Stake Root Simplifications [WIP]

[shotaronowhere]

This PR represents WIP simplification and extension of the stake root contracts. It is not in a finalized state as items such as test coverage, safe type casting, natspec comments, incentive compatibility for removals, modifications needed to charging, and agreement of the simplification approach are needed.

Simplifications

• Removing checkpoint history data structures. Some of these data structures were used to track balance updates and introduced both logical and computational complexity as binary search was used in some cases. There's still a checkpoint history used for the total charge, but I think we can get rid of that with another approach (storage proof or synchronous charging).
• The async nature of charging is another point of complexity related to the blacklist window. We should discuss what the goal is here for blacklisting in general, but in the context of charging, it looks like an unneccesary complication that impacts the happy path due to an unhappy path concern. As far as I see, the original implementation delays payment of the proof submitter in case some point of the zk-proving stack is compromised, and you don't want to compensate someone for producing a proof which does not effectively compute the stake root. On the otherhand, proof charging is rate limited and should this event happen, the contract is upgradable anyways so we could effectively pause the contract. If we are designing a contract that will be immutable in the future, then that changes the analysis. I don't think the the complexity of async charging is not worth the rare edge case it protects against.
• Removal from the stake tree leaves strategies dirty

AVS' can withdraw the balances at any time and remove operator sets from the tree.

[gpsanant]

delete

[gpsanant]

we use multiline comments stylistically

/**
 *
...
 */

[gpsanant]

hm.

Can we just make addStrategiesAndMultipliers payable and deposit if msg.value > 0?

[gpsanant]

just deposit to be consistent with new internal funcs

[gpsanant]

i think the previous saves more gas in the zkVM

[gpsanant]

not sure though, we should benchmark

[shotaronowhere]

ahh okay this was inadvertent

[gpsanant]

i definitely prefer 0 based indexing haha

[gpsanant]

this should not be msg.sender, it should be the operatorSet.avs and substituteOperatorSet.avs respectively

[shotaronowhere]

yeah, definitely

[gpsanant]

we should remove them from the operatorSet if they fall below the min balance here?

[shotaronowhere]

we can, i reserved that logic where it is explicitly relevant eg processing withdrawals. . .

let me ponder, can put it back in, just thinking if there was a good reason i took it out

[gpsanant]

rename back to updateTotalCharge because we need to call this when charges change

[shotaronowhere]

will do

[gpsanant]

we need to update the totalCharge in this function in case this is a force removal that isn't a removal of strategies

[gpsanant]

hm why do we have this?

[shotaronowhere]

not necessary I guess, could remove it if it doesn't matter for AVS'

[gpsanant]

seems correct to revert here imo

[shotaronowhere]

yeah i'll put that back, it's a setter so used very rarely

[gpsanant]

this should be a timestamp since everything is in timestamps in the slashing release

[shotaronowhere]

hmmmm this might be awkward since the zk proof is against a blockhash and blocks are sequential but calculationTimestamps can jump
BN: [ 0 ] [ 1 ] [ 2 ]
TS: 12 36 48

so there is a missing timestamp corresponding to timestamp 24. . . should a proof be skipped in this case?

[gpsanant]

calculationBlockNumber = latestBlockNumberProven + proofInterval

And this can only be if this is not the first submission

[shotaronowhere]

what do you mean?

from the first require statement, we have calculationBlockNumber % proofInterval == 0

and from latestBlockNumberProven < calculationBlockNumber

we have basically that

latestBlockNumberProven = latestBlockNumberProven + n * proofInterval

---

do you mean proofs should be calculated strictly sequentially?

[gpsanant]

if this is not a proof post, the submission must be proven. confirmation must happen after proofs

[shotaronowhere]

I was kind of overloading this functionality for the desired feature that if the provers are offline, the same data structures can be used for AVS' which may choose to use a simpler confirmation rule (trust eigen labs)

---

or what is desired as a fallback if zkprovers are all offline?

[shotaronowhere]

but yeah, certainly can adjust this so confirmerss strictly confirm

[gpsanant]

we need to update the total Charge here

[shotaronowhere]

yeah, i overlooked some total charging related logic, will put it in there

[gpsanant]

we need to update the cumulatives here

[gpsanant]

should we just allow them to submit an index here to avoid lookup gas?

[shotaronowhere]

i need to put a bit more thought into the total charge, thats a component I overlooked a bit. . .

can't we avoid snapshots by having a view function for the totalCharge and doing a storage proof for that block? that's basically what the zk proof is doing anyways right? could add that to the proof? and to avoid zk tech stack failure enforce a MAX_TOTAL_CHARGE = 3 eth

alternatively to KISS we can do a little bit more accounting to have an O(1) lookup, I think there's a simple way to do it

[gpsanant]

can we make this an immutable?

[shotaronowhere]

MIN_DEPOSIT_BALANCE? yeah

[gpsanant]

set latestBlockNumberProven