fix: upgrade to use scroll-prover v0.6.5 (#833)

Co-authored-by: silathdiir <silathdiir@users.noreply.github.com>

common/libzkp/impl/Cargo.lock

@@ -32,7 +32,7 @@ dependencies = [
 [[package]]
 name = "aggregator"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "ark-std",
  "env_logger 0.10.0",
@@ -433,7 +433,7 @@ checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1"
 [[package]]
 name = "bus-mapping"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "eth-types",
  "ethers-core",
@@ -1049,7 +1049,7 @@ dependencies = [
 [[package]]
 name = "eth-types"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "ethers-core",
  "ethers-signers",
@@ -1226,7 +1226,7 @@ dependencies = [
 [[package]]
 name = "external-tracer"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "eth-types",
  "geth-utils",
@@ -1439,7 +1439,7 @@ dependencies = [
 [[package]]
 name = "gadgets"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "digest 0.7.6",
  "eth-types",
@@ -1479,7 +1479,7 @@ dependencies = [
 [[package]]
 name = "geth-utils"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "env_logger 0.9.3",
  "gobuild 0.1.0-alpha.2 (git+https://github.com/scroll-tech/gobuild.git)",
@@ -1595,21 +1595,6 @@ dependencies = [
  "rustc-hash",
 ]
 
-[[package]]
-name = "halo2-base"
-version = "0.2.2"
-source = "git+https://github.com/scroll-tech/halo2-lib?branch=develop#2c225864227e74b207d9f4b9e08c4d5f1afc69a1"
-dependencies = [
- "ff",
- "halo2_proofs",
- "itertools",
- "num-bigint",
- "num-integer",
- "num-traits",
- "rand_chacha",
- "rustc-hash",
-]
-
 [[package]]
 name = "halo2-ecc"
 version = "0.2.2"
@@ -1617,26 +1602,7 @@ source = "git+https://github.com/scroll-tech/halo2-lib?tag=v0.1.0#2c225864227e74
 dependencies = [
  "ff",
  "group",
- "halo2-base 0.2.2 (git+https://github.com/scroll-tech/halo2-lib?tag=v0.1.0)",
- "itertools",
- "num-bigint",
- "num-integer",
- "num-traits",
- "rand",
- "rand_chacha",
- "rand_core",
- "serde",
- "serde_json",
-]
-
-[[package]]
-name = "halo2-ecc"
-version = "0.2.2"
-source = "git+https://github.com/scroll-tech/halo2-lib?branch=develop#2c225864227e74b207d9f4b9e08c4d5f1afc69a1"
-dependencies = [
- "ff",
- "group",
- "halo2-base 0.2.2 (git+https://github.com/scroll-tech/halo2-lib?branch=develop)",
+ "halo2-base",
  "itertools",
  "num-bigint",
  "num-integer",
@@ -1667,7 +1633,7 @@ dependencies = [
 [[package]]
 name = "halo2-mpt-circuits"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/mpt-circuit.git?branch=v0.5#2163a9c436ed85363c954ecf7e6e1044a1b991dc"
+source = "git+https://github.com/scroll-tech/mpt-circuit.git?tag=v0.5.1#2163a9c436ed85363c954ecf7e6e1044a1b991dc"
 dependencies = [
  "ethers-core",
  "halo2_proofs",
@@ -1689,7 +1655,7 @@ dependencies = [
 [[package]]
 name = "halo2_proofs"
 version = "0.2.0"
-source = "git+https://github.com/scroll-tech/halo2.git?branch=develop#b612b1e2a9fa2ccd150a6cb99e67592c8d62cd99"
+source = "git+https://github.com/scroll-tech/halo2.git?branch=develop#19de67c07a9b9b567580466763f93ebfbc3bb799"
 dependencies = [
  "ark-std",
  "blake2b_simd",
@@ -2111,7 +2077,7 @@ dependencies = [
 [[package]]
 name = "keccak256"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "env_logger 0.9.3",
  "eth-types",
@@ -2298,7 +2264,7 @@ dependencies = [
 [[package]]
 name = "mock"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "eth-types",
  "ethers-core",
@@ -2313,7 +2279,7 @@ dependencies = [
 [[package]]
 name = "mpt-zktrie"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "bus-mapping",
  "eth-types",
@@ -2788,8 +2754,8 @@ dependencies = [
 
 [[package]]
 name = "prover"
-version = "0.4.0"
-source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.6.2#8c439b1dd62c429223221484fb8a5470242d1cbc"
+version = "0.6.4"
+source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.6.5#ccb3cd457080dcfdf8ae59416eb47ae9b6b6ddd6"
 dependencies = [
  "aggregator",
  "anyhow",
@@ -3662,8 +3628,8 @@ source = "git+https://github.com/scroll-tech//snark-verifier?tag=v0.1.1#11a09d4a
 dependencies = [
  "bytes",
  "ethereum-types 0.14.1",
- "halo2-base 0.2.2 (git+https://github.com/scroll-tech/halo2-lib?tag=v0.1.0)",
- "halo2-ecc 0.2.2 (git+https://github.com/scroll-tech/halo2-lib?tag=v0.1.0)",
+ "halo2-base",
+ "halo2-ecc",
  "hex",
  "itertools",
  "lazy_static",
@@ -3687,7 +3653,7 @@ dependencies = [
  "bincode",
  "env_logger 0.10.0",
  "ethereum-types 0.14.1",
- "halo2-base 0.2.2 (git+https://github.com/scroll-tech/halo2-lib?tag=v0.1.0)",
+ "halo2-base",
  "hex",
  "itertools",
  "lazy_static",
@@ -4073,8 +4039,8 @@ checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba"
 
