Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/NewtonProverTaskManager.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.27;
import {INewtonProverTaskManager} from "./interfaces/INewtonProverTaskManager.sol";
import {NewtonProverTaskManagerStorage} from "./NewtonProverTaskManagerStorage.sol";
import {NewtonMessage} from "./core/NewtonMessage.sol";
import {TaskLib} from "./libraries/TaskLib.sol";
import {ChallengeLib} from "./libraries/ChallengeLib.sol";
import "@eigenlayer-middleware/src/libraries/BN254.sol";
import {ISlashingRegistryCoordinator} from
"@eigenlayer-middleware/src/interfaces/ISlashingRegistryCoordinator.sol";
import {IPauserRegistry} from "@eigenlayer/contracts/interfaces/IPauserRegistry.sol";
contract NewtonProverTaskManager is NewtonProverTaskManagerStorage {
/* MODIFIERS */
modifier onlyAggregator() {
require(msg.sender == aggregator, OnlyAggregator());
_;
}
// onlyTaskGenerator is used to restrict createNewTask from only being called by a permissioned entity
// in a real world scenario, this would be removed by instead making createNewTask a payable function
modifier onlyTaskGenerator() {
require(msg.sender == generator, OnlyTaskGenerator());
_;
}
// onlyPolicyClient is used to restrict validateAttestation from only being called by a policy client
modifier onlyPolicyClient() {
TaskLib.onlyPolicyClient();
_;
}
modifier onlyValidTaskResponse(Task calldata task, TaskResponse calldata taskResponse) {
TaskLib.sanityCheckTaskResponse(
task, taskResponse, uint32(block.number), _taskManagerConfig.taskResponseWindowBlock
);
_;
}
constructor(
ISlashingRegistryCoordinator _registryCoordinator,
IPauserRegistry _pauserRegistry
) NewtonProverTaskManagerStorage(_registryCoordinator, _pauserRegistry) {}
function initialize(
address initialOwner,
address _aggregator,
address _generator,
address _allocationManager,
address _slasher,
address _serviceManager,
TaskManagerConfig memory taskManagerConfig
) public initializer {
_transferOwnership(initialOwner);
aggregator = _aggregator;
generator = _generator;
allocationManager = _allocationManager;
instantSlasher = _slasher;
serviceManager = _serviceManager;
_taskManagerConfig = taskManagerConfig;
}
/* FUNCTIONS */
// NOTE: this function creates new task, assigns it a taskId
function createNewTask(
address policyClient,
NewtonMessage.Intent calldata intent,
NewtonMessage.PolicyTaskData calldata policyTaskData,
bytes calldata quorumNumbers,
uint32 quorumThresholdPercentage
) external onlyTaskGenerator {
INewtonProverTaskManager.Task memory newTask = TaskLib.createTask(
nonce, policyClient, intent, policyTaskData, quorumNumbers, quorumThresholdPercentage
);
allTaskHashes[newTask.taskId] = keccak256(abi.encode(newTask));
emit NewTaskCreated(newTask.taskId, newTask);
unchecked {
++nonce;
}
}
// NOTE: this function returns the latest task nonce.
function latestNonce() external view returns (uint32) {
return nonce;
}
// NOTE: this function responds to existing tasks.
function respondToTask(
Task calldata task,
TaskResponse calldata taskResponse,
NonSignerStakesAndSignature memory nonSignerStakesAndSignature
) external onlyAggregator onlyValidTaskResponse(task, taskResponse) {
bytes32 taskId = taskResponse.taskId;
// Validate task and response
require(keccak256(abi.encode(task)) == allTaskHashes[taskId], TaskLib.TaskMismatch());
require(allTaskResponses[taskId] == bytes32(0), TaskLib.TaskAlreadyResponded());
// Check signatures and threshold
bytes32 message = keccak256(abi.encode(taskResponse));
(QuorumStakeTotals memory quorumStakeTotals, bytes32 hashOfNonSigners) = checkSignatures(
message, task.quorumNumbers, uint32(task.taskCreatedBlock), nonSignerStakesAndSignature
);
// Validate quorum thresholds
uint8 threshold = uint8(task.quorumThresholdPercentage);
for (uint256 i; i < task.quorumNumbers.length;) {
require(
quorumStakeTotals.signedStakeForQuorum[i] * _THRESHOLD_DENOMINATOR
>= quorumStakeTotals.totalStakeForQuorum[i] * threshold,
InsufficientQuorumStake()
);
unchecked {
++i;
}
}
// Create response metadata
uint32 referenceBlock = uint32(block.number);
uint32 responseExpireBlock = referenceBlock + task.policyConfig.expireAfter;
ResponseCertificate memory responseCertificate = ResponseCertificate(
referenceBlock, hashOfNonSigners, nonSignerStakesAndSignature, responseExpireBlock
);
// Store task response
allTaskResponses[taskId] = keccak256(abi.encode(taskResponse, responseCertificate));
// Create attestation if result is valid
if (TaskLib.evaluateResult(taskResponse.evaluationResult)) {
NewtonMessage.Attestation memory attestation = NewtonMessage.Attestation(
taskId,
taskResponse.policyId,
taskResponse.policyClient,
taskResponse.intent,
responseExpireBlock
);
attestations[taskId] = keccak256(abi.encode(attestation));
}
emit TaskResponded(taskResponse, responseCertificate);
}
function raiseAndResolveChallenge(
Task calldata task,
TaskResponse calldata taskResponse,
ResponseCertificate calldata responseCertificate,
ChallengeData calldata challenge,
BN254.G1Point[] memory pubkeysOfNonSigningOperators
) external {
require(_taskManagerConfig.isChallengeEnabled, ChallengeNotEnabled());
require(
keccak256(abi.encode(task)) == allTaskHashes[taskResponse.taskId],
TaskLib.TaskMismatch()
);
require(
_isChallengable(task, taskResponse, responseCertificate, challenge), NotChallengable()
);
require(
uint32(block.number)
<= responseCertificate.referenceBlock + _taskManagerConfig.taskChallengeWindowBlock,
ChallengePeriodExpired()
);
bytes32 taskId = taskResponse.taskId;
bool isResponseCorrect = TaskLib.evaluateResult(challenge.data);
if (isResponseCorrect) {
emit TaskChallengedUnsuccessfully(taskId, msg.sender);
return;
}
// Process non-signing operators and validate
(
bytes32[] memory hashesOfPubkeysOfNonSigningOperators,
address[] memory addressOfNonSigningOperators
) = ChallengeLib.processNonSigners(pubkeysOfNonSigningOperators, address(blsApkRegistry));
ChallengeLib.validateSignatoryRecord(
task.taskCreatedBlock,
hashesOfPubkeysOfNonSigningOperators,
responseCertificate.hashOfNonSigners
);
// Slash signing operators
ChallengeLib.ChallengeContext memory ctx = ChallengeLib.ChallengeContext({
blsApkRegistry: address(blsApkRegistry),
registryCoordinator: address(registryCoordinator),
allocationManager: allocationManager,
instantSlasher: instantSlasher,
serviceManager: serviceManager
});
ChallengeLib.slashSigningOperators(
ctx, task.quorumNumbers, task.taskCreatedBlock, addressOfNonSigningOperators
);
taskSuccesfullyChallenged[taskId] = true;
emit TaskChallengedSuccessfully(taskId, msg.sender);
}
function getTaskManagerConfig() external view returns (TaskManagerConfig memory) {
