Merge branch 'main' into angelo/selectable

Author: nategraf

RELEASE.md

@@ -69,9 +69,25 @@
 
    1. Deploy the verifier contract and schedule the update.
 
-   2. After the timelock delay has passed (7 days on mainnet chains and 1 second on testnet), finsh the operation to add the new verifier to the router.
+   2. After the timelock delay has passed (7 days on mainnet chains and 1 second on testnet), finish the operation to add the new verifier to the router.
 
-   3. Document the new addresses and version in the `dev.risczero.com` docs.
+   3. Run the deployment tests to confirm that the state recorded in `deployment.toml` matches the state of the contracts deployed on-chain.
+
+      You can run the tests against a single chain with the following command:
+
+      ```sh
+      # In the contracts directory.
+      FOUNDRY_PROFILE=deployment-test forge test -vv --fork-url="$RPC_URL"
+      ```
+
+      You can run the tests against all supported chains with the following oneliner:
+
+      ```sh
+      # In the contracts directory.
+      for rpcurl in $(yq eval -e ".chains[].rpc-url" deployment_secrets.toml); do FOUNDRY_PROFILE=deployment-test forge test -vv --fork-url="$rpcurl"; done
+      ```
+
+   4. Document the new addresses and version in the `dev.risczero.com` docs.
 
      Use [contracts/generate_contract_address_table.py] to generate the tables. Python 3.11+ is required.
 

contracts/deployment-test/Deployment.t.sol

@@ -0,0 +1,124 @@
+// Copyright 2024 RISC Zero, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+
+pragma solidity ^0.8.9;
+
+import {Test} from "forge-std/Test.sol";
+import {console2} from "forge-std/console2.sol";
+import {TimelockController} from "openzeppelin/contracts/governance/TimelockController.sol";
+import {RiscZeroVerifierRouter} from "../src/RiscZeroVerifierRouter.sol";
+import {IRiscZeroVerifier} from "../src/IRiscZeroVerifier.sol";
+import {ConfigLoader, Deployment, DeploymentLib, VerifierDeployment} from "../src/config/Config.sol";
+
+/// Test designed to be run against a chain with an active deployment of the RISC Zero contracts.
+/// Checks that the deployment matches what is recorded in the deployment.toml file.
+contract DeploymentTest is Test {
+    using DeploymentLib for Deployment;
+
+    Deployment internal deployment;
+
+    TimelockController internal timelockController;
+    RiscZeroVerifierRouter internal router;
+
+    function setUp() external {
+        string memory configPath = vm.envOr("DEPLOYMENT_CONFIG", string("./deployment.toml"));
+        console2.log("Loading deployment config from %s", configPath);
+        ConfigLoader.loadDeploymentConfig(configPath).copyTo(deployment);
+
+        // Wrap the control addresses with their respective contract implementations.
+        // NOTE: These addresses may be zero, so this does not guarantee contracts are deployed.
+        timelockController = TimelockController(payable(deployment.timelockController));
+        router = RiscZeroVerifierRouter(deployment.router);
+    }
+
+    function testAdminIsSet() external view {
+        require(deployment.admin != address(0), "no admin address is set");
+    }
+
+    function testTimelockControllerIsDeployed() external view {
+        require(address(timelockController) != address(0), "no timelock controller address is set");
+        require(
+            keccak256(address(timelockController).code) != keccak256(bytes("")), "timelock controller code is empty"
+        );
+    }
+
+    function testRouterIsDeployed() external view {
+        require(address(router) != address(0), "no router address is set");
+        require(keccak256(address(router).code) != keccak256(bytes("")), "router code is empty");
+    }
+
+    function testTimelockControllerIsConfiguredProperly() external view {
+        require(
+            timelockController.hasRole(timelockController.PROPOSER_ROLE(), deployment.admin),
+            "admin does not have proposer role"
+        );
+        require(
+            timelockController.hasRole(timelockController.EXECUTOR_ROLE(), deployment.admin),
+            "admin does not have executor role"
+        );
+        require(
+            timelockController.hasRole(timelockController.CANCELLER_ROLE(), deployment.admin),
+            "admin does not have canceller role"
+        );
+        uint256 deployedDelay = timelockController.getMinDelay();
+        console2.log(
+            "Min delay on timelock controller is %d; expected value is %d", deployedDelay, deployment.timelockDelay
+        );
+        require(
+            timelockController.getMinDelay() == deployment.timelockDelay,
+            "timelock controller min delay is not as expected"
+        );
+    }
+
+    function testVerifierRouterIsConfiguredProperly() external view {
+        require(router.owner() == address(timelockController), "router is not owned by timelock controller");
+
+        for (uint256 i = 0; i < deployment.verifiers.length; i++) {
+            VerifierDeployment storage verifierConfig = deployment.verifiers[i];
+            console2.log(
+                "Checking for deployment to the router of verifier with selector %x and version %s",
+                uint256(uint32(verifierConfig.selector)),
+                verifierConfig.version
+            );
+            if (verifierConfig.unroutable) {
+                // When a verifier is specified to be unroutable, confirm that it is indeed not added to the router.
+                try router.getVerifier(verifierConfig.selector) {
+                    revert("expected router.getVerifier to revert");
+                } catch (bytes memory err) {
+                    // NOTE: We could allot SelectorRemoved as well here.
+                    require(
+                        keccak256(err)
+                            == keccak256(
+                                abi.encodeWithSelector(
+                                    RiscZeroVerifierRouter.SelectorUnknown.selector, verifierConfig.selector
+                                )
+                            )
+                    );
+                    console2.log(
+                        "Verifier with selector %x is unroutable, as configured",
+                        uint256(uint32(verifierConfig.selector))
+                    );
+                }
+                continue;
+            }
+
+            IRiscZeroVerifier verifierImpl = router.getVerifier(verifierConfig.selector);
+            require(address(verifierImpl) != address(0), "verifier impl returned the zero address");
+            require(keccak256(address(verifierImpl).code) != keccak256(bytes("")), "verifier impl has no deployed code");
+            // TODO: When SELECTOR is added to the public verifier interface, also check the verifier has the expected selector.
+        }
+    }
+}

