deploy: 6c51187

interop/predeploys.html

@@ -324,10 +324,16 @@ <h4 id="sending-messages"><a class="header" href="#sending-messages">Sending Mes
 are prefixed to the abi encoded call.</p>
 <p>An explicit <code>_destination</code> chain and <code>nonce</code> are used to ensure that the message can only be played on a single remote
 chain a single time. The <code>_destination</code> is enforced to not be the local chain to avoid edge cases.</p>
+<p>There is no need for address aliasing as the aliased address would need to commit to the source chain's chain id
+to create a unique alias that commits to a particular sender on a particular domain and it is far more simple
+to assert on both the address and the source chain's chain id rather than assert on an unaliased address.
+In both cases, the source chain's chain id is required for security. Executing messages will never be able to
+assume the identity of an account because <code>msg.sender</code> will never be the identity that initiated the message,
+it will be the <code>L2ToL2CrossDomainMessenger</code> and users will need to callback to get the initiator of the message.</p>
 <pre><code class="language-solidity">function sendMessage(uint256 _destination, address _target, bytes calldata _message) external {
     require(_destination != block.chainid);
 
-    bytes memory data = abi.encodeCall(L2ToL2CrossDomainMessenger.relayMessage, (_destination, messageNonce(), msg.sender, _target, _message));
+    bytes memory data = abi.encodeCall(L2ToL2CrossDomainMessenger.relayMessage, (_destination, block.chainid, messageNonce(), msg.sender, _target, _message));
     emit SentMessage(data);
     nonce++;
 }
@@ -339,17 +345,18 @@ <h4 id="relaying-messages"><a class="header" href="#relaying-messages">Relaying
 chain. The hash of the message is used for replay protection.</p>
 <p>It is important to ensure that the source chain is in the dependency set of the destination chain, otherwise
 it is possible to send a message that is not playable.</p>
-<pre><code class="language-solidity">function relayMessage(uint256 _destination, uint256 _nonce, address _sender, address _target, bytes memory _message) external payable {
+<pre><code class="language-solidity">function relayMessage(uint256 _destination, uint256 _source, uint256 _nonce, address _sender, address _target, bytes memory _message) external payable {
     require(msg.sender == address(CROSS_L2_INBOX));
     require(_destination == block.chainid);
     require(CROSS_L2_INBOX.origin() == address(this));
     require(_target != address(this));
 
-    bytes32 messageHash = keccak256(abi.encode(_destination, _nonce, _sender, _target, _message));
+    bytes32 messageHash = keccak256(abi.encode(_destination, _source, _nonce, _sender, _target, _message));
     require(sentMessages[messageHash] == false);
 
     assembly {
       tstore(CROSS_DOMAIN_MESSAGE_SENDER_SLOT, _sender)
+      tstore(CROSS_DOMAIN_MESSAGE_SOURCE_SLOT, _source)
     }
 
     bool success = SafeCall.call({
@@ -364,6 +371,8 @@ <h4 id="relaying-messages"><a class="header" href="#relaying-messages">Relaying
 }
 </code></pre>
 <p>Note that the <code>relayMessage</code> function is <code>payable</code> to enable relayers to earn in the gas paying asset.</p>
+<p>To enable cross chain authorization patterns, both the <code>_sender</code> and the <code>_source</code> MUST be exposed via <code>public</code>
+getters.</p>
 <h2 id="l1block"><a class="header" href="#l1block">L1Block</a></h2>
 <div class="table-wrapper"><table><thead><tr><th>Constant</th><th>Value</th></tr></thead><tbody>
 <tr><td>Address</td><td><code>0x4200000000000000000000000000000000000015</code></td></tr>

print.html

@@ -7755,10 +7755,16 @@ <h4 id="sending-messages"><a class="header" href="#sending-messages">Sending Mes
 are prefixed to the abi encoded call.</p>
 <p>An explicit <code>_destination</code> chain and <code>nonce</code> are used to ensure that the message can only be played on a single remote
 chain a single time. The <code>_destination</code> is enforced to not be the local chain to avoid edge cases.</p>
+<p>There is no need for address aliasing as the aliased address would need to commit to the source chain's chain id
+to create a unique alias that commits to a particular sender on a particular domain and it is far more simple
+to assert on both the address and the source chain's chain id rather than assert on an unaliased address.
+In both cases, the source chain's chain id is required for security. Executing messages will never be able to
+assume the identity of an account because <code>msg.sender</code> will never be the identity that initiated the message,
+it will be the <code>L2ToL2CrossDomainMessenger</code> and users will need to callback to get the initiator of the message.</p>
 <pre><code class="language-solidity">function sendMessage(uint256 _destination, address _target, bytes calldata _message) external {
     require(_destination != block.chainid);
 
-    bytes memory data = abi.encodeCall(L2ToL2CrossDomainMessenger.relayMessage, (_destination, messageNonce(), msg.sender, _target, _message));
+    bytes memory data = abi.encodeCall(L2ToL2CrossDomainMessenger.relayMessage, (_destination, block.chainid, messageNonce(), msg.sender, _target, _message));
     emit SentMessage(data);
     nonce++;
 }
@@ -7770,17 +7776,18 @@ <h4 id="relaying-messages"><a class="header" href="#relaying-messages">Relaying
 chain. The hash of the message is used for replay protection.</p>
 <p>It is important to ensure that the source chain is in the dependency set of the destination chain, otherwise
 it is possible to send a message that is not playable.</p>
-<pre><code class="language-solidity">function relayMessage(uint256 _destination, uint256 _nonce, address _sender, address _target, bytes memory _message) external payable {
+<pre><code class="language-solidity">function relayMessage(uint256 _destination, uint256 _source, uint256 _nonce, address _sender, address _target, bytes memory _message) external payable {
     require(msg.sender == address(CROSS_L2_INBOX));
     require(_destination == block.chainid);
     require(CROSS_L2_INBOX.origin() == address(this));
     require(_target != address(this));
 
-    bytes32 messageHash = keccak256(abi.encode(_destination, _nonce, _sender, _target, _message));
+    bytes32 messageHash = keccak256(abi.encode(_destination, _source, _nonce, _sender, _target, _message));
     require(sentMessages[messageHash] == false);
 
     assembly {
       tstore(CROSS_DOMAIN_MESSAGE_SENDER_SLOT, _sender)
+      tstore(CROSS_DOMAIN_MESSAGE_SOURCE_SLOT, _source)
     }
 
     bool success = SafeCall.call({
@@ -7795,6 +7802,8 @@ <h4 id="relaying-messages"><a class="header" href="#relaying-messages">Relaying
 }
 </code></pre>
 <p>Note that the <code>relayMessage</code> function is <code>payable</code> to enable relayers to earn in the gas paying asset.</p>
+<p>To enable cross chain authorization patterns, both the <code>_sender</code> and the <code>_source</code> MUST be exposed via <code>public</code>
+getters.</p>
 <h2 id="l1block-1"><a class="header" href="#l1block-1">L1Block</a></h2>
 <div class="table-wrapper"><table><thead><tr><th>Constant</th><th>Value</th></tr></thead><tbody>
 <tr><td>Address</td><td><code>0x4200000000000000000000000000000000000015</code></td></tr>