base · xenoliss · Jun 4, 2025 · Jun 4, 2025 · Jun 4, 2025 · Jun 4, 2025
diff --git a/mainnet/2025-06-04-upgrade-system-config/.env b/mainnet/2025-06-04-upgrade-system-config/.env
@@ -0,0 +1,15 @@
+OP_REPO=https://github.com/ethereum-optimism/optimism.git
+OP_VERSION=op-contracts/v3.0.0-rc.2
+OP_CONTRACT_PATCH=patch/max-gas-limit.patch
+BASE_CONTRACTS_COMMIT=cab46f4c34f11e22640ec3073aa6f0b46cdaa1b7
+
+# Used by the scripts.
+OWNER_SAFE=0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c
+PROXY_ADMIN=0x0475cBCAebd9CE8AfA5025828d5b98DFb67E059E
+SYSTEM_CONFIG=0x73a79Fab69143498Ed3712e519A88a918e1f4072
+
+# Used by the make commands.
+OP_MULTISIG=0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A
+BASE_NESTED_MULTISIG=0x9C4a57Feb77e294Fd7BF5EBE9AB01CAA0a90A110
+BASE_SC_MULTISIG=0x20acf55a3dcfe07fc4cecacfa1628f788ec8a4dd
+BASE_MULTISIG=0x9855054731540A48b28990B63DcF4f33d8AE46A1
diff --git a/mainnet/2025-06-04-upgrade-system-config/Makefile b/mainnet/2025-06-04-upgrade-system-config/Makefile
@@ -0,0 +1,130 @@
+include ../../Makefile
+include ../.env
+include .env
+
+ifndef LEDGER_ACCOUNT
+override LEDGER_ACCOUNT = 0
+endif
+
+# Overwriting this from top level makefile to change the branch
+.PHONY: checkout-op-commit
+checkout-op-commit:
+	rm -rf lib/optimism
+	mkdir -p lib/optimism
+	cd lib/optimism; \
+	git init; \
+	git remote add origin $(OP_REPO); \
+	git fetch --depth=1 origin tag $(OP_VERSION) --no-tags; \
+	git checkout $(OP_VERSION); \
+	git apply ../../$(OP_CONTRACT_PATCH)
+
+.PHONY: deps
+deps: new-go-deps
+
+.PHONY: new-go-deps
+new-go-deps:
+	go install github.com/jackchuma/[email protected]
+
+.PHONY: deploy
+deploy:
+	forge script --rpc-url $(L1_RPC_URL) DeploySystemConfigScript --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --verify --broadcast
+
+#
+#    ┌─────────────────────────────────────────────┐       ┌─────────────────────────────────────────────┐       ┌─────────────────────────────────────────────┐
+#    │                 Base Nested                 │       │             Base Security Council           │       │                    OP                       │
+#    │                  (3 of 6)                   │       │                 (7 of 10)                   │       │                 (5 of 7)                    │
+#    │  0x9C4a57Feb77e294Fd7BF5EBE9AB01CAA0a90A110 │       │  0x20AcF55A3DCfe07fC4cecaCFa1628F788EC8A4Dd │       │  0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A │
+#    └─────────────────────┬───────────────────────┘       └─────────────────────┬───────────────────────┘       └─────────────────────┬───────────────────────┘
+#                          │                                                     │                                                     │
+#                          └─────────────────┬───────────────────────────────────┘                                                     │      
+#                                            ▼                                                                                         │
+#                             ┌─────────────────────────────────────────────┐                                                          │
+#                             │                    Base                     │                                                          │
+#                             │  0x9855054731540A48b28990B63DcF4f33d8AE46A1 │                                                          │
+#                             └─────────────────────┬───────────────────────┘                                                          │
+#                                                   │                                                                                  │
+#                                                   └─────────────────┬────────────────────────────────────────────────────────────────┘
