Fraud Proof Security Drill: Will You Be My 1-of-N?

Optimism
Optimism PBC Blog
Published in
4 min readDec 17, 2020
“I would’ve gotten away with it too, if it weren’t for you meddling verifiers!”

OPEN TO ALL: Welcome to the final phase of the Optimistic Ethereum testnet! Follow our step by step guide to proving fraud and win a reward for contributing to the security of L2! If you’re new here, you can check out our testnet announcement to learn about the previous phases.

In the coming days, we will intentionally commit fraud on our testnet and you — yes, you! — have the chance to be the 1-of-N keeping our chain secure. Your level of technical ability doesn’t matter — setting up a verifier is super easy. Read on to follow our step by step guide. The first person to complete the fraud proof process wins a prize of 3.2 ETH!

Preparing for Battle

The protocol is an Optimistic Rollup, which means anybody can participate in verifying the chain & submitting a dispute if they notice fraudulent activity. We need your help to test this code before it gets shipped to production.

Contents of this guide:
- Installing dependencies
- Downloading the verifier
- Configuring the node
- Getting testnet ETH
- Running the verifier
- Proving fraud

If you prefer to follow a video tutorial:

Installing dependencies

To run a testnet verifier, you will need git, Docker/Docker Compose, and npm. If you don’t have those, you can find installation instructions here:
Git: https://git-scm.com/book/en/v2/Getting-Started-Installing-Git
Docker: https://docs.docker.com/get-docker
Docker Compose: https://docs.docker.com/compose/install/#install-compose
Npm: https://www.npmjs.com/get-npm

👩🏻‍💻 Note: Although not a strict dependency, if you’re really looking to WIN the prize, you’ll want your verifier to be running constantly. Consider using a non-primary computer which can be left on.

Downloading the verifier

Once the necessary dependencies have been isntalled, download the verifier code. This code will run two services: a verifier and a fraud prover.

$ git clone https://github.com/ethereum-optimism/verifier.git
$ cd verifier

🤓 The verifier downloads rollup transactions that have been posted by the sequencer on L1, and then executes them locally to calculate a state root. The fraud prover’s job is to compare the verifier’s state root with what the sequencer has posted. If there’s a discrepancy, the fraud prover will automatically submit a dispute.

Configuring the node

For ease of use, we’ve provided default values for the verifier parameters already. You can skip to the next section unless you’re an advanced user:

If you’d like to connect another node, you can set up an Alchemy or Infura project. First, grab the HTTP url:

Screenshot of where to find the HTTP url on Alchemy

Next, go into docker-compose.env and set the following variables:

L1_NODE_WEB3_URL = <Your HTTP URL>
ETH1_HTTP = <Your HTTP URL>
🤓 The first var is used by the fraud prover and the second is used by the verifier.

Preparing for Battle:

Now that we’ve configured the L1 node, the verifier is ready to trustlessly track L2 state. But we want to take it one step further: in order to prove fraud, we need to fund an L1 wallet that can pay for gas to submit disputes.

$ npm install
$ npm run create-key

This command generates and stores a new private key for the verifier in docker-compose.env. We’ve streamlined this process for testnet so the key management is NOT secure. 🚫Please do not send real ETH!🚫

💎 Our testnet runs on Kovan, so let’s get some Kovan test eth! You can use either the Kovan faucet gitter or the Kovan primary faucet (although this is down for us at the moment).

💸 Check Etherscan to see if your address was successfully funded (https://kovan.etherscan.io/).

Running the verifier

LET’S GOO! Congrats on making it this far!

$ npm run start

Once you run that command, you’ll start downloading the docker image and it should look like this:

Then you’ll get a big fancy stream of logs:

🤓 What’s going on here? Well, you’re verifying the L2 chain — this means that your node is downloading all Layer 2 transactions from Layer 1, ingesting them into a local OVM, and calculating the L2 state resulting from those transactions. Running a verifier means that you don’t have to trust any third party to tell you the chain state — you’re computing it yourself! In the process, you are also checking for fraudulent proposals of the state by the sequencer. At some point very soon, we will make a fraudulent proposal! When that happens, the verifier should notice the difference and begin submitting the fraud proof, deleting the fraudulent proposal.

Proving Fraud

Your verifier will automatically submit a fraud proof when it detects fraud. The first verifier to complete the fraud proof wins.

Just hang in there and keep your eye on it over the next few days. Follow us on twitter @optimismPBC to get notified when we announce the winning verifier address!

--

--