Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/CSVerifier.sol": {
"content": "// SPDX-FileCopyrightText: 2025 Lido <info@lido.fi>
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.24;
import { AccessControlEnumerable } from "@openzeppelin/contracts/access/extensions/AccessControlEnumerable.sol";
import { BeaconBlockHeader, Slot, Validator, Withdrawal } from "./lib/Types.sol";
import { PausableUntil } from "./lib/utils/PausableUntil.sol";
import { GIndex } from "./lib/GIndex.sol";
import { SSZ } from "./lib/SSZ.sol";
import { ICSVerifier } from "./interfaces/ICSVerifier.sol";
import { ICSModule, ValidatorWithdrawalInfo } from "./interfaces/ICSModule.sol";
/// @notice Convert withdrawal amount to wei
/// @param withdrawal Withdrawal struct
function amountWei(Withdrawal memory withdrawal) pure returns (uint256) {
return gweiToWei(withdrawal.amount);
}
/// @notice Convert gwei to wei
/// @param amount Amount in gwei
function gweiToWei(uint64 amount) pure returns (uint256) {
return uint256(amount) * 1 gwei;
}
contract CSVerifier is ICSVerifier, AccessControlEnumerable, PausableUntil {
using { amountWei } for Withdrawal;
using SSZ for BeaconBlockHeader;
using SSZ for Withdrawal;
using SSZ for Validator;
bytes32 public constant PAUSE_ROLE = keccak256("PAUSE_ROLE");
bytes32 public constant RESUME_ROLE = keccak256("RESUME_ROLE");
// See `BEACON_ROOTS_ADDRESS` constant in the EIP-4788.
address public constant BEACON_ROOTS =
0x000F3df6D732807Ef1319fB7B8bB8522d0Beac02;
uint64 public immutable SLOTS_PER_EPOCH;
/// @dev Count of historical roots per accumulator.
/// @dev See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#time-parameters
uint64 public immutable SLOTS_PER_HISTORICAL_ROOT;
/// @dev This index is relative to a state like: `BeaconState.latest_execution_payload_header.withdrawals[0]`.
GIndex public immutable GI_FIRST_WITHDRAWAL_PREV;
/// @dev This index is relative to a state like: `BeaconState.latest_execution_payload_header.withdrawals[0]`.
GIndex public immutable GI_FIRST_WITHDRAWAL_CURR;
/// @dev This index is relative to a state like: `BeaconState.validators[0]`.
GIndex public immutable GI_FIRST_VALIDATOR_PREV;
/// @dev This index is relative to a state like: `BeaconState.validators[0]`.
GIndex public immutable GI_FIRST_VALIDATOR_CURR;
/// @dev This index is relative to a state like: `BeaconState.historical_summaries[0]`.
GIndex public immutable GI_FIRST_HISTORICAL_SUMMARY_PREV;
/// @dev This index is relative to a state like: `BeaconState.historical_summaries[0]`.
GIndex public immutable GI_FIRST_HISTORICAL_SUMMARY_CURR;
/// @dev This index is relative to HistoricalSummary like: HistoricalSummary.blockRoots[0].
GIndex public immutable GI_FIRST_BLOCK_ROOT_IN_SUMMARY_PREV;
/// @dev This index is relative to HistoricalSummary like: HistoricalSummary.blockRoots[0].
GIndex public immutable GI_FIRST_BLOCK_ROOT_IN_SUMMARY_CURR;
/// @dev The very first slot the verifier is supposed to accept proofs for.
Slot public immutable FIRST_SUPPORTED_SLOT;
/// @dev The first slot of the currently compatible fork.
Slot public immutable PIVOT_SLOT;
/// @dev Historical summaries started accumulating from the slot of Capella fork.
Slot public immutable CAPELLA_SLOT;
/// @dev An address withdrawals are supposed to happen to (Lido withdrawal credentials).
address public immutable WITHDRAWAL_ADDRESS;
/// @dev Staking module contract.
ICSModule public immutable MODULE;
/// @dev The previous and current forks can be essentially the same.
constructor(
address withdrawalAddress,
address module,
uint64 slotsPerEpoch,
uint64 slotsPerHistoricalRoot,
GIndices memory gindices,
Slot firstSupportedSlot,
Slot pivotSlot,
Slot capellaSlot,
address admin
) {
if (withdrawalAddress == address(0)) {
revert ZeroWithdrawalAddress();
}
if (module == address(0)) {
revert ZeroModuleAddress();
}
if (admin == address(0)) {
revert ZeroAdminAddress();
}
if (slotsPerEpoch == 0) {
revert InvalidChainConfig();
}
if (slotsPerHistoricalRoot == 0) {
revert InvalidChainConfig();
}
if (firstSupportedSlot > pivotSlot) {
revert InvalidPivotSlot();
}
if (capellaSlot > firstSupportedSlot) {
revert InvalidCapellaSlot();
}
WITHDRAWAL_ADDRESS = withdrawalAddress;
MODULE = ICSModule(module);
SLOTS_PER_EPOCH = slotsPerEpoch;
SLOTS_PER_HISTORICAL_ROOT = slotsPerHistoricalRoot;
GI_FIRST_WITHDRAWAL_PREV = gindices.gIFirstWithdrawalPrev;
GI_FIRST_WITHDRAWAL_CURR = gindices.gIFirstWithdrawalCurr;
GI_FIRST_VALIDATOR_PREV = gindices.gIFirstValidatorPrev;
GI_FIRST_VALIDATOR_CURR = gindices.gIFirstValidatorCurr;
GI_FIRST_HISTORICAL_SUMMARY_PREV = gindices
.gIFirstHistoricalSummaryPrev;
GI_FIRST_HISTORICAL_SUMMARY_CURR = gindices
.gIFirstHistoricalSummaryCurr;
GI_FIRST_BLOCK_ROOT_IN_SUMMARY_PREV = gindices
.gIFirstBlockRootInSummaryPrev;
GI_FIRST_BLOCK_ROOT_IN_SUMMARY_CURR = gindices
.gIFirstBlockRootInSummaryCurr;
FIRST_SUPPORTED_SLOT = firstSupportedSlot;
PIVOT_SLOT = pivotSlot;
CAPELLA_SLOT = capellaSlot;
_grantRole(DEFAULT_ADMIN_ROLE, admin);
}
/// @inheritdoc ICSVerifier
function resume() external onlyRole(RESUME_ROLE) {
_resume();
}
/// @inheritdoc ICSVerifier
function pauseFor(uint256 duration) external onlyRole(PAUSE_ROLE) {
_pauseFor(duration);
}
/// @inheritdoc ICSVerifier
function processWithdrawalProof(
ProvableBeaconBlockHeader calldata beaconBlock,
WithdrawalWitness calldata witness,
uint256 nodeOperatorId,
uint256 keyIndex
) external whenResumed {
if (beaconBlock.header.slot < FIRST_SUPPORTED_SLOT) {
revert UnsupportedSlot(beaconBlock.header.slot);
}
{
bytes32 trustedHeaderRoot = _getParentBlockRoot(
beaconBlock.rootsTimestamp
);
if (trustedHeaderRoot != beaconBlock.header.hashTreeRoot()) {
revert InvalidBlockHeader();
}
}
bytes memory pubkey = MODULE.getSigningKeys(
nodeOperatorId,
keyIndex,
1
);
uint256 withdrawalAmount = _processWithdrawalProof({
witness: witness,
stateSlot: beaconBlock.header.slot,
stateRoot: beaconBlock.header.stateRoot,
