be upgraded by:
    ProxyAdmin with no delay

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).