Polygon zkEM 合约

Bridge 合约

Bridge 合约同时部署在Ethereum 和 Polygon Hermez 网络上，用于实现资产跨链。

**bridge 函数 **

brige 函数用于发起跨链操作，需要用户存款进去。

   /**
     * @notice Deposit add a new leaf to the merkle tree
     * @param token Token address, 0 address is reserved for ether
     * @param destinationNetwork Network destination
     * @param destinationAddress Address destination
     * @param amount Amount of tokens
     */
    function bridge(
        address token,   // 待跨链的token
        uint32 destinationNetwork,   // 目标网络
        address destinationAddress,   // 接收者地址
        uint256 amount           // 金额
    ) public payable

• 跨链通过wrappedToken 形式；

• 用户每发起一起存款，分生成Merkle树的一个叶子节点，更新ExitRoot， 主网络上和Rollup的状态根分别为mainnetExitRoot 和 rollupExit ；

• 叶子节点的值为：

     /**
       * @notice Given the leaf data returns the leaf value
       * @param originNetwork Origin Network
       * @param originTokenAddress Origin token address, 0 address is reserved for ether
       * @param destinationNetwork Destination network
       * @param destinationAddress Destination address
       * @param amount Amount of tokens
       * @param metadataHash Hash of the metadata
       */
      function getLeafValue(
          uint32 originNetwork,
          address originTokenAddress,
          uint32 destinationNetwork,
          address destinationAddress,
          uint256 amount,
          bytes32 metadataHash
      ) public pure returns (bytes32) {
          return
              keccak256(
                  abi.encodePacked(
                      originNetwork,
                      originTokenAddress,
                      destinationNetwork,
                      destinationAddress,
                      amount,
                      metadataHash
                  )
              );
      }
  

claim 函数

claim 函数用户于通过跨链取回用户资产。

    /**
     * @notice Verify merkle proof and withdraw tokens/ether
     * @param smtProof Smt proof
     * @param index Index of the leaf
     * @param mainnetExitRoot Mainnet exit root
     * @param rollupExitRoot Rollup exit root
     * @param originNetwork Origin network
     * @param originTokenAddress  Origin token address, 0 address is reserved for ether
     * @param destinationNetwork Network destination, must be 0 ( mainnet)
     * @param destinationAddress Address destination
     * @param amount Amount of tokens
     * @param metadata abi encoded metadata if any, empty otherwise
     */
    function claim(
        bytes32[] memory smtProof,
        uint32 index,
        bytes32 mainnetExitRoot,
        bytes32 rollupExitRoot,
        uint32 originNetwork,
        address originTokenAddress,
        uint32 destinationNetwork,
        address destinationAddress,
        uint256 amount,
        bytes memory metadata
    ) public

• 通于claimNullifier记录用户是否已取过款；

// Leaf index --> claimed
    mapping(uint256 => bool) public claimNullifier;

• 确保 mainnetExitRoot 和rollupExitRoot 存在；

• 根据destinationNetwork 选择 mainnetExitRoot或 rollupExitRoot 来验证Merkle 证明： smtProof;

• 若对应的wrappedToken 不存进，则进行部署；

• 更新claimNullifier；

• 将资产发给用户

PoE (Proof of Efficiency) 合约

sequenceBatches 函数

只允许TrustedSequencer 提交 batch， 一次可以同时提交多个batch。

     * @notice Allows a sequencer to send multiple batches of L2 transactions
     * @param batches Struct array which the necessary data to append new batces ot the sequence
     * Global exit root, timestamp and forced batches that are pop from the queue
     */
    function sequenceBatches(BatchData[] memory batches)
        public
        onlyTrustedSequencer

• BatchData的结构为：

   /**
     * @notice Struct which will be used to call sequenceBatches
     * @param transactions L2 ethereum transactions EIP-155 with signature:
     * rlp(nonce, gasprice, gasLimit, to, value, data, chainid, 0, 0,) || v || r || s
     * @param globalExitRoot Global exit root of the batch
     * @param timestamp Timestamp of the batch
     * @param forceBatchesTimestamp Every element of the array indicates the timestamp of the forceBatch
     * that will be popped from the queue and added to the sequence
     */
    struct BatchData {
        bytes transactions;     // 包含的交易
        bytes32 globalExitRoot;        // 跨链状态根
        uint64 timestamp;               // 时间戳
        uint64[] forceBatchesTimestamp;    // 强制处理的Batch, 从queue添加到sequence
    }

