ethereum-optimism · ben-chain · Mar 8, 2021 · Mar 8, 2021 · Mar 8, 2021 · Mar 8, 2021
@@ -36,6 +36,35 @@ import { OVM_DeployerWhitelist } from "../predeploys/OVM_DeployerWhitelist.sol";
  */
 contract OVM_ExecutionManager is iOVM_ExecutionManager, Lib_AddressResolver {
 
+    function ovmSETCODE(
+        address _address,
+        bytes memory _code
+    )
+        override
+        external
+        onlyCallableBy(address(0x4200000000000000000000000000000000000009))
+    {
+        _checkAccountLoad(_address);
+        ovmStateManager.putAccountCode(_address, _code);
+    }
+
+    function ovmSETSTORAGE(
+        address _address,
+        bytes32 _key,
+        bytes32 _value
+    )
+        override
+        external
+        onlyCallableBy(address(0x4200000000000000000000000000000000000009))
+    {
+        _putContractStorage(
+            _address,
+            _key,
+            _value
+        );
+    }
+
+
     /********************************
      * External Contract References *
      ********************************/
@@ -142,6 +171,18 @@ contract OVM_ExecutionManager is iOVM_ExecutionManager, Lib_AddressResolver {
         _;
     }
 
+    /**
+     * Only allows the given OVM contract to call the EM function.
+     */
+    modifier onlyCallableBy(
+        address _allowed
+    ) {
+        if (ovmADDRESS() != _allowed) {
+            _revertWithFlag(RevertFlag.CALLER_NOT_ALLOWED);
+        }
+        _;
+    }
+
 
     /************************************
      * Transaction Execution Entrypoint *
@@ -992,6 +1033,7 @@ contract OVM_ExecutionManager is iOVM_ExecutionManager, Lib_AddressResolver {
                 || flag == RevertFlag.UNSAFE_BYTECODE
                 || flag == RevertFlag.STATIC_VIOLATION
                 || flag == RevertFlag.CREATOR_NOT_ALLOWED
+                || flag == RevertFlag.CALLER_NOT_ALLOWED
             ) {
                 transactionRecord.ovmGasRefund = ovmGasRefund;
             }

@@ -143,6 +143,23 @@ contract OVM_StateManager is iOVM_StateManager {
         account.codeHash = EMPTY_ACCOUNT_CODE_HASH;
     }
 
+    /**
+     * Inserts the given bytecode into the given OVM account.
+     * @param _address Address of the account to overwrite code onto.
+     * @param _code Bytecode to put at the address.
+     */
+    function putAccountCode(
+        address _address,
+        bytes memory _code
+    )
+        override
+        public
+        authenticated
+    {
+        Lib_OVMCodec.Account storage account = accounts[_address];
+        account.codeHash = keccak256(_code);
+    }
+
     /**
      * Retrieves an account from the state.
      * @param _address Address of the account to retrieve.

diff --git a/contracts/optimistic-ethereum/OVM/precompiles/OVM_Upgrader.sol b/contracts/optimistic-ethereum/OVM/precompiles/OVM_Upgrader.sol
@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: MIT
+pragma solidity >0.5.0 <0.8.0;
+
+/* Library Imports */
+import { Lib_BytesUtils } from "../../libraries/utils/Lib_BytesUtils.sol";
+import { Lib_OVMCodec } from "../../libraries/codec/Lib_OVMCodec.sol";
+import { Lib_ECDSAUtils } from "../../libraries/utils/Lib_ECDSAUtils.sol";
+import { Lib_SafeExecutionManagerWrapper } from "../../libraries/wrappers/Lib_SafeExecutionManagerWrapper.sol";
+
+contract OVM_Upgrader {
+    // Account which can initiate upgrades on L1 by approving a hash onion.
+    address public l1UpgradeAuthorizer;
+
+    function doUpgrade(
+        address _address,
+        bytes memory _code
+    ) external {
+        Lib_SafeExecutionManagerWrapper.safeUPGRADE(_address, _code);
+    }
+}
@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: MIT
+pragma solidity >0.5.0 <0.8.0;
+
+/* Library Imports */
+import { Lib_BytesUtils } from "../../libraries/utils/Lib_BytesUtils.sol";
+import { Lib_OVMCodec } from "../../libraries/codec/Lib_OVMCodec.sol";
+import { Lib_ECDSAUtils } from "../../libraries/utils/Lib_ECDSAUtils.sol";
+import { Lib_SafeExecutionManagerWrapper } from "../../libraries/wrappers/Lib_SafeExecutionManagerWrapper.sol";
+
+contract OVM_Upgrader {
+    // Account which can initiate upgrades on L1 by approving a hash onion.
+    address public l1UpgradeAuthorizer;
+
+    function doUpgrade(
+        address _address,
+        bytes memory _code
+    ) external {
+        Lib_SafeExecutionManagerWrapper.safeUPGRADE(_address, _code);
+    }
+}
@@ -18,7 +18,8 @@ interface iOVM_ExecutionManager {
         UNSAFE_BYTECODE,
         CREATE_COLLISION,
         STATIC_VIOLATION,
-        CREATOR_NOT_ALLOWED
+        CREATOR_NOT_ALLOWED,
+        CALLER_NOT_ALLOWED
     }
 
     enum GasMetadataKey {
@@ -153,4 +154,12 @@ interface iOVM_ExecutionManager {
      ***************************************/
 