pubkey: pubkey
});
ValidatorWithdrawalInfo[]
memory withdrawalsInfo = new ValidatorWithdrawalInfo[](1);
withdrawalsInfo[0] = ValidatorWithdrawalInfo(
nodeOperatorId,
keyIndex,
withdrawalAmount
);
MODULE.submitWithdrawals(withdrawalsInfo);
}
/// @inheritdoc ICSVerifier
function processHistoricalWithdrawalProof(
ProvableBeaconBlockHeader calldata beaconBlock,
HistoricalHeaderWitness calldata oldBlock,
WithdrawalWitness calldata witness,
uint256 nodeOperatorId,
uint256 keyIndex
) external whenResumed {
if (beaconBlock.header.slot < FIRST_SUPPORTED_SLOT) {
revert UnsupportedSlot(beaconBlock.header.slot);
}
if (oldBlock.header.slot < FIRST_SUPPORTED_SLOT) {
revert UnsupportedSlot(oldBlock.header.slot);
}
{
bytes32 trustedHeaderRoot = _getParentBlockRoot(
beaconBlock.rootsTimestamp
);
bytes32 headerRoot = beaconBlock.header.hashTreeRoot();
if (trustedHeaderRoot != headerRoot) {
revert InvalidBlockHeader();
}
}
SSZ.verifyProof({
proof: oldBlock.proof,
root: beaconBlock.header.stateRoot,
leaf: oldBlock.header.hashTreeRoot(),
gI: _getHistoricalBlockRootGI(
beaconBlock.header.slot,
oldBlock.header.slot
)
});
bytes memory pubkey = MODULE.getSigningKeys(
nodeOperatorId,
keyIndex,
1
);
uint256 withdrawalAmount = _processWithdrawalProof({
witness: witness,
stateSlot: oldBlock.header.slot,
stateRoot: oldBlock.header.stateRoot,
pubkey: pubkey
});
ValidatorWithdrawalInfo[]
memory withdrawalsInfo = new ValidatorWithdrawalInfo[](1);
withdrawalsInfo[0] = ValidatorWithdrawalInfo(
nodeOperatorId,
keyIndex,
withdrawalAmount
);
MODULE.submitWithdrawals(withdrawalsInfo);
}
function _getParentBlockRoot(
uint64 blockTimestamp
) internal view returns (bytes32) {
(bool success, bytes memory data) = BEACON_ROOTS.staticcall(
abi.encode(blockTimestamp)
);
if (!success || data.length == 0) {
revert RootNotFound();
}
return abi.decode(data, (bytes32));
}
/// @dev `stateRoot` is supposed to be trusted at this point.
function _processWithdrawalProof(
WithdrawalWitness calldata witness,
Slot stateSlot,
bytes32 stateRoot,
bytes memory pubkey
) internal view returns (uint256 withdrawalAmount) {
// WC to address
address withdrawalAddress = address(
uint160(uint256(witness.withdrawalCredentials))
);
if (withdrawalAddress != WITHDRAWAL_ADDRESS) {
revert InvalidWithdrawalAddress();
}
if (_computeEpochAtSlot(stateSlot) < witness.withdrawableEpoch) {
revert ValidatorNotWithdrawn();
}
// See https://hackmd.io/1wM8vqeNTjqt4pC3XoCUKQ
//
// ISSUE:
// There is a possible way to bypass this check:
// - wait for full withdrawal & sweep
// - be lucky enough that no one provides proof for this withdrawal for at least 1 sweep cycle
// (~8 days with the network of 1M active validators)
// - deposit 1 ETH for slashed or 8 ETH for non-slashed validator
// - wait for a sweep of this deposit
// - provide proof of the last withdrawal
// As a result, the Node Operator's bond will be penalized for 32 ETH - additional deposit value
// However, all ETH involved,
// including 1 or 8 ETH deposited by the attacker will remain in the Lido on Ethereum protocol
// Hence, the only consequence of the attack is an inconsistency in the bond accounting that can be resolved
// through the bond deposit approved by the corresponding DAO decision
//
// Resolution:
// Given no losses for the protocol,
// significant cost of attack (1 or 8 ETH),
// and lack of feasible ways to mitigate it in the smart contract's code,
// it is proposed to acknowledge possibility of the attack
// and be ready to propose a corresponding vote to the DAO if it will ever happen
if (!witness.slashed && gweiToWei(witness.amount) < 8 ether) {
revert PartialWithdrawal();
}
Validator memory validator = Validator({
pubkey: pubkey,
withdrawalCredentials: witness.withdrawalCredentials,
effectiveBalance: witness.effectiveBalance,
slashed: witness.slashed,
activationEligibilityEpoch: witness.activationEligibilityEpoch,
activationEpoch: witness.activationEpoch,
exitEpoch: witness.exitEpoch,
withdrawableEpoch: witness.withdrawableEpoch
});
SSZ.verifyProof({
proof: witness.validatorProof,
root: stateRoot,
leaf: validator.hashTreeRoot(),
gI: _getValidatorGI(witness.validatorIndex, stateSlot)
});
Withdrawal memory withdrawal = Withdrawal({
index: witness.withdrawalIndex,
validatorIndex: witness.validatorIndex,
withdrawalAddress: withdrawalAddress,
amount: witness.amount
});
SSZ.verifyProof({
proof: witness.withdrawalProof,
root: stateRoot,
leaf: withdrawal.hashTreeRoot(),
gI: _getWithdrawalGI(witness.withdrawalOffset, stateSlot)
});
return withdrawal.amountWei();
}
function _getValidatorGI(
uint256 offset,
Slot stateSlot
) internal view returns (GIndex) {
GIndex gI = stateSlot < PIVOT_SLOT
? GI_FIRST_VALIDATOR_PREV
: GI_FIRST_VALIDATOR_CURR;
return gI.shr(offset);
}
function _getWithdrawalGI(
uint256 offset,
Slot stateSlot
) internal view returns (GIndex) {
GIndex gI = stateSlot < PIVOT_SLOT
? GI_FIRST_WITHDRAWAL_PREV
: GI_FIRST_WITHDRAWAL_CURR;
return gI.shr(offset);
}
function _getHistoricalBlockRootGI(
Slot recentSlot,
Slot targetSlot
) internal view returns (GIndex gI) {
uint64 targetSlotShifted = targetSlot.unwrap() - CAPELLA_SLOT.unwrap();
uint64 summaryIndex = targetSlotShifted / SLOTS_PER_HISTORICAL_ROOT;
uint64 rootIndex = targetSlot.unwrap() % SLOTS_PER_HISTORICAL_ROOT;
Slot summaryCreatedAtSlot = Slot.wrap(
targetSlot.unwrap() - rootIndex + SLOTS_PER_HISTORICAL_ROOT
);
if (summaryCreatedAtSlot > recentSlot) {
revert HistoricalSummaryDoesNotExist();
}
gI = recentSlot < PIVOT_SLOT
? GI_FIRST_HISTORICAL_SUMMARY_PREV
: GI_FIRST_HISTORICAL_SUMMARY_CURR;
gI = gI.shr(summaryIndex); // historicalSummaries[summaryIndex]
gI = gI.concat(
summaryCreatedAtSlot < PIVOT_SLOT
? GI_FIRST_BLOCK_ROOT_IN_SUMMARY_PREV
: GI_FIRST_BLOCK_ROOT_IN_SUMMARY_CURR
); // historicalSummaries[summaryIndex].blockRoots[0]
gI = gI.shr(rootIndex); // historicalSummaries[summaryIndex].blockRoots[rootIndex]
}
// From HashConsensus contract.
