chronicleprotocol · pmerkleplant · Oct 10, 2024 · Oct 2, 2024 · Oct 3, 2024 · Oct 3, 2024
diff --git a/script/Scribe.s.sol b/script/Scribe.s.sol
@@ -189,10 +189,10 @@ contract ScribeScript is Script {
     ///      pokes with an already fully constructed payload.
     ///
     /// @dev Call via:
-    ///
     ///      ```bash
     ///      $ forge script \
-    ///           --private-key $PRIVATE_KEY \
+    ///           --keystore $KEYSTORE \
+    ///           --password $KEYSTORE_PASSWORD \
     ///           --broadcast \
     ///           --rpc-url $RPC_URL \
     ///           --sig $(cast calldata "pokeRaw(address,bytes)" $SCRIBE $PAYLOAD) \

diff --git a/script/ScribeOptimistic.s.sol b/script/ScribeOptimistic.s.sol
@@ -15,10 +15,18 @@ import {LibSecp256k1} from "src/libs/LibSecp256k1.sol";
 
 import {ScribeScript} from "./Scribe.s.sol";
 
+import {LibRandom} from "./libs/LibRandom.sol";
+import {LibFeed} from "./libs/LibFeed.sol";
+
+import {Rescuer} from "./rescue/Rescuer.sol";
+
 /**
  * @title ScribeOptimistic Management Script
  */
 contract ScribeOptimisticScript is ScribeScript {
+    using LibSecp256k1 for LibSecp256k1.Point;
+    using LibFeed for LibFeed.Feed;
+
     /// @dev Deploys a new ScribeOptimistic instance with `initialAuthed` being
     ///      the address initially auth'ed. Note that zero address is kissed
     ///      directly after deployment.
@@ -65,10 +73,10 @@ contract ScribeOptimisticScript is ScribeScript {
     ///      opPokes with an already fully constructed payload.
     ///
     /// @dev Call via:
-    ///
     ///      ```bash
     ///      $ forge script \
-    ///           --private-key $PRIVATE_KEY \
+    ///           --keystore $KEYSTORE \
+    ///           --password $KEYSTORE_PASSWORD \
     ///           --broadcast \
     ///           --rpc-url $RPC_URL \
     ///           --sig $(cast calldata "opPokeRaw(address,bytes)" $SCRIBE $PAYLOAD) \
@@ -108,4 +116,73 @@ contract ScribeOptimisticScript is ScribeScript {
         IScribeOptimistic(self).opPoke(pokeData, schnorrData, ecdsaData);
         vm.stopBroadcast();
     }
+
+    /// @dev Rescues ETH held in deactivated `self`.
+    ///
+    /// @dev Call via:
+    ///      ```bash
+    ///      $ forge script \
+    ///           --keystore $KEYSTORE \
+    ///           --password $KEYSTORE_PASSWORD \
+    ///           --broadcast \
+    ///           --rpc-url $RPC_URL \
+    ///           --sig $(cast calldata "rescueETH(address,address)" $SCRIBE $RESCUER) \
+    ///           -vvvvv \
+    ///           script/dev/ScribeOptimistic.s.sol:ScribeOptimisticScript
+    ///      ```
+    function rescueETH(address self, address rescuer) public {
+        // Require self to be deactivated.
+        {
+            vm.prank(address(0));
+            (bool ok, /*val*/ ) = IScribe(self).tryRead();
+            require(!ok, "Instance not deactivated: read() does not fail");
+
+            require(
+                IScribe(self).feeds().length == 0,
+                "Instance not deactivated: Feeds still lifted"
+            );
+            require(
+                IScribe(self).bar() == 255,
+                "Instance not deactivated: Bar not type(uint8).max"
+            );
+        }
+
+        // Ensure challenge reward is total balance.
+        uint challengeReward = IScribeOptimistic(self).challengeReward();
+        uint total = self.balance;
+        if (challengeReward < total) {
+            IScribeOptimistic(self).setMaxChallengeReward(type(uint).max);
+        }
+
+        // Create new random private key.
+        uint privKeySeed = LibRandom.readUint();
+        uint privKey = _bound(privKeySeed, 1, LibSecp256k1.Q() - 1);
+
+        // Create feed instance from private key.
+        LibFeed.Feed memory feed = LibFeed.newFeed(privKey);
+
+        // Let feed sign feed registration message.
+        IScribe.ECDSAData memory registrationSig;
+        registrationSig =
+            feed.signECDSA(IScribe(self).feedRegistrationMessage());
+
+        // Construct pokeData and invalid Schnorr signature.
+        uint32 pokeDataAge = uint32(block.timestamp);
+        IScribe.PokeData memory pokeData = IScribe.PokeData(0, pokeDataAge);
+        IScribe.SchnorrData memory schnorrData =
+            IScribe.SchnorrData(bytes32(0), address(0), hex"");
+
+        // Construct opPokeMessage.
