From e1bb70b9b0be2823953ce60358559d967149c697 Mon Sep 17 00:00:00 2001 From: Niran Babalola Date: Mon, 3 Nov 2025 18:58:18 -0600 Subject: [PATCH 1/5] feat(sepolia-alpha): add task to transfer SystemConfig ownership to Safe This task transfers the SystemConfig contract ownership to the Gnosis Safe (0x0fe884546476dDd290eC46318785046ef68a0BA9). Context: - The previous task (2025-04-08-transfer-proxy-admin-ownership-to-safe) only transferred the ProxyAdmin ownership, which controls proxy upgrades - SystemConfig has a separate owner() that controls SystemConfig parameters - This task correctly transfers the SystemConfig ownership to the Safe The current SystemConfig owner is an EOA (0xAf6E0E871f38c7B653700F7CbAEDafaa2784D430) which is not compatible with the superchain-ops upgrade process. --- .../.env | 12 ++++ .../Makefile | 11 ++++ .../README.md | 65 +++++++++++++++++++ .../VALIDATION.md | 39 +++++++++++ .../foundry.toml | 20 ++++++ .../TransferSystemConfigOwnership.s.sol | 38 +++++++++++ 6 files changed, 185 insertions(+) create mode 100644 sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env create mode 100644 sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/Makefile create mode 100644 sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/README.md create mode 100644 sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md create mode 100644 sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/foundry.toml create mode 100644 sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env new file mode 100644 index 00000000..47df77f7 --- /dev/null +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env @@ -0,0 +1,12 @@ +OP_COMMIT=8d0dd96e494b2ba154587877351e87788336a4ec +BASE_CONTRACTS_COMMIT=6ca464d118d2d33331ea44893f0930f753663f60 + +# SystemConfig contract address (not the ProxyAdmin!) +# https://sepolia.etherscan.io/address/0x7F67DC4959cb3E532B10A99F41bDD906C46FdFdE +SYSTEM_CONFIG=0x7F67DC4959cb3E532B10A99F41bDD906C46FdFdE + +# New owner (Gnosis Safe) +NEW_OWNER=0x0fe884546476dDd290eC46318785046ef68a0BA9 + +# Current SystemConfig owner (transaction sender) +SENDER=0xAf6E0E871f38c7B653700F7CbAEDafaa2784D430 \ No newline at end of file diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/Makefile b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/Makefile new file mode 100644 index 00000000..d2c455ae --- /dev/null +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/Makefile @@ -0,0 +1,11 @@ +include ../../Makefile +include ../.env +include .env + +.PHONY: simulate +simulate: + forge script --rpc-url $(L1_RPC_URL) TransferSystemConfigOwnership --sender $(SENDER) + +.PHONY: execute +execute: + forge script --rpc-url $(L1_RPC_URL) TransferSystemConfigOwnership --account sepolia-alpha-admin --broadcast -vvvv \ No newline at end of file diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/README.md b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/README.md new file mode 100644 index 00000000..2dbc03ab --- /dev/null +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/README.md @@ -0,0 +1,65 @@ +# Transfer SystemConfig Ownership to Gnosis Safe + +Status: NOT YET EXECUTED + +## Description + +We wish to update the owner of our [SystemConfig](https://sepolia.etherscan.io/address/0x7F67DC4959cb3E532B10A99F41bDD906C46FdFdE) contract on Sepolia for Sepolia-Alpha to be the Gnosis safe owned by the Base chain engineers. + +**Important Context:** +- The ProxyAdmin owner was previously transferred to the Safe in task `2025-04-08-transfer-proxy-admin-ownership-to-safe` +- However, that transaction only changed the **ProxyAdmin** owner (which controls proxy upgrades) +- The **SystemConfig** owner (which controls SystemConfig parameters) is a separate ownership role +- This task correctly transfers the SystemConfig ownership to match the ProxyAdmin ownership + +The current owner is an EOA (0xAf6E0E871f38c7B653700F7CbAEDafaa2784D430) which is not compatible with the superchain-ops upgrade process. + +## Procedure + +### 1. Update repo: + +```bash +cd contract-deployments +git pull +cd sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe +make deps +``` + +### 2. Run relevant script(s) + +#### Simulate the transaction + +```bash +make simulate +``` + +You will see a "Simulation link" from the output. + +Paste this URL in your browser. A prompt may ask you to choose a +project, any project will do. You can create one if necessary. + +Click "Simulate Transaction". + +1. Validate integrity of the simulation. +2. Validate correctness of the state diff. + +##### 2.1 Validate integrity of the simulation. + +Make sure you are on the "Overview" tab of the tenderly simulation, to +validate integrity of the simulation, we need to check the following: + +1. "Network": Check the network is Sepolia. +2. "Timestamp": Check the simulation is performed on a block with a + recent timestamp (i.e. close