From 511c753b2a3bc9ef45b04f523b21a558f87f8e20 Mon Sep 17 00:00:00 2001 From: avalonche Date: Fri, 12 Dec 2025 08:47:52 +1100 Subject: [PATCH 1/3] update flashblocks signature and workload id --- cmd/serve.go | 2 +- readme.md | 2 +- server/l2/block_inspector.go | 19 +------------------ server/l2/workload_id.go | 25 ++----------------------- 4 files changed, 5 insertions(+), 43 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index 6a379ed..5c61761 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -194,7 +194,7 @@ func CommandServe(cfg *config.Config) *cli.Command { EnvVars: []string{envPrefix + strings.ToUpper(categoryL2) + "_MONITOR_FLASHBLOCK_NUMBER_CONTRACT_FUNCTION_SIGNATURE"}, Name: categoryL2 + "-monitor-flashblock-number-contract-function-signature", Usage: "l2 builder flashblock number contract function `signature` to monitor", - Value: "incrementFlashblockNumber()", + Value: "permitIncrementFlashblockNumber()", }, &cli.Int64Flag{ diff --git a/readme.md b/readme.md index 9a73ae2..169f366 100644 --- a/readme.md +++ b/readme.md @@ -61,7 +61,7 @@ OPTIONS: --l2-monitor-builder-policy-contract address l2 builder flashtestations policy contract address to monitor [$CHAIN_MONITOR_L2_MONITOR_BUILDER_POLICY_CONTRACT] --l2-monitor-builder-policy-contract-function-signature signature l2 builder flashtestations policy contract function signature to monitor (default: "permitVerifyBlockBuilderProof(uint8,bytes32,uint256,bytes)") [$CHAIN_MONITOR_L2_MONITOR_BUILDER_POLICY_CONTRACT_FUNCTION_SIGNATURE] --l2-monitor-flashblock-number-contract address l2 builder flashblock number contract address to monitor [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCK_NUMBER_CONTRACT] - --l2-monitor-flashblock-number-contract-function-signature signature l2 builder flashblock number contract function signature to monitor (default: "incrementFlashblockNumber()") [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCK_NUMBER_CONTRACT_FUNCTION_SIGNATURE] + --l2-monitor-flashblock-number-contract-function-signature signature l2 builder flashblock number contract function signature to monitor (default: "permitIncrementFlashblockNumber()") [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCK_NUMBER_CONTRACT_FUNCTION_SIGNATURE] --l2-monitor-flashblocks-main-public-stream value the name of the main public l2 flashblocks stream [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCKS_MAIN_PUBLIC_STREAM] --l2-monitor-flashblocks-max-ws-message-size-kb value max size (in kb) of l2 builder flashblocks ws messages (default: 256) [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCKS_MAX_WS_MESSAGE_SIZE_KB] --l2-monitor-flashblocks-private-stream value [ --l2-monitor-flashblocks-private-stream value ] private websocket stream(s) of l2 flashblocks [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCKS_PRIVATE_STREAMS] diff --git a/server/l2/block_inspector.go b/server/l2/block_inspector.go index fdf5478..b2545df 100644 --- a/server/l2/block_inspector.go +++ b/server/l2/block_inspector.go @@ -1015,24 +1015,7 @@ func (bi *BlockInspector) isFlashblockNumberTx( return false } - from, err := ethtypes.Sender(ethtypes.LatestSignerForChainID(tx.ChainId()), tx) - if err != nil { - l := logutils.LoggerFromContext(ctx) - - l.Warn("Failed to determine the sender for flashblock number transaction", - zap.Error(err), - zap.String("tx", tx.Hash().Hex()), - zap.String("block", block.Number().String()), - ) - - return false - } - - if from.Cmp(bi.cfg.builderAddr) != 0 { - return false - } - - return true + return tx.From().Cmp(bi.cfg.builderAddr) == 0 } func (bi *BlockInspector) isProbeTx( diff --git a/server/l2/workload_id.go b/server/l2/workload_id.go index cdd1154..21c697f 100644 --- a/server/l2/workload_id.go +++ b/server/l2/workload_id.go @@ -13,13 +13,6 @@ const ( // Raw quote has a 48-byte header before the TD10ReportBody HEADER_LENGTH = 48 TD_REPORT10_LENGTH = 584 - - // TDX workload constants - TD_XFAM_FPU = 0x0000000000000001 - TD_XFAM_SSE = 0x0000000000000002 - TD_TDATTRS_VE_DISABLED = 0x0000000010000000 - TD_TDATTRS_PKS = 0x0000000040000000 - TD_TDATTRS_KL = 0x0000000080000000 ) // ComputeWorkloadID computes