OP Stack Configurability
Table of Contents
When deploying the OP Stack software to a production environment, certain parameters about the protocol can be configured. These configurations can include a variety of parameters which affect the resulting properties of the blockspace in question.
There are four categories of OP Stack configuration options:
- Consensus Parameters: Parameters and properties of the chain that may be set at genesis and fixed for the lifetime of the chain, or may be changeable through a privileged account or protocol upgrade.
- Policy Parameters: Parameters of the chain that might be changed without breaking consensus. Consensus is enforced by the protocol, while policy parameters may be changeable within constraints imposed by consensus.
- Admin Roles: These roles can upgrade contracts, change role owners, or update protocol parameters. These are typically cold/multisig wallets not used directly in day to day operations.
- Service Roles: These roles are used to manage the day-to-day operations of the chain, and therefore are often hot wallets.
Each category also defines the standard configuration values for it's given parameters. Standard configuration is the set of requirements for an OP Stack chain to be considered a Standard Chain within the superchain. These requirements are currently a draft, pending governance approval.
Consensus Parameters
Config Property | Description | Administrator | Standard Config Requirement | Notes |
---|---|---|---|---|
Batch Inbox address | L1 address where calldata/blobs are posted (see Batcher Transaction). | Static | Current convention is 0xff000...000{chainId} . | Follow convention if possible. A future hardfork plans to migrate Batch Inbox Addresses to better support uint256 sized chain IDs. |
Batcher Hash | A versioned hash of the current authorized batcher sender(s). | System Config Owner | bytes32(uint256(uint160(batchSubmitterAddress))) | Batch Submitter address padded with zeros to fit 32 bytes. |
Chain ID | Unique ID of Chain used for TX signature validation. | Static | Foundation-approved, globally unique value 1. | Foundation will ensure chains are responsible with their chain IDs until there's a governance process in place. |
Challenge Period | Length of time for which an output root can be removed, and for which it is not considered finalized. | L1 Proxy Admin | 7 days | High security. Excessively safe upper bound that leaves enough time to consider social layer solutions to a hack if necessary. Allows enough time for other network participants to challenge the integrity of the corresponding output root. |
Fee Scalar | Markup on transactions compared to the raw L1 data cost. | System Config Owner | Set such that Fee Margin is between 0 and 50%. | |
Gas Limit | Gas limit of the L2 blocks is configured through the system config. | System Config Owner | 60,000,000 gas | Chain operators are driven to maintain a stable and reliable chain. When considering to change this value, careful deliberation is necessary. |
Genesis state | Initial state at chain genesis, including code and storage of predeploys (all L2 smart contracts). See Predeploy. | Static | Only standard predeploys and preinstalls, no additional state. | Homogeneity & standardization, ensures initial state is secure. |
L2 block time | Frequency with which blocks are produced as a result of derivation. | L1 Proxy Admin | 2 seconds | High security & interoperability compatibility requirement, until de-risked/solved at app layer. |
Resource config | Config for the EIP-1559 based curve used for the deposit gas market. | System Config Owner | See resource config table. | Constraints are imposed in code when setting the resource config. |
Sequencing window | Maximum allowed batch submission gap, after which L1 fallback is triggered in derivation. | Static | 12 hours | This is an important value for constraining the sequencer's ability to re-order transactions; higher values would pose a risk to User Protections. |
Start block | Block at which the system config was initialized the first time. | L1 Proxy Admin | The block where the SystemConfig was initialized. | Simple clear restriction. |
Superchain target | Choice of cross-L2 configuration. May be omitted in isolated OP Stack deployments. Includes SuperchainConfig and ProtocolVersions contract addresses. | Static | Mainnet or Sepolia | A superchain target defines a set of layer 2 chains which share SuperchainConfig and ProtocolVersions contracts deployed on layer 1. |
The chain ID must be globally unique among all EVM chains.