to when you run the script). +3. "Sender": Check the address shown is your signer account. If not see the derivation path Note above. + +##### 2.2. Validate correctness of the state diff. + +Now click on the "State" tab, and refer to the [State Validations](./VALIDATION.md) instructions for the transaction you are sending. +Once complete return to this document to complete the execution. + +#### Execute the transaction + +```bash +make execute +``` diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md new file mode 100644 index 00000000..46f0399e --- /dev/null +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md @@ -0,0 +1,39 @@ +# Validation + +This document can be used to validate the inputs and result of the execution of the upgrade transaction which you are +signing. + +# State Validations + +For each contract listed in the state diff, please verify that no contracts or state changes shown in the Tenderly diff are missing from this document. Additionally, please verify that for each contract: + +- The following state changes (and none others) are made to that contract. This validates that no unexpected state + changes occur. +- All addresses (in section headers and storage values) match the provided name, using the Etherscan and Superchain + Registry links provided. This validates the bytecode deployed at the addresses contains the correct logic. +- All key values match the semantic meaning provided, which can be validated using the storage layout links provided. + +## Task State Changes + +
+
+----- DecodedStateDiff[0] -----
+  Who:               0x7F67DC4959cb3E532B10A99F41bDD906C46FdFdE
+  Contract:          SystemConfig (Proxy) - Sepolia Alpha
+  Chain ID:          11155111
+  Raw Slot:          0x0000000000000000000000000000000000000000000000000000000000000000
+  Raw Old Value:     0x000000000000000000000000af6e0e871f38c7b653700f7cbaedafaa2784d430
+  Raw New Value:     0x0000000000000000000000000fe884546476ddd290ec46318785046ef68a0ba9
+  Decoded Kind:      address
+  Decoded Old Value: 0xAf6E0E871f38c7B653700F7CbAEDafaa2784D430
+  Decoded New Value: 0x0fe884546476dDd290eC46318785046ef68a0BA9
+
+  Summary:           Update SystemConfig owner from `0xAf6E0E871f38c7B653700F7CbAEDafaa2784D430` to `0x0fe884546476dDd290eC46318785046ef68a0BA9`
+
+----- Additional Nonce Changes -----
+  Who:               0xAf6E0E871f38c7B653700F7CbAEDafaa2784D430
+
+  Details:           Nonce Updates for all addresses listed above.
+  Summary:
+    - 0xAf6E0E871f38c7B653700F7CbAEDafaa2784D430 is the caller
+
diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/foundry.toml b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/foundry.toml new file mode 100644 index 00000000..14499ab0 --- /dev/null +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/foundry.toml @@ -0,0 +1,20 @@ +[profile.default] +src = 'src' +out = 'out' +libs = ['lib'] +broadcast = 'records' +fs_permissions = [{ access = "read-write", path = "./" }] +optimizer = true +optimizer_runs = 999999 +solc_version = "0.8.15" +via-ir = false +remappings = [ + '@eth-optimism-bedrock/=lib/optimism/packages/contracts-bedrock/', + '@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts', + '@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts', + '@rari-capital/solmate/=lib/solmate/', + '@base-contracts/=lib/base-contracts', + 'solady/=lib/solady/src/', +] + +# See more config options https://github.com/foundry-rs/foundry/tree/master/config diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol new file mode 100644 index 00000000..e2869383 --- /dev/null +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol @@ -0,0 +1,38 @@ +// SPDX-License-Identifier: MIT +pragma solidity 0.8.15; + +import {Script} from "forge-std/Script.sol"; +import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; +import {Simulation} from "@base-contracts/script/universal/Simulation.sol"; + +contract TransferSystemConfigOwnership is Script { + address public immutable NEW_OWNER; + address public immutable SYSTEM_CONFIG; + + constructor() { + NEW_OWNER = vm.envAddress("NEW_OWNER"); + SYSTEM_CONFIG = vm.envAddress("SYSTEM_CONFIG"); + } + + function run() public { + Simulation.StateOverride[] memory overrides; + bytes memory data = _buildCall(); + Simulation.logSimulationLink({_to: SYSTEM_CONFIG, _data: data, _from: msg.sender, _overrides: overrides}); + + vm.startBroadcast(); + (bool success, ) = SYSTEM_CONFIG.call(data); + vm.stopBroadcast(); + + require(success, "TransferSystemConfigOwnership call failed"); + _postCheck(); + } + + function _buildCall() private view returns (bytes memory) { + return abi.encodeCall(OwnableUpgradeable.transferOwnership, (NEW_OWNER)); + } + + function _postCheck() private view { + OwnableUpgradeable systemConfig = OwnableUpgradeable(SYSTEM_CONFIG); + require(systemConfig.owner() == NEW_OWNER, "SystemConfig owner did not get updated"); + } +} From a4b06353ba01e401aa678c144688480ef1c26dd5 Mon Sep 17 00:00:00 2001 From: Niran Babalola Date: Mon, 3 Nov 2025 23:01:16 -0600 Subject: [PATCH 2/5] docs: clarify VALIDATION.md is manually created Add comment to VALIDATION.md explaining that it was created manually rather than auto-generated by state-diff, since this is a simple EOA transaction (not a MultisigScript with EIP-712 signatures). --- .../VALIDATION.