function _computeEpochAtSlot(Slot slot) internal view returns (uint256) {
// See: github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#compute_epoch_at_slot
return slot.unwrap() / SLOTS_PER_EPOCH;
}
}
"
},
"node_modules/@openzeppelin/contracts/access/extensions/AccessControlEnumerable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/extensions/AccessControlEnumerable.sol)
pragma solidity ^0.8.20;
import {IAccessControlEnumerable} from "./IAccessControlEnumerable.sol";
import {AccessControl} from "../AccessControl.sol";
import {EnumerableSet} from "../../utils/structs/EnumerableSet.sol";
/**
* @dev Extension of {AccessControl} that allows enumerating the members of each role.
*/
abstract contract AccessControlEnumerable is IAccessControlEnumerable, AccessControl {
using EnumerableSet for EnumerableSet.AddressSet;
mapping(bytes32 role => EnumerableSet.AddressSet) private _roleMembers;
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControlEnumerable).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/
function getRoleMember(bytes32 role, uint256 index) public view virtual returns (address) {
return _roleMembers[role].at(index);
}
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/
function getRoleMemberCount(bytes32 role) public view virtual returns (uint256) {
return _roleMembers[role].length();
}
/**
* @dev Overload {AccessControl-_grantRole} to track enumerable memberships
*/
function _grantRole(bytes32 role, address account) internal virtual override returns (bool) {
bool granted = super._grantRole(role, account);
if (granted) {
_roleMembers[role].add(account);
}
return granted;
}
/**
* @dev Overload {AccessControl-_revokeRole} to track enumerable memberships
*/
function _revokeRole(bytes32 role, address account) internal virtual override returns (bool) {
bool revoked = super._revokeRole(role, account);
if (revoked) {
_roleMembers[role].remove(account);
}
return revoked;
}
}
"
},
"src/lib/Types.sol": {
"content": "// SPDX-FileCopyrightText: 2025 Lido <info@lido.fi>
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.24;
// As defined in phase0/beacon-chain.md:159
type Slot is uint64;
function unwrap(Slot slot) pure returns (uint64) {
return Slot.unwrap(slot);
}
function gt(Slot lhs, Slot rhs) pure returns (bool) {
return lhs.unwrap() > rhs.unwrap();
}
function lt(Slot lhs, Slot rhs) pure returns (bool) {
return lhs.unwrap() < rhs.unwrap();
}
using { unwrap, lt as <, gt as > } for Slot global;
// As defined in capella/beacon-chain.md:99
struct Withdrawal {
uint64 index;
uint64 validatorIndex;
address withdrawalAddress;
uint64 amount;
}
// As defined in phase0/beacon-chain.md:356
struct Validator {
bytes pubkey;
bytes32 withdrawalCredentials;
uint64 effectiveBalance;
bool slashed;
uint64 activationEligibilityEpoch;
uint64 activationEpoch;
uint64 exitEpoch;
uint64 withdrawableEpoch;
}
// As defined in phase0/beacon-chain.md:436
struct BeaconBlockHeader {
Slot slot;
uint64 proposerIndex;
bytes32 parentRoot;
bytes32 stateRoot;
bytes32 bodyRoot;
}
"
},
"src/lib/utils/PausableUntil.sol": {
"content": "// SPDX-FileCopyrightText: 2025 Lido <info@lido.fi>
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.24;
import { UnstructuredStorage } from "../UnstructuredStorage.sol";
contract PausableUntil {
using UnstructuredStorage for bytes32;
/// Contract resume/pause control storage slot
bytes32 internal constant RESUME_SINCE_TIMESTAMP_POSITION =
keccak256("lido.PausableUntil.resumeSinceTimestamp");
/// Special value for the infinite pause
uint256 public constant PAUSE_INFINITELY = type(uint256).max;
/// @notice Emitted when paused by the `pauseFor` or `pauseUntil` call
event Paused(uint256 duration);
/// @notice Emitted when resumed by the `resume` call
event Resumed();
error ZeroPauseDuration();
error PausedExpected();
error ResumedExpected();
error PauseUntilMustBeInFuture();
/// @notice Reverts when resumed
modifier whenPaused() {
_checkPaused();
_;
}
/// @notice Reverts when paused
modifier whenResumed() {
_checkResumed();
_;
}
/// @notice Returns one of:
/// - PAUSE_INFINITELY if paused infinitely returns
/// - first second when get contract get resumed if paused for specific duration
/// - some timestamp in past if not paused
function getResumeSinceTimestamp() external view returns (uint256) {
return RESUME_SINCE_TIMESTAMP_POSITION.getStorageUint256();
}
/// @notice Returns whether the contract is paused
function isPaused() public view returns (bool) {
return
block.timestamp <
RESUME_SINCE_TIMESTAMP_POSITION.getStorageUint256();
}
function _resume() internal {
_checkPaused();
RESUME_SINCE_TIMESTAMP_POSITION.setStorageUint256(block.timestamp);
emit Resumed();
}
function _pauseFor(uint256 duration) internal {
_checkResumed();
if (duration == 0) {
revert ZeroPauseDuration();
}
uint256 resumeSince;
if (duration == PAUSE_INFINITELY) {
resumeSince = PAUSE_INFINITELY;
} else {
resumeSince = block.timestamp + duration;
}
_setPausedState(resumeSince);
}
function _pauseUntil(uint256 pauseUntilInclusive) internal {
_checkResumed();
if (pauseUntilInclusive < block.timestamp) {
revert PauseUntilMustBeInFuture();
}
uint256 resumeSince;
if (pauseUntilInclusive != PAUSE_INFINITELY) {
resumeSince = pauseUntilInclusive + 1;
} else {
resumeSince = PAUSE_INFINITELY;
}
_setPausedState(resumeSince);
}
function _setPausedState(uint256 resumeSince) internal {
RESUME_SINCE_TIMESTAMP_POSITION.setStorageUint256(resumeSince);
if (resumeSince == PAUSE_INFINITELY) {
emit Paused(PAUSE_INFINITELY);
} else {
emit Paused(resumeSince - block.timestamp);
}
}
function _checkPaused() internal view {
if (!isPaused()) {
revert PausedExpected();
}
}
function _checkResumed() internal view {
if (isPaused()) {
revert ResumedExpected();
}
}
}
"
},
"src/lib/GIndex.sol": {
"content": "// SPDX-FileCopyrightText: 2025 Lido <info@lido.fi>
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.24;
type GIndex is bytes32;
using { isRoot, index, width, shr, shl, concat, unwrap, pow } for GIndex global;
error IndexOutOfRange();
/// @param gI Is a generalized index of a node in a tree.
