Sending data between L1 and L2
Apps on Rollux can be made to interact with apps on Syscoin via a process called "bridging". In a nutshell, contracts on Rollux can trigger contract functions on Syscoin, and vice versa. With just a little bit of elbow grease, you too can create contracts that bridge the gap between Layer 1 and Layer 2!
Understanding contract calls
To understand the process of creating bridges between contracts on Layer 1 and Layer 2, you should first have a basic understanding of the way contracts on Syscoin communicate with one another. Syscoin NEVM works the same! If you're a smart contract developer, you might be familiar with stuff like this:
contract MyContract {
function doSomething(uint256 myFunctionParam) public {
// ... some sort of code goes here
}
}
contract MyOtherContract {
function doTheThing(address myContractAddress, uint256 myFunctionParam) public {
MyContract(myContractAddress).doSomething(myFunctionParam);
}
}
2
3
4
5
6
7
8
9
10
11
Here, MyOtherContract.doTheThing
triggers a "call" to MyContract.doSomething
.
A "call" is defined by a few key input parameters, mainly a target address
and some calldata
.
In this specific example, the target address
is going to be the address of our instance of MyContract
.
The calldata
, on the other hand, depends on the function we're trying to call.
Solidity uses an encoding scheme called Contract ABI (opens new window) to both select which function to call (opens new window) and to encode function input arguments (opens new window).
Solidity gives us some useful tools to perform this same encoding manually. For the sake of learning, let's take a look at how we can duplicate the same code with a manual encoding:
contract MyContract {
function doSomething(uint256 myFunctionParam) public {
// ... some sort of code goes here
}
}
contract MyOtherContract {
function doTheThing(address myContractAddress, uint256 myFunctionParam) public {
myContractAddress.call(
abi.encodeWithSignature(
"doSomething(uint256)",
myFunctionParam
)
);
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Here we're using the low-level "call" function (opens new window) and one of the ABI encoding functions built into Solidity (opens new window). Although these two code snippets look a bit different, they're actually functionally identical.
# Communication basics between layers
At a high level, this process is pretty similar to the same process for two contracts on Syscoin (with a few caveats). Communication between L1 and L2 is enabled by two special smart contracts called the "messengers". Each layer has its own messenger contract which serves to abstract away some lower-level communication details, a lot like how HTTP libraries abstract away physical network connections.
We won't get into too much detail about these contracts here β the only thing you really need to know about is the sendMessage
function attached to each messenger:
function sendMessage(
address _target,
bytes memory _message,
uint32 _gasLimit
) public;
2
3
4
5
It's the same as that call
function used for contract messaging within L1 Syscoin.
We have an extra _gasLimit
field here, but call
has that too.
This is basically equivalent to:
address(_target).call{gas: _gasLimit}(_message);
Except, of course, that we're calling a contract on a completely different network.
We're glossing over a lot of the technical details that make this whole thing work under the hood. Point is, it works. Want to call a contract on Rollux from a contract on Syscoin? It's dead simple:
// Pretend this is on L2
contract MyRolluxContract {
function doSomething(uint256 myFunctionParam) public {
// ... some sort of code goes here
}
}
// And pretend this is on L1
contract MyOtherContract {
function doTheThing(address myRolluxContractAddress, uint256 myFunctionParam) public {
ovmL1CrossDomainMessenger.sendMessage(
myRolluxContractAddress,
abi.encodeWithSignature(
"doSomething(uint256)",
myFunctionParam
),
1000000 // use whatever gas limit you want
)
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Using the messenger contracts
Our messenger contracts, the L1CrossDomainMessenger
(opens new window) and L2CrossDomainMessenger
(opens new window), always come pre-deployed to each of our networks.
You can find the exact addresses of these contracts on our various deployments inside of the Rollux monorepo (opens new window).
# Communication speed
Unlike calls between contracts on the same blockchain, calls between Rollux and Syscoin are not instantaneous. The exact speed of a cross-chain transaction depends on the direction in which the transaction is sent.
# For Syscoin (L1) to Rollux (L2) transactions
Transactions sent from L1 to L2 will typically take 2 to 8 minutes, but this time varies. This is because L1 has an average blocktime of 2.5 minutes, but the timespan between individual blocks is subject to fluctuate.
# For Rollux (L2) to Syscoin (L1) transactions
L2 to L1 transactions have to wait two periods:
The time until the state root is written to L1. It is necessary to provide a Merkle proof of the message on L1 after the state root is written. The fault challenge period starts after that proof transaction becomes part of the L1 chain.
The fault challenge period, which is a few seconds on goerli and seven days on mainnet. This waiting period is a core part of the security mechanism designed to keep funds on Rollux secure and cannot be circumvented. After this waiting period, any user can "finalize" the transaction by triggering a second transaction on Syscoin that sends the message to the target L1 contract.
# Accessing msg.sender
Contracts frequently make use of msg.sender
to make decisions based on the calling account.
For example, many contracts will use the Ownable (opens new window) pattern to selectively restrict access to certain functions.
Because messages are essentially shuttled between L1 and L2 by the messenger contracts, the msg.sender
you'll see when receiving one of these messages will be the messenger contract corresponding to the layer you're on.
