Preview celo rebase 16 #411
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adding funding.json file required to apply for retropgf
github: use step-security replacement for tj-actions/changed-files
* Add script to update `celo-org/op-geth` dependencies Signed-off-by: Maximilian Langenfeld <[email protected]> * Add github action for update-geth script Signed-off-by: Maximilian Langenfeld <[email protected]> * Use inline geth base-ref Signed-off-by: Maximilian Langenfeld <[email protected]> * Discard automatic fields Signed-off-by: Maximilian Langenfeld <[email protected]> * token perms Signed-off-by: Maximilian Langenfeld <[email protected]> * Use read-only GCP SA Signed-off-by: Maximilian Langenfeld <[email protected]> * Better parameter handling in update-geth action Signed-off-by: Maximilian Langenfeld <[email protected]> * Remove `update-celo-geth` cmd from justfile --------- Signed-off-by: Maximilian Langenfeld <[email protected]> Co-authored-by: alvarof2 <[email protected]> github: improve update-geth.sh * mark it as executable * allow running on both MacOS and linux (GNU vs BSD tool differences) * terminate on errors * less strict go.mod matching to allow applying it directly to upstream github: Fix update-geth.sh (#304) The script was not substituting the go.mod file and the Dockerfile since the regexes were not matching. The regex for the Dockerfile contained '@sha256:' which perl was interpreting as a global symbol, in order to interpret it literally we needed to escape the '@'. The regex for the go.mod file contained an extra space before the arrow 'go-ethereum .* => ', in a tidied go.mod file there is one space between the package name and the arrow '=>'. Also adds failure output so that it's easier to debug where this is going wrong. --------- Co-authored-by: Karl Bartel <[email protected]> Co-authored-by: Paul Lange <[email protected]> github: The substitution was failing in the docker file since (#309) The substitution \1 and the beginning of the image hash together created \150 which perl interprets as the octal character code for h. To prevent this we need to use the \${1} notation to reference captured groups. github: Change base-branch for update-geth workflow github: Add `celo-org/op-geth` dependencies update script and gh-action (#263) * Add script to update `celo-org/op-geth` dependencies Signed-off-by: Maximilian Langenfeld <[email protected]> * Add github action for update-geth script Signed-off-by: Maximilian Langenfeld <[email protected]> * Use inline geth base-ref Signed-off-by: Maximilian Langenfeld <[email protected]> * Discard automatic fields Signed-off-by: Maximilian Langenfeld <[email protected]> * token perms Signed-off-by: Maximilian Langenfeld <[email protected]> * Use read-only GCP SA Signed-off-by: Maximilian Langenfeld <[email protected]> * Better parameter handling in update-geth action Signed-off-by: Maximilian Langenfeld <[email protected]> * Remove `update-celo-geth` cmd from justfile --------- Signed-off-by: Maximilian Langenfeld <[email protected]> Co-authored-by: alvarof2 <[email protected]> github: Update update geth approach (#319) Removed the old script because it referenced ops-bedrock which has been removed. Added a copy of the op-geth provided update script, decided on a copy to avoid conflicts. Updated the update-geth workflow to reference the new script github: Change update-geth base-branch to 'celo-rebase-13' (#382) github: Change update-geth base-branch to 'celo-rebase-14'
Setting `open-pull-requests-limit: 0` prevent version updates but should keep the security scans and updates according to https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#overriding-the-default-behavior-with-a-configuration-file > If you only require security updates and want to exclude version > updates, you can set open-pull-requests-limit to 0 in order to prevent > version updates for a given package-ecosystem.
…ckchain-public registry (#395) * Build op-node using docker-bake and push to devopsre/celo-blockchain-public registry * Set-Tags
We have to do this because the orb used by optimsim is not public. I published an orb by fetching the project https://github.com/ethereum-optimism/circleci-utils setting up the circleci command-line utility and following the instructions from the readme (also shown below) to publish an orb. Note that the namespace for this orb is just piersy, not piersy/circleci-utils. To publish production versions (e.g., `1.2.3`): - **Required role:** GitHub organization **Owner/Admin** - **What you can do:** - `circleci namespace create` - `circleci orb create` - `circleci orb publish` (production version)
The op config set this to a private URL that we couldn't access, instead we now set this to now be the MAINNET_RPC_URL which is defined as a project env var.
Currently we set this to celo-rebase-15-upstream, but once we've constructed celo-rebase-15 we will want to set the base branch to that.
This cheatcode is used to store the Celo L2 predeploy addresses in a JSON file when run with forge. Inside TestEndToEndApply/initial_chain , the same code is called but we don't care for the generated JSON file. So just returning `nil` makes the test work without any disadvantages.
Remove common/interfaces/IExchange.sol (duplicate) We keep the one in the `mento` directory. Remove common/libraries/ReentrancyGuard.sol (duplicate) Directly use the original from OpenZeppelin. contracts: Skip Celo contracts in test_cannotReinitialize_succeeds
Add console2 import in L2Genesis.s.sol
Until we fix the errors caused by enabling it.