/// @param p Is a power of a tree level the node belongs to.
/// @return GIndex
function pack(uint256 gI, uint8 p) pure returns (GIndex) {
if (gI > type(uint248).max) {
revert IndexOutOfRange();
}
// NOTE: We can consider adding additional metadata like a fork version.
return GIndex.wrap(bytes32((gI << 8) | p));
}
function unwrap(GIndex self) pure returns (bytes32) {
return GIndex.unwrap(self);
}
function isRoot(GIndex self) pure returns (bool) {
return index(self) == 1;
}
function index(GIndex self) pure returns (uint256) {
return uint256(unwrap(self)) >> 8;
}
function width(GIndex self) pure returns (uint256) {
return 1 << pow(self);
}
function pow(GIndex self) pure returns (uint8) {
return uint8(uint256(unwrap(self)));
}
/// @return Generalized index of the nth neighbor of the node to the right.
function shr(GIndex self, uint256 n) pure returns (GIndex) {
uint256 i = index(self);
uint256 w = width(self);
if ((i % w) + n >= w) {
revert IndexOutOfRange();
}
return pack(i + n, pow(self));
}
/// @return Generalized index of the nth neighbor of the node to the left.
function shl(GIndex self, uint256 n) pure returns (GIndex) {
uint256 i = index(self);
uint256 w = width(self);
if (i % w < n) {
revert IndexOutOfRange();
}
return pack(i - n, pow(self));
}
// See https://github.com/protolambda/remerkleable/blob/91ed092d08ef0ba5ab076f0a34b0b371623db728/remerkleable/tree.py#L46
function concat(GIndex lhs, GIndex rhs) pure returns (GIndex) {
uint256 lindex = index(lhs);
uint256 rindex = index(rhs);
uint256 lhsMSbIndex = fls(lindex);
uint256 rhsMSbIndex = fls(rindex);
if (lhsMSbIndex + 1 + rhsMSbIndex > 248) {
revert IndexOutOfRange();
}
return
pack((lindex << rhsMSbIndex) | (rindex ^ (1 << rhsMSbIndex)), pow(rhs));
}
/// @dev From Solady LibBit, see https://github.com/Vectorized/solady/blob/main/src/utils/LibBit.sol.
/// @dev Find last set.
/// Returns the index of the most significant bit of `x`,
/// counting from the least significant bit position.
/// If `x` is zero, returns 256.
function fls(uint256 x) pure returns (uint256 r) {
assembly ("memory-safe") {
// prettier-ignore
r := or(shl(8, iszero(x)), shl(7, lt(0xffffffffffffffffffffffffffffffff, x)))
r := or(r, shl(6, lt(0xffffffffffffffff, shr(r, x))))
r := or(r, shl(5, lt(0xffffffff, shr(r, x))))
r := or(r, shl(4, lt(0xffff, shr(r, x))))
r := or(r, shl(3, lt(0xff, shr(r, x))))
// prettier-ignore
r := or(r, byte(and(0x1f, shr(shr(r, x), 0x8421084210842108cc6318c6db6d54be)),
0x0706060506020504060203020504030106050205030304010505030400000000))
}
}
"
},
"src/lib/SSZ.sol": {
"content": "// SPDX-FileCopyrightText: 2025 Lido <info@lido.fi>
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.24;
import { BeaconBlockHeader, Withdrawal, Validator } from "./Types.sol";
import { GIndex } from "./GIndex.sol";
library SSZ {
error BranchHasMissingItem();
error BranchHasExtraItem();
error InvalidProof();
function hashTreeRoot(
BeaconBlockHeader memory header
) internal view returns (bytes32 root) {
root = bytes32(0);
bytes32[8] memory nodes = [
toLittleEndian(header.slot.unwrap()),
toLittleEndian(header.proposerIndex),
header.parentRoot,
header.stateRoot,
header.bodyRoot,
bytes32(0),
bytes32(0),
bytes32(0)
];
assembly ("memory-safe") {
// Count of nodes to hash
let count := 8
// Loop over levels
// prettier-ignore
for { } 1 { } {
// Loop over nodes at the given depth
// Initialize `offset` to the offset of `proof` elements in memory.
let target := nodes
let source := nodes
let end := add(source, shl(5, count))
// prettier-ignore
for { } 1 { } {
// Read next two hashes to hash
mcopy(0x00, source, 0x40)
// Call sha256 precompile
let result := staticcall(
gas(),
0x02,
0x00,
0x40,
0x00,
0x20
)
if iszero(result) {
// Precompiles returns no data on OutOfGas error.
revert(0, 0)
}
// Store the resulting hash at the target location
mstore(target, mload(0x00))
// Advance the pointers
target := add(target, 0x20)
source := add(source, 0x40)
if iszero(lt(source, end)) {
break
}
}
count := shr(1, count)
if eq(count, 1) {
root := mload(0x00)
break
}
}
}
}
function hashTreeRoot(
Validator memory validator
) internal view returns (bytes32 root) {
root = bytes32(0);
bytes32 pubkeyRoot;
assembly ("memory-safe") {
// Dynamic data types such as bytes are stored at the specified offset.
let offset := mload(validator)
// Copy the pubkey to the scratch space.
mcopy(0x00, add(offset, 32), 48)
// Clear the last 16 bytes.
mcopy(48, 0x60, 16)
// Call sha256 precompile.
let result := staticcall(gas(), 0x02, 0x00, 0x40, 0x00, 0x20)
if iszero(result) {
// Precompiles returns no data on OutOfGas error.
revert(0, 0)
}
pubkeyRoot := mload(0x00)
}
bytes32[8] memory nodes = [
pubkeyRoot,
validator.withdrawalCredentials,
toLittleEndian(validator.effectiveBalance),
toLittleEndian(validator.slashed),
toLittleEndian(validator.activationEligibilityEpoch),
toLittleEndian(validator.activationEpoch),
toLittleEndian(validator.exitEpoch),
toLittleEndian(validator.withdrawableEpoch)
];
assembly ("memory-safe") {
// Count of nodes to hash
let count := 8
// Loop over levels
// prettier-ignore
for { } 1 { } {
// Loop over nodes at the given depth
// Initialize `offset` to the offset of `proof` elements in memory.
let target := nodes
let source := nodes
let end := add(source, shl(5, count))
// prettier-ignore
for { } 1 { } {
// Read next two hashes to hash
mcopy(0x00, source, 0x40)
// Call sha256 precompile
let result := staticcall(
gas(),
0x02,
0x00,
0x40,
0x00,
0x20
)
if iszero(result) {
// Precompiles returns no data on OutOfGas error.
revert(0, 0)
}
// Store the resulting hash at the target location
mstore(target, mload(0x00))
// Advance the pointers
target := add(target, 0x20)
source := add(source, 0x40)
if iszero(lt(source, end)) {
break
}
}
count := shr(1, count)
if eq(count, 1) {
root := mload(0x00)
break
}
}
}
}
/// @notice Modified version of `verify` from Solady `MerkleProofLib` to support generalized indices and sha256 precompile.