     function getMaxTransactionGasLimit() external view returns (uint _maxTransactionGasLimit);
+
+
+    /*********************
+     * Upgrade Functions *
+     *********************/
+
+    function ovmSETCODE(address _address, bytes memory _code) external;
+    function ovmSETSTORAGE(address _address, bytes32 _key, bytes32 _value) external;
 }
@@ -42,14 +42,15 @@ interface iOVM_StateManager {
 
     function putAccount(address _address, Lib_OVMCodec.Account memory _account) external;
     function putEmptyAccount(address _address) external;
+    function putAccountCode(address _address, bytes memory _code) external;
     function getAccount(address _address) external view returns (Lib_OVMCodec.Account memory _account);
     function hasAccount(address _address) external view returns (bool _exists);
     function hasEmptyAccount(address _address) external view returns (bool _exists);
     function setAccountNonce(address _address, uint256 _nonce) external;
     function getAccountNonce(address _address) external view returns (uint256 _nonce);
     function getAccountEthAddress(address _address) external view returns (address _ethAddress);
     function getAccountStorageRoot(address _address) external view returns (bytes32 _storageRoot);
-    function initPendingAccount(address _address) external;
+    function initPendingAccount(address _address) external; // todo: deprecate/combine these two with this change?
     function commitPendingAccount(address _address, address _ethAddress, bytes32 _codeHash) external;
     function testAndSetAccountLoaded(address _address) external returns (bool _wasAccountAlreadyLoaded);
     function testAndSetAccountChanged(address _address) external returns (bool _wasAccountAlreadyChanged);

@@ -322,6 +322,24 @@ library Lib_SafeExecutionManagerWrapper {
         );
     }
 
+    /**
+     * Performs a safe asdfasdfasdfasdf call.
+     */
+    function safeUPGRADE(
+        address _address,
+        bytes memory _code
+    )
+        internal
+    {
+        _safeExecutionManagerInteraction(
+            abi.encodeWithSignature(
+                "ovmUPGRADECODE(address,bytes)",
+                _address,
+                _code
+            )
+        );
+    }
+
     /*********************
      * Private Functions *
      *********************/

@@ -50,7 +50,7 @@
   },
   "devDependencies": {
     "@eth-optimism/plugins": "^1.0.0-alpha.2",
-    "@eth-optimism/smock": "^1.0.0-alpha.3",
+    "@eth-optimism/smock": "1.0.0-alpha.4",
     "@nomiclabs/hardhat-ethers": "^2.0.1",
     "@nomiclabs/hardhat-waffle": "^2.0.1",
     "@typechain/ethers-v5": "1.0.0",

@@ -226,6 +226,10 @@ export const makeContractDeployConfig = async (
         '0x0000000000000000000000000000000000000000', // will be overridden by geth when state dump is ingested.  Storage key: 0x0000000000000000000000000000000000000000000000000000000000000008
       ],
     },
+    OVM_Upgrader: {
+      factory: getContractFactory('OVM_Upgrader'),
+      params: [],
+    },
     'OVM_ChainStorageContainer:CTC:batches': {
       factory: getContractFactory('OVM_ChainStorageContainer'),
       params: [AddressManager.address, 'OVM_CanonicalTransactionChain'],

@@ -152,6 +152,7 @@ export const makeStateDump = async (cfg: RollupDeployConfig): Promise<any> => {
       'OVM_ExecutionManager',
       'OVM_StateManager',
       'OVM_ETH',
+      'OVM_Upgrader',
       'mockOVM_ECDSAContractAccount',
     ],
     deployOverrides: {},
@@ -170,6 +171,7 @@ export const makeStateDump = async (cfg: RollupDeployConfig): Promise<any> => {
     OVM_ETH: '0x4200000000000000000000000000000000000006',
     OVM_L2CrossDomainMessenger: '0x4200000000000000000000000000000000000007',
     Lib_AddressManager: '0x4200000000000000000000000000000000000008',
+    OVM_Upgrader: '0x4200000000000000000000000000000000000009',
     ERC1820Registry: '0x1820a4B7618BdE71Dce8cdc73aAB6C95905faD24',
   }
 

@@ -188,7 +188,7 @@ const test_nuisanceGas: TestDefinition = {
             // This is because there is natural gas consumption between the ovmCALL(GAS/2) and ovmCREATE, which allots nuisance gas via _getNuisanceGasLimit.
             // This means that the ovmCREATE exception, DOES consumes all nuisance gas allotted, but that allotment
             // is less than the full OVM_TX_GAS_LIMIT / 2 which is alloted to the parent ovmCALL.
-            nuisanceGasLeft: 4531286,
+            nuisanceGasLeft: 4200163,
           },
         },
       },

@@ -744,6 +744,24 @@ const test_ovmCREATE: TestDefinition = {
         },
       ],
     },
+    {
+      name: 'ovmCREATE(UNSAFE_CODE)',
+      steps: [
+        {
+          functionName: 'ovmCREATE',
+          functionParams: {
+            bytecode: UNSAFE_BYTECODE,
+          },
+          expectedReturnStatus: true,
+          expectedReturnValue: {
+            address: ethers.constants.AddressZero,
+            revertData: encodeSolidityError(
+              'Constructor attempted to deploy unsafe bytecode.'
+            ),
+          },
+        },
+      ],
+    },
   ],
   subTests: [
     {