 [[package]]
 name = "types"
-version = "0.4.0"
-source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.6.2#8c439b1dd62c429223221484fb8a5470242d1cbc"
+version = "0.6.4"
+source = "git+https://github.com/scroll-tech/scroll-prover?tag=v0.6.5#ccb3cd457080dcfdf8ae59416eb47ae9b6b6ddd6"
 dependencies = [
  "base64 0.13.1",
  "blake2",
@@ -4525,7 +4491,7 @@ checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9"
 [[package]]
 name = "zkevm-circuits"
 version = "0.1.0"
-source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.2#750169c0e7282c267c8216c800ed7c1b7e021b16"
+source = "git+https://github.com/scroll-tech/zkevm-circuits.git?tag=v0.6.5#0cafc84c6dce2c0f385b36445fb3c61ca30d28ef"
 dependencies = [
  "array-init",
  "bus-mapping",
@@ -4535,8 +4501,8 @@ dependencies = [
  "ethers-core",
  "ethers-signers",
  "gadgets",
- "halo2-base 0.2.2 (git+https://github.com/scroll-tech/halo2-lib?branch=develop)",
- "halo2-ecc 0.2.2 (git+https://github.com/scroll-tech/halo2-lib?branch=develop)",
+ "halo2-base",
+ "halo2-ecc",
  "halo2_proofs",
  "hex",
  "itertools",

common/libzkp/impl/Cargo.toml

@@ -24,8 +24,8 @@ snark-verifier = { git = "https://github.com/scroll-tech//snark-verifier", tag =
 snark-verifier-sdk = { git = "https://github.com/scroll-tech//snark-verifier", tag = "v0.1.1" }
 
 [dependencies]
-prover = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.6.2" }
-types = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.6.2" }
+prover = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.6.5" }
+types = { git = "https://github.com/scroll-tech/scroll-prover", tag = "v0.6.5" }
 halo2_proofs = { git = "https://github.com/scroll-tech/halo2.git", branch = "develop" }
 
 log = "0.4"

common/version/version.go

@@ -6,7 +6,7 @@ import (
 	"strings"
 )
 
-var tag = "v4.1.72"
+var tag = "v4.1.77"
 
 var commit = func() string {
 	if info, ok := debug.ReadBuildInfo(); ok {

contracts/docs/apis/L1ERC1155Gateway.md

@@ -260,6 +260,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -354,6 +371,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### updateTokenMapping
 
 ```solidity
@@ -530,6 +563,23 @@ Emitted when some ERC1155 token is refunded.
 | tokenId  | uint256 | undefined |
 | amount  | uint256 | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 ### UpdateTokenMapping
 
 ```solidity

contracts/docs/apis/L1ERC721Gateway.md

@@ -227,6 +227,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -299,6 +316,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### updateTokenMapping
 
 ```solidity
@@ -469,6 +502,23 @@ Emitted when some ERC721 token is refunded.
 | recipient `indexed` | address | undefined |
 | tokenId  | uint256 | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 ### UpdateTokenMapping
 
 ```solidity

contracts/docs/apis/L1ScrollMessenger.md

@@ -239,6 +239,23 @@ Mapping from queue index to previous replay queue index.
 |---|---|---|
 | _0 | uint256 | undefined |
 
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of ETH rate limiter contract.
+
+
+
+
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
 ### relayMessageWithProof
 
 ```solidity
@@ -436,6 +453,22 @@ Update max replay times.
 |---|---|---|
 | _newMaxReplayTimes | uint256 | The new max replay times. |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### xDomainMessageSender
 
 ```solidity
@@ -609,5 +642,22 @@ Emitted when the maximum number of times each message can be replayed is updated
 | oldMaxReplayTimes  | uint256 | undefined |
 | newMaxReplayTimes  | uint256 | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 
 

contracts/docs/apis/L1StandardERC20Gateway.md

@@ -225,6 +225,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -275,6 +292,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 
 
 ## Events
@@ -372,5 +405,22 @@ Emitted when some ERC20 token is refunded.
 | recipient `indexed` | address | undefined |
 | amount  | uint256 | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 
 

contracts/docs/apis/L1WETHGateway.md

@@ -223,6 +223,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -273,6 +290,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 
 
