Open
Conversation
windhustler
reviewed
May 6, 2025
|
|
||
| > **Avoid** using `block.number` as a proxy for time on Polygon PoS, as block production intervals and checkpoint submissions vary due to network congestion, Ethereum gas fees, and validator dynamics. | ||
|
|
||
| - Example Bug: A staking contract with a 24-hour cooldown enforced using block.number may under- or overestimate the delay based on block time variance, potentially enabling premature withdrawals. |
Owner
There was a problem hiding this comment.
add backticks to block.number and fix typo under or overestimate.
windhustler
reviewed
May 6, 2025
| */ | ||
| function _processMessageFromRoot(bytes memory message) virtual internal; | ||
| ``` | ||
| - The `_processMessageFromRoot` function is virtual and must be implemented in inheriting contracts. Avoid unbounded loops or expensive external calls inside _processMessageFromRoot. |
windhustler
reviewed
May 6, 2025
| ## RootChainManager.sol | ||
| _checkBlockMembershipInCheckpoint(...); | ||
| ``` | ||
| > Always use Polygon’s audited [MerklePatriciaProof](https://github.com/0xPolygon/pos-contracts/tree/main/contracts/common/lib) library and validate all proof components. |
Owner
There was a problem hiding this comment.
Always point to a specific commit, i.e. https://github.com/0xPolygon/pos-contracts/tree/ddad751/contracts/common/lib
windhustler
reviewed
May 6, 2025
|
|
||
| ### Predicate Contract Enforcement | ||
|
|
||
| The [RootChainManager.sol](https://github.com/maticnetwork/pos-portal/blob/master/flat/RootChainManager.sol) contract is the canonical production contract deployed by Polygon. It acts as the entry point for all Polygon PoS withdrawals and is responsible for validating Merkle proofs and triggering corresponding state changes on L1. This contract should not be directly modified. Instead building an own costum contract that allows the RootChainManager to trigger those via designated predicate contracts. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.