+#                                                                     ▼
+#                                            ┌─────────────────────────────────────────────┐
+#                                            │               ProxyAdminOwner               │
+#                                            │  0x7bB41C3008B3f03FE483B28b8DB90e19Cf07595c │
+#                                            └─────────────────────────────────────────────┘
+
+
+# OPTIMISM
+
+.PHONY: gen-validation-op
+gen-validation-op:
+	$(GOPATH)/bin/state-diff --rpc $(L1_RPC_URL) -o OP_VALIDATION.md \
+	-- forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "sign(address[])" "[$(OP_MULTISIG)]" \
+	--sender 0x42d27eEA1AD6e22Af6284F609847CB3Cd56B9c64
+
+.PHONY: sign-op
+sign-op:
+	$(GOPATH)/bin/eip712sign --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" -- \
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig  "sign(address[])" "[$(OP_MULTISIG)]" 
+
+.PHONY: approve-op
+approve-op:
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "approve(address[],bytes)" "[$(OP_MULTISIG)]" $(SIGNATURES) \
+	--ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv
+
+# BASE NESTED
+
+.PHONY: gen-validation-base-nested
+gen-validation-base-nested:
+	$(GOPATH)/bin/state-diff --rpc $(L1_RPC_URL) -o BASE_NESTED_VALIDATION.md \
+	-- forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "sign(address[])" "[$(BASE_NESTED_MULTISIG), $(BASE_MULTISIG)]" \
+	--sender 0x6CD3850756b7894774Ab715D136F9dD02837De50
+
+.PHONY: sign-base-nested
+sign-base-nested:
+	$(GOPATH)/bin/eip712sign --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" -- \
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "sign(address[])" "[$(BASE_NESTED_MULTISIG), $(BASE_MULTISIG)]"
+
+.PHONY: approve-base-nested
+approve-base-nested:
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "approve(address[],bytes)" "[$(BASE_NESTED_MULTISIG), $(BASE_MULTISIG)]" $(SIGNATURES) \
+	--ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv
+
+# BASE SC
+
+.PHONY: gen-validation-base-sc
+gen-validation-base-sc:
+	$(GOPATH)/bin/state-diff --rpc $(L1_RPC_URL) -o BASE_SC_VALIDATION.md \
+	-- forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "sign(address[])" "[$(BASE_SC_MULTISIG), $(BASE_MULTISIG)]" \
+	--sender 0x5ff5C78ff194acc24C22DAaDdE4D639ebF18ACC6
+
+.PHONY: sign-base-sc
+sign-base-sc:
+	$(GOPATH)/bin/eip712sign --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" -- \
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "sign(address[])" "[$(BASE_SC_MULTISIG), $(BASE_MULTISIG)]"
+
+.PHONY: approve-base-sc
+approve-base-sc:
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "approve(address[],bytes)" "[$(BASE_SC_MULTISIG), $(BASE_MULTISIG)]" $(SIGNATURES) \
+	--ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv
+
+# BASE
+
+.PHONY: approve-base
+approve-base:
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "approve(address[],bytes)" "[$(BASE_MULTISIG)]" 0x \
+	--ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv
+
+# Execute
+
+.PHONY: execute
+execute:
+	forge script --rpc-url $(L1_RPC_URL) UpgradeSystemConfigScript \
+	--sig "run(bytes)" 0x --ledger --hd-paths "m/44'/60'/$(LEDGER_ACCOUNT)'/0/0" --broadcast -vvvv
diff --git a/mainnet/2025-06-04-upgrade-system-config/README.md b/mainnet/2025-06-04-upgrade-system-config/README.md
@@ -0,0 +1,136 @@
+# Upgrade System Config
+
+Status: Ready to deploy
+
+## Description
+
+This task contains two scripts:
+1. `DeploySystemConfigScript` - This script deploys the new system config implementation.
+2. `UpgradeSystemConfigScript` - This script performs the upgrade to the new implementation deployed in the previous step.
+
+NOTE: Signers should not care about the `DeploySystemConfigScript` script as it will be ran before hand by the facilitator.
+The rest of this document will focus on using the `UpgradeSystemConfigScript` script.
