Add L2 to L1 Transition Root functionality (#32)

* Updated version of @solarity/solidity-lib and added poseidon-solidity

* Used poseidon-solidity for L2 optimizations

* Added L2 to L1 Transition Root functionality

* Emitted event in setRegistrationRoot

* Fixed tests

* Resolved comments after review

* Added tests for L1RegistrationState and RegistrationSMT

* Updated CHANGELOG and versions

Author: KyrylR

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## [0.2.1]
+
+* Added `L1RegistrationState` and `RegistrationSMT` contracts for automatic root transition from L2 Rarimo to L1.
+
 ## [0.2.0]
 
 * Removed TSS integration from all the contracts.
@@ -224,31 +228,3 @@
 * Fixed all the tests except ZK.
 * Fixed migration scripts. Added config resolution based on deployment chain.
 * Updated natspec.
-
-## [Unreleased]
-
-* Made the `PoseidonSMT` and `Registration` contracts upgradable via TSS.
-    * Copied `UUPSSignableUpgradeable`  from the `@rarimo/evm-bridge-contracts` package to the `Registration` and `PoseidonSMT` contracts to support upgradability via TSS.
-    * Modified `UUPSSignableUpgradeable` to work with encoded (signature + MTP), not just signature
-    * Rewrote tests and deployment scripts to deploy `ERC1967Proxy` before initializing the `Registration` and `PoseidonSMT` contracts.
-    * Added the `_disableInitializers()` function in the constructors of the `Registration` and `PoseidonSMT` contracts.
-* Added the ability for the `PoseidonSMT` contract to handle multiple registrations.
-    * Restricted adding or removing registrations to the TSS.
-* Replaced `OwnableUpgradeable` functionality in the registration contract with the functionality of TSS, so dispatchers can be added or removed only via signatures.
-* Added the ability to set `methodId` as the first key of the `_nonces` and `_usedNonces` fields to separate them for different methods within the contract.
-* Added a `nonces` mapping in the `TSSSigner` contract to have the functionality of getting them for calling specific methods within the contract, for example, for implementation upgrades via TSS.
-* Added the ability to set `chainName` in the `TSSSigner` contract.
-    * The `chainName` field is used to add support for contract upgradability and other actions via TSS.
-    * It was also added due to current conventions in the existing system.
-* Cleaned up tests.
-
-### Added
-
-- Add Noir passport verifiers: 
-    - Z_NOIR_PASSPORT_1_256_3_4_600_248_1_1496_3_256, 
-    - Z_NOIR_PASSPORT_2_256_3_6_248_336_1_2432_3_256, 
-    - Z_NOIR_PASSPORT_2_256_3_6_336_248_1_2432_3_256, 
-    - Z_NOIR_PASSPORT_2_256_3_6_336_264_21_2448_6_2008, 
-    - Z_NOIR_PASSPORT_10_256_3_3_576_248_1_1184_5_264, 
-    - Z_NOIR_PASSPORT_20_256_3_3_336_224_NA, 
-    - Z_NOIR_PASSPORT_21_256_3_3_576_232_NA.

contracts/interfaces/rollup/IMessageService.sol

@@ -0,0 +1,95 @@
+// SPDX-License-Identifier: Apache-2.0
+pragma solidity ^0.8.19;
+
+/**
+ * @title Interface declaring pre-existing cross-chain messaging functions, events and errors.
+ * @author ConsenSys Software Inc.
+ * @custom:security-contact security-report@linea.build
+ */
+interface IMessageService {
+    /**
+     * @notice Emitted when a message is sent.
+     * @param _from The indexed sender address of the message (msg.sender).
+     * @param _to The indexed intended recipient address of the message on the other layer.
+     * @param _fee The fee being being paid to deliver the message to the recipient in Wei.
+     * @param _value The value being sent to the recipient in Wei.
+     * @param _nonce The unique message number.
+     * @param _calldata The calldata being passed to the intended recipient when being called on claiming.
+     * @param _messageHash The indexed hash of the message parameters.
+     * @dev _calldata has the _ because calldata is a reserved word.
+     * @dev We include the message hash to save hashing costs on the rollup.
+     * @dev This event is used on both L1 and L2.
+     */
+    event MessageSent(
+        address indexed _from,
+        address indexed _to,
+        uint256 _fee,
+        uint256 _value,
+        uint256 _nonce,
+        bytes _calldata,
+        bytes32 indexed _messageHash
+    );
+
+    /**
+     * @notice Emitted when a message is claimed.
+     * @param _messageHash The indexed hash of the message that was claimed.
+     */
+    event MessageClaimed(bytes32 indexed _messageHash);
+
+    /**
+     * @dev Thrown when fees are lower than the minimum fee.
+     */
+    error FeeTooLow();
+
+    /**
+     * @dev Thrown when the value sent is less than the fee.
+     * @dev Value to forward on is msg.value - _fee.
+     */
+    error ValueSentTooLow();
+
+    /**
+     * @dev Thrown when the destination address reverts.
+     */
+    error MessageSendingFailed(address destination);
+
+    /**
+     * @dev Thrown when the recipient address reverts.
+     */
+    error FeePaymentFailed(address recipient);
+
+    /**
+     * @notice Sends a message for transporting from the given chain.
+     * @dev This function should be called with a msg.value = _value + _fee. The fee will be paid on the destination chain.
+     * @param _to The destination address on the destination chain.
+     * @param _fee The message service fee on the origin chain.
+     * @param _calldata The calldata used by the destination message service to call the destination contract.
+     */
+    function sendMessage(address _to, uint256 _fee, bytes calldata _calldata) external payable;
+
+    /**
+     * @notice Deliver a message to the destination chain.
+     * @notice Is called by the Postman, dApp or end user.
+     * @param _from The msg.sender calling the origin message service.
+     * @param _to The destination address on the destination chain.
+     * @param _value The value to be transferred to the destination address.
+     * @param _fee The message service fee on the origin chain.
+     * @param _feeRecipient Address that will receive the fees.
+     * @param _calldata The calldata used by the destination message service to call/forward to the destination contract.
+     * @param _nonce Unique message number.
+     */
+    function claimMessage(
+        address _from,
+        address _to,
+        uint256 _fee,
+        uint256 _value,
+        address payable _feeRecipient,
+        bytes calldata _calldata,
+        uint256 _nonce
+    ) external;
+
+    /**
+     * @notice Returns the original sender of the message on the origin layer.
+     * @return originalSender The original sender of the message on the origin layer.
+     */
+    function sender() external view returns (address originalSender);
+}