return _taskManagerConfig;
}
function updateTaskManagerConfig(
TaskManagerConfig memory taskManagerConfig
) external onlyOwner {
require(taskManagerConfig.taskResponseWindowBlock > 0, InvalidTaskManagerConfig());
require(taskManagerConfig.taskChallengeWindowBlock > 0, InvalidTaskManagerConfig());
_taskManagerConfig = taskManagerConfig;
}
function _isChallengable(
Task calldata task,
TaskResponse calldata taskResponse,
ResponseCertificate calldata responseCertificate,
ChallengeData calldata challenge
) internal view returns (bool) {
bytes32 taskId = taskResponse.taskId;
return task.taskId == taskId && allTaskResponses[taskId] != bytes32(0)
&& allTaskResponses[taskId] == keccak256(abi.encode(taskResponse, responseCertificate))
&& !taskSuccesfullyChallenged[taskId]
&& uint32(block.number) <= responseCertificate.responseExpireBlock
&& challenge.taskId == taskId;
}
function validateAttestation(
NewtonMessage.Attestation calldata attestation
) external onlyPolicyClient returns (bool) {
TaskLib.sanityCheckAttestation(attestation);
// Validate attestation hash
bytes32 attestationHash = keccak256(abi.encode(attestation));
require(attestations[attestation.taskId] == attestationHash, AttestationHashMismatch());
require(uint32(block.number) <= attestation.expiration, AttestationExpired());
// Prevent double spending of the same attestation by setting the attestation hash to 0
require(attestations[attestation.taskId] != bytes32(0), AttestationAlreadySpent());
attestations[attestation.taskId] = bytes32(0);
emit AttestationSpent(attestation.taskId, attestation);
return true;
}
}
"
},
"src/interfaces/INewtonProverTaskManager.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.27;
import "@eigenlayer-middleware/src/libraries/BN254.sol";
import "@eigenlayer-middleware/src/interfaces/IBLSSignatureChecker.sol";
import {NewtonMessage} from "../core/NewtonMessage.sol";
import {INewtonPolicy} from "./INewtonPolicy.sol";
interface INewtonProverTaskManager {
// EVENTS
event NewTaskCreated(bytes32 indexed taskId, Task task);
event TaskResponded(TaskResponse taskResponse, ResponseCertificate responseCertificate);
event TaskChallengedSuccessfully(bytes32 indexed taskId, address indexed challenger);
event TaskChallengedUnsuccessfully(bytes32 indexed taskId, address indexed challenger);
event AttestationSpent(bytes32 indexed taskId, NewtonMessage.Attestation attestation);
/* CUSTOM ERRORS */
error OnlyAggregator();
error OnlyTaskGenerator();
error InsufficientQuorumStake();
error ChallengeNotEnabled();
error NotChallengable();
error ChallengePeriodExpired();
error AttestationHashMismatch();
error AttestationExpired();
error AttestationAlreadySpent();
error InvalidTaskManagerConfig();
// STRUCTS
// task submitter decides on the criteria for a task to be completed
// note that this does not mean the task was "correctly" answered (i.e. the number was proved correctly)
// this is for the challenge logic to verify
// task is completed (and contract will accept its TaskResponse) when each quorumNumbers specified here
// are signed by at least quorumThresholdPercentage of the operators
// note that we set the quorumThresholdPercentage to be the same for all quorumNumbers, but this could be changed
struct Task {
// the unique identifier for the task
bytes32 taskId;
// policy client address
address policyClient;
// policy id
bytes32 policyId;
// the nonce of the task
uint32 nonce;
// the intent of the task
NewtonMessage.Intent intent;
// the policy task data of the task
NewtonMessage.PolicyTaskData policyTaskData;
// policy configuration for the policy program
INewtonPolicy.PolicyConfig policyConfig;
// the block number when the task was created
uint32 taskCreatedBlock;
// the quorum numbers of the task
bytes quorumNumbers;
// the quorum threshold percentage of the task
uint32 quorumThresholdPercentage;
}
// Task response is hashed and signed by operators.
// these signatures are aggregated and sent to the contract as response.
struct TaskResponse {
// Can be obtained by the operator from the event NewTaskCreated.
bytes32 taskId;
// policy client address
address policyClient;
// policy id of the task
bytes32 policyId;
// the policy address of the task
address policyAddress;
// the intent of the task
NewtonMessage.Intent intent;
// Policy evaluation result.
bytes evaluationResult;
}
// Certificate is filled by the protocol contract for each taskResponse signed by operators.
// This Certificate is used by policy clients to attest the validity of policy evaluation result
// during intent execution.
// This certificate is also used by the challenger, who monitors and if invalid, raises challenge
// with zero-knowledge proof of the policy evaluation result discrepancy.
// NOTE: this can be used as an attestation for not just single chain but multi-chain attestation.
struct ResponseCertificate {
// the block number when the response certificate is created
uint32 referenceBlock;
// the hash of the non-signers
bytes32 hashOfNonSigners;
// the non-signers and their stakes
IBLSSignatureChecker.NonSignerStakesAndSignature nonSignerStakesAndSignature;
// the block number when the task response expires
uint32 responseExpireBlock;
}
// Challenge data is submitted by the challenger.
// Contains the proof data and verification key for onchain verification of the policy evaluation result.
// TODO: add support for risc0 zk proofs, and other proof types.
struct ChallengeData {
// Can be obtained by the operator from the event NewTaskCreated.
bytes32 taskId;
// sp1 zk proof to attest the policy evaluation result of the challenger
bytes proof;
// The committed proof output to verify against the task response data.
bytes data;
}
// Task manager config for the task manager.
struct TaskManagerConfig {
// The window block for the task response.
uint32 taskResponseWindowBlock;
// The window block for the task challenge.
uint32 taskChallengeWindowBlock;
// Whether the challenge is enabled.
bool isChallengeEnabled;
}
// FUNCTIONS
// NOTE: this function creates new task.
function createNewTask(
address policyClient,
NewtonMessage.Intent calldata intent,
NewtonMessage.PolicyTaskData calldata policyTaskData,
bytes calldata quorumNumbers,
uint32 quorumThresholdPercentage
) external;
// NOTE: this function returns the latest task nonce.
function latestNonce() external view returns (uint32);
// NOTE: this function responds to existing tasks.
function respondToTask(
Task calldata task,
TaskResponse calldata taskResponse,
IBLSSignatureChecker.NonSignerStakesAndSignature memory nonSignerStakesAndSignature
) external;
// NOTE: this function raises challenge to existing tasks.
