deploy: v6.0.0 Groth16 & Plonk verifiers on 18 chains#72
Merged
fakedev9999 merged 14 commits intomainfrom Feb 24, 2026
Merged
Conversation
…ration (#61) Replace unconditional gateway.addRoute() call with env-var-controlled conditional. This allows the same script to work for both: - Multisig deployments (default): REGISTER_ROUTE unset/false, route added via Safe UI - Direct deployments: REGISTER_ROUTE=true, route added during script execution The gateway.addRoute() function has onlyOwner modifier, so when the gateway owner is a multisig and the deployer is an EOA, the call would revert. This change prevents deployment failures without requiring code modifications.
* feat: add Safe Transaction Builder JSON generator Adds a Node.js script to generate Safe Transaction Builder JSON files for registering verifier routes via multisig. This eliminates manual copy/paste errors when executing Phase 2 (multisig) deployments. Usage: node script/utils/generate-safe-batch.js --chain=all --version=v6.0.0-beta.1 Features: - Generates JSON files compatible with Safe UI Transaction Builder - Reads gateway addresses and verifier addresses from deployment files - Supports all 5 mainnet chains (Ethereum, Optimism, Arbitrum, Base, Scroll) - Handles version string conversion (v6.0.0-beta.1 -> V6_0_0_BETA_1) - Encodes addRoute(address) calldata with correct function selector - Includes ABI metadata for transaction decoding in Safe UI * refactor: code quality improvements for generate-safe-batch.js - Compact: single regex in versionToKey, reuse for filename generation - Concise: inline object literals, simplified arg parsing - Clean: condensed JSDoc to single-line comments, consistent error indentation - Capable: added chain ID validation, JSON parse error handling, verifier loop * chore: remove slop from generate-safe-batch.js (200→102 lines) * fix: read available chains from deployments directory
- Add missing CHAINS= env var to all deployment commands - Update version references from v3.0.0 to v6.0.0-beta.1 - Add source .env requirement (multichain modifier reads env vars directly) - Document that --rpc-url flag is ignored by multichain modifier - Add CREATE2_SALT collision warning for gateway deployments - Document REGISTER_ROUTE env var and multisig workflow - Reference Safe Transaction Builder JSON generator - Fix typo in remappings.txt instruction - Remove hardcoded verifier address from example
- Add Tempo chain config (4217.json) - Add CREATE2_SALT to Monad, X Layer, MegaETH, Plasma, Hoodi deployment files - Add BSC and Tempo to foundry.toml (RPC + etherscan) - Update generate-safe-batch.js: v6.0.0 default, freeze support, testnet chains
Remove Holesky (chain ID 17000) from: - generate-safe-batch.js testnet chains - foundry.toml RPC and etherscan configs - .env.example
Add RPC, etherscan API key, and etherscan API URL entries for Hoodi, BSC, Monad, X Layer, MegaETH, Plasma, and Tempo.
Replace 36 per-chain ETHERSCAN_API_KEY_*/ETHERSCAN_API_URL_* env vars and 18 per-chain foundry.toml entries with Etherscan V2 endpoints that use a single API key. X Layer uses OKLINK_API_KEY, Tempo uses Sourcify. Also removes exposed Tempo credentials from .env.example.
The Tempo Sourcify endpoint requires the root URL with trailing slash (https://contracts.tempo.xyz/), not /api. Forge concatenates paths like {url}v2/contract/... so /api produced /apiv2/contract/... (broken).
…ication - HANDOFF-v6-routes.md: step-by-step guide for Phase 2a (10 multisig chains via Safe TX Builder) and Phase 2b (8 ledger chains via cast) - check-routes.sh: pre/post-flight verification of all 36 routes - generate-safe-batch.js: add Safe TX Builder checksum (keccak256) - 10 pre-generated Safe batch JSONs with valid checksums
Tenderly simulation revealed testnet gateways are EOA-owned, not multisig-owned. Remove 5 testnet Safe batches, keep only mainnet batches, and move testnets to Phase 2b (ledger) in handoff guide.
PR #73 corrected DELTA_NEG_* constants in Groth16Verifier.sol, which changes the CREATE2 address. Update all artifacts to the new address: - 18 deployment JSONs: V6_0_0_SP1_VERIFIER_GROTH16 → 0x99A74A05... - check-routes.sh: V6_GROTH16 address - HANDOFF-v6-routes.md: all addRoute commands and references - 5 Safe batch JSONs: regenerated via generate-safe-batch.js
fakedev9999
force-pushed
the
fakedev9999/deploy-v6
branch
from
0205972 to
a7bb13c
Compare
Member
Author
Updated: Groth16 verifier address correctedPR #73 fixed incorrect Old Groth16 address (pre-fix): All 18 chains redeployed and verified. This push updates:
Branch was also rebased onto |
- Remove HANDOFF-v6-routes.md — 100% subset of cloud-ops runbook (PR #2) - Add .DS_Store to .gitignore - Delete temp scripts (check-balances.sh, test-rpcs.sh)
fakedev9999
changed the title
mattstam
approved these changes
Feb 24, 2026
2 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
REGISTER_ROUTEenv var to deployment scripts (feat: use REGISTER_ROUTE env var for conditional gateway route registration #61) — skip gateway registration when deployer != ownercheck-routes.shverification scriptDeployed Addresses (all 18 chains)
0x99A74A05a0FaBEB217C1A329b0dac59a1FA525080x8a0fd5e825D14368d90Fe68F31fceAe3E17AFc5CRoute Registration
Phase 2 (route registration) instructions in cloud-ops runbook:
https://github.com/succinctlabs/cloud-ops/pull/2