contracts/libraries/Poseidon.sol

@@ -1,24 +1,38 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.21;
 
-// solhint-disable
+import {PoseidonT2} from "poseidon-solidity/PoseidonT2.sol";
+import {PoseidonT3} from "poseidon-solidity/PoseidonT3.sol";
+import {PoseidonT4} from "poseidon-solidity/PoseidonT4.sol";
+import {PoseidonT5} from "poseidon-solidity/PoseidonT5.sol";
+import {PoseidonT6} from "poseidon-solidity/PoseidonT6.sol";
 
 library PoseidonUnit1L {
-    function poseidon(uint256[1] calldata) public pure returns (uint256) {}
+    function poseidon(uint256[1] calldata inputs_) public pure returns (uint256) {
+        return PoseidonT2.hash([inputs_[0]]);
+    }
 }
 
 library PoseidonUnit2L {
-    function poseidon(uint256[2] calldata) public pure returns (uint256) {}
+    function poseidon(uint256[2] calldata inputs_) public pure returns (uint256) {
+        return PoseidonT3.hash([inputs_[0], inputs_[1]]);
+    }
 }
 
 library PoseidonUnit3L {
-    function poseidon(uint256[3] calldata) public pure returns (uint256) {}
+    function poseidon(uint256[3] calldata inputs_) public pure returns (uint256) {
+        return PoseidonT4.hash([inputs_[0], inputs_[1], inputs_[2]]);
+    }
 }
 
 library PoseidonUnit4L {
-    function poseidon(uint256[4] calldata) public pure returns (uint256) {}
+    function poseidon(uint256[4] calldata inputs_) public pure returns (uint256) {
+        return PoseidonT5.hash([inputs_[0], inputs_[1], inputs_[2], inputs_[3]]);
+    }
 }
 
 library PoseidonUnit5L {
-    function poseidon(uint256[5] calldata) public pure returns (uint256) {}
+    function poseidon(uint256[5] calldata inputs_) public pure returns (uint256) {
+        return PoseidonT6.hash([inputs_[0], inputs_[1], inputs_[2], inputs_[3], inputs_[4]]);
+    }
 }

contracts/mock/MessageServiceMock.sol

@@ -0,0 +1,8 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.21;
+
+contract MessageServiceMock {
+    function sendMessage(address, uint256, bytes memory) external {
+        // Mock implementation
+    }
+}

contracts/mock/state/RegistrationSMTMock.sol

@@ -0,0 +1,10 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.21;
+
+import {RegistrationSMT} from "../../state/RegistrationSMT.sol";
+
+contract RegistrationSMTMock is RegistrationSMT {
+    function mockRoot(bytes32 newRoot_) external {
+        _roots[newRoot_] = block.timestamp;
+    }
+}