contracts/deployment.toml

@@ -8,10 +8,13 @@ admin = "0xF616A4f81857CFEe54A4A049Ec187172574bd412"
 
 # Contracts
 timelock-controller = "0x0b144E07A0826182B6b59788c34b32Bfa86Fb711"
+timelock-delay = 604800
 router = "0x8EaB2D97Dfce405A1692a21b3ff3A172d593D319"
 
 # TODO: Add information for 1.0 contracts.
 [[chains.ethereum-mainnet.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0x5a99469f18a5863D3258E577892589386dFD965E"
 estop = "0xB839eA7bBA8e6bB2893ca5252F3f3C13323D74F7"
@@ -34,10 +37,12 @@ admin = "0x3a54A45E44a71020Bd0Af42063B9f23e8b9E387D"
 
 # Contracts
 timelock-controller = "0xB4E3306129208cC8e6E75157f75f62eAe0B920a0"
+timelock-delay = 1
 router = "0x925d8331ddc0a1F0d96E68CF073DFE1d92b69187"
 
 [[chains.ethereum-sepolia.verifiers]]
 version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xf4D938c73Bcc124e02A2D6c7557e98838B5E91B4"
 estop = "0x1C182869A6bF84DfAc0a70B46e2f9b3aeE9100e1"
@@ -60,9 +65,12 @@ admin = "0x3a54A45E44a71020Bd0Af42063B9f23e8b9E387D"
 
 # Contracts
 timelock-controller = "0x8EaB2D97Dfce405A1692a21b3ff3A172d593D319"
+timelock-delay = 1
 router = "0xf70aBAb028Eb6F4100A24B203E113D94E87DE93C"
 
