3/ Pushing state roots is crucial so that users can withdraw their funds from the bridge. And to be able to do it, you need to provide Merkle Proof of your balance against that state root on L1
4/ There are two strategies employed by current L2s right now - the first, seemingly obvious, is to "decentralize operator". Note, that this is not the same as "decentralize the Sequencer" - sequencing txs and pushing state roots are two different things
5/ To do it with Optimistic Rollups, all you need is L2 full node. And you will be able to do it in the future, however today both @optimismPBC and @arbitrum have training wheels and they allow only whitelisted operators to push new state roots
6/ For end user it means that their funds will be stuck until these operators resume their service. That would be, in practice, the real outage
7/ For zkRollups, pushing new state root is way more difficult as you need to provide cryptographic zkProof with each update. Right now none of the zkRollups allow you to do it, instead they have the "escape hatches"
8/ When operator stops pushing new state roots, any user, through L1, can "freeze" the rollup. Once frozen, anyone can, again through L1, use the escape hatch to withdraw their assets
9/ There are few important caveats though - first - you will be withdrawing your balance as recorded in the last state root update. That potentially could have been hours or days in the past. Your transactions after the last state root commit to L1 will be essentially lost
10/ Secondly, for some apps it's not as easy as to check your balance. For example with @dydxprotocol you could have had an open leveraged exposure to some coin. It is not obvious how much you will be able to withdraw if Rollup stops. You need to read the fine print
11/ Finally, withdrawing in an emergency situation requires you to create a Merkle Proof. You need good tooling to do that, it's not as hard as with zkProof, but it is not trivial either. And data to create Merkle Proof needs to be available. That's not obvious either
12/ All in all operator "down" has to be seen as extreme event, however good L2s need to provide infra for users to move their funds out even in such scenario
โข โข โข
Missing some Tweet in this thread? You can try to
force a refresh
1/ How important is Censorship Resistance for L2s ? Applications can censor individual users based on where they come from, or whole dApps could be rendered useless if Rollups censored all incoming txs to them. What are the possible solutions right now ? ๐@l2beatcom
2/ @arbitrum and @optimismPBC allow users to "force" their transactions via L1. This is perhaps inconvenient for the end users, but it is a very generic mechanism that works for all dApps on a Rollup. And dApps don't need to do anything, it's just there. And it works
3/ @StarkWareLtd based L2s (@SorareHQ, @dydxprotocol, @deversifi, @Immutable) also have force transaction mechanism, but they are application specific. Namely, they allow you to force only certain tx (typically withdrawal request). It's as if each dApp had to implement it on L1
1/ With @arbitrum Sequencer down for an hour, Arbitrum chain effectively reduced itself to L1 Ethereum wrt to cost and speed, but it never stopped working. How is it possible ? And why @l2beatcom claims that users should propose blocks when operator is down ? ๐งต๐
2/ Arbitrum, as any L2 Optimistic Rollup, posts on Ethereum L2 transaction batches and, periodically, state roots of L2. Anyone can confirm that the latest state root of L2 is indeed the result of executing L2 transactions previously posted. Verify, don't trust !
3/ So, who is posting L2 txs on Ethereum ? Typically sequencer, but if Sequencer is down, users can do it themselves. This is what we mean by "transacting using L1". Users can do it if Sequencer is down, or if the Sequencer is censoring them
After long discussions we, at @l2beatcom ended up with the series of questions that we hope each Rollup provider will be able to answer so that users will be able to properly assess the risk of their funds deposited into the Rollup: ๐
1. Let's start with the obvious - are you using Validity Proofs or Fraud Proofs on L1 to secure the state ? What are the details ? How can users be sure that you are proving what you claim to be proving ?
2. Transaction data will be needed for Fraud Proofs, Emergency Exits, etc... where is the data stored ? If on L1, how users can be sure that they will be able to decode it if needed ? If not, where is it and what entity(s) are securing it ?
1/ Now that @0xPolygon data is available on BigQuery, a deeper look into smart contract usage, gas usage, etc... is available - as an example, have a look at the cumulative gas usage (on a log scale), compared to Ethereum:
h/t @piotrklis_ ๐
2/ It looks like soon enough Polygon users will spend more gas then Ethereum users in the entire Ethereum history ๐คฏ You may think this is amazing, but how much of that gas is spent on creating new state ?
3/ If Polygon continues their exponential growth, will the state tree also grow exponentially ? And if so, how the geth nodes that they are using will handle that ?
1/ The easiest way to understand the difference between L2 Rollup and a sidechain such as @0xPolygon is to inspect closer the exit procedure. Below is tx withdrawing 450,000 USDC from @0xPolygon child chain: ethtx.info/0x5c5f80a7dab5โฆ ๐
2/ First thing to notice is that to perform the exit user needs to submit the chunk of data (input data) containing, among other info, merkle proof for the exit. This data can only be obtained from Matic nodes, it is impossible to construct it just by observing L1
3/ On a Rollup data would be available on L1, so even if all Matic nodes were down, users would still be able to exit their tokens. That's not the case here - you need to get that data from Matic nodes
1/ If, after reading blog.alphafinance.io/alpha-homora-vโฆ you are still confused how Alpha Homora and IronBank were hacked, here's how the hack was conceived
2/ Normally when you borrow funds from AH bank, your debtShare and totalDebt increases. Specifically if you want to borrow x tokens, your debt share will be calculated as:
share = x * totalShare / totalDebt
and it is added to totalShare
3/ All these numbers are very big integers (as token precisions are 18 digits) and the calculation is correct, but when totalShare = 1 (think 1 wei) and x < totalDebt, new debt share will be 0 (integer division)