contracts/state/L1RegistrationState.sol

@@ -0,0 +1,84 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.21;
+
+import {ERC1967Utils} from "@openzeppelin/contracts/proxy/ERC1967/ERC1967Utils.sol";
+import {UUPSUpgradeable} from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
+import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+
+import {TypeCaster} from "@solarity/solidity-lib/libs/utils/TypeCaster.sol";
+import {AMultiOwnable} from "@solarity/solidity-lib/access/AMultiOwnable.sol";
+
+contract L1RegistrationState is Initializable, AMultiOwnable, UUPSUpgradeable {
+    using TypeCaster for address;
+
+    uint256 public constant ROOT_VALIDITY = 1 hours;
+
+    address public rarimoRollup;
+
+    bytes32 public latestRoot;
+    uint256 public latestRootTimestamp;
+
+    mapping(bytes32 => uint256) public roots;
+
+    event RootSet(bytes32 root);
+
+    error NotRarimoRollup(address sender);
+
+    modifier onlyRarimoRollup() {
+        _requireRarimoRollup();
+        _;
+    }
+
+    constructor() {
+        _disableInitializers();
+    }
+
+    function __L1RegistrationState_init(
+        address initialOwner_,
+        address rarimoRollup_
+    ) external initializer {
+        __AMultiOwnable_init(initialOwner_.asSingletonArray());
+
+        rarimoRollup = rarimoRollup_;
+    }
+
+    function setRegistrationRoot(bytes32 root_, uint256 timestamp_) external onlyRarimoRollup {
+        roots[root_] = timestamp_;
+
+        if (timestamp_ >= latestRootTimestamp) {
+            latestRoot = root_;
+            latestRootTimestamp = timestamp_;
+        }
+
+        emit RootSet(root_);
+    }
+
+    function setRarimoRollup(address rarimoRollup_) external onlyOwner {
+        rarimoRollup = rarimoRollup_;
+    }
+
+    function isRootLatest(bytes32 root_) public view virtual returns (bool) {
+        return latestRoot == root_;
+    }
+
+    function isRootValid(bytes32 root_) external view virtual returns (bool) {
+        if (root_ == bytes32(0)) {
+            return false;
+        }
+
+        return isRootLatest(root_) || roots[root_] + ROOT_VALIDITY > block.timestamp;
+    }
+
+    // solhint-disable-next-line no-empty-blocks
+    function _authorizeUpgrade(address) internal virtual override onlyOwner {}
+
+    function implementation() external view returns (address) {
+        return ERC1967Utils.getImplementation();
+    }
+
+    function _requireRarimoRollup() internal view {
+        if (msg.sender != rarimoRollup) {
+            revert NotRarimoRollup(msg.sender);
+        }
+    }
+}

contracts/state/PoseidonSMT.sol

@@ -38,6 +38,11 @@ contract PoseidonSMT is Initializable, UUPSUpgradeable {
         _commitRoot();
     }
 
+    modifier onlyOwner() {
+        _onlyOwner();
+        _;
+    }
+
     constructor() {
         _disableInitializers();
     }
@@ -126,7 +131,7 @@ contract PoseidonSMT is Initializable, UUPSUpgradeable {
         _roots[_bytes32Tree.getRoot()] = block.timestamp;
     }
 
-    function _commitRoot() internal {
+    function _commitRoot() internal virtual {
         bytes32 root_ = _bytes32Tree.getRoot();
 
         IEvidenceRegistry(evidenceRegistry).addStatement(root_, bytes32(block.timestamp));
@@ -159,9 +164,7 @@ contract PoseidonSMT is Initializable, UUPSUpgradeable {
         require(StateKeeper(stateKeeper).isOwner(msg.sender), "PoseidonSMT: not an owner");
     }
 
-    function _authorizeUpgrade(address) internal virtual override {
-        _onlyOwner();
-    }
+    function _authorizeUpgrade(address) internal virtual override onlyOwner {}
 
     function implementation() external view returns (address) {
         return ERC1967Utils.getImplementation();

contracts/state/RegistrationSMT.sol

@@ -0,0 +1,48 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.21;
+
+import {SparseMerkleTree} from "@solarity/solidity-lib/libs/data-structures/SparseMerkleTree.sol";
+
+import {PoseidonSMT} from "./PoseidonSMT.sol";
+import {L1RegistrationState} from "./L1RegistrationState.sol";
+
+import {IMessageService} from "../interfaces/rollup/IMessageService.sol";
+
+contract RegistrationSMT is PoseidonSMT {
+    using SparseMerkleTree for SparseMerkleTree.Bytes32SMT;
+
+    address public l2MessageService;
+    address public l1RegistrationState;
+
+    function __SetL1TransitionRootData_init(
+        address l2MessageService_,
+        address l1RegistrationState_
+    ) external reinitializer(2) {
+        l2MessageService = l2MessageService_;
+        l1RegistrationState = l1RegistrationState_;
+    }
+
+    function _commitRoot() internal override {
+        bytes32 root_ = _bytes32Tree.getRoot();
+
+        IMessageService(l2MessageService).sendMessage(
+            l1RegistrationState,
+            0,
+            abi.encodeWithSelector(
+                L1RegistrationState.setRegistrationRoot.selector,
+                root_,
+                block.timestamp
+            )
+        );
+
+        super._commitRoot();
+    }
+
+    function setL1RegistrationState(address l1RegistrationState_) external onlyOwner {
+        l1RegistrationState = l1RegistrationState_;
+    }
+
+    function setL2MessageService(address l2MessageService_) external onlyOwner {
+        l2MessageService = l2MessageService_;
+    }
+}