function raiseAndResolveChallenge(
Task calldata task,
TaskResponse calldata taskResponse,
ResponseCertificate calldata responseCertificate,
ChallengeData calldata challenge,
BN254.G1Point[] memory pubkeysOfNonSigningOperators
) external;
// NOTE: this function authorizes existing task responses.
function validateAttestation(
NewtonMessage.Attestation calldata attestation
) external returns (bool);
}
"
},
"src/NewtonProverTaskManagerStorage.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.27;
import "@openzeppelin-upgrades/contracts/proxy/utils/Initializable.sol";
import "@openzeppelin-upgrades/contracts/access/OwnableUpgradeable.sol";
import "@eigenlayer/contracts/permissions/Pausable.sol";
import {ISlashingRegistryCoordinator} from
"@eigenlayer-middleware/src/interfaces/ISlashingRegistryCoordinator.sol";
import {OperatorStateRetriever} from "@eigenlayer-middleware/src/OperatorStateRetriever.sol";
import {BLSSignatureChecker} from "@eigenlayer-middleware/src/BLSSignatureChecker.sol";
import "@eigenlayer-middleware/src/libraries/BN254.sol";
import {INewtonProverTaskManager} from "./interfaces/INewtonProverTaskManager.sol";
abstract contract NewtonProverTaskManagerStorage is
Initializable,
OwnableUpgradeable,
Pausable,
BLSSignatureChecker,
OperatorStateRetriever,
INewtonProverTaskManager
{
using BN254 for BN254.G1Point;
/**
*
* CONSTANTS AND IMMUTABLES
*
*/
/// @notice The threshold denominator for quorum calculations
uint256 internal constant _THRESHOLD_DENOMINATOR = 100;
/**
*
* STATE
*
*/
/// @notice The current task nonce
uint32 public nonce;
/// @notice The task manager configuration
INewtonProverTaskManager.TaskManagerConfig internal _taskManagerConfig;
/// @notice Core entity addresses
address public serviceManager;
address public aggregator;
address public generator;
address public instantSlasher;
address public allocationManager;
/// @notice Task-related mappings
mapping(bytes32 => bytes32) public allTaskHashes;
mapping(bytes32 => bytes32) public allTaskResponses;
mapping(bytes32 => bool) public taskSuccesfullyChallenged;
mapping(bytes32 => bytes32) public attestations;
constructor(
ISlashingRegistryCoordinator _slashingRegistryCoordinator,
IPauserRegistry _pauserRegistry
)
BLSSignatureChecker(ISlashingRegistryCoordinator(_slashingRegistryCoordinator))
Pausable(_pauserRegistry)
{}
// storage gap for upgradeability
// slither-disable-next-line shadowing-state
uint256[50] private __GAP;
}
"
},
"src/core/NewtonMessage.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.27;
/// @notice Contract for a NewtonMessage
contract NewtonMessage {
// STRUCTS
/// @notice Intent struct for a transaction authorization
struct Intent {
// equivalent to tx.origin/from
address from;
// equivalent to to
address to;
// equivalent to msg.value
uint256 value;
// ABI-encoded calldata. function selector and arguments
bytes data;
// chain id of the chain that the transaction is on
uint256 chainId;
// encoded ABI of the function that is being called
// e.g. abi.encodePacked("function transfer(address,uint256)")
bytes functionSignature;
}
/// @notice Attestation struct for a transaction authorization
struct Attestation {
// task id
bytes32 taskId;
// policy id
bytes32 policyId;
// policy client
address policyClient;
// intent
Intent intent;
// expiration block number for the attestation
uint32 expiration;
}
/// @notice PolicyData struct for a policy data and its attestation proof
struct PolicyData {
// encoded policy data
bytes data;
// attestation proof for the policy data.
bytes attestation;
// policy data address
address policyDataAddress;
// expiration block number for the policy data
uint32 expireBlock;
}
/// @notice PolicyTaskData struct for a policy data
struct PolicyTaskData {
// policy id
bytes32 policyId;
// policy address
address policyAddress;
// policy program binary
bytes policy;
// an array of policy data with attestation
// NOTE: order matters, the first policy data is the first policy data in the policy data set of the policy.
PolicyData[] policyData;
}
/// @notice VerificationInfo struct for a policy data verification
struct VerificationInfo {
// verifier
address verifier;
// verified
bool verified;
// timestamp
uint256 timestamp;
}
/// @notice error type for unauthorized access
error Unauthorized(string reason);
}
"
},
"src/libraries/TaskLib.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.27;
import {INewtonProverTaskManager} from "../interfaces/INewtonProverTaskManager.sol";
import {INewtonPolicy} from "../interfaces/INewtonPolicy.sol";
import {NewtonMessage} from "../core/NewtonMessage.sol";
import {INewtonPolicyClient} from "../interfaces/INewtonPolicyClient.sol";
import {IERC165} from "@openzeppelin/contracts/interfaces/IERC165.sol";
import {PolicyValidationLib} from "./PolicyValidationLib.sol";
/**
* @title TaskLib
* @dev Library for task evaluation and result processing
*/
library TaskLib {
/* CUSTOM ERRORS */
error TaskMismatch();
error InvalidPolicyId();
error InvalidPolicyClient();
error InvalidPolicyAddress();
error TaskAlreadyResponded();
error TaskResponseTooLate(
uint32 blockNumber, uint32 taskCreatedBlock, uint32 taskResponseWindowBlock
);
error OnlyPolicyClient();
error InterfaceNotSupported();
/* FUNCTIONS */
function createTask(
uint32 nonce,
address policyClient,
NewtonMessage.Intent calldata intent,
NewtonMessage.PolicyTaskData calldata policyTaskData,
bytes calldata quorumNumbers,
uint32 quorumThresholdPercentage
) external view returns (INewtonProverTaskManager.Task memory) {
// Validate policy client and get basic info
(address policyAddress, bytes32 policyId) =
PolicyValidationLib.checkVerifiedPolicy(policyClient, policyTaskData);
uint32 currentBlock = uint32(block.number);
// Validate policy data attestations
PolicyValidationLib.validatePolicyData(policyAddress, policyTaskData, currentBlock);
// Create task
INewtonProverTaskManager.Task memory newTask = INewtonProverTaskManager.Task({
nonce: nonce,
intent: intent,
policyId: policyId,
policyClient: policyClient,
policyTaskData: policyTaskData,
policyConfig: INewtonPolicy(policyAddress).getPolicyConfig(policyId),
taskCreatedBlock: currentBlock,
quorumNumbers: quorumNumbers,
quorumThresholdPercentage: quorumThresholdPercentage,
taskId: bytes32(0)
});
bytes32 taskId = keccak256(abi.encode(newTask));
newTask.taskId = taskId;
return newTask;
}
/**
* @dev Evaluates the result of a task execution
* @param evaluationResult The result data to evaluate
* @return bool True if the result indicates success/true
*/
function evaluateResult(
bytes memory evaluationResult
) external pure returns (bool) {
uint256 length = evaluationResult.length;
// Case 1: ABI-encoded bool true (32 bytes)
if (length == 32) {
uint256 val;
assembly {
val := mload(add(evaluationResult, 32))
}
return val == 1;
}
// Case 2: ABI-encoded "true" string (96+ bytes)
if (length >= 96) {
uint256 strLen;
assembly {
strLen := mload(add(evaluationResult, 64))
}
if (strLen == 4) {
bytes32 strData;
assembly {
strData := mload(add(evaluationResult, 96))
}
return strData == 0x7472756500000000000000000000000000000000000000000000000000000000;
}
}
return false;
}
/**
* @dev Sanity checks the task response. Throws if any of the checks fail.