+
+## Procedure
+
+### 1. Update repo:
+
+```bash
+cd contract-deployments
+git pull
+cd mainnet/2025-06-04-upgrade-system-config
+make deps
+```
+
+### 2. Setup Ledger
+
+Your Ledger needs to be connected and unlocked. The Ethereum
+application needs to be opened on Ledger with the message "Application
+is ready".
+
+### 3. Simulate, Validate, and Sign
+
+#### 3.1. Simulate and validate the transaction
+
+Make sure your ledger is still unlocked and run the following command:
+
+For Optimism signers:
+```bash
+make sign-op
+```
+
+For Base signers:
+```bash
+make sign-base-nested
+```
+
+For Base Security Council signers:
+```bash
+make sign-base-sc
+```
+
+For each run, you will see a "Simulation link" from the output.
+
+Paste this URL in your browser. A prompt may ask you to choose a
+project, any project will do. You can create one if necessary.
+
+Click "Simulate Transaction".
+
+We will be performing 3 validations and extract the domain hash and
+message hash to approve on your Ledger:
+
+1. Validate integrity of the simulation.
+2. Validate correctness of the state diff.
+3. Validate and extract domain hash and message hash to approve.
+
+##### 3.1.1. Validate integrity of the simulation.
+
+Make sure you are on the "Overview" tab of the tenderly simulation, to
+validate integrity of the simulation, we need to check the following:
+
+1. "Network": Check the network is `Mainnet`.
+2. "Timestamp": Check the simulation is performed on a block with a
+   recent timestamp (i.e. close to when you run the script).
+
+##### 3.1.2. Validate correctness of the state diff.
+
+Now click on the "State" tab, and refer to the validations instructions for the transaction you are signing:
+
+- For Optimism signers: [validations instructions](./validations/OP_VALIDATION.md)
+- For Base signers: [validations instructions](./validations/BASE_NESTED_VALIDATION.md)
+- For Base Security Council signers: [validations instructions](./validations/BASE_SC_VALIDATION.md)
+
+Once complete return to this document to complete the signing.
+
+### 4. Extract the domain hash and the message hash to approve.
+
+Now that we have verified the transaction performs the right
+operation, we need to extract the domain hash and the message hash to
+approve.
+
+Go back to the "Overview" tab, and find the
+`GnosisSafe.checkSignatures` call. This call's `data` parameter
+contains both the domain hash and the message hash that will show up
+in your Ledger.
+
+It will be a concatenation of `0x1901`, the domain hash, and the
+message hash: `0x1901[domain hash][message hash]`.
+
+Note down this value. You will need to compare it with the ones
+displayed on the Ledger screen at signing.
+
+Once the validations are done, it's time to actually sign the
+transaction.
+
+> [!WARNING]
+> This is the most security critical part of the playbook: make sure the
+> domain hash and message hash in the following three places match:
+>
+> 1. On your Ledger screen.
+> 2. In the terminal output.
+> 3. In the Tenderly simulation. You should use the same Tenderly
+>    simulation as the one you used to verify the state diffs, instead
+>    of opening the new one printed in the console.
+>
+
+After verification, sign the transaction. You will see the `Data`,
+`Signer` and `Signature` printed in the console. Format should be
+something like this:
+
+```shell
+Data:  <DATA>
+Signer: <ADDRESS>
+Signature: <SIGNATURE>
+```
+
+Double check the signer address is the right one.
+
+#### 4.1. Send the output to Facilitator(s)
+
+Nothing has occurred onchain - these are offchain signatures which
+will be collected by Facilitators for execution. Execution can occur
+by anyone once a threshold of signatures are collected, so a
+Facilitator will do the final execution for convenience.