This makes it possible to modify the FeeCurrencyDirectory entries in devnet.
contracts: Revert to upstream L2Genesis.s.sol
…ithMedian (#277) * Ignore AddressSortedLinkedList and AddressSortedLinkedListWithMedian as targets in fuzzing test of SafeCall_Test * Format test/libraries/SafeCall.t.sol
Those have warnings with `scripts/checks/interfaces`. Ignore those warnings for now. contracts: Add Celo contracts in exclusions for interface check contracts: disable interface check for IERC20Upgradeable I don't think we broke anything, so let's make the upstream versions pass the check by adding them to the ignore list.
…ode startup (#367) * Set L1 safe and finalized head at startup of op-node * Wrap initialization of L1 safe & finalized head in SyncStatus with if block * Fix comment * Fix commen * Fix comment * Fix codes based on feedback * Fix comment * Swap the order of fetching finalized and safe L1 block references * Move L1 safe and finalized head fetching to the beginning of OpNode::Start * Remove unnecessary empty line * Add log in finalized
* feat(batcher): multi-frame altda channels * docs(batcher): add documentation for DaType and txData.daType * docs: fix NextTxData comment --------- Co-authored-by: Samuel Laferriere <[email protected]>
* test(altda): add test for altda->ethda failover * feat(batcher): altda->ethda failover when altda is down * chore: fix typos * fix(fakeDAServer): handlePut was still handling put when in failover mode * Fix logs --------- Co-authored-by: Samuel Laferriere <[email protected]>
* Add Prometheus metrics for AltDA failover in Batcher * Fix calls of RecordBatchDaType * Revert deleted comment * Add metrics for total stored batch size * Fix condition for RecordBatchDaType and RecordBatchDataSizeBytes * Add missing namespace to prometheus definition * Fix the amount of batch sizes recorded for DA * Unify recordings of size of batch to be stored * Improve Prometheus help text
* test(altda): add a test to make sure altda node keeps finalizing even after failover to ethda Currently it does not, as shown by the test TestAltDA_FinalizationAfterEthDAFailover failing * fix(damgr): ethda failover finalization stall bug Weiwei from Polymer found this bug. He proposed a solution. This is an alternative solution which seems simpler, but not 100% of its soundness. * fix: damgr_test doesn't compile * chore: add more logs to damgr and altda_data_source * docs(altda_test): fix typo --------- Co-authored-by: Samuel Laferriere <[email protected]>
… holocene order (#379) * fix(batcher): altda parallel submitted blobs respect strict holocene order (#21) test(e2e): new altda e2e test for concurrent blob submissions to maintain new holocene strict ordering rules test(batcher): add altda unit tests for unhappy failure cases (except channel timeout) test(batcher): fix flaky driver tests + speed them up test(batcher): robustify batcher driver altda tests fix(batcher): altda concurrent blob responses are reordered to respect holocene strict ordering rules docs: fix typos and add documentation comments for some batcher public methods test(op-alt-da): fix MockDAClient.DeleteData decrement semantic chore(batcher): move channel failover behavior from TxFailed to AltDASubmissionFailed The failover logic in the failover feature commits was aded on TxFailed, as the separate function AltDASubmissionFailed didn't exist yet. This change makes it much cleaner as a tx having failed cannot lead to a failover given... since that would come from an ethereum issue. fix(batcher): bug in sendTransaction chore(test-logger): fix test logger.Crit which wasn't getting flushed test(batcher): fix altDASetup w new channel config DaType was added, so needed to change config to use DaTypeAltDA style: wrap errors style(damock): dont explicitly initialize to 0 We make use default values instead docs(batcher-test): document why channel timeout test is left unimplemented docs(batcher): fix todos in batcher readme chore: make lint-go-fix docs(batcher): fix readme typo * Change test to write a log instead of stdout --------- Co-authored-by: Samuel Laferriere <[email protected]>
Add default to switch for lint Allow to override with flags the celo forks 22nd Jan 2026: Noted that we didn't need to set the PectraBlobScheduleTime flag, but now we do need to keep it as removing it would be a hardfork.
* isthmus: Update L1Block contract bytecode --------- Co-authored-by: Gastón Ponti <[email protected]> Co-authored-by: Gaston Ponti <[email protected]>
It is also prepared for using the bridged WETH as fee currency, but we are currently lacking a simple way to send fee currency txs, so I left the final tx out.
This uses the default fee-currency-directory address from op-geth. It will fix the issue that the EVM calls into the directoy will fail when executed on the local devnet. e2e: use `--broadcast` with `forge create` (#281) Forge started to require the `--broadcast` flag for actually deploying a contract. Otherwise it will only do a dry-run. We should really pin our foundry version. But let's wait until we rebase to the latest upstream, since there have been changes to the overall setup. Closes #278
These tests perform a check at the end to ensure that the total funds after a test match the total funds before the test. We had modified the state transition function to direct baseFee payments to the fee handler instead of optimism's OperatorFeeVault when in a cel2 context. This caused the tests to fail because the tests were not including the balance of the fee handler. This change ensures that we do consider the fee handler balance when calculating the total.