Resource Config
Config Property | Standard Config Requirement |
---|---|
maxResourceLimit | |
elasticityMultiplier | |
baseFeeMaxChangeDenominator | |
minimumBaseFee | |
systemTxMaxGas | |
maximumBaseFee | -1 |
Policy Parameters
Config Property | Description | Administrator | Standard Config Requirement | Notes |
---|---|---|---|---|
Data Availability Type | Batcher can currently be configured to use blobs or calldata (See Data Availability Provider). | Batch submitter address | Ethereum (Blobs, Calldata) | Alt-DA is not yet supported for the standard configuration, but the sequencer can switch at-will between blob and calldata with no restiction, since both are L1 security. |
Batch submission frequency | Frequency with which batches are submitted to L1 (see Batcher Transaction). | Batch submitter address | 1_800 L1 blocks (~6 hours) or lower (i.e. 50% of the Sequencing Window) | Batcher needs to fully submit each batch within the sequencing window, so this leaves buffer to account for L1 network congestion and the amount of data the batcher would need to post. |
Output frequency | Frequency with which output roots are submitted to L1. | L1 Proxy Admin | 43_200 L2 Blocks (~24 hours) or lower | Deprecated once fault proofs are implemented. This value cannot be 0. |
Admin Roles
Config Property | Description | Administrator | Administers | Standard Config Requirement | Notes |
---|---|---|---|---|---|
L1 Proxy Admin | Account authorized to upgrade L1 contracts. | L1 Proxy Admin Owner | Batch Inbox Address, Start block, Proposer address, Challenger address, Guardian address, Challenge Period, Output frequency, L2 block time, L1 smart contracts | ProxyAdmin.sol from the latest op-contracts/vX.Y.X release of source code in Optimism repository. | Governance-controlled, high security. |
L1 ProxyAdmin owner | Account authorized to update the L1 Proxy Admin. | L1 Proxy Admin | 0x5a0Aae59D09fccBdDb6C6CcEB07B7279367C3d2A 2 | Governance-controlled, high security. | |
L2 Proxy Admin | Account authorized to upgrade L2 contracts. | L2 Proxy Admin Owner | Predeploys | ProxyAdmin.sol from the latest op-contracts/vX.Y.X release of source code in Optimism repository. Predeploy address: 0x4200000000000000000000000000000000000018. | Governance-controlled, high security. |
L2 ProxyAdmin owner | Account authorized to update the L2 Proxy Admin. | L2 Proxy Admin | Optimism Foundation Gnosis Safe e.g. 0x7871d1187A97cbbE40710aC119AA3d412944e4Fe 3 | Governance-controlled, high security. | |
System Config Owner | Account authorized to change values in the SystemConfig contract. All configuration is stored on L1 and picked up by L2 as part of the derviation of the L2 chain. | Batch submitter address, Sequencer P2P / Unsafe head signer, Fee Margin, Gas limit, Resource config, System Config Owner | Chain Governor or Servicer | As defined in the Law of Chains |
2 of 2 GnosisSafe between Optimism Foundation (OF) and the Security Council (SC) on L1. Mainnet and Sepolia addresses can be found at priviledged roles.
5 of 7 GnosisSafe for Optimism Foundation on L2. Mainnet and Sepolia addresses can be found at priviledged roles.
Service Roles
Config Property | Description | Administrator | Standard Config Requirement | Notes |
---|---|---|---|---|
Batch submitter address | Account which authenticates new batches submitted to L1 Ethereum. | System Config Owner | No requirement | |
Challenger address | Account which can delete output roots before challenge period has elapsed. | L1 Proxy Admin | 0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A 4 | Optimism Foundation (OF) multisig leveraging battle-tested software. |
Guardian address | Account authorized to pause L1 withdrawals from contracts. | L1 Proxy Admin | 0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A 4 | Optimism Foundation (OF) multisig leveraging battle-tested software. |
Proposer address | Account which can propose output roots to L1. | L1 Proxy Admin | No requirement | |
Sequencer P2P / Unsafe head signer | Account which authenticates the unsafe/pre-submitted blocks for a chain at the P2P layer. | System Config Owner | No requirement |
5 of 7 GnosisSafe controlled by Optimism Foundation (OF). Mainnet and Sepolia addresses can be found at priviledged roles.