+        bytes32 opPokeMessage = IScribeOptimistic(self).constructOpPokeMessage(
+            pokeData, schnorrData
+        );
+
+        // Let feed sign opPokeMessage.
+        IScribe.ECDSAData memory opPokeSig = feed.signECDSA(opPokeMessage);
+
+        // Rescue ETH via rescuer contract.
+        Rescuer(payable(rescuer)).suck(
+            self, feed.pubKey, registrationSig, pokeDataAge, opPokeSig
+        );
+    }
 }
diff --git a/script/rescue/Rescuer.sol b/script/rescue/Rescuer.sol
@@ -0,0 +1,113 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.16;
+
+import {IAuth} from "chronicle-std/auth/IAuth.sol";
+import {Auth} from "chronicle-std/auth/Auth.sol";
+
+import {IScribe} from "src/IScribe.sol";
+import {IScribeOptimistic} from "src/IScribeOptimistic.sol";
+
+import {LibSecp256k1} from "src/libs/LibSecp256k1.sol";
+
+/**
+ * @title Rescuer
+ *
+ * @notice Contract to recover ETH from offboarded ScribeOptimistic instances
+ *
+ * @dev Deployment:
+ *      ```bash
+ *      $ forge create script/rescue/Rescuer.sol:Rescuer \
+ *          --constructor-args $INITIAL_AUTHED \
+ *          --keystore $KEYSTORE \
+ *          --password $KEYSTORE_PASSWORD \
+ *          --rpc-url $RPC_URL \
+ *          --verifier-url $ETHERSCAN_API_URL \
+ *          --etherscan-api-key $ETHERSCAN_API_KEY
+ *      ```
+ *
+ * @author Chronicle Labs, Inc
+ * @custom:security-contact [email protected]
+ */
+contract Rescuer is Auth {
+    using LibSecp256k1 for LibSecp256k1.Point;
+
+    /// @notice Emitted when successfully recovered ETH funds.
+    /// @param caller The caller's address.
+    /// @param opScribe The ScribeOptimistic instance the ETH got recovered
+    ///                 from.
+    /// @param amount The amount of ETH recovered.
+    event Recovered(
+        address indexed caller, address indexed opScribe, uint amount
+    );
+
+    /// @notice Emitted when successfully withdrawed ETH from this contract.
+    /// @param caller The caller's address.
+    /// @param receiver The receiver
+    ///                 from.
+    /// @param amount The amount of ETH recovered.
+    event Withdrawed(
+        address indexed caller, address indexed receiver, uint amount
+    );
+
+    constructor(address initialAuthed) Auth(initialAuthed) {}
+
+    receive() external payable {}
+
+    /// @notice Withdraws `amount` ETH held in contract to `receiver`.
+    ///
+    /// @dev Only callable by auth'ed address.
+    function withdraw(address payable receiver, uint amount) external auth {
+        (bool ok,) = receiver.call{value: amount}("");
+        require(ok);
+
+        emit Withdrawed(msg.sender, receiver, amount);
+    }
+
+    /// @notice Rescues ETH from ScribeOptimistic instance `opScribe`.
+    ///
+    /// @dev Note that `opScribe` MUST be deactivated.
+    /// @dev Note that validator key pair SHALL be only used once and generated
+    ///      via a CSPRNG.
+    ///
+    /// @dev Only callable by auth'ed address.
+    function suck(
+        address opScribe,
+        LibSecp256k1.Point memory pubKey,
+        IScribe.ECDSAData memory registrationSig,
+        uint32 pokeDataAge,
+        IScribe.ECDSAData memory opPokeSig
+    ) external auth {
+        require(IAuth(opScribe).authed(address(this)));
+
+        uint balanceBefore = address(this).balance;
+
+        // Fail if instance has feeds lifted, ie is not deactivated.
+        require(IScribe(opScribe).feeds().length == 0);
+
+        // Construct pokeData.
+        IScribe.PokeData memory pokeData =
+            IScribe.PokeData({val: uint128(0), age: pokeDataAge});
+
+        // Construct invalid Schnorr signature.
+        IScribe.SchnorrData memory schnorrSig = IScribe.SchnorrData({
+            signature: bytes32(0),
+            commitment: address(0),
+            feedIds: hex""
+        });
+
+        // Lift validator.
+        IScribe(opScribe).lift(pubKey, registrationSig);
+
+        // Perform opPoke.
+        IScribeOptimistic(opScribe).opPoke(pokeData, schnorrSig, opPokeSig);
+
+        // Perform opChallenge.
+        IScribeOptimistic(opScribe).opChallenge(schnorrSig);
+
+        // Compute amount of ETH received as challenge reward.
+        uint amount = address(this).balance - balanceBefore;
+
+        // Emit event.
+        emit Recovered(msg.sender, opScribe, amount);
+    }
+}