The test was configured with MaxFrameSize: 150 which was too small for the compressed block data (~291 bytes), causing 2 frames per block instead of 1. This doubled the AltDA Store count from the expected 5 to 10. Fixed by increasing MaxFrameSize to 400 to ensure each block fits in a single frame as the test intended.
Update the test to deploy a 65KB contract that exceeds Celo's increased 64KB MaxCodeSize limit. The previous 25KB test contract no longer triggers the max code size check. Changes: - Use PUSH3 (0x62) instead of PUSH2 to push the 3-byte size value - Update runtime size from 25KB to 65KB - Update init code offset from 0x0c to 0x10 (16 bytes)
setup_remote_docker configures the job to be able to build docker images, however this only works with circleci runners.
The issue was using opcm.opcmStandardValidator() directly, which fails when the OPCM_V2 feature is enabled (the validator should come from opcmV2).
The previous snapshot update was generated without Celo forge-artifacts, which caused all Celo snapshot files to be deleted. Rebuild and regenerate to restore them and update the semver-lock initCodeHashes.
It needs a kona version and I'm not clear what this is, but we don't actually use op-challenger so simply disabling it seems to be a good solution.
Celo does not use cannon, so we can safely skip these tests.
karlb
reviewed
Feb 11, 2026
karlb
left a comment
karlb
left a comment
There was a problem hiding this comment.
Looks good, just some questions and nitpicks!
| base: | ||
| name: OP | ||
| url: https://github.com/celo-org/optimism | ||
| ref: refs/remotes/origin/celo-rebase-14-upstream |
There was a problem hiding this comment.
This ref needs to be updated.
Does anyone use the forkdiff? If not, we should consider removing it.
Collaborator
Author
There was a problem hiding this comment.
I've not used it personally, it seems it was originally added by you, so if you don't think it's worth keeping, then I agree.
There was a problem hiding this comment.
@palango occasionally uses the one for op-geth, but not this one. So we can remove it.
|
|
||
| contracts-bedrock-tests: | ||
| circleci_ip_ranges: true | ||
| # circleci_ip_ranges: true |
There was a problem hiding this comment.
Which IPs outside of CircleCI do we access that OP doesn't?
Collaborator
Author
There was a problem hiding this comment.
This feature routes outbound traffic from jobs through a known fixed ip range. I guess it serves to help lock down access to networked dependencies used by jobs. We don't need the feature though and it costs credits to use it, hence the disabling.
| requires: | ||
| - contracts-bedrock-build | ||
| - cannon-prestate-quick | ||
| # scheduled-kurtosis-acceptance-tests: |
There was a problem hiding this comment.
I wonder if we should use a different way to disable workflows, since this is likely to create merge conflicts on every rebase. Maybe a
when:
condition: false
?
Collaborator
Author
There was a problem hiding this comment.
Sounds good, I will see if that can work.
| if err != nil { | ||
| t.Fatalf("failed to create memory state db: %v", err) | ||
| } | ||
|
|
Comment on lines
+43
to
+55
| func init() { | ||
| DeprecatedFlags = append(DeprecatedFlags, deprecatedP2PFlags(EnvVarPrefix)...) | ||
| optionalFlags = append(optionalFlags, P2PFlags(EnvVarPrefix)...) | ||
| optionalFlags = append(optionalFlags, oplog.CLIFlagsWithCategory(EnvVarPrefix, OperationsCategory)...) | ||
| optionalFlags = append(optionalFlags, oppprof.CLIFlagsWithCategory(EnvVarPrefix, OperationsCategory)...) | ||
| optionalFlags = append(optionalFlags, opmetrics.CLIFlagsWithCategory(EnvVarPrefix, OperationsCategory)...) | ||
| optionalFlags = append(optionalFlags, oprpc.CLIFlagsWithCategory(EnvVarPrefix, OperationsCategory, rpcDefaults)...) | ||
| optionalFlags = append(optionalFlags, DeprecatedFlags...) | ||
| optionalFlags = append(optionalFlags, opflags.CLIFlags(EnvVarPrefix, RollupCategory)...) | ||
| optionalFlags = append(optionalFlags, altda.CLIFlags(EnvVarPrefix, AltDACategory)...) | ||
| Flags = append(requiredFlags, optionalFlags...) | ||
| } | ||
|
|
There was a problem hiding this comment.
This function has been moved within the file. If there is no good reason for it, let's put if back to its original place.
Comment on lines
-273
to
+274
| export SEPOLIA_RPC_URL="https://ci-sepolia-l1-archive.optimism.io" && \ | ||
| export MAINNET_RPC_URL="https://ci-mainnet-l1-archive.optimism.io" && \ | ||
| export MAINNET_RPC_URL=$${MAINNET_RPC_URL-} && \ | ||
| export SEPOLIA_RPC_URL=$${SEPOLIA_RPC_URL-} && \ |
Collaborator
Author
There was a problem hiding this comment.
They do look quite useless, apart from maybe making it explicit that those variables are required by the Makefile. They were originally added by you in 997a36a so I decided to leave them as is.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a preview of the optimism rebase.
The memory-all ci workflow still has some failing tests: https://github.com/celo-org/celo-blockchain-planning/issues/1339