* @param task The task
* @param taskResponse The task response
* @param blockNumber The block number
* @param responseWindowBlock The response window block
*/
function sanityCheckTaskResponse(
INewtonProverTaskManager.Task calldata task,
INewtonProverTaskManager.TaskResponse calldata taskResponse,
uint32 blockNumber,
uint32 responseWindowBlock
) external pure {
require(taskResponse.policyId == task.policyId, InvalidPolicyId());
require(taskResponse.policyClient == task.policyClient, InvalidPolicyClient());
require(
taskResponse.policyAddress == task.policyTaskData.policyAddress, InvalidPolicyAddress()
);
require(
blockNumber <= task.taskCreatedBlock + responseWindowBlock,
TaskResponseTooLate(blockNumber, task.taskCreatedBlock, responseWindowBlock)
);
}
function sanityCheckAttestation(
NewtonMessage.Attestation calldata attestation
) external view {
require(
attestation.policyId == INewtonPolicyClient(attestation.policyClient).getPolicyId(),
PolicyValidationLib.PolicyIdMismatch()
);
require(msg.sender == attestation.policyClient, InvalidPolicyClient());
}
// onlyPolicyClient is used to restrict validateAttestation from only being called by a policy client
function onlyPolicyClient() external view {
require(msg.sender.code.length > 0, OnlyPolicyClient());
bytes4 interfaceId = type(INewtonPolicyClient).interfaceId;
(bool success, bytes memory result) = msg.sender.staticcall(
abi.encodeWithSelector(IERC165.supportsInterface.selector, interfaceId)
);
require(
success && result.length == 32 && abi.decode(result, (bool)), InterfaceNotSupported()
);
}
}
"
},
"src/libraries/ChallengeLib.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.27;
import "@eigenlayer-middleware/src/libraries/BN254.sol";
import {BLSApkRegistry} from "@eigenlayer-middleware/src/BLSApkRegistry.sol";
import {ISlashingRegistryCoordinator} from
"@eigenlayer-middleware/src/interfaces/ISlashingRegistryCoordinator.sol";
import {OperatorStateRetriever} from "@eigenlayer-middleware/src/OperatorStateRetriever.sol";
import {InstantSlasher} from "@eigenlayer-middleware/src/slashers/InstantSlasher.sol";
import {IAllocationManager} from "@eigenlayer/contracts/interfaces/IAllocationManager.sol";
import {IAllocationManagerTypes} from "@eigenlayer/contracts/interfaces/IAllocationManager.sol";
import {OperatorSet} from "@eigenlayer/contracts/libraries/OperatorSetLib.sol";
import {IStrategy} from "@eigenlayer/contracts/interfaces/IStrategy.sol";
/**
* @title ChallengeLib
* @dev Library for challenge processing and operator slashing
*/
library ChallengeLib {
using BN254 for BN254.G1Point;
error InvalidNonSigners();
uint256 public constant WADS_TO_SLASH = 100000000000000000; // 10%
struct ChallengeContext {
address blsApkRegistry;
address registryCoordinator;
address allocationManager;
address instantSlasher;
address serviceManager;
}
/**
* @dev Processes non-signing operators for challenge validation
*/
function processNonSigners(
BN254.G1Point[] memory pubkeysOfNonSigningOperators,
address blsApkRegistry
)
external
view
returns (
bytes32[] memory hashesOfPubkeysOfNonSigningOperators,
address[] memory addressOfNonSigningOperators
)
{
uint256 nonSignerLength = pubkeysOfNonSigningOperators.length;
hashesOfPubkeysOfNonSigningOperators = new bytes32[](nonSignerLength);
addressOfNonSigningOperators = new address[](nonSignerLength);
for (uint256 i; i < nonSignerLength;) {
bytes32 pubkeyHash = pubkeysOfNonSigningOperators[i].hashG1Point();
hashesOfPubkeysOfNonSigningOperators[i] = pubkeyHash;
addressOfNonSigningOperators[i] =
BLSApkRegistry(blsApkRegistry).pubkeyHashToOperator(pubkeyHash);
unchecked {
++i;
}
}
}
/**
* @dev Validates signatory record hash
*/
function validateSignatoryRecord(
uint32 taskCreatedBlock,
bytes32[] memory hashesOfPubkeysOfNonSigningOperators,
bytes32 expectedHash
) external pure {
bytes32 signatoryRecordHash =
keccak256(abi.encodePacked(taskCreatedBlock, hashesOfPubkeysOfNonSigningOperators));
require(signatoryRecordHash == expectedHash, InvalidNonSigners());
}
/**
* @dev Slashes operators who signed incorrectly
*/
function slashSigningOperators(
ChallengeContext memory ctx,
bytes calldata quorumNumbers,
uint32 taskCreatedBlock,
address[] memory addressOfNonSigningOperators
) external {
OperatorStateRetriever.Operator[][] memory allOperatorInfo = OperatorStateRetriever(
ctx.registryCoordinator
).getOperatorState(
ISlashingRegistryCoordinator(ctx.registryCoordinator), quorumNumbers, taskCreatedBlock
);
uint256 nonSignerLength = addressOfNonSigningOperators.length;
for (uint256 i; i < allOperatorInfo.length;) {
for (uint256 j; j < allOperatorInfo[i].length;) {
bytes32 operatorID = allOperatorInfo[i][j].operatorId;
address operatorAddress =
BLSApkRegistry(ctx.blsApkRegistry).getOperatorFromPubkeyHash(operatorID);
// Check if operator was a signer
bool wasSigningOperator = true;
for (uint256 k; k < nonSignerLength;) {
if (operatorAddress == addressOfNonSigningOperators[k]) {
wasSigningOperator = false;
break;
}
unchecked {
++k;
}
}
if (wasSigningOperator) {
_slashOperator(ctx, operatorAddress, uint8(quorumNumbers[i]));
}
unchecked {
++j;
}
}
unchecked {
++i;
}
}
}
/**
* @dev Internal function to slash an operator
*/
function _slashOperator(
ChallengeContext memory ctx,
address operatorAddress,
uint8 quorumId
) private {
OperatorSet memory operatorset = OperatorSet({avs: ctx.serviceManager, id: quorumId});
IStrategy[] memory strategies =
IAllocationManager(ctx.allocationManager).getStrategiesInOperatorSet(operatorset);
uint256 strategyLength = strategies.length;
uint256[] memory wadsToSlash = new uint256[](strategyLength);
for (uint256 i; i < strategyLength;) {
wadsToSlash[i] = WADS_TO_SLASH;
unchecked {
++i;
}
}
IAllocationManagerTypes.SlashingParams memory slashingparams = IAllocationManagerTypes
.SlashingParams({
operator: operatorAddress,
operatorSetId: quorumId,
strategies: strategies,
wadsToSlash: wadsToSlash,
description: "slash_the_operator"
});
InstantSlasher(ctx.instantSlasher).fulfillSlashingRequest(slashingparams);
}
}
"
},
"lib/eigenlayer-middleware/src/libraries/BN254.sol": {
"content": "// SPDX-License-Identifier: MIT
// several functions are taken or adapted from https://github.com/HarryR/solcrypto/blob/master/contracts/altbn128.sol (MIT license):
// Copyright 2017 Christian Reitwiessner
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to
// deal in the Software without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
// sell copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
// IN THE SOFTWARE.
