PufferFinance · WalidOfNow · Oct 7, 2024 · Oct 8, 2024 · Oct 8, 2024 · Oct 8, 2024
diff --git a/l1-contracts/script/SetupAccess.s.sol b/l1-contracts/script/SetupAccess.s.sol
@@ -88,7 +88,7 @@ contract SetupAccess is BaseScript {
         );
 
         bytes4[] memory publicSelectors = new bytes4[](0);
-        publicSelectors = new bytes4[](8);
+        publicSelectors = new bytes4[](12);
         publicSelectors[0] = UniFiAVSManager.registerOperator.selector;
         publicSelectors[1] = UniFiAVSManager.registerValidators.selector;
         publicSelectors[2] = UniFiAVSManager.startDeregisterOperator.selector;
@@ -97,6 +97,10 @@ contract SetupAccess is BaseScript {
         publicSelectors[5] = UniFiAVSManager.setOperatorCommitment.selector;
         publicSelectors[6] = UniFiAVSManager.updateOperatorCommitment.selector;
         publicSelectors[7] = UniFiAVSManager.registerOperatorWithCommitment.selector;
+        publicSelectors[8] = UniFiAVSManager.registerValidatorsOptimistically.selector;
+        publicSelectors[9] = UniFiAVSManager.verifyValidatorSignatures.selector;
+        publicSelectors[10] = UniFiAVSManager.slashValidatorsWithInvalidPubkey.selector;
+        publicSelectors[11] = UniFiAVSManager.slashValidatorsWithInvalidIndex.selector;
 
         calldatas[1] = abi.encodeWithSelector(
             AccessManager.setTargetFunctionRole.selector,

diff --git a/l1-contracts/src/UniFiAVSManager.sol b/l1-contracts/src/UniFiAVSManager.sol
diff --git a/l1-contracts/src/interfaces/IUniFiAVSManager.sol b/l1-contracts/src/interfaces/IUniFiAVSManager.sol
@@ -1,11 +1,15 @@
 // SPDX-License-Identifier: GPL-3.0
 pragma solidity >=0.8.0 <0.9.0;
 
+// EigenLayer Imports
 import { IDelegationManager } from "eigenlayer/interfaces/IDelegationManager.sol";
 import { ISignatureUtils } from "eigenlayer/interfaces/ISignatureUtils.sol";
+import { BN254 } from "eigenlayer-middleware/libraries/BN254.sol";
+// Local Imports
 import { IAVSDirectoryExtended } from "../interfaces/EigenLayer/IAVSDirectoryExtended.sol";
 import "../structs/ValidatorData.sol";
 import "../structs/OperatorData.sol";
+import { BeaconChainHelperLib } from "../lib/BeaconChainHelperLib.sol";
 
 /**
  * @title IUniFiAVSManager
@@ -70,6 +74,27 @@ interface IUniFiAVSManager {
     /// @notice Thrown when a restaking strategy allowlist update fails
     error RestakingStrategyAllowlistUpdateFailed();
 
+    /// @notice Thrown when a salt is already used for a registration
+    error SaltAlreadyUsed();
+
+    /// @notice Thrown when a signature is expired
+    error SignatureExpired();
+
+    /// @notice Thrown when the lengths of the input arrays are not equal
+    error InvalidArrayLengths();
+
+    /// @notice Thrown when a validator proof is invalid
+    error InvalidValidatorProof(bytes32 blsPubKeyHash);
+
+    /// @notice Thrown when a validator index is already used
+    error ValidatorIndexAlreadyUsed();
+
+    /// @notice Thrown when an operator is slashed
+    error OperatorSlashed();
+
+    /// @notice Thrown when a validator is not backed by an EigenPod
+    error InvalidValidatorType();
+
     /**
      * @notice Emitted when a new operator is registered in the UniFi AVS.
      * @param operator The address of the registered operator.
@@ -152,6 +177,20 @@ interface IUniFiAVSManager {
      */
     event RestakingStrategyAllowlistUpdated(address indexed strategy, bool allowed);
 
+    /**
+     * @notice Emitted when a validator is slashed.
+     * @param operator The address of the operator managing the validator.
+     * @param blsPubKeyHash The BLS public key hash of the slashed validator.
+     */
+    event ValidatorSlashed(address indexed operator, bytes32 indexed blsPubKeyHash);
+
+    /**
+     * @notice Emitted when the registration delay is set.
+     * @param oldDelay The previous registration delay value.
+     * @param newDelay The new registration delay value.
+     */
+    event RegistrationDelaySet(uint64 oldDelay, uint64 newDelay);
+
     /**
      * @notice Returns the EigenPodManager contract.
      * @return IEigenPodManager The EigenPodManager contract.
@@ -232,6 +271,13 @@ interface IUniFiAVSManager {
      */
     function setDeregistrationDelay(uint64 newDelay) external;
 