 [[chains.ethereum-holesky.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xDC986a09728F76110FF666eE7b20d99086501d15"
 estop = "0x0b144E07A0826182B6b59788c34b32Bfa86Fb711"
@@ -85,9 +93,12 @@ admin = "0xF616A4f81857CFEe54A4A049Ec187172574bd412"
 
 # Contracts
 timelock-controller = "0xdc986a09728f76110ff666ee7b20d99086501d15"
+timelock-delay = 604800
 router = "0x0b144e07a0826182b6b59788c34b32bfa86fb711"
 
 [[chains.arbitrum-mainnet.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -110,9 +121,12 @@ admin = "0x3a54A45E44a71020Bd0Af42063B9f23e8b9E387D"
 
 # Contracts
 timelock-controller = "0xdc986a09728f76110ff666ee7b20d99086501d15"
+timelock-delay = 1
 router = "0x0b144e07a0826182b6b59788c34b32bfa86fb711"
 
 [[chains.arbitrum-sepolia.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -135,9 +149,12 @@ admin = "0xF616A4f81857CFEe54A4A049Ec187172574bd412"
 
 # Contracts
 timelock-controller = "0xDC986a09728F76110FF666eE7b20d99086501d15"
+timelock-delay = 604800
 router = "0x0b144E07A0826182B6b59788c34b32Bfa86Fb711"
 
 [[chains.avalanche-mainnet.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -160,9 +177,12 @@ admin = "0x3a54A45E44a71020Bd0Af42063B9f23e8b9E387D"
 
 # Contracts
 timelock-controller = "0xDC986a09728F76110FF666eE7b20d99086501d15"
+timelock-delay = 1
 router = "0x0b144E07A0826182B6b59788c34b32Bfa86Fb711"
 
 [[chains.avalanche-fuji.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -185,9 +205,12 @@ admin = "0xF616A4f81857CFEe54A4A049Ec187172574bd412"
 
 # Contracts
 timelock-controller = "0xdc986a09728f76110ff666ee7b20d99086501d15"
+timelock-delay = 604800
 router = "0x0b144e07a0826182b6b59788c34b32bfa86fb711"
 
 [[chains.base-mainnet.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -210,9 +233,12 @@ admin = "0x3a54A45E44a71020Bd0Af42063B9f23e8b9E387D"
 
 # Contracts
 timelock-controller = "0xdc986a09728f76110ff666ee7b20d99086501d15"
+timelock-delay = 1
 router = "0x0b144e07a0826182b6b59788c34b32bfa86fb711"
 
 [[chains.base-sepolia.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0x84b943E31e7fAe6072ce5F75eb4694C7D5F9b0cF"
 estop = "0x5E36f0D56741013d864d8FEb5950AB0E7Eff9Ab1"
@@ -235,9 +261,12 @@ admin = "0xF616A4f81857CFEe54A4A049Ec187172574bd412"
 
 # Contracts
 timelock-controller = "0xdc986a09728f76110ff666ee7b20d99086501d15"
+timelock-delay = 604800
 router = "0x0b144e07a0826182b6b59788c34b32bfa86fb711"
 
 [[chains.optimism-mainnet.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -252,19 +281,22 @@ estop = "0x5E36f0D56741013d864d8FEb5950AB0E7Eff9Ab1"
 
 [chains.optimism-sepolia]
 name = "Optimism Sepolia"
-id = 11110
+id = 11155420
 etherscan-url = "https://sepolia-optimism.etherscan.io/"
 
 # Accounts
 admin = "0x3a54A45E44a71020Bd0Af42063B9f23e8b9E387D"
 
 # Contracts
 timelock-controller = "0x2DEfEA335392bb62d01f74e338697C7B31De254C"
+timelock-delay = 1
 router = "0xB369b4dd27FBfb59921d3A4a3D23AC2fc32FB908"
 