+
+Share the `Data`, `Signer` and `Signature` with the Facilitator, and
+congrats, you are done!
diff --git a/mainnet/2025-06-04-upgrade-system-config/foundry.toml b/mainnet/2025-06-04-upgrade-system-config/foundry.toml
@@ -0,0 +1,24 @@
+[profile.default]
+src = 'src'
+out = 'out'
+libs = ['lib']
+broadcast = 'records'
+fs_permissions = [{ access = "read-write", path = "./" }]
+optimizer = true
+optimizer_runs = 999999
+solc_version = "0.8.15"
+via-ir = false
+remappings = [
+    '@eth-optimism-bedrock/=lib/optimism/packages/contracts-bedrock/',
+    '@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts',
+    '@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts',
+    '@rari-capital/solmate/=lib/solmate/',
+    '@base-contracts/=lib/base-contracts',
+    'solady/=lib/solady/src/',
+    '@lib-keccak/=lib/lib-keccak/contracts/lib',
+    'src/libraries/=lib/optimism/packages/contracts-bedrock/src/libraries',
+    'interfaces/universal/=lib/optimism/packages/contracts-bedrock/interfaces/universal',
+    'interfaces/L1/=lib/optimism/packages/contracts-bedrock/interfaces/L1',
+]
+
+# See more config options https://github.com/foundry-rs/foundry/tree/master/config
diff --git a/mainnet/2025-06-04-upgrade-system-config/patch/max-gas-limit.patch b/mainnet/2025-06-04-upgrade-system-config/patch/max-gas-limit.patch
@@ -0,0 +1,25 @@
+diff --git a/packages/contracts-bedrock/src/L1/SystemConfig.sol b/packages/contracts-bedrock/src/L1/SystemConfig.sol
+index e767bc64a..a7617d5e8 100644
+--- a/packages/contracts-bedrock/src/L1/SystemConfig.sol
++++ b/packages/contracts-bedrock/src/L1/SystemConfig.sol
+@@ -87,7 +87,7 @@ contract SystemConfig is OwnableUpgradeable, ISemver {
+     /// @notice The maximum gas limit that can be set for L2 blocks. This limit is used to enforce that the blocks
+     ///         on L2 are not too large to process and prove. Over time, this value can be increased as various
+     ///         optimizations and improvements are made to the system at large.
+-    uint64 internal constant MAX_GAS_LIMIT = 200_000_000;
++    uint64 internal constant MAX_GAS_LIMIT = 500_000_000;
+
+     /// @notice Fixed L2 gas overhead. Used as part of the L2 fee calculation.
+     ///         Deprecated since the Ecotone network upgrade
+@@ -136,9 +136,9 @@ contract SystemConfig is OwnableUpgradeable, ISemver {
+     event ConfigUpdate(uint256 indexed version, UpdateType indexed updateType, bytes data);
+
+     /// @notice Semantic version.
+-    /// @custom:semver 2.5.0
++    /// @custom:semver 2.5.0+max-gas-limit-500M
+     function version() public pure virtual returns (string memory) {
+-        return "2.5.0";
++        return "2.5.0+max-gas-limit-500M";
+     }
+
+     /// @notice Constructs the SystemConfig contract.
diff --git a/mainnet/2025-06-04-upgrade-system-config/script/DeploySystemConfig.s.sol b/mainnet/2025-06-04-upgrade-system-config/script/DeploySystemConfig.s.sol
@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.15;
+
+import {Script, console} from "forge-std/Script.sol";
+
+import {SystemConfig} from "@eth-optimism-bedrock/src/L1/SystemConfig.sol";
+
+contract DeploySystemConfigScript is Script {
+    SystemConfig systemConfigImpl;
+
+    function run() public {
+        vm.startBroadcast();
+        systemConfigImpl = new SystemConfig();
+        console.log("SystemConfig implementation deployed at: ", address(systemConfigImpl));
+        vm.stopBroadcast();
+
+        string memory obj = "root";
+        string memory json = vm.serializeAddress(obj, "systemConfig", address(systemConfigImpl));
+        vm.writeJson(json, "addresses.json");
+
+        _postCheck();
+    }
+
+    function _postCheck() internal view {
+        require(
+            keccak256(bytes(SystemConfig(systemConfigImpl).version())) == keccak256("2.5.0+max-gas-limit-500M"),
+            "SystemConfig version mismatch"
+        );
+
+        require(SystemConfig(systemConfigImpl).maximumGasLimit() == 500_000_000, "Maximum gas limit mismatch");
+    }
+}