+    /**
+     * @notice Sets a new registration delay for validators.
+     * @param newDelay The new registration delay in seconds.
+     * @dev Restricted to the DAO
+     */
+    function setRegistrationDelay(uint64 newDelay) external;
+
     /**
      * @notice Sets the chain ID for a specific index in the bitmap.
      * @param index The index in the bitmap to set.
@@ -248,6 +294,29 @@ interface IUniFiAVSManager {
      */
     function setAllowlistRestakingStrategy(address strategy, bool allowed) external;
 
+    /**
+     * @notice Registers validators optimistically.
+     * @param paramsArray The array of ValidatorRegistrationParams.
+     */
+    function registerValidatorsOptimistically(ValidatorRegistrationParams[] calldata paramsArray) external;
+
+    /**
+     * @notice Verifies the signatures of validators.
+     * @param blsPubKeyHashes The BLS public key hashes of the validators.
+     */
+    function verifyValidatorSignatures(bytes32[] calldata blsPubKeyHashes) external;
+
+    /**
+     * @notice Slashes validators with invalid pubkey.
+     * @param proofs The inclusion proofs for each validator.
+     */
+    function slashValidatorsWithInvalidPubkey(BeaconChainHelperLib.InclusionProof[] calldata proofs) external;
+
+    /**
+     * @notice Slashes validators with invalid index.
+     * @param proofs The inclusion proofs for each validator.
+     */
+    function slashValidatorsWithInvalidIndex(BeaconChainHelperLib.InclusionProof[] calldata proofs) external;
     /**
      * @notice Retrieves information about a specific operator.
      * @param operator The address of the operator.
@@ -290,6 +359,12 @@ interface IUniFiAVSManager {
      */
     function getDeregistrationDelay() external view returns (uint64);
 
+    /**
+     * @notice Retrieves the current registration delay for validators.
+     * @return The current registration delay in seconds.
+     */
+    function getRegistrationDelay() external view returns (uint64);
+
     /**
      * @notice Converts a bitmap to an array of chain IDs.
      * @param bitmap The bitmap to convert.
@@ -330,4 +405,18 @@ interface IUniFiAVSManager {
 
     /// @notice Returns the EigenLayer AVSDirectory contract.
     function avsDirectory() external view returns (address);
+
+    /**
+     * @notice Returns the BLS message hash for a validator registration.
+     * @param typeHash The type hash for the message.
+     * @param operator The address of the operator.
+     * @param salt The salt for the message.
+     * @param expiry The expiry for the message.
+     * @param index The index for the message.
+     * @return BN254.G1Point The BLS message hash.
+     */
+    function blsMessageHash(bytes32 typeHash, address operator, bytes32 salt, uint256 expiry, uint256 index)
+        external
+        view
+        returns (BN254.G1Point memory);
 }
diff --git a/l1-contracts/src/lib/BLSSignatureCheckerLib.sol b/l1-contracts/src/lib/BLSSignatureCheckerLib.sol
@@ -35,4 +35,44 @@ library BLSSignatureCheckerLib {
             pubkeyG2
         );
     }
+
+    function bytesToG1Point(bytes memory pubkey) internal pure returns (BN254.G1Point memory) {
+        // require(pubkey.length == 48, "Invalid public key length");
+
+        // Extract X and Y coordinates
+        uint256 x;
+        uint256 y;
+
+        assembly {
+            x := mload(add(pubkey, 32))
+            y := mload(add(pubkey, 64))
+        }
+
+        // Ensure the most significant bit of y is 0 (positive y-coordinate)
+        y = y & ((1 << 255) - 1);
+
+        return BN254.G1Point(x, y);
+    }
+
+    function g1PointToBytes(BN254.G1Point memory point) internal pure returns (bytes memory) {
+        bytes memory result = new bytes(48);
+
+        assembly {
+            // Store X coordinate
+            mstore(add(result, 32), mload(point))
+
+            // Store Y coordinate
+            // Set the most significant bit to 1 if Y is odd, 0 if Y is even
+            let y := mload(add(point, 32))
+            let yMod2 := mod(y, 2)
+            y := or(and(y, not(shl(255, 1))), shl(255, yMod2))
+            mstore(add(result, 64), y)
+        }
+
+        return result;
+    }
+
+    function hashG1Point(BN254.G1Point memory pk) internal pure returns (bytes32 hashedG1) {
+        return sha256(abi.encodePacked(g1PointToBytes(pk), bytes16(0)));
+    }
 }
diff --git a/l1-contracts/src/lib/BeaconChainHelperLib.sol b/l1-contracts/src/lib/BeaconChainHelperLib.sol
@@ -1,9 +1,96 @@
 // SPDX-License-Identifier: GPL-3.0
 pragma solidity >=0.8.0 <0.9.0;
 
+import { MerkleUtils } from "./MerkleUtils.sol";
+
 library BeaconChainHelperLib {
     address internal constant _BEACON_ROOT_CONTRACT = 0x000F3df6D732807Ef1319fB7B8bB8522d0Beac02;
 