 # NOTE: 1.0 was not deployed to OP Sepolia.
 
 [[chains.optimism-sepolia.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -287,9 +319,12 @@ admin = "0xF616A4f81857CFEe54A4A049Ec187172574bd412"
 
 # Contracts
 timelock-controller = "0xdc986a09728f76110ff666ee7b20d99086501d15"
+timelock-delay = 604800
 router = "0x0b144e07a0826182b6b59788c34b32bfa86fb711"
 
 [[chains.linea-mainnet.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -312,6 +347,7 @@ admin = "0x3a54A45E44a71020Bd0Af42063B9f23e8b9E387D"
 
 # Contracts
 timelock-controller = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
+timelock-delay = 1
 router = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
 
 # NOTE: As of the 1.1.0-rc.2 deployment on August 21, Forge could not verify the contracts.
@@ -321,12 +357,15 @@ router = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
 # As a result, the router is deployed, but it is empty and useless.
 
 [[chains.linea-sepolia.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0x0b144E07A0826182B6b59788c34b32Bfa86Fb711"
 estop = "0x8EaB2D97Dfce405A1692a21b3ff3A172d593D319"
 
 [[chains.linea-sepolia.verifiers]]
 version = "1.1.0-rc.3"
+unroutable = true
 selector = "0x50bd1769"
 verifier = "0xf70aBAb028Eb6F4100A24B203E113D94E87DE93C"
 estop = "0x44c220f0598345195cE99AD6A57aDfFcb9Ea33e7"
@@ -343,9 +382,12 @@ admin = "0xF616A4f81857CFEe54A4A049Ec187172574bd412"
 
 # Contracts
 timelock-controller = "0xdc986a09728f76110ff666ee7b20d99086501d15"
+timelock-delay = 604800
 router = "0x0b144e07a0826182b6b59788c34b32bfa86fb711"
 
 [[chains.polygon-zkevm-mainnet.verifiers]]
+version = "1.1.0-rc.2"
+unroutable = true
 selector = "0x4c630d87"
 verifier = "0xBDaEd5bbf8016AfD05Fc4659572e5fEb5854aAD4"
 estop = "0x27983ee173aD10E171D17C9c5C14d5baFE997609"
@@ -358,9 +400,10 @@ estop = "0x5E36f0D56741013d864d8FEb5950AB0E7Eff9Ab1"
 
 ###
 
+# NOTE: This is the Cardona testnet, which uses Sepolia ETH as it's native currency.
 [chains.polygon-zkevm-testnet]
 name = "Polygon zkEVM Testnet"
-id = 1442
+id = 2442
 etherscan-url = "https://cardona-zkevm.polygonscan.com/"
 
 # Accounts

contracts/foundry.toml

@@ -1,7 +1,15 @@
 [profile.default]
 src = "src"
 out = "out"
+test = "test"
 libs = ["../lib"]
 ffi = true
 
-# See more config options https://github.com/foundry-rs/foundry/tree/master/config
+# Profile used to run deployment tests, which check the correctness of contracts as deployed.
+# TIP: You can select this profile by setting env var FOUNDRY_PROFILE=deployment-test
+[profile.deployment-test]
+test = "./deployment-test"
+#match_path = "contracts/deployment-test/*"
+fs_permissions = [{ access = "read", path = "deployment.toml" }]
+
+# See more config options https://book.getfoundry.sh/static/config.default.toml

contracts/script/README.md

@@ -26,7 +26,7 @@ Configurations and deployment state information is stored in `deployment.toml`.
 It contains information about each chain (e.g. name, ID, Etherscan URL), and addresses for the timelock, router, and verifier contracts on each chain.
 
 Accompanying the `deployment.toml` file is a `deployment_secrets.toml` file with the following schema.
-It is used to store somewhat sensative API keys for RPC services and Etherscan.
+It is used to store somewhat sensitive API keys for RPC services and Etherscan.
 Note that it does not contain private keys or API keys for Fireblocks.
 It should never be committed to `git`, and the API keys should be rotated if this occurs.