After long discussions we, at @l2beatcom ended up with the series of questions that we hope each Rollup provider will be able to answer so that users will be able to properly assess the risk of their funds deposited into the Rollup: 👇
1. Let's start with the obvious - are you using Validity Proofs or Fraud Proofs on L1 to secure the state ? What are the details ? How can users be sure that you are proving what you claim to be proving ?
2. Transaction data will be needed for Fraud Proofs, Emergency Exits, etc... where is the data stored ? If on L1, how users can be sure that they will be able to decode it if needed ? If not, where is it and what entity(s) are securing it ?
3. What entity is sequencing transactions ? Is it permissioned or permissionless system ? Can anyone become a sequencer ? How can users be sure that their txs will not be censored by the sequencer(s) / operator(s) ?
4. What are the ways users can withdraw their funds / assets in a happy scenario and not-so-happy (for example if sequencer/operator goes dark). What is the worst case scenario for users ? Can funds be stolen and/or frozen ?
5. Are contracts upgradable, and if so, is there a delay allowing users to opt-out. Who controls keys to perform the upgrade - single address, MSig, DAO ? And which elements of the system can actually be upgraded ? How many times the system has been upgraded so far ?
6. What are the additional implementation considerations ? Typical use cases ? Privacy ? Whitelisting of smart contracts ? Fees ? Scalability constrains ? Token and its usage ? Roadmap ?
7. List of contracts with the implementation. Obvious checks for verified source code 🤦 . Links to audits. More importantly - scope of these audits (only smart contracts or the whole crypto stack as well ?)

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Bartek Kiepuszewski

Bartek Kiepuszewski Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @bkiepuszewski

16 Sep
1/ With @arbitrum Sequencer down for an hour, Arbitrum chain effectively reduced itself to L1 Ethereum wrt to cost and speed, but it never stopped working. How is it possible ? And why @l2beatcom claims that users should propose blocks when operator is down ? 🧵👇 Image
2/ Arbitrum, as any L2 Optimistic Rollup, posts on Ethereum L2 transaction batches and, periodically, state roots of L2. Anyone can confirm that the latest state root of L2 is indeed the result of executing L2 transactions previously posted. Verify, don't trust !
3/ So, who is posting L2 txs on Ethereum ? Typically sequencer, but if Sequencer is down, users can do it themselves. This is what we mean by "transacting using L1". Users can do it if Sequencer is down, or if the Sequencer is censoring them
Read 10 tweets
11 Jun
1/ Now that @0xPolygon data is available on BigQuery, a deeper look into smart contract usage, gas usage, etc... is available - as an example, have a look at the cumulative gas usage (on a log scale), compared to Ethereum:
h/t @piotrklis_ 👇
2/ It looks like soon enough Polygon users will spend more gas then Ethereum users in the entire Ethereum history 🤯 You may think this is amazing, but how much of that gas is spent on creating new state ?
3/ If Polygon continues their exponential growth, will the state tree also grow exponentially ? And if so, how the geth nodes that they are using will handle that ?
Read 5 tweets
16 May
1/ The easiest way to understand the difference between L2 Rollup and a sidechain such as @0xPolygon is to inspect closer the exit procedure. Below is tx withdrawing 450,000 USDC from @0xPolygon child chain: ethtx.info/0x5c5f80a7dab5… 👇
2/ First thing to notice is that to perform the exit user needs to submit the chunk of data (input data) containing, among other info, merkle proof for the exit. This data can only be obtained from Matic nodes, it is impossible to construct it just by observing L1 Image
3/ On a Rollup data would be available on L1, so even if all Matic nodes were down, users would still be able to exit their tokens. That's not the case here - you need to get that data from Matic nodes
Read 6 tweets
14 Feb
1/ If, after reading blog.alphafinance.io/alpha-homora-v… you are still confused how Alpha Homora and IronBank were hacked, here's how the hack was conceived
2/ Normally when you borrow funds from AH bank, your debtShare and totalDebt increases. Specifically if you want to borrow x tokens, your debt share will be calculated as:

share = x * totalShare / totalDebt

and it is added to totalShare
3/ All these numbers are very big integers (as token precisions are 18 digits) and the calculation is correct, but when totalShare = 1 (think 1 wei) and x < totalDebt, new debt share will be 0 (integer division)
Read 9 tweets
31 Jan
[1/13] It may be initially confusing to fully grasp how deposits and withdrawals from L1 to @optimismPBC are actually implemented, and it helps to see the on-chain action of what is happening behind the scenes.
[2/13] Initial setup (simplified): on L1 we have SyntheticBridgeToOptimism from Synthetic and OVM_L1CrossDomainManager from Optimism contracts. On L2 we have SynthetixBridgeToBase and OVM_L2_CrossDomainManager contracts.
[3/13] Additionally we have Sequencer (L2 mining node) that verifies all L2 transactions and submits them in batches to L1 for future reference and Relayer that is responsible for relaying messages from L2 —> L1
Read 15 tweets
29 Sep 20
If you are confused how the hacker managed to drain contract, here’s the exact mechanics of what happened:
EMN contract allows you to buy (mint) EMN with DAI (and sell/burn). It uses quite standard Bancor’s bonding curve - DAI is used as a reserve currency for the EMN token. Price of EMN token is determined by the amount of EMN vs amount of DAI in the reserve
The second token, eAAVE is similar with the small but important caveat - it’s using EMN as a reserve currency, but “virtually” - if you buy/mint eAAVE by sending to it EMN tokens, instead of storing your EMN in the reserve, eAAVE contract will actually burn EMN.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(