+    struct InclusionProof {
+        // `Chunks` of the SSZ encoded validator
+        bytes32[8] validator;
+        // Index of the validator in the beacon state validator list
+        uint256 validatorIndex;
+        // Proof of inclusion of validator in beacon state validator list
+        bytes32[] validatorProof;
+        // Root of the validator list in the beacon state
+        bytes32 validatorsRoot;
+        // Proof of inclusion of validator list in the beacon state
+        bytes32[] beaconStateProof;
+        // Root of the beacon state
+        bytes32 beaconStateRoot;
+        // Proof of inclusion of beacon state in the beacon block
+        bytes32[] beaconBlockProofForState;
+        // Proof of inclusion of the validator index in the beacon block
+        bytes32[] beaconBlockProofForProposerIndex;
+        // Timestamp of the beacon block
+        uint256 timestamp;
+    }
+
+    /// @dev The validator pub key failed verification against the pub key hash tree root in the validator chunks
+    error InvalidValidatorBLSPubKey();
+    /// @dev The proof that the validator is a part of the validator list is invalid.
+    error ValidatorProofFailed();
+    /// @dev The proof that the validator list is a part of the beacon state is invalid.
+    error BeaconStateProofFailed();
+    /// @dev The proof that the beacon state is a part of the beacon block is invalid.
+    error BeaconBlockProofForStateFailed();
+    /// @dev The proof that the actual validator index is a part of the beacon is invalid.
+    error BeaconBlockProofForProposerIndex();
+
+    function verifyValidator(InclusionProof memory inclusionProof) internal returns (bool) {
+        (, bytes32 beaconBlockRoot) = getRootFromTimestamp(inclusionProof.timestamp);
+
+        // Validator is verified against the validator list in the beacon state
+        bytes32 validatorHashTreeRoot = MerkleUtils.merkleize(inclusionProof.validator);
+        if (
+            !MerkleUtils.verifyProof(
+                inclusionProof.validatorProof,
+                inclusionProof.validatorsRoot,
+                validatorHashTreeRoot,
+                inclusionProof.validatorIndex
+            )
+        ) {
+            // Revert if the proof that the expected validator is a part of the validator
+            // list in beacon state fails
+            return false;
+        }
+
+        if (
+            !MerkleUtils.verifyProof(
+                inclusionProof.beaconStateProof, inclusionProof.beaconStateRoot, inclusionProof.validatorsRoot, 11
+            )
+        ) {
+            // Revert if the proof that the validator list is a part of the beacon state fails
+            return false;
+        }
+
+        // Beacon state is verified against the beacon block
+        if (
+            !MerkleUtils.verifyProof(
+                inclusionProof.beaconBlockProofForState, beaconBlockRoot, inclusionProof.beaconStateRoot, 3
+            )
+        ) {
+            // Revert if the proof for the beacon state being a part of the beacon block fails
+            return false;
+        }
+
+        // Validator index is verified against the beacon block
+        if (
+            !MerkleUtils.verifyProof(
+                inclusionProof.beaconBlockProofForProposerIndex,
+                beaconBlockRoot,
+                MerkleUtils.toLittleEndian(inclusionProof.validatorIndex),
+                1
+            )
+        ) {
+            // Revert if the proof that the proposer index is a part of the beacon block fails
+            return false;
+        }
+
+        return true;
+    }
+
     function verifyProposerAt(uint256 timestamp, uint256 proposerIndex, bytes32[2] memory proof)
         internal
         returns (bool)
@@ -16,8 +103,8 @@ library BeaconChainHelperLib {
 
         bytes32 slotAndProposerIndexNode = sha256(
             abi.encodePacked(
-                abi.encodePacked(to_little_endian_64(uint64(slot)), bytes24(0)),
-                abi.encodePacked(to_little_endian_64(uint64(proposerIndex)), bytes24(0))
+                abi.encodePacked(MerkleUtils.to_little_endian_64(uint64(slot)), bytes24(0)),
+                abi.encodePacked(MerkleUtils.to_little_endian_64(uint64(proposerIndex)), bytes24(0))
             )
         );
 
@@ -28,20 +115,6 @@ library BeaconChainHelperLib {
         return root == beaconRootFromChain;
     }
 
-    function to_little_endian_64(uint64 value) internal pure returns (bytes memory ret) {
-        ret = new bytes(8);
-        bytes8 bytesValue = bytes8(value);
-        // Byteswapping during copying to bytes.
-        ret[0] = bytesValue[7];
-        ret[1] = bytesValue[6];
-        ret[2] = bytesValue[5];
-        ret[3] = bytesValue[4];
-        ret[4] = bytesValue[3];
-        ret[5] = bytesValue[2];
-        ret[6] = bytesValue[1];
-        ret[7] = bytesValue[0];
-    }
-
     function getRootFromTimestamp(uint256 timestamp) internal returns (bool, bytes32) {
         (bool ret, bytes memory data) = _BEACON_ROOT_CONTRACT.call(bytes.concat(bytes32(timestamp)));
         return (ret, bytes32(data));