OP Stack Configurability

Table of Contents

When deploying the OP Stack software to a production environment, certain parameters about the protocol can be configured. These configurations can include a variety of parameters which affect the resulting properties of the blockspace in question.

There are four categories of OP Stack configuration options:

  • Consensus Parameters: Parameters and properties of the chain that may be set at genesis and fixed for the lifetime of the chain, or may be changeable through a privileged account or protocol upgrade.
  • Policy Parameters: Parameters of the chain that might be changed without breaking consensus. Consensus is enforced by the protocol, while policy parameters may be changeable within constraints imposed by consensus.
  • Admin Roles: These roles can upgrade contracts, change role owners, or update protocol parameters. These are typically cold/multisig wallets not used directly in day to day operations.
  • Service Roles: These roles are used to manage the day-to-day operations of the chain, and therefore are often hot wallets.

Each category also defines the standard configuration values for it's given parameters. Standard configuration is the set of requirements for an OP Stack chain to be considered a Standard Chain within the superchain. These requirements are currently a draft, pending governance approval.

Consensus Parameters

Config PropertyDescriptionAdministratorStandard Config RequirementNotes
Batch Inbox addressL1 address where calldata/blobs are posted (see Batcher Transaction).StaticCurrent convention is 0xff000...000{chainId}.Follow convention if possible. A future hardfork plans to migrate Batch Inbox Addresses to better support uint256 sized chain IDs.
Batcher HashA versioned hash of the current authorized batcher sender(s).System Config Ownerbytes32(uint256(uint160(batchSubmitterAddress)))Batch Submitter address padded with zeros to fit 32 bytes.
Chain IDUnique ID of Chain used for TX signature validation.StaticFoundation-approved, globally unique value 1.Foundation will ensure chains are responsible with their chain IDs until there's a governance process in place.
Challenge PeriodLength of time for which an output root can be removed, and for which it is not considered finalized.L1 Proxy Admin7 daysHigh security. Excessively safe upper bound that leaves enough time to consider social layer solutions to a hack if necessary. Allows enough time for other network participants to challenge the integrity of the corresponding output root.
Fee ScalarMarkup on transactions compared to the raw L1 data cost.System Config OwnerSet such that Fee Margin is between 0 and 50%.
Gas LimitGas limit of the L2 blocks is configured through the system config.System Config OwnerNo higher than 200_000_000 gasChain operators are driven to maintain a stable and reliable chain. When considering to change this value, careful deliberation is necessary.
Genesis stateInitial state at chain genesis, including code and storage of predeploys (all L2 smart contracts). See Predeploy.StaticOnly standard predeploys and preinstalls, no additional state.Homogeneity & standardization, ensures initial state is secure.
L2 block timeFrequency with which blocks are produced as a result of derivation.L1 Proxy Admin2 secondsHigh security & interoperability compatibility requirement, until de-risked/solved at app layer.
Sequencing window SizeMaximum allowed batch submission gap, after which L1 fallback is triggered in derivation.Static3_600 base layer blocks (12 hours for an L2 on Ethereum, assuming 12 second L1 blocktime). e.g. 12 second blocks, .This is an important value for constraining the sequencer's ability to re-order transactions; higher values would pose a risk to user protections.
Start blockBlock at which the system config was initialized the first time.L1 Proxy AdminThe block where the SystemConfig was initialized.Simple clear restriction.
Superchain targetChoice of cross-L2 configuration. May be omitted in isolated OP Stack deployments. Includes SuperchainConfig and ProtocolVersions contract addresses.StaticMainnet or SepoliaA superchain target defines a set of layer 2 chains which share SuperchainConfig and ProtocolVersions contracts deployed on layer 1.
1

The chain ID must be globally unique among all EVM chains.

Policy Parameters

Config PropertyDescriptionAdministratorStandard Config RequirementNotes
Data Availability TypeBatcher can currently be configured to use blobs or calldata (See Data Availability Provider).Batch submitter addressEthereum (Blobs, Calldata)Alt-DA is not yet supported for the standard configuration, but the sequencer can switch at-will between blob and calldata with no restiction, since both are L1 security.
Batch submission frequencyFrequency with which batches are submitted to L1 (see Batcher Transaction).Batch submitter address1_800 base layer blocks (6 hours for an L2 on Ethereum, assuming 12 second L1 blocktime) or lowerBatcher needs to fully submit each batch within the sequencing window, so this leaves buffer to account for L1 network congestion and the amount of data the batcher would need to post.
Output frequencyFrequency with which output roots are submitted to L1.L1 Proxy Admin43_200 L2 Blocks (24 hours for an L2 on Ethereum, assuming 2 second L2 blocktime) or lower e.g. 2 second blocks, .Deprecated once fault proofs are implemented. This value cannot be 0.

Admin Roles

Config PropertyDescriptionAdministratorAdministersStandard Config RequirementNotes
L1 Proxy AdminAccount authorized to upgrade L1 contracts.L1 Proxy Admin OwnerBatch Inbox Address, Start block, Proposer address, Challenger address, Guardian address, Challenge Period, Output frequency, L2 block time, L1 smart contractsProxyAdmin.sol from the latest op-contracts/vX.Y.X release of source code in Optimism repository.Governance-controlled, high security.
L1 ProxyAdmin ownerAccount authorized to update the L1 Proxy Admin.L1 Proxy Admin0x5a0Aae59D09fccBdDb6C6CcEB07B7279367C3d2A 2Governance-controlled, high security.
L2 Proxy AdminAccount authorized to upgrade L2 contracts.L2 Proxy Admin OwnerPredeploysProxyAdmin.sol from the latest op-contracts/vX.Y.X release of source code in Optimism repository. Predeploy address: 0x4200000000000000000000000000000000000018.Governance-controlled, high security.
L2 ProxyAdmin ownerAccount authorized to update the L2 Proxy Admin.L2 Proxy AdminOptimism Foundation Gnosis Safe e.g. 0x7871d1187A97cbbE40710aC119AA3d412944e4Fe 3Governance-controlled, high security.
System Config OwnerAccount authorized to change values in the SystemConfig contract. All configuration is stored on L1 and picked up by L2 as part of the derviation of the L2 chain.Batch submitter address, Sequencer P2P / Unsafe head signer, Fee Margin, Gas limit, System Config OwnerChain Governor or ServicerAs defined in the Law of Chains
2

2 of 2 GnosisSafe between Optimism Foundation (OF) and the Security Council (SC) on L1. Mainnet and Sepolia addresses can be found at priviledged roles.

3

5 of 7 GnosisSafe for Optimism Foundation on L2. Mainnet and Sepolia addresses can be found at priviledged roles.

Service Roles

Config PropertyDescriptionAdministratorStandard Config RequirementNotes
Batch submitter addressAccount which authenticates new batches submitted to L1 Ethereum.System Config OwnerNo requirement
Challenger addressAccount which can delete output roots before challenge period has elapsed.L1 Proxy Admin0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A 4Optimism Foundation (OF) multisig leveraging battle-tested software.
Guardian addressAccount authorized to pause L1 withdrawals from contracts.L1 Proxy Admin0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A 4Optimism Foundation (OF) multisig leveraging battle-tested software.
Proposer addressAccount which can propose output roots to L1.L1 Proxy AdminNo requirement
Sequencer P2P / Unsafe head signerAccount which authenticates the unsafe/pre-submitted blocks for a chain at the P2P layer.System Config OwnerNo requirement
4

5 of 7 GnosisSafe controlled by Optimism Foundation (OF). Mainnet and Sepolia addresses can be found at priviledged roles.