/// @dev Reverts if `leaf` doesn't exist in the Merkle tree with `root`, given `proof`.
function verifyProof(
bytes32[] calldata proof,
bytes32 root,
bytes32 leaf,
GIndex gI
) internal view {
uint256 index = gI.index();
assembly ("memory-safe") {
// Check if `proof` is empty.
if iszero(proof.length) {
// revert InvalidProof()
mstore(0x00, 0x09bde339)
revert(0x1c, 0x04)
}
// Left shift by 5 is equivalent to multiplying by 0x20.
let end := add(proof.offset, shl(5, proof.length))
// Initialize `offset` to the offset of `proof` in the calldata.
let offset := proof.offset
// Iterate over proof elements to compute root hash.
// prettier-ignore
for { } 1 { } {
// Slot of `leaf` in scratch space.
// If the condition is true: 0x20, otherwise: 0x00.
let scratch := shl(5, and(index, 1))
index := shr(1, index)
if iszero(index) {
// revert BranchHasExtraItem()
mstore(0x00, 0x5849603f)
// 0x1c = 28 => offset in 32-byte word of a slot 0x00
revert(0x1c, 0x04)
}
// Store elements to hash contiguously in scratch space.
// Scratch space is 64 bytes (0x00 - 0x3f) and both elements are 32 bytes.
mstore(scratch, leaf)
mstore(xor(scratch, 0x20), calldataload(offset))
// Call sha256 precompile.
let result := staticcall(
gas(),
0x02,
0x00,
0x40,
0x00,
0x20
)
if iszero(result) {
// Precompile returns no data on OutOfGas error.
revert(0, 0)
}
// Reuse `leaf` to store the hash to reduce stack operations.
leaf := mload(0x00)
offset := add(offset, 0x20)
if iszero(lt(offset, end)) {
break
}
}
if iszero(eq(index, 1)) {
// revert BranchHasMissingItem()
mstore(0x00, 0x1b6661c3)
revert(0x1c, 0x04)
}
if iszero(eq(leaf, root)) {
// revert InvalidProof()
mstore(0x00, 0x09bde339)
revert(0x1c, 0x04)
}
}
}
// Inspired by https://github.com/succinctlabs/telepathy-contracts/blob/5aa4bb7/src/libraries/SimpleSerialize.sol#L59
function hashTreeRoot(
Withdrawal memory withdrawal
) internal pure returns (bytes32) {
return
sha256(
bytes.concat(
sha256(
bytes.concat(
toLittleEndian(withdrawal.index),
toLittleEndian(withdrawal.validatorIndex)
)
),
sha256(
bytes.concat(
bytes20(withdrawal.withdrawalAddress),
bytes12(0),
toLittleEndian(withdrawal.amount)
)
)
)
);
}
// See https://github.com/succinctlabs/telepathy-contracts/blob/5aa4bb7/src/libraries/SimpleSerialize.sol#L17-L28
function toLittleEndian(uint256 v) internal pure returns (bytes32) {
v =
((v &
0xFF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00) >>
8) |
((v &
0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) <<
8);
v =
((v &
0xFFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000) >>
16) |
((v &
0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) <<
16);
v =
((v &
0xFFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000) >>
32) |
((v &
0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) <<
32);
v =
((v &
0xFFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF0000000000000000) >>
64) |
((v &
0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) <<
64);
v = (v >> 128) | (v << 128);
return bytes32(v);
}
function toLittleEndian(bool v) internal pure returns (bytes32) {
return bytes32(v ? 1 << 248 : 0);
}
}
"
},
"src/interfaces/ICSVerifier.sol": {
"content": "// SPDX-FileCopyrightText: 2025 Lido <info@lido.fi>
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.24;
import { BeaconBlockHeader, Slot } from "../lib/Types.sol";
import { GIndex } from "../lib/GIndex.sol";
import { ICSModule } from "./ICSModule.sol";
interface ICSVerifier {
struct GIndices {
GIndex gIFirstWithdrawalPrev;
GIndex gIFirstWithdrawalCurr;
GIndex gIFirstValidatorPrev;
GIndex gIFirstValidatorCurr;
GIndex gIFirstHistoricalSummaryPrev;
GIndex gIFirstHistoricalSummaryCurr;
GIndex gIFirstBlockRootInSummaryPrev;
GIndex gIFirstBlockRootInSummaryCurr;
}
struct ProvableBeaconBlockHeader {
BeaconBlockHeader header; // Header of a block which root is a root at rootsTimestamp.
uint64 rootsTimestamp; // To be passed to the EIP-4788 block roots contract.
}
struct SlashingWitness {
uint64 validatorIndex;
bytes32 withdrawalCredentials;
uint64 effectiveBalance;
uint64 activationEligibilityEpoch;
uint64 activationEpoch;
uint64 exitEpoch;
uint64 withdrawableEpoch;
bytes32[] validatorProof;
}
struct WithdrawalWitness {
// ── Withdrawal fields ─────────────────────────────────────────────────
uint8 withdrawalOffset; // In the withdrawals list.
uint64 withdrawalIndex; // Network-wise.
uint64 validatorIndex;
uint64 amount;
// ── Validator fields ──────────────────────────────────────────────────
bytes32 withdrawalCredentials;
uint64 effectiveBalance;
bool slashed;
uint64 activationEligibilityEpoch;
uint64 activationEpoch;
uint64 exitEpoch;
uint64 withdrawableEpoch;
// ── Proofs ────────────────────────────────────────────────────────────
// We accept the `withdrawalProof` against a state root, because it saves a few hops.
bytes32[] withdrawalProof;
bytes32[] validatorProof;
}
// A witness for a block header which root is accessible via `historical_summaries` field.
struct HistoricalHeaderWitness {
BeaconBlockHeader header;
bytes32[] proof;
}
error RootNotFound();
error InvalidBlockHeader();
error InvalidChainConfig();
error PartialWithdrawal();
error ValidatorNotWithdrawn();
error InvalidWithdrawalAddress();
error UnsupportedSlot(Slot slot);
error ZeroModuleAddress();
error ZeroWithdrawalAddress();
error ZeroAdminAddress();
error InvalidPivotSlot();
error InvalidCapellaSlot();
error HistoricalSummaryDoesNotExist();
function PAUSE_ROLE() external view returns (bytes32);
function RESUME_ROLE() external view returns (bytes32);
function BEACON_ROOTS() external view returns (address);
function SLOTS_PER_EPOCH() external view returns (uint64);
function SLOTS_PER_HISTORICAL_ROOT() external view returns (uint64);
function GI_FIRST_WITHDRAWAL_PREV() external view returns (GIndex);
function GI_FIRST_WITHDRAWAL_CURR() external view returns (GIndex);
function GI_FIRST_VALIDATOR_PREV() external view returns (GIndex);
function GI_FIRST_VALIDATOR_CURR() external view returns (GIndex);
function GI_FIRST_HISTORICAL_SUMMARY_PREV() external view returns (GIndex);
function GI_FIRST_HISTORICAL_SUMMARY_CURR() external view returns (GIndex);
function GI_FIRST_BLOCK_ROOT_IN_SUMMARY_PREV()
external
view
returns (GIndex);
function GI_FIRST_BLOCK_ROOT_IN_SUMMARY_CURR()
external
view
returns (GIndex);
function FIRST_SUPPORTED_SLOT() external view returns (Slot);
function PIVOT_SLOT() external view returns (Slot);
function CAPELLA_SLOT() external view returns (Slot);
function WITHDRAWAL_ADDRESS() external view returns (address);
function MODULE() external view returns (ICSModule);
/// @notice Pause write methods calls for `duration` seconds
/// @param duration Duration of the pause in seconds
function pauseFor(uint256 duration) external;
/// @notice Resume write methods calls
function resume() external;
/// @notice Verify withdrawal proof and report withdrawal to the module for valid proofs
/// @param beaconBlock Beacon block header
/// @param witness Withdrawal witness against the `beaconBlock`'s state root.
