diff --git a/scripts/foundry/DeployL1SystemConfig.s.sol b/scripts/foundry/DeployL1SystemConfig.s.sol new file mode 100644 index 00000000..21f96d69 --- /dev/null +++ b/scripts/foundry/DeployL1SystemConfig.s.sol @@ -0,0 +1,24 @@ +// SPDX-License-Identifier: UNLICENSED +pragma solidity =0.8.24; + +import {Script} from "forge-std/Script.sol"; +import {SystemConfig} from "../../src/L1/system-contract/SystemConfig.sol"; // adjust the relative path as necessary +import {console} from "forge-std/console.sol"; + +contract DeployL1SystemConfig is Script { + function run() external { + // Retrieve the deployer private key from environment variables + uint256 deployerKey = vm.envUint("L1_DEPLOYER_PRIVATE_KEY"); + // Read the intended owner from an environment variable (for example, L1_SCROLL_OWNER_ADDR) + address ownerAddr = vm.envAddress("L1_SCROLL_OWNER_ADDR"); + + vm.startBroadcast(deployerKey); + + // Deploy the SystemConfig contract with the specified owner. + SystemConfig sysConfig = new SystemConfig(ownerAddr); + + console.log("Deployed SystemConfig at address:", address(sysConfig)); + + vm.stopBroadcast(); + } +} \ No newline at end of file diff --git a/scripts/foundry/InitializeL1ScrollOwner.s.sol b/scripts/foundry/InitializeL1ScrollOwner.s.sol index b2af8e9d..2f060477 100644 --- a/scripts/foundry/InitializeL1ScrollOwner.s.sol +++ b/scripts/foundry/InitializeL1ScrollOwner.s.sol @@ -21,6 +21,7 @@ import {ScrollChain} from "../../src/L1/rollup/ScrollChain.sol"; import {ScrollOwner} from "../../src/misc/ScrollOwner.sol"; import {Whitelist} from "../../src/L2/predeploys/Whitelist.sol"; + // solhint-disable max-states-count // solhint-disable state-visibility // solhint-disable var-name-mixedcase @@ -63,6 +64,9 @@ contract InitializeL1ScrollOwner is Script { address L1_ENFORCED_TX_GATEWAY_PROXY_ADDR = vm.envAddress("L1_ENFORCED_TX_GATEWAY_PROXY_ADDR"); address L1_WHITELIST_ADDR = vm.envAddress("L1_WHITELIST_ADDR"); + address SYSTEM_CONTRACT_ADDR = vm.envAddress("SYSTEM_CONTRACT_ADDR"); + + ScrollOwner owner; function run() external { @@ -81,8 +85,8 @@ contract InitializeL1ScrollOwner is Script { configL1GatewayRouter(); configL1CustomERC20Gateway(); configL1ERC721Gateway(); - configL1ERC1155Gateway(); - + configL1ERC1155Gateway(); + configL1USDCGateway(); configEnforcedTxGateway(); diff --git a/scripts/foundry/InitializeL1SystemConfig.sol b/scripts/foundry/InitializeL1SystemConfig.sol new file mode 100644 index 00000000..c6e9c121 --- /dev/null +++ b/scripts/foundry/InitializeL1SystemConfig.sol @@ -0,0 +1,47 @@ +// SPDX-License-Identifier: UNLICENSED +pragma solidity =0.8.24; + +import { Script } from "forge-std/Script.sol"; +import { SystemConfig } from "../../src/L1/system-contract/SystemConfig.sol"; +import { ScrollOwner } from "../../src/misc/ScrollOwner.sol"; // Adjust this path as needed + +/** + * @title InitializeL1SystemConfig + * @notice Configures the deployed SystemConfig contract. + * This script grants the Security Council (as defined by L1_SECURITY_COUNCIL_ADDR) + * access to call updateSigner() on the SystemConfig contract with no delay. + */ +contract InitializeL1SystemConfig is Script { + function run() external { + // Retrieve required environment variables. + uint256 deployerKey = vm.envUint("L1_DEPLOYER_PRIVATE_KEY"); + address systemConfigAddr = vm.envAddress("SYSTEM_CONTRACT_ADDR"); + address securityCouncilAddr = vm.envAddress("L1_SECURITY_COUNCIL_ADDR"); + address scrollOwnerAddr = vm.envAddress("L1_SCROLL_OWNER_ADDR"); + + // Compute the role hash for the Security Council with no delay. + bytes32 SECURITY_COUNCIL_NO_DELAY_ROLE = keccak256("SECURITY_COUNCIL_NO_DELAY_ROLE"); + + vm.startBroadcast(deployerKey); + + // Instantiate the ScrollOwner contract instance which manages access control. + ScrollOwner owner = ScrollOwner(payable(scrollOwnerAddr)); + // Instantiate the already-deployed SystemConfig contract. + SystemConfig sys = SystemConfig(systemConfigAddr); + + // Prepare a single-element array containing the function selector for updateSigner. + bytes4[] memory selectors = new bytes4[](1); + selectors[0] = sys.updateSigner.selector; + + // Grant the SECURITY_COUNCIL_NO_DELAY_ROLE permission on SystemConfig, + // so that the Security Council address can call updateSigner() with no delay. + owner.updateAccess( + systemConfigAddr, // Address of the SystemConfig contract. + selectors, // The function selectors (only updateSigner here). + SECURITY_COUNCIL_NO_DELAY_ROLE, + true // Grant access. + ); + + vm.stopBroadcast(); + } +} \ No newline at end of file diff --git a/src/L1/L1ScrollMessenger.sol b/src/L1/L1ScrollMessenger.sol index c70719ff..fd37ecf9 100644 --- a/src/L1/L1ScrollMessenger.sol +++ b/src/L1/L1ScrollMessenger.sol @@ -1,5 +1,4 @@ // SPDX-License-Identifier: MIT - pragma solidity =0.8.24; import {IScrollChain} from "./rollup/IScrollChain.sol"; @@ -10,6 +9,7 @@ import {IScrollMessenger} from "../libraries/IScrollMessenger.sol"; import {ScrollMessengerBase} from "../libraries/ScrollMessengerBase.sol"; import {WithdrawTrieVerifier} from "../libraries/verifier/WithdrawTrieVerifier.sol"; + import {IMessageDropCallback} from "../libraries/callbacks/IMessageDropCallback.sol"; // solhint-disable avoid-low-level-calls diff --git a/src/L1/system-contract/SystemConfig.sol b/src/L1/system-contract/SystemConfig.sol new file mode 100644 index 00000000..a1d995bb --- /dev/null +++ b/src/L1/system-contract/SystemConfig.sol @@ -0,0 +1,30 @@ +// SPDX-License-Identifier: MIT +pragma solidity =0.8.24; + +import "@openzeppelin/contracts/access/Ownable.sol"; + +contract SystemConfig is Ownable { + + address public currentSigner; + + constructor(address _owner) { + _transferOwnership(_owner); + } + + /** + * @dev Update the current signer. + * Only the owner can call this function. + * @param _newSigner The address of the new authorized signer. + */ + function updateSigner(address _newSigner) external onlyOwner { + currentSigner = _newSigner; + } + + /** + * @dev Return the current authorized signer. + * @return The authorized signer address. + */ + function getSigner() external view returns (address) { + return currentSigner; + } +} \ No newline at end of file