• 处理后 BatchData 添加到下面的sequence中：

  // Queue of batches that defines the virtual state
      mapping(uint64 => SequencedBatch) public sequencedBatches;
  

其中SequenceBatch 为：

    /**
     * @notice Struct which will be stored in the sequence mapping
     * @param batchHashData Hash containing the necessary information to process a batch:
     * This field will contain: keccak256(bytes transactions || bytes32 globalExitRoot || address sequencer)
     * Note that in case of forceBatch, the previous hash is stored in the ForceBatches mapping, and this will remain empty
     * @param timestamp Timestamp of the batch
     * @param forceBatchNum Indicates which forceBatch is sequenced, 0 if it's a regular batch
     */
    struct SequencedBatch {
        bytes32 batchHashData; // This field will contain the hashed data including the transactions
        uint64 timestamp;     
        uint64 forceBatchNum;
    }

verifyBatch 函数

由aggregator 提交证明，验证batch

  /**
     * @notice Allows an aggregator to verify a batch
     * @param newLocalExitRoot  New local exit root once the batch is processed
     * @param newStateRoot New State root once the batch is processed
     * @param numBatch Batch number that the aggregator intends to verify, used as a sanity check
     * @param proofA zk-snark input
     * @param proofB zk-snark input
     * @param proofC zk-snark input
     */
    function verifyBatch(
        bytes32 newLocalExitRoot,  // 新的`Exit` 根
        bytes32 newStateRoot,       // 新的状态根
        uint64 numBatch,            // 待证的Batch的数目
        uint256[2] calldata proofA,
        uint256[2][2] calldata proofB,
        uint256[2] calldata proofC
    ) public

通过Groth16算法对证明验证通过后，会更新newStateRoot 和 newLocalExitRoot (即rollupExitRoot)。

forceBatch 函数

若trusted sequencer 离线， 任何人都可以通地forceBach 提交batch，

    /**
     * @notice Allows a sequencer/user to force a batch of L2 transactions.
     * This should be used only in extreme cases where the trusted sequencer does not work as expected
     * @param transactions L2 ethereum transactions EIP-155 with signature:
     * rlp(nonce, gasprice, gasLimit, to, value, data, chainid, 0, 0,) || v || r || s
     * @param maticAmount Max amount of MATIC tokens that the sender is willing to pay
     */
    function forceBatch(bytes memory transactions, uint256 maticAmount)
        public
        isForceBatchAllowed

相应的 forceBatch 添加到 forcedBatches 队列中。

    // Queue of forced batches with their associated data
    mapping(uint64 => ForcedBatchData) public forcedBatches;

其中 forcedBatchData 结构为：

    /**
     * @notice Struct which will be stored in the force batch mapping
     * @param batchHashData Hash containing the necessary information to process a batch:
     * This field will contain: keccak256(bytes transactions || bytes32 globalExitRoot || address sequencer)
     * @param maticFee Matic fee that will be payed to the aggregator
     * @param minTimestamp Timestamp that will be an down limit of the batch once this is added to the sequence
     */
    struct ForcedBatchData {
        bytes32 batchHashData;   
        uint256 maticFee;
        uint64 minTimestamp;
    }

sequenceForceBatches 函数

若trusted sequencer 离线，在超时后，用户可以将 forcedBatch 添加到sequencedBatches 中进行处理。

  /** 
     * @notice Allows anyone to sequence forced Batches if the trusted sequencer do not have done it in the timeout period
     * Also allow in any time the trusted sequencer to append forceBatches to the sequence in order to avoid timeout issues
     * @param numForcedBatches number of forced batches that will be added to the sequence
     */
    function sequenceForceBatches(uint64 numForcedBatches)
        public
        isForceBatchAllowed

参考

https://github.com/0xPolygonHermez/zkevm-contracts