/// @param nodeOperatorId ID of the Node Operator
/// @param keyIndex Index of the validator key in the Node Operator's key storage
function processWithdrawalProof(
ProvableBeaconBlockHeader calldata beaconBlock,
WithdrawalWitness calldata witness,
uint256 nodeOperatorId,
uint256 keyIndex
) external;
/// @notice Verify withdrawal proof against historical summaries data and report withdrawal to the module for valid proofs
/// @param beaconBlock Beacon block header
/// @param oldBlock Historical block header witness
/// @param witness Withdrawal witness
/// @param nodeOperatorId ID of the Node Operator
/// @param keyIndex Index of the validator key in the Node Operator's key storage
function processHistoricalWithdrawalProof(
ProvableBeaconBlockHeader calldata beaconBlock,
HistoricalHeaderWitness calldata oldBlock,
WithdrawalWitness calldata witness,
uint256 nodeOperatorId,
uint256 keyIndex
) external;
}
"
},
"src/interfaces/ICSModule.sol": {
"content": "// SPDX-FileCopyrightText: 2025 Lido <info@lido.fi>
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.24;
import { IStakingModule } from "./IStakingModule.sol";
import { ICSAccounting } from "./ICSAccounting.sol";
import { IQueueLib } from "../lib/QueueLib.sol";
import { INOAddresses } from "../lib/NOAddresses.sol";
import { IAssetRecovererLib } from "../lib/AssetRecovererLib.sol";
import { Batch } from "../lib/QueueLib.sol";
import { ILidoLocator } from "./ILidoLocator.sol";
import { IStETH } from "./IStETH.sol";
import { ICSParametersRegistry } from "./ICSParametersRegistry.sol";
import { ICSExitPenalties } from "./ICSExitPenalties.sol";
struct NodeOperator {
// All the counters below are used together e.g. in the _updateDepositableValidatorsCount
/* 1 */ uint32 totalAddedKeys; // @dev increased and decreased when removed
/* 1 */ uint32 totalWithdrawnKeys; // @dev only increased
/* 1 */ uint32 totalDepositedKeys; // @dev only increased
/* 1 */ uint32 totalVettedKeys; // @dev both increased and decreased
/* 1 */ uint32 stuckValidatorsCount; // @dev both increased and decreased
/* 1 */ uint32 depositableValidatorsCount; // @dev any value
/* 1 */ uint32 targetLimit;
/* 1 */ uint8 targetLimitMode;
/* 2 */ uint32 totalExitedKeys; // @dev only increased except for the unsafe updates
/* 2 */ uint32 enqueuedCount; // Tracks how many places are occupied by the node operator's keys in the queue.
/* 2 */ address managerAddress;
/* 3 */ address proposedManagerAddress;
/* 4 */ address rewardAddress;
/* 5 */ address proposedRewardAddress;
/* 5 */ bool extendedManagerPermissions;
/* 5 */ bool usedPriorityQueue;
}
struct NodeOperatorManagementProperties {
address managerAddress;
address rewardAddress;
bool extendedManagerPermissions;
}
struct ValidatorWithdrawalInfo {
uint256 nodeOperatorId; // @dev ID of the Node Operator
uint256 keyIndex; // @dev Index of the withdrawn key in the Node Operator's keys storage
uint256 amount; // @dev Amount of withdrawn ETH in wei
}
/// @title Lido's Community Staking Module interface
interface ICSModule is
IQueueLib,
INOAddresses,
IAssetRecovererLib,
IStakingModule
{
error CannotAddKeys();
error NodeOperatorDoesNotExist();
error SenderIsNotEligible();
error InvalidVetKeysPointer();
error ExitedKeysHigherThanTotalDeposited();
error ExitedKeysDecrease();
error InvalidInput();
error NotEnoughKeys();
error PriorityQueueAlreadyUsed();
error NotEligibleForPriorityQueue();
error PriorityQueueMaxDepositsUsed();
error NoQueuedKeysToMigrate();
error KeysLimitExceeded();
error SigningKeysInvalidOffset();
error InvalidAmount();
error ZeroLocatorAddress();
error ZeroAccountingAddress();
error ZeroExitPenaltiesAddress();
error ZeroAdminAddress();
error ZeroSenderAddress();
error ZeroParametersRegistryAddress();
event NodeOperatorAdded(
uint256 indexed nodeOperatorId,
address indexed managerAddress,
address indexed rewardAddress,
bool extendedManagerPermissions
);
event ReferrerSet(uint256 indexed nodeOperatorId, address indexed referrer);
event DepositableSigningKeysCountChanged(
uint256 indexed nodeOperatorId,
uint256 depositableKeysCount
);
event VettedSigningKeysCountChanged(
uint256 indexed nodeOperatorId,
uint256 vettedKeysCount
);
event VettedSigningKeysCountDecreased(uint256 indexed nodeOperatorId);
event DepositedSigningKeysCountChanged(
uint256 indexed nodeOperatorId,
uint256 depositedKeysCount
);
event ExitedSigningKeysCountChanged(
uint256 indexed nodeOperatorId,
uint256 exitedKeysCount
);
event TotalSigningKeysCountChanged(
uint256 indexed nodeOperatorId,
uint256 totalKeysCount
);
event TargetValidatorsCountChanged(
uint256 indexed nodeOperatorId,
uint256 targetLimitMode,
uint256 targetValidatorsCount
);
event WithdrawalSubmitted(
uint256 indexed nodeOperatorId,
uint256 keyIndex,
uint256 amount,
bytes pubkey
);
event BatchEnqueued(
uint256 indexed queuePriority,
uint256 indexed nodeOperatorId,
uint256 count
);
event KeyRemovalChargeApplied(uint256 indexed nodeOperatorId);
event ELRewardsStealingPenaltyReported(
uint256 indexed nodeOperatorId,
bytes32 proposedBlockHash,
uint256 stolenAmount
);
event ELRewardsStealingPenaltyCancelled(
uint256 indexed nodeOperatorId,
uint256 amount
);
event ELRewardsStealingPenaltyCompensated(
uint256 indexed nodeOperatorId,
uint256 amount
);
event ELRewardsStealingPenaltySettled(uint256 indexed nodeOperatorId);
function PAUSE_ROLE() external view returns (bytes32);
function RESUME_ROLE() external view returns (bytes32);
function STAKING_ROUTER_ROLE() external view returns (bytes32);
function REPORT_EL_REWARDS_STEALING_PENALTY_ROLE()
external
view
returns (bytes32);
function SETTLE_EL_REWARDS_STEALING_PENALTY_ROLE()
external
view
returns (bytes32);
function VERIFIER_ROLE() external view returns (bytes32);
function RECOVERER_ROLE() external view returns (bytes32);
function CREATE_NODE_OPERATOR_ROLE() external view returns (bytes32);
function DEPOSIT_SIZE() external view returns (uint256);
function LIDO_LOCATOR() external view returns (ILidoLocator);
function STETH() external view returns (IStETH);
function PARAMETERS_REGISTRY()
external
view
returns (ICSParametersRegistry);
function ACCOUNTING() external view returns (ICSAccounting);
function EXIT_PENALTIES() external view returns (ICSExitPenalties);
function FEE_DISTRIBUTOR() external view returns (address);
function QUEUE_LOWEST_PRIORITY() external view returns (uint256);
function QUEUE_LEGACY_PRIORITY() external view returns (uint256);
/// @notice Returns the address of the accounting contract
function accounting() external view returns (ICSAccounting);
/// @notice Pause creation of the Node Operators and keys upload for `duration` seconds.