// The remainder of the code in this library is written by LayrLabs Inc. and is also under an MIT license
pragma solidity ^0.8.27;
/**
* @title Library for operations on the BN254 elliptic curve.
* @author Layr Labs, Inc.
* @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service
* @notice Contains BN254 parameters, common operations (addition, scalar mul, pairing), and BLS signature functionality.
*/
library BN254 {
// modulus for the underlying field F_p of the elliptic curve
uint256 internal constant FP_MODULUS =
21888242871839275222246405745257275088696311157297823662689037894645226208583;
// modulus for the underlying field F_r of the elliptic curve
uint256 internal constant FR_MODULUS =
21888242871839275222246405745257275088548364400416034343698204186575808495617;
struct G1Point {
uint256 X;
uint256 Y;
}
// Encoding of field elements is: X[1] * i + X[0]
struct G2Point {
uint256[2] X;
uint256[2] Y;
}
/// @dev Thrown when the sum of two points of G1 fails
error ECAddFailed();
/// @dev Thrown when the scalar multiplication of a point of G1 fails
error ECMulFailed();
/// @dev Thrown when the scalar is too large.
error ScalarTooLarge();
/// @dev Thrown when the pairing check fails
error ECPairingFailed();
/// @dev Thrown when the exponentiation mod fails
error ExpModFailed();
function generatorG1() internal pure returns (G1Point memory) {
return G1Point(1, 2);
}
// generator of group G2
/// @dev Generator point in F_q2 is of the form: (x0 + ix1, y0 + iy1).
uint256 internal constant G2x1 =
11559732032986387107991004021392285783925812861821192530917403151452391805634;
uint256 internal constant G2x0 =
10857046999023057135944570762232829481370756359578518086990519993285655852781;
uint256 internal constant G2y1 =
4082367875863433681332203403145435568316851327593401208105741076214120093531;
uint256 internal constant G2y0 =
8495653923123431417604973247489272438418190587263600148770280649306958101930;
/// @notice returns the G2 generator
/// @dev mind the ordering of the 1s and 0s!
/// this is because of the (unknown to us) convention used in the bn254 pairing precompile contract
/// "Elements a * i + b of F_p^2 are encoded as two elements of F_p, (a, b)."
/// https://github.com/ethereum/EIPs/blob/master/EIPS/eip-197.md#encoding
function generatorG2() internal pure returns (G2Point memory) {
return G2Point([G2x1, G2x0], [G2y1, G2y0]);
}
// negation of the generator of group G2
/// @dev Generator point in F_q2 is of the form: (x0 + ix1, y0 + iy1).
uint256 internal constant nG2x1 =
11559732032986387107991004021392285783925812861821192530917403151452391805634;
uint256 internal constant nG2x0 =
10857046999023057135944570762232829481370756359578518086990519993285655852781;
uint256 internal constant nG2y1 =
17805874995975841540914202342111839520379459829704422454583296818431106115052;
uint256 internal constant nG2y0 =
13392588948715843804641432497768002650278120570034223513918757245338268106653;
function negGeneratorG2() internal pure returns (G2Point memory) {
return G2Point([nG2x1, nG2x0], [nG2y1, nG2y0]);
}
bytes32 internal constant powersOfTauMerkleRoot =
0x22c998e49752bbb1918ba87d6d59dd0e83620a311ba91dd4b2cc84990b31b56f;
/**
* @param p Some point in G1.
* @return The negation of `p`, i.e. p.plus(p.negate()) should be zero.
*/
function negate(
G1Point memory p
) internal pure returns (G1Point memory) {
// The prime q in the base field F_q for G1
if (p.X == 0 && p.Y == 0) {
return G1Point(0, 0);
} else {
return G1Point(p.X, FP_MODULUS - (p.Y % FP_MODULUS));
}
}
/**
* @return r the sum of two points of G1
*/
function plus(G1Point memory p1, G1Point memory p2) internal view returns (G1Point memory r) {
uint256[4] memory input;
input[0] = p1.X;
input[1] = p1.Y;
input[2] = p2.X;
input[3] = p2.Y;
bool success;
// solium-disable-next-line security/no-inline-assembly
assembly {
success := staticcall(sub(gas(), 2000), 6, input, 0x80, r, 0x40)
// Use "invalid" to make gas estimation work
switch success
case 0 { invalid() }
}
require(success, ECAddFailed());
}
/**
* @notice an optimized ecMul implementation that takes O(log_2(s)) ecAdds
* @param p the point to multiply
* @param s the scalar to multiply by
* @dev this function is only safe to use if the scalar is 9 bits or less
*/
function scalar_mul_tiny(
BN254.G1Point memory p,
uint16 s
) internal view returns (BN254.G1Point memory) {
require(s < 2 ** 9, ScalarTooLarge());
// if s is 1 return p
if (s == 1) {
return p;
}
// the accumulated product to return
BN254.G1Point memory acc = BN254.G1Point(0, 0);
// the 2^n*p to add to the accumulated product in each iteration
BN254.G1Point memory p2n = p;
// value of most significant bit
uint16 m = 1;
// index of most significant bit
uint8 i = 0;
//loop until we reach the most significant bit
while (s >= m) {
unchecked {
// if the current bit is 1, add the 2^n*p to the accumulated product
if ((s >> i) & 1 == 1) {
acc = plus(acc, p2n);
}
// double the 2^n*p for the next iteration
p2n = plus(p2n, p2n);
// increment the index and double the value of the most significant bit
m <<= 1;
++i;
}
}
// return the accumulated product
return acc;
}
/**
* @return r the product of a point on G1 and a scalar, i.e.
* p == p.scalar_mul(1) and p.plus(p) == p.scalar_mul(2) for all
* points p.
*/
function scalar_mul(G1Point memory p, uint256 s) internal view returns (G1Point memory r) {
uint256[3] memory input;
input[0] = p.X;
input[1] = p.Y;
input[2] = s;
bool success;
// solium-disable-next-line security/no-inline-assembly
assembly {
success := staticcall(sub(gas(), 2000), 7, input, 0x60, r, 0x40)
// Use "invalid" to make gas estimation work
switch success
case 0 { invalid() }
}
require(success, ECMulFailed());
}
/**
* @return The result of computing the pairing check
* e(p1[0], p2[0]) * .... * e(p1[n], p2[n]) == 1
* For example,
* pairing([P1(), P1().negate()], [P2(), P2()]) should return true.