the workload ID from Automata's serialized verifier output @@ -51,24 +44,10 @@ func ComputeWorkloadID(rawQuote []byte) ([32]byte, error) { xfam := binary.BigEndian.Uint64(reportBody[128 : 128+8]) tdAttributes := binary.BigEndian.Uint64(reportBody[120 : 120+8]) - // Apply transformations as per the Solidity implementation - // expectedXfamBits = TD_XFAM_FPU | TD_XFAM_SSE - expectedXfamBits := uint64(TD_XFAM_FPU | TD_XFAM_SSE) - - // ignoredTdAttributesBitmask = TD_TDATTRS_VE_DISABLED | TD_TDATTRS_PKS | TD_TDATTRS_KL - ignoredTdAttributesBitmask := uint64(TD_TDATTRS_VE_DISABLED | TD_TDATTRS_PKS | TD_TDATTRS_KL) - - // Transform xFAM: xFAM ^ expectedXfamBits - transformedXfam := xfam ^ expectedXfamBits - - // Transform tdAttributes: tdAttributes & ~ignoredTdAttributesBitmask - transformedTdAttributes := tdAttributes & ^ignoredTdAttributesBitmask - - // Convert transformed values back to bytes (big-endian, to match Solidity bytes8) xfamBytes := make([]byte, 8) tdAttributesBytes := make([]byte, 8) - binary.BigEndian.PutUint64(xfamBytes, transformedXfam) - binary.BigEndian.PutUint64(tdAttributesBytes, transformedTdAttributes) + binary.BigEndian.PutUint64(xfamBytes, xfam) + binary.BigEndian.PutUint64(tdAttributesBytes, tdAttributes) // Concatenate all fields var concatenated []byte From 076ef98c91e463641acfc49d10bce40ecb3af0f0 Mon Sep 17 00:00:00 2001 From: shana Date: Thu, 11 Dec 2025 14:22:40 -0800 Subject: [PATCH 2/3] Update serve.go --- cmd/serve.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/serve.go b/cmd/serve.go index 5c61761..1e586d5 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -194,7 +194,7 @@ func CommandServe(cfg *config.Config) *cli.Command { EnvVars: []string{envPrefix + strings.ToUpper(categoryL2) + "_MONITOR_FLASHBLOCK_NUMBER_CONTRACT_FUNCTION_SIGNATURE"}, Name: categoryL2 + "-monitor-flashblock-number-contract-function-signature", Usage: "l2 builder flashblock number contract function `signature` to monitor", - Value: "permitIncrementFlashblockNumber()", + Value: "permitIncrementFlashblockNumber(uint256,bytes)", }, &cli.Int64Flag{ From cb22c5d0f5ebdaa4f34e1a91ca635b579f87d30d Mon Sep 17 00:00:00 2001 From: shana Date: Thu, 11 Dec 2025 14:24:52 -0800 Subject: [PATCH 3/3] Update readme.md --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 169f366..4489178 100644 --- a/readme.md +++ b/readme.md @@ -61,7 +61,7 @@ OPTIONS: --l2-monitor-builder-policy-contract address l2 builder flashtestations policy contract address to monitor [$CHAIN_MONITOR_L2_MONITOR_BUILDER_POLICY_CONTRACT] --l2-monitor-builder-policy-contract-function-signature signature l2 builder flashtestations policy contract function signature to monitor (default: "permitVerifyBlockBuilderProof(uint8,bytes32,uint256,bytes)") [$CHAIN_MONITOR_L2_MONITOR_BUILDER_POLICY_CONTRACT_FUNCTION_SIGNATURE] --l2-monitor-flashblock-number-contract address l2 builder flashblock number contract address to monitor [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCK_NUMBER_CONTRACT] - --l2-monitor-flashblock-number-contract-function-signature signature l2 builder flashblock number contract function signature to monitor (default: "permitIncrementFlashblockNumber()") [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCK_NUMBER_CONTRACT_FUNCTION_SIGNATURE] + --l2-monitor-flashblock-number-contract-function-signature signature l2 builder flashblock number contract function signature to monitor (default: "permitIncrementFlashblockNumber(uint256,bytes)") [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCK_NUMBER_CONTRACT_FUNCTION_SIGNATURE] --l2-monitor-flashblocks-main-public-stream value the name of the main public l2 flashblocks stream [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCKS_MAIN_PUBLIC_STREAM] --l2-monitor-flashblocks-max-ws-message-size-kb value max size (in kb) of l2 builder flashblocks ws messages (default: 256) [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCKS_MAX_WS_MESSAGE_SIZE_KB] --l2-monitor-flashblocks-private-stream value [ --l2-monitor-flashblocks-private-stream value ] private websocket stream(s) of l2 flashblocks [$CHAIN_MONITOR_L2_MONITOR_FLASHBLOCKS_PRIVATE_STREAMS]