/// Existing NO management and reward claims are still available.
/// To pause reward claims use pause method on CSAccounting
/// @param duration Duration of the pause in seconds
function pauseFor(uint256 duration) external;
/// @notice Resume creation of the Node Operators and keys upload
function resume() external;
/// @notice Returns the initialized version of the contract
function getInitializedVersion() external view returns (uint64);
/// @notice Permissioned method to add a new Node Operator
/// Should be called by `*Gate.sol` contracts. See `PermissionlessGate.sol` and `VettedGate.sol` for examples
/// @param from Sender address. Initial sender address to be used as a default manager and reward addresses.
/// Gates must pass the correct address in order to specify which address should be the owner of the Node Operator.
/// @param managementProperties Optional. Management properties to be used for the Node Operator.
/// managerAddress: Used as `managerAddress` for the Node Operator. If not passed `from` will be used.
/// rewardAddress: Used as `rewardAddress` for the Node Operator. If not passed `from` will be used.
/// extendedManagerPermissions: Flag indicating that `managerAddress` will be able to change `rewardAddress`.
/// If set to true `resetNodeOperatorManagerAddress` method will be disabled
/// @param referrer Optional. Referrer address. Should be passed when Node Operator is created using partners integration
function createNodeOperator(
address from,
NodeOperatorManagementProperties memory managementProperties,
address referrer
) external returns (uint256 nodeOperatorId);
/// @notice Add new keys to the existing Node Operator using ETH as a bond
/// @param from Sender address. Commonly equals to `msg.sender` except for the case of Node Operator creation by `*Gate.sol` contracts
/// @param nodeOperatorId ID of the Node Operator
/// @param keysCount Signing keys count
/// @param publicKeys Public keys to submit
/// @param signatures Signatures of `(deposit_message_root, domain)` tuples
/// https://github.com/ethereum/consensus-specs/blob/v1.4.0/specs/phase0/beacon-chain.md#signingdata
function addValidatorKeysETH(
address from,
uint256 nodeOperatorId,
uint256 keysCount,
bytes memory publicKeys,
bytes memory signatures
) external payable;
/// @notice Add new keys to the existing Node Operator using stETH as a bond
/// @notice Due to the stETH rounding issue make sure to make approval or sign permit with extra 10 wei to avoid revert
/// @param from Sender address. Commonly equals to `msg.sender` except for the case of Node Operator creation by `*Gate.sol` contracts
/// @param nodeOperatorId ID of the Node Operator
/// @param keysCount Signing keys count
/// @param publicKeys Public keys to submit
/// @param signatures Signatures of `(deposit_message_root, domain)` tuples
/// https://github.com/ethereum/consensus-specs/blob/v1.4.0/specs/phase0/beacon-chain.md#signingdata
/// @param permit Optional. Permit to use stETH as bond
function addValidatorKeysStETH(
address from,
uint256 nodeOperatorId,
uint256 keysCount,
bytes memory publicKeys,
bytes memory signatures,
ICSAccounting.PermitInput memory permit
) external;
/// @notice Add new keys to the existing Node Operator using wstETH as a bond
/// @notice Due to the stETH rounding issue make sure to make approval or sign permit with extra 10 wei to avoid revert
/// @param from Sender address. Commonly equals to `msg.sender` except for the case of Node Operator creation by `*Gate.sol` contracts
/// @param nodeOperatorId ID of the Node Operator
/// @param keysCount Signing keys count
/// @param publicKeys Public keys to submit
/// @param signatures Signatures of `(deposit_message_root, domain)` tuples
/// https://github.com/ethereum/consensus-specs/blob/v1.4.0/specs/phase0/beacon-chain.md#signingdata
/// @param permit Optional. Permit to use wstETH as bond
function addValidatorKeysWstETH(
address from,
uint256 nodeOperatorId,
uint256 keysCount,
bytes memory publicKeys,
bytes memory signatures,
ICSAccounting.PermitInput memory permit
) external;
/// @notice Report EL rewards stealing for the given Node Operator
/// @notice The final locked amount will be equal to the stolen funds plus EL stealing additional fine
/// @param nodeOperatorId ID of the Node Operator
/// @param blockHash Execution layer block hash of the proposed block with EL rewards stealing
/// @param amount Amount of stolen EL rewards in ETH
function reportELRewardsStealingPenalty(
uint256 nodeOperatorId,
bytes32 blockHash,
uint256 amount
) external;
/// @notice Compensate EL rewards stealing penalty for the given Node Operator to prevent further validator exits
/// @dev Can only be called by the Node Operator manager
/// @param nodeOperatorId ID of the Node Operator
function compensateELRewardsStealingPenalty(
uint256 nodeOperatorId
) external payable;
/// @notice Cancel previously reported and not settled EL rewards stealing penalty for the given Node Operator
/// @notice The funds will be unlocked
/// @param nodeOperatorId ID of the Node Operator
/// @param amount Amount of penalty to cancel
function cancelELRewardsStealingPenalty(
uint256 nodeOperatorId,
uint256 amount
) external;
/// @notice Settle locked bond for the given Node Operators
/// @dev SETTLE_EL_REWARDS_STEALING_PENALTY_ROLE role is expected to be assigned to Easy Track
/// @param nodeOperatorIds IDs of the Node Operators
function settleELRewardsStealingPenalty(
uint256[] memory nodeOperatorIds
) external;
/// @notice Propose a new manager address for the Node Operator
/// @param nodeOperatorId ID of the Node Operator
/// @param proposedAddress Proposed manager address
function proposeNodeOperatorManagerAddressChange(
uint256 nodeOperatorId,
address proposedAddress
) external;
/// @notice Confirm a new manager address for the Node Operator.
/// Should be called from the currently proposed address
/// @param nodeOperatorId ID of the Node Operator
function confirmNodeOperatorManagerAddressChange(
uint256 nodeOperatorId
) external;
/// @notice Reset the manager address to the reward address.