*/
function pairing(
G1Point memory a1,
G2Point memory a2,
G1Point memory b1,
G2Point memory b2
) internal view returns (bool) {
G1Point[2] memory p1 = [a1, b1];
G2Point[2] memory p2 = [a2, b2];
uint256[12] memory input;
for (uint256 i = 0; i < 2; i++) {
uint256 j = i * 6;
input[j + 0] = p1[i].X;
input[j + 1] = p1[i].Y;
input[j + 2] = p2[i].X[0];
input[j + 3] = p2[i].X[1];
input[j + 4] = p2[i].Y[0];
input[j + 5] = p2[i].Y[1];
}
uint256[1] memory out;
bool success;
// solium-disable-next-line security/no-inline-assembly
assembly {
success := staticcall(sub(gas(), 2000), 8, input, mul(12, 0x20), out, 0x20)
// Use "invalid" to make gas estimation work
switch success
case 0 { invalid() }
}
require(success, ECPairingFailed());
return out[0] != 0;
}
/**
* @notice This function is functionally the same as pairing(), however it specifies a gas limit
* the user can set, as a precompile may use the entire gas budget if it reverts.
*/
function safePairing(
G1Point memory a1,
G2Point memory a2,
G1Point memory b1,
G2Point memory b2,
uint256 pairingGas
) internal view returns (bool, bool) {
G1Point[2] memory p1 = [a1, b1];
G2Point[2] memory p2 = [a2, b2];
uint256[12] memory input;
for (uint256 i = 0; i < 2; i++) {
uint256 j = i * 6;
input[j + 0] = p1[i].X;
input[j + 1] = p1[i].Y;
input[j + 2] = p2[i].X[0];
input[j + 3] = p2[i].X[1];
input[j + 4] = p2[i].Y[0];
input[j + 5] = p2[i].Y[1];
}
uint256[1] memory out;
bool success;
// solium-disable-next-line security/no-inline-assembly
assembly {
success := staticcall(pairingGas, 8, input, mul(12, 0x20), out, 0x20)
}
//Out is the output of the pairing precompile, either 0 or 1 based on whether the two pairings are equal.
//Success is true if the precompile actually goes through (aka all inputs are valid)
return (success, out[0] != 0);
}
/// @return hashedG1 the keccak256 hash of the G1 Point
/// @dev used for BLS signatures
function hashG1Point(
BN254.G1Point memory pk
) internal pure returns (bytes32 hashedG1) {
assembly {
mstore(0, mload(pk))
mstore(0x20, mload(add(0x20, pk)))
hashedG1 := keccak256(0, 0x40)
}
}
/// @return the keccak256 hash of the G2 Point
/// @dev used for BLS signatures
function hashG2Point(
BN254.G2Point memory pk
) internal pure returns (bytes32) {
return keccak256(abi.encodePacked(pk.X[0], pk.X[1], pk.Y[0], pk.Y[1]));
}
/**
* @notice adapted from https://github.com/HarryR/solcrypto/blob/master/contracts/altbn128.sol
*/
function hashToG1(
bytes32 _x
) internal view returns (G1Point memory) {
uint256 beta = 0;
uint256 y = 0;
uint256 x = uint256(_x) % FP_MODULUS;
while (true) {
(beta, y) = findYFromX(x);
// y^2 == beta
if (beta == mulmod(y, y, FP_MODULUS)) {
return G1Point(x, y);
}
x = addmod(x, 1, FP_MODULUS);
}
return G1Point(0, 0);
}
/**
* Given X, find Y
*
* where y = sqrt(x^3 + b)
*
* Returns: (x^3 + b), y
*/
function findYFromX(
uint256 x
) internal view returns (uint256, uint256) {
// beta = (x^3 + b) % p
uint256 beta = addmod(mulmod(mulmod(x, x, FP_MODULUS), x, FP_MODULUS), 3, FP_MODULUS);
// y^2 = x^3 + b
// this acts like: y = sqrt(beta) = beta^((p+1) / 4)
uint256 y = expMod(
beta, 0xc19139cb84c680a6e14116da060561765e05aa45a1c72a34f082305b61f3f52, FP_MODULUS
);
return (beta, y);
}
function expMod(
uint256 _base,
uint256 _exponent,
uint256 _modulus
) internal view returns (uint256 retval) {
bool success;
uint256[1] memory output;
uint256[6] memory input;
input[0] = 0x20; // baseLen = new(big.Int).SetBytes(getData(input, 0, 32))
input[1] = 0x20; // expLen = new(big.Int).SetBytes(getData(input, 32, 32))
input[2] = 0x20; // modLen = new(big.Int).SetBytes(getData(input, 64, 32))
input[3] = _base;
input[4] = _exponent;
input[5] = _modulus;
assembly {
success := staticcall(sub(gas(), 2000), 5, input, 0xc0, output, 0x20)
// Use "invalid" to make gas estimation work
switch success
case 0 { invalid() }
}
require(success, ExpModFailed());
return output[0];
}
}
"
},
"lib/eigenlayer-middleware/src/interfaces/ISlashingRegistryCoordinator.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.27;
import {IBLSApkRegistry} from "./IBLSApkRegistry.sol";
import {IStakeRegistry} from "./IStakeRegistry.sol";
import {IIndexRegistry} from "./IIndexRegistry.sol";
import {BN254} from "../libraries/BN254.sol";
import {IAllocationManager} from
"eigenlayer-contracts/src/contracts/interfaces/IAllocationManager.sol";
import {IBLSApkRegistry} from "./IBLSApkRegistry.sol";
import {IStakeRegistry, IStakeRegistryTypes} from "./IStakeRegistry.sol";
import {IIndexRegistry} from "./IIndexRegistry.sol";
import {ISocketRegistry} from "./ISocketRegistry.sol";
import {BN254} from "../libraries/BN254.sol";
import {IAVSRegistrar} from "eigenlayer-contracts/src/contracts/interfaces/IAVSRegistrar.sol";
interface ISlashingRegistryCoordinatorErrors {
/// @notice Thrown when array lengths in input parameters don't match.
error InputLengthMismatch();
/// @notice Thrown when an invalid registration type is provided.
error InvalidRegistrationType();
/// @notice Thrown when non-allocation manager calls restricted function.
error OnlyAllocationManager();
/// @notice Thrown when non-ejector calls restricted function.
error OnlyEjector();
/// @notice Thrown when operating on a non-existent quorum.
error QuorumDoesNotExist();
/// @notice Thrown when registering/deregistering with empty bitmap.
error BitmapEmpty();
/// @notice Thrown when registering for already registered quorums.
error AlreadyRegisteredForQuorums();
/// @notice Thrown when registering before ejection cooldown expires.
error CannotReregisterYet();
/// @notice Thrown when unregistered operator attempts restricted operation.
error NotRegistered();
/// @notice Thrown when operator attempts self-churn.