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md index 46f0399e..ea7b0d08 100644 --- a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md @@ -1,5 +1,10 @@ # Validation + + This document can be used to validate the inputs and result of the execution of the upgrade transaction which you are signing. From b1f9c3b5a302a086a5bf8119e1643ba6dc736723 Mon Sep 17 00:00:00 2001 From: Niran Babalola Date: Wed, 5 Nov 2025 22:14:49 -0600 Subject: [PATCH 3/5] chore(sepolia-alpha): update dependencies to op-contracts/v1.8.0 and latest base/contracts Update OP_COMMIT to op-contracts/v1.8.0 final release (2073f405) and BASE_CONTRACTS_COMMIT to latest (dcd8c98a) for the SystemConfig ownership transfer task. --- .../2025-11-03-transfer-systemconfig-ownership-to-safe/.env | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env index 47df77f7..d5b88da9 100644 --- a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/.env @@ -1,5 +1,5 @@ -OP_COMMIT=8d0dd96e494b2ba154587877351e87788336a4ec -BASE_CONTRACTS_COMMIT=6ca464d118d2d33331ea44893f0930f753663f60 +OP_COMMIT=2073f4059bd806af3e8b76b820aa3fa0b42016d0 +BASE_CONTRACTS_COMMIT=dcd8c98aa881e0ae4ebf872e0d91692a7bf94000 # SystemConfig contract address (not the ProxyAdmin!) # https://sepolia.etherscan.io/address/0x7F67DC4959cb3E532B10A99F41bDD906C46FdFdE From 5ce094bf4ad2c80301af6ef9bd4058e88ec0eb35 Mon Sep 17 00:00:00 2001 From: Niran Babalola Date: Thu, 6 Nov 2025 15:21:48 -0600 Subject: [PATCH 4/5] docs(sepolia-alpha): add storage slot derivation to VALIDATION.md - Correct storage slot from 0 to 51 (0x33) for SystemConfig owner - Add explanation of OpenZeppelin upgradeable contract storage layout - Include forge inspect and cast storage commands for verification - Clarify distinction between parameter owner and upgrade admin ownership --- .../VALIDATION.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md index ea7b0d08..b2c62f0f 100644 --- a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/VALIDATION.md @@ -3,7 +3,18 @@ + the expected state changes from the script simulation. + + STORAGE SLOT DERIVATION: + The SystemConfig owner is stored at slot 51 (0x33). This can be verified with: + forge inspect OwnableUpgradeable storageLayout # Shows _owner at Slot 51 + cast storage 0x7F67DC4959cb3E532B10A99F41bDD906C46FdFdE 51 --rpc-url + + OWNERSHIP TYPES: + This transfer changes the SystemConfig **parameter owner** (who can call setBatcherHash, setGasLimit, etc.). + The **upgrade admin** (ProxyAdmin at 0xC5aE9023bFA79124ffA50169E1423E733D0166f1) controls upgrades + and was already transferred to the Safe in task `2025-04-08-transfer-proxy-admin-ownership-to-safe`. +--> This document can be used to validate the inputs and result of the execution of the upgrade transaction which you are signing. @@ -26,7 +37,7 @@ For each contract listed in the state diff, please verify that no contracts or s Who: 0x7F67DC4959cb3E532B10A99F41bDD906C46FdFdE Contract: SystemConfig (Proxy) - Sepolia Alpha Chain ID: 11155111 - Raw Slot: 0x0000000000000000000000000000000000000000000000000000000000000000 + Raw Slot: 0x0000000000000000000000000000000000000000000000000000000000000033 Raw Old Value: 0x000000000000000000000000af6e0e871f38c7b653700f7cbaedafaa2784d430 Raw New Value: 0x0000000000000000000000000fe884546476ddd290ec46318785046ef68a0ba9 Decoded Kind: address From dc387c8ed492c0b402f58c892267d8a504f561c1 Mon Sep 17 00:00:00 2001 From: Leopold Joy Date: Wed, 12 Nov 2025 17:56:12 +0000 Subject: [PATCH 5/5] fix build error in tasks' Simulation.logSimulationLink() call and run forge fmt --- .../script/TransferSystemConfigOwnership.s.sol | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol index e2869383..7a763405 100644 --- a/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol +++ b/sepolia-alpha/2025-11-03-transfer-systemconfig-ownership-to-safe/script/TransferSystemConfigOwnership.s.sol @@ -17,10 +17,10 @@ contract TransferSystemConfigOwnership is Script { function run() public { Simulation.StateOverride[] memory overrides; bytes memory data = _buildCall(); - Simulation.logSimulationLink({_to: SYSTEM_CONFIG, _data: data, _from: msg.sender, _overrides: overrides}); + Simulation.logSimulationLink({to: SYSTEM_CONFIG, data: data, from: msg.sender, overrides: overrides}); vm.startBroadcast(); - (bool success, ) = SYSTEM_CONFIG.call(data); + (bool success,) = SYSTEM_CONFIG.call(data); vm.stopBroadcast(); require(success, "TransferSystemConfigOwnership call failed");