/// Should be called from the reward address
/// @param nodeOperatorId ID of the Node Operator
function resetNodeOperatorManagerAddress(uint256 nodeOperatorId) external;
/// @notice Propose a new reward address for the Node Operator
/// @param nodeOperatorId ID of the Node Operator
/// @param proposedAddress Proposed reward address
function proposeNodeOperatorRewardAddressChange(
uint256 nodeOperatorId,
address proposedAddress
) external;
/// @notice Confirm a new reward address for the Node Operator.
/// Should be called from the currently proposed address
/// @param nodeOperatorId ID of the Node Operator
function confirmNodeOperatorRewardAddressChange(
uint256 nodeOperatorId
) external;
/// @notice Change rewardAddress if extendedManagerPermissions is enabled for the Node Operator
/// @param nodeOperatorId ID of the Node Operator
/// @param newAddress Proposed reward address
function changeNodeOperatorRewardAddress(
uint256 nodeOperatorId,
address newAddress
) external;
/// @notice Get the pointers to the head and tail of queue with the given priority.
/// @param queuePriority Priority of the queue to get the pointers.
/// @return head Pointer to the head of the queue.
/// @return tail Pointer to the tail of the queue.
function depositQueuePointers(
uint256 queuePriority
) external view returns (uint128 head, uint128 tail);
/// @notice Get the deposit queue item by an index
/// @param queuePriority Priority of the queue to get an item from
/// @param index Index of a queue item
/// @return Deposit queue item from the priority queue
function depositQueueItem(
uint256 queuePriority,
uint128 index
) external view returns (Batch);
/// @notice Clean the deposit queue from batches with no depositable keys
/// @dev Use **eth_call** to check how many items will be removed
/// @param maxItems How many queue items to review
/// @return removed Count of batches to be removed by visiting `maxItems` batches
/// @return lastRemovedAtDepth The value to use as `maxItems` to remove `removed` batches if the static call of the method was used
function cleanDepositQueue(
uint256 maxItems
) external returns (uint256 removed, uint256 lastRemovedAtDepth);
/// @notice Update depositable validators data and enqueue all unqueued keys for the given Node Operator.
/// Unqueued stands for vetted but not enqueued keys.
/// @dev The following rules are applied:
/// - Unbonded keys can not be depositable
/// - Unvetted keys can not be depositable
/// - Depositable keys count should respect targetLimit value
/// @param nodeOperatorId ID of the Node Operator
function updateDepositableValidatorsCount(uint256 nodeOperatorId) external;
/// Performs a one-time migration of allocated seats from the legacy or default queue to a priority queue
/// for an eligible node operator. This is possible, e.g., in the following scenario: A node
/// operator uploaded keys before CSM v2 and have no deposits due to a long queue.
/// After the CSM v2 release, the node operator has claimed the ICS or other priority node operator type.
/// This node operator type gives the node operator the ability to get several deposits through
/// the priority queue. So, by calling the migration method, the node operator can obtain seats
/// in the priority queue, even though they already have seats in the legacy queue.
/// The method can also be used by the node operators who joined CSM v2 permissionlessly after the release
/// and had their node operator type upgraded to ICS or another priority type.
/// The method does not remove the old queue items. Hence, the node operator can upload additional keys that
/// will take the place of the migrated keys in the original queue.
/// @param nodeOperatorId ID of the Node Operator
function migrateToPriorityQueue(uint256 nodeOperatorId) external;
/// @notice Get Node Operator info
/// @param nodeOperatorId ID of the Node Operator
/// @return Node Operator info
function getNodeOperator(
uint256 nodeOperatorId
) external view returns (NodeOperator memory);
/// @notice Get Node Operator management properties
/// @param nodeOperatorId ID of the Node Operator
/// @return Node Operator management properties
function getNodeOperatorManagementProperties(
uint256 nodeOperatorId
) external view returns (NodeOperatorManagementProperties memory);
/// @notice Get Node Operator owner. Owner is manager address if `extendedManagerPermissions` is enabled and reward address otherwise
/// @param nodeOperatorId ID of the Node Operator
/// @return Node Operator owner
function getNodeOperatorOwner(
uint256 nodeOperatorId
) external view returns (address);
/// @notice Get Node Operator non-withdrawn keys
/// @param nodeOperatorId ID of the Node Operator
/// @return Non-withdrawn keys count
function getNodeOperatorNonWithdrawnKeys(
uint256 nodeOperatorId
) external view returns (uint256);
/// @notice Get Node Operator total deposited keys
/// @param nodeOperatorId ID of the Node Operator
/// @return Total deposited keys count
function getNodeOperatorTotalDepositedKeys(
uint256 nodeOperatorId
) external view returns (uint256);
/// @notice Get Node Operator signing keys
/// @param nodeOperatorId ID of the Node Operator
/// @param startIndex Index of the first key
/// @param keysCount Count of keys to get
/// @return Signing keys
function getSigningKeys(
uint256 nodeOperatorId,
uint256 startIndex,
uint256 keysCount
) external view returns (bytes memory);
/// @notice Get Node Operator signing keys with signatures
/// @param nodeOperatorId ID of the Node Operator
/// @param startIndex Index of the first key
/// @param keysCount Count of keys to get
/// @return keys Signing keys
/// @return signatures Signatures of `(deposit_message_root, domain)` tuples
/// https://github.com/ethereum/consensus-specs/blob/v1.4.0/specs/phase0/beacon-chain.md#signingdata
function getSigningKeysWithSignatures(
uint256 nodeOperatorId,
uint256 startIndex,
uint256 keysCount
) external view returns (bytes memory keys, bytes memory signatures);
/// @notice Report Node Operator's keys as withdrawn and settle withdrawn amount
/// @notice Called by `CSVerifier` contract.
/// See `CSVerifier.processWithdrawalProof` to use this method permissionless
/// @param withdrawalsInfo An array for the validator withdrawals info structs
function submitWithdrawals(
ValidatorWithdrawalInfo[] calldata withdrawalsInfo
) external;
/// @notice Check if the given Node Operator's key is reported as withdrawn
/// @param nodeOperatorId ID of the Node Operator
/// @param keyIndex index of the key to check
/// @return Is validator reported as withdrawn or not
function isValidatorWithdrawn(
uint256 nodeOperatorId,
uint256 keyIndex
) external view returns (bool);
/// @notice Remove keys for the Node Operator and confiscate removal charge for each deleted key
/// This method is a part of the Optimistic Vetting scheme. After key deletion `totalVettedKeys`
/// is set equal to `totalAddedKeys`. If invalid keys are not removed, the unvetting process will be repeated
/// and `decreaseVettedSigningKeysCount` will be called by StakingRouter.
/// @param nodeOperatorId ID of the Node Operator
/// @param startIndex Index of the first key
/// @param keysCount Keys count to delete
function removeKeys(
uint256 nodeOperatorId,
uint256 startIndex,
uint256 keysCount
) external;
}
"
},
"node_modules/@openzeppelin/contracts/access/extensions/IAccessControlEnumerable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/extensions/IAccessControlEnumerable.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "../IAccessControl.sol";
/**
* @dev External interface of AccessControlEnumerable declared to support ERC165 detection.
*/
interface IAccessControlEnumerable is IAccessControl {
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value betweenSubmitted on: 2025-09-17 15:47:52
Comments
Log in to comment.
No comments yet.