error CannotChurnSelf();
/// @notice Thrown when operator count doesn't match quorum requirements.
error QuorumOperatorCountMismatch();
/// @notice Thrown when operator has insufficient stake for churn.
error InsufficientStakeForChurn();
/// @notice Thrown when attempting to kick operator above stake threshold.
error CannotKickOperatorAboveThreshold();
/// @notice Thrown when updating to zero bitmap.
error BitmapCannotBeZero();
/// @notice Thrown when deregistering from unregistered quorum.
error NotRegisteredForQuorum();
/// @notice Thrown when churn approver salt is already used.
error ChurnApproverSaltUsed();
/// @notice Thrown when operators or quorums list is not sorted ascending.
error NotSorted();
/// @notice Thrown when maximum quorum count is reached.
error MaxQuorumsReached();
/// @notice Thrown when the provided AVS address does not match the expected one.
error InvalidAVS();
/// @notice Thrown when attempting to kick an operator that is not registered.
error OperatorNotRegistered();
/// @notice Thrown when lookAheadPeriod is greater than or equal to DEALLOCATION_DELAY.
error LookAheadPeriodTooLong();
/// @notice Thrown when the number of operators in a quorum would exceed the maximum allowed.
error MaxOperatorCountReached();
}
interface ISlashingRegistryCoordinatorTypes {
/// @notice Core data structure for tracking operator information.
/// @dev Links an operator's unique identifier with their current registration status.
/// @param operatorId Unique identifier for the operator, typically derived from their BLS public key.
/// @param status Current registration state of the operator in the system.
struct OperatorInfo {
bytes32 operatorId;
OperatorStatus status;
}
/// @notice Records historical changes to an operator's quorum registrations.
/// @dev Used for querying an operator's quorum memberships at specific block numbers.
/// @param updateBlockNumber Block number when this update occurred (inclusive).
/// @param nextUpdateBlockNumber Block number when the next update occurred (exclusive), or 0 if this is the latest update.
/// @param quorumBitmap Bitmap where each bit represents registration in a specific quorum (1 = registered, 0 = not registered).
struct QuorumBitmapUpdate {
uint32 updateBlockNumber;
uint32 nextUpdateBlockNumber;
uint192 quorumBitmap;
}
/// @notice Configuration parameters for operator management within a quorum.
/// @dev All BIPs (Basis Points) values are in relation to BIPS_DENOMINATOR (10000).
/// @param maxOperatorCount Maximum number of operators allowed in the quorum.
/// @param kickBIPsOfOperatorStake Required stake ratio (in BIPs) between new and existing operator for churn.
/// Example: 10500 means new operator needs 105% of existing operator's stake.
/// @param kickBIPsOfTotalStake Minimum stake ratio (in BIPs) of total quorum stake an operator must maintain.
/// Example: 100 means operator needs 1% of total quorum stake to avoid being churned.
struct OperatorSetParam {
uint32 maxOperatorCount;
uint16 kickBIPsOfOperatorStake;
uint16 kickBIPsOfTotalStake;
}
/// @notice Parameters for removing an operator during churn.
/// @dev Used in registerOperatorWithChurn to specify which operator to replace.
/// @param quorumNumber The quorum from which to remove the operator.
/// @param operator Address of the operator to be removed.
struct OperatorKickParam {
uint8 quorumNumber;
address operator;
}
/// @notice Represents the registration state of an operator.
/// @dev Used to track an operator's lifecycle in the system.
/// @custom:enum NEVER_REGISTERED The operator has never registered with the system.
/// @custom:enum REGISTERED The operator is currently registered and active.
/// @custom:enum DEREGISTERED The operator was previously registered but has since deregistered.
enum OperatorStatus {
NEVER_REGISTERED,
REGISTERED,
DEREGISTERED
}
/**
* @notice Enum representing the type of operator registration.
* @custom:enum NORMAL Represents a normal operator registration.
* @custom:enum CHURN Represents an operator registration during a churn event.
*/
enum RegistrationType {
NORMAL,
CHURN
}
/**
* @notice Data structure for storing the results of a registerOperator call.
* @dev Contains arrays storing per-quorum information about operator counts and stakes.
* @param numOperatorsPerQuorum For each quorum the operator registered for, stores the number of operators registered.
* @param operatorStakes For each quorum the operator registered for, stores the stake of the operator in the quorum.
* @param totalStakes For each quorum the operator registered for, stores the total stake of the quorum.
*/
struct RegisterResults {
uint32[] numOperatorsPerQuorum;
uint96[] operatorStakes;
uint96[] totalStakes;
}
}
interface ISlashingRegistryCoordinatorEvents is ISlashingRegistryCoordinatorTypes {
/**
* @notice Emitted when an operator registers for service in one or more quorums.
* @dev Emitted in _registerOperator() and _registerOperatorToOperatorSet().
* @param operator The address of the registered operator.
* @param operatorId The unique identifier of the operator (BLS public key hash).
*/
event OperatorRegistered(address indexed operator, bytes32 indexed operatorId);
/**
* @notice Emitted when an operator deregisters from service in one or more quorums.
* @dev Emitted in _deregisterOperator().
* @param operator The address of the deregistered operator.
* @param operatorId The unique identifier of the operator (BLS public key hash).
*/
event OperatorDeregistered(address indexed operator, bytes32 indexed operatorId);
/**
* @notice Emitted when a new quorum is created.
* @param quorumNumber The identifier of the quorum being created.
* @param operatorSetParams The operator set parameters for the quorum.
* @param minimumStake The minimum stake required for operators in this quorum.
* @param strategyParams The strategy parameters for stake calculation.
* @param stakeType The type of stake being tracked (TOTAL_DELEGATED or TOTAL_SLASHABLE).
* @param lookAheadPeriod The number of blocks to look ahead when calculating slashable stake (only used for TOTAL_SLASHABLE).
*/
event QuorumCreated(
uint8 indexed quorumNumber,
OperatorSetParam operatorSetParams,
uint96 minimumStake,
IStakeRegistryTypes.StrategyParams[] strategyParams,
IStakeRegistryTypes.StakeType stakeType,
uint32 lookAheadPeriod
);
/**
* @notice Emitted when a quorum's operator set parameters are updated.
* @dev Emitted in _setOperatorSetParams().
* @param quorumNumber The identifier of the quorum being updated.
* @param operatorSetParams The new operator set parameters for the quorum.
*/
event OperatorSetParamsUpdated(uint8 indexed quorumNumber, OperatorSetParam operatorSetParams);
/**
* @notice Emitted when the churn approver address is updated.
* @dev Emitted in _setChurnApprover().
* @param prevChurnApprover The previous churn approver address.
* @param newChurnApprover The new churn approver address.
*/
event ChurnApproverUpdated(address prevChurnApprover, address newChurnApprover);
/**
* @notice Emitted when the AVS address is updated.
* @param prevAVS The previous AVS address.
* @param newAVS The new AVS address.
*/
event AVSUpdated(address prevAVS, address newAVS);
/**
* @notice Emitted when the ejector address is updated.