In order to get around this, we added a xDomainMessageSender
function to each messenger:
function xDomainMessageSender() public returns (address);
If your contract has been called by one of the messenger contracts, you can use this function to see who's actually sending this message.
Here's how you might implement an onlyOwner
modifier on L2:
modifier onlyOwner() {
require(
msg.sender == address(ovmL2CrossDomainMessenger)
&& ovmL2CrossDomainMessenger.xDomainMessageSender() == owner
);
_;
}
2
3
4
5
6
7
# Fees for sending data between L1 and L2
# For L1 β L2 transactions
The majority of the cost of an L1 to L2 transaction comes from sending a transaction on Syscoin.
You send a transaction to the L1CrossDomainMessenger
(opens new window)
contract, which then sends a call to the CanonicalTransactionChain
(opens new window).
This cost is ultimately determined by gas prices on Syscoin when you're sending the cross-chain transaction.
An L1 to L2 message is expected to trigger contract execution on L2, and that contract execution costs gas. The first 1.92 million gas on L2 is free. The vast majority of L1 to L2 calls spend less than the 1.92 million, so nothing further is required.
If you think that your call might spend more than that on L2, you can specify a higher gas limit. However, to prevent denial of service attacks, we have to impose a cost on gas limits higher than 1.92 million. This cost is one unit of L1 gas for every 32 units of L2 gas requested beyond the free amount.
For example, if you specify a 2.0 million gas limit in the call to L1CrossDomainMessenger
, it will be processed this way:
Amount | Action |
---|---|
free gas: 1.92 million | Nothing, this gas is provided on L2 for free |
excess gas required: 80,000 | 2,500 gas is spent on the L1 portion of the gas fee and in return 80,000 extra gas is provided to the L2 transaction. This is inline with the 1:32 ratio of gas. |
This gas burn happens on L1 when the L1 contract calls L1CrossDomainMessenger
.
This is before the message has been sent to the L2, and as such there is no way to know how much L2 gas will actually be used.
Therefore, the amount burned is based only on the gas limit specified in the L1 call.
For example, if the call above with a gas limit of two million only takes ten thousand gas on L2, the 2,500 gas on L1 is still burned. There is no refund.
The parameters in the explanation above were 1.92 million and 32 at the time of writing, but they may change in the future.
To see the present values, go to Etherscan (opens new window) and expand enqueueL2GasPrepaid
for the free L2 gas amount and l2GasDiscountDivisor
for the exchange rate at which L1 gas is burned for additional L2 gas.
# Fees for L2 β L1 transactions
Each message from L2 to L1 requires three transactions:
An L2 transaction that initiates the transaction, which is priced the same as any other transaction made on Rollux.
An L1 transaction that proves the transaction. This transaction can only be submitted after the state root is submitted to L1. This transaction is expensive because it includes verifying a Merkle trie (opens new window) inclusion proof.
An L1 transaction that finalizes the transaction. This transaction can only be submitted after the transaction challenge period (7 days on mainnet) has passed.
The total cost of an L2 to L1 transaction is therefore the combined cost of the L2 initialization transaction and the two L1 transactions. The L1 proof and finalization transactions are typically significantly more expensive than the L2 initialization transaction.
# Understanding the challenge period
One of the most important things to understand about L1 β L2 interaction is that messages sent from Layer 2 to Layer 1 cannot be relayed for at least one week. This means that any messages you send from Layer 2 will only be received on Layer 1 after this one week period has elapsed. We call this period of time the "challenge period" because it is the time during which a transaction can be challenged with a fault proof.
Optimistic Rollups are "optimistic" because they're based around the idea of publishing the result of a transaction to Syscoin without actually executing the transaction on Syscoin. In the "optimistic" case, this transaction result is correct and we can completely avoid the need to perform complicated (and expensive) logic on Syscoin. Cheap transactions, yay!
However, we still need some way to prevent incorrect transaction results from being published in place of correct ones. Here's where the "fault proof" comes into play. Whenever a transaction result is published, it's considered "pending" for a period of time known as the challenge period. During this period of time, anyone may re-execute the transaction on Syscoin in an attempt to demonstrate that the published result was incorrect.
If someone is able prove that a transaction result is faulty, then the result is scrubbed from existence and anyone can publish another result in its place (hopefully the correct one this time, financial punishments make faulty results very costly for their publishers). Once the window for a given transaction result has fully passed without a challenge the result can be considered fully valid (or else someone would've challenged it).
Anyway, the point here is that you don't want to be making decisions about Layer 2 transaction results from inside a smart contract on Layer 1 until this challenge period has elapsed. Otherwise you might be making decisions based on an invalid transaction result. As a result, L2 β L1 messages sent using the standard messenger contracts cannot be relayed until they've waited out the full challenge period.
On the length of the challenge period
We've set the challenge period to be exactly seven days on the Rollux mainnet. We believe this is a reasonable balance between security and usability, with an emphasis on increased security to start. We're open to changing the length of the window as long as we feel this can be done without significantly reducing the security of the system. If you're strongly opinionated about this, we recommend opening an issue on GitHub (opens new window) explaining your position. We will hear you out!