* @dev Emitted in _setEjector().
* @param prevEjector The previous ejector address.
* @param newEjector The new ejector address.
*/
event EjectorUpdated(address prevEjector, address newEjector);
/**
* @notice Emitted when all operators in a quorum are updated simultaneously.
* @dev Emitted in updateOperatorsForQuorum().
* @param quorumNumber The identifier of the quorum being updated.
* @param blocknumber The block number at which the quorum update occurred.
*/
event QuorumBlockNumberUpdated(uint8 indexed quorumNumber, uint256 blocknumber);
/**
* @notice Emitted when an operator's socket is updated.
* @dev Emitted in updateSocket().
* @param operatorId The unique identifier of the operator (BLS public key hash).
* @param socket The new socket address for the operator (typically an IP address).
*/
event OperatorSocketUpdate(bytes32 indexed operatorId, string socket);
/**
* @notice Emitted when the ejection cooldown period is updated.
* @dev Emitted in setEjectionCooldown().
* @param prevEjectionCooldown The previous cooldown duration in seconds.
* @param newEjectionCooldown The new cooldown duration in seconds.
*/
event EjectionCooldownUpdated(uint256 prevEjectionCooldown, uint256 newEjectionCooldown);
}
interface ISlashingRegistryCoordinator is
IAVSRegistrar,
ISlashingRegistryCoordinatorErrors,
ISlashingRegistryCoordinatorEvents
{
/// IMMUTABLES & CONSTANTS
/**
* @notice EIP-712 typehash for operator churn approval signatures.
* @return The typehash constant.
*/
function OPERATOR_CHURN_APPROVAL_TYPEHASH() external view returns (bytes32);
/**
* @notice EIP-712 typehash for pubkey registration signatures.
* @return The typehash constant.
*/
function PUBKEY_REGISTRATION_TYPEHASH() external view returns (bytes32);
/**
* @notice Reference to the BLSApkRegistry contract.
* @return The BLSApkRegistry contract interface.
*/
function blsApkRegistry() external view returns (IBLSApkRegistry);
/**
* @notice Reference to the StakeRegistry contract.
* @return The StakeRegistry contract interface.
*/
function stakeRegistry() external view returns (IStakeRegistry);
/**
* @notice Reference to the IndexRegistry contract.
* @return The IndexRegistry contract interface.
*/
function indexRegistry() external view returns (IIndexRegistry);
/**
* @notice Reference to the AllocationManager contract.
* @return The AllocationManager contract interface.
* @dev This is only relevant for Slashing AVSs
*/
function allocationManager() external view returns (IAllocationManager);
/**
* @notice Reference to the SocketRegistry contract.
* @return The SocketRegistry contract interface.
*/
function socketRegistry() external view returns (ISocketRegistry);
/// STORAGE
/**
* @notice The total number of quorums that have been created.
* @return The count of quorums.
*/
function quorumCount() external view returns (uint8);
/**
* @notice Checks if a churn approver salt has been used.
* @param salt The salt to check.
* @return True if the salt has been used, false otherwise.
*/
function isChurnApproverSaltUsed(
bytes32 salt
) external view returns (bool);
/**
* @notice Gets the last block number when all operators in a quorum were updated.
* @param quorumNumber The quorum identifier.
* @return The block number of the last update.
*/
function quorumUpdateBlockNumber(
uint8 quorumNumber
) external view returns (uint256);
/**
* @notice The address authorized to approve operator churn operations.
* @return The churn approver address.
*/
function churnApprover() external view returns (address);
/**
* @notice The address authorized to forcibly eject operators.
* @return The ejector address.
*/
function ejector() external view returns (address);
/**
* @notice Gets the timestamp of an operator's last ejection.
* @param operator The operator address.
* @return The timestamp of the last ejection.
*/
function lastEjectionTimestamp(
address operator
) external view returns (uint256);
/**
* @notice The cooldown period after ejection before an operator can re-register.
* @return The cooldown duration in seconds.
*/
function ejectionCooldown() external view returns (uint256);
/// ACTIONS
/**
* @notice Updates stake weights for specified operators. If any operator is found to be below
* the minimum stake for their registered quorums, they are deregistered from those quorums.
* @param operators The operators whose stakes should be updated.
* @dev Stakes are queried from the Eigenlayer core DelegationManager contract.
* @dev WILL BE DEPRECATED IN FAVOR OF updateOperatorsForQuorum
*/
function updateOperators(
address[] memory operators
) external;
/**
* @notice For each quorum in `quorumNumbers`, updates the StakeRegistry's view of ALL its registered operators' stakes.
* Each quorum's `quorumUpdateBlockNumber` is also updated, which tracks the most recent block number when ALL registered
* operators were updated.
* @dev stakes are queried from the Eigenlayer core DelegationManager contract
* @param operatorsPerQuorum for each quorum in `quorumNumbers`, this has a corresponding list of operators to update.
* @dev Each list of operator addresses MUST be sorted in ascending order
* @dev Each list of operator addresses MUST represent the entire list of registered operators for the corresponding quorum
* @param quorumNumbers is an ordered byte array containing the quorum numbers being updated
* @dev invariant: Each list of `operatorsPerQuorum` MUST be a sorted version of `IndexRegistry.getOperatorListAtBlockNumber`
* for the corresponding quorum.
* @dev note on race condition: if an operator registers/deregisters for any quorum in `quorumNumbers` after a txn to
* this method is broadcast (but before it is executed), the method will fail
*/
function updateOperatorsForQuorum(
address[][] memory operatorsPerQuorum,
bytes calldata quorumNumbers
) external;
/**
* @notice Updates the socket of the msg.sender given they are a registered operator.
* @param socket The new socket address for the operator (typically an IP address).
* @dev Will revert if msg.sender is not a registered operator.
*/
function updateSocket(
string memory socket
) external;
/**
* @notice Forcibly removes an operator from specified quorums and sets their ejection timestamp.
* @param operator The operator address to eject.
* @param quorumNumbers The quorum numbers to eject the operator from.
* @dev Can only be called by the ejector address.
* @dev The operator cannot re-register until ejectionCooldown period has passed.
*/
function ejectOperator(address operator, bytes memory quorumNumbers) external;
/**
* @notice Creates a new quorum that tracks total delegated stake for operators.
* @param operatorSetParams Configures the quorum's max operator count and churn parameters.
* @param minimumStake Sets the minimum stake required for an operator to register or remain registered.
* @param strategyParams A list of strategies and multipliers used by the StakeRegistry to calculate
* an operator's stake weight for the quorum.
* @dev For m2 AVS this function has the same behavior as createQuorum before.
* @dev For migrated AVS that enable operator sets this will create a quorum that measures total delegated stake for operator set.
*/
function createTotalDelegatedStakeQuorum(
OperatorSetParam memory operatorSetParams,
uint96 minimumStake,
IStakeRegistryTypes.StrategyParams[] memory strategyParams
) external;
/**
* @notice Creates a new quorum Submitted on: 2025-09-26 10:30:42
Comments
Log in to comment.
No comments yet.