 ## Events
@@ -370,5 +403,22 @@ Emitted when some ERC20 token is refunded.
 | recipient `indexed` | address | undefined |
 | amount  | uint256 | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 
 

contracts/docs/apis/L2ERC1155Gateway.md

@@ -205,6 +205,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -299,6 +316,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### updateTokenMapping
 
 ```solidity
@@ -455,6 +488,23 @@ event OwnershipTransferred(address indexed previousOwner, address indexed newOwn
 | previousOwner `indexed` | address | undefined |
 | newOwner `indexed` | address | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 ### UpdateTokenMapping
 
 ```solidity

contracts/docs/apis/L2ERC721Gateway.md

@@ -174,6 +174,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -246,6 +263,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### updateTokenMapping
 
 ```solidity
@@ -397,6 +430,23 @@ event OwnershipTransferred(address indexed previousOwner, address indexed newOwn
 | previousOwner `indexed` | address | undefined |
 | newOwner `indexed` | address | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 ### UpdateTokenMapping
 
 ```solidity

contracts/docs/apis/L2ScrollMessenger.md

@@ -194,6 +194,23 @@ function paused() external view returns (bool)
 |---|---|---|
 | _0 | bool | undefined |
 
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of ETH rate limiter contract.
+
+
+
+
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
 ### relayMessage
 
 ```solidity
@@ -328,6 +345,22 @@ Update max failed execution times.
 |---|---|---|
 | _newMaxFailedExecutionTimes | uint256 | The new max failed execution times. |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### xDomainMessageSender
 
 ```solidity
@@ -501,5 +534,22 @@ Emitted when the maximum number of times each message can fail in L2 is updated.
 | oldMaxFailedExecutionTimes  | uint256 | undefined |
 | newMaxFailedExecutionTimes  | uint256 | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 
 

contracts/docs/apis/L2StandardERC20Gateway.md

@@ -139,6 +139,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -206,6 +223,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### withdrawERC20
 
 ```solidity
@@ -321,6 +354,23 @@ event OwnershipTransferred(address indexed previousOwner, address indexed newOwn
 | previousOwner `indexed` | address | undefined |
 | newOwner `indexed` | address | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 ### WithdrawERC20
 
 ```solidity

contracts/docs/apis/L2WETHGateway.md

@@ -172,6 +172,23 @@ function owner() external view returns (address)
 *Returns the address of the current owner.*
 
 
+#### Returns
+
+| Name | Type | Description |
+|---|---|---|
+| _0 | address | undefined |
+
+### rateLimiter
+
+```solidity
+function rateLimiter() external view returns (address)
+```
+
+The address of token rate limiter contract.
+
+
+
+
 #### Returns
 
 | Name | Type | Description |
@@ -222,6 +239,22 @@ function transferOwnership(address newOwner) external nonpayable
 |---|---|---|
 | newOwner | address | undefined |
 
+### updateRateLimiter
+
+```solidity
+function updateRateLimiter(address _newRateLimiter) external nonpayable
+```
+
+Update rate limiter contract.
+
+*This function can only called by contract owner.*
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _newRateLimiter | address | The address of new rate limiter contract. |
+
 ### withdrawERC20
 
 ```solidity
@@ -337,6 +370,23 @@ event OwnershipTransferred(address indexed previousOwner, address indexed newOwn
 | previousOwner `indexed` | address | undefined |
 | newOwner `indexed` | address | undefined |
 
+### UpdateRateLimiter
+
+```solidity
+event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter)
+```
+
+Emitted when owner updates rate limiter contract.
+
+
+
+#### Parameters
+
+| Name | Type | Description |
+|---|---|---|
+| _oldRateLimiter `indexed` | address | undefined |
+| _newRateLimiter `indexed` | address | undefined |
+
 ### WithdrawERC20
 
 ```solidity

contracts/src/L1/L1ScrollMessenger.sol

@@ -149,7 +149,7 @@ contract L1ScrollMessenger is ScrollMessengerBase, IL1ScrollMessenger {
 
         // @note check more `_to` address to avoid attack in the future when we add more gateways.
         require(_to != messageQueue, "Forbid to call message queue");
-        require(_to != address(this), "Forbid to call self");
+        _validateTargetAddress(_to);
 
         // @note This usually will never happen, just in case.
         require(_from != xDomainMessageSender, "Invalid message sender");
@@ -312,6 +312,8 @@ contract L1ScrollMessenger is ScrollMessengerBase, IL1ScrollMessenger {
         uint256 _gasLimit,
         address _refundAddress
     ) internal nonReentrant {
+        _addUsedAmount(_value);
+
         address _messageQueue = messageQueue; // gas saving
         address _counterpart = counterpart; // gas saving
 

contracts/src/L1/gateways/L1ERC20Gateway.sol

@@ -161,6 +161,9 @@ abstract contract L1ERC20Gateway is IL1ERC20Gateway, IMessageDropCallback, Scrol
         // ignore weird fee on transfer token
         require(_amount > 0, "deposit zero amount");
 
+        // rate limit
+        _addUsedAmount(_token, _amount);
+
         return (_from, _amount, _data);
     }
 

contracts/src/L1/gateways/L1ETHGateway.sol

@@ -124,6 +124,8 @@ contract L1ETHGateway is ScrollGatewayBase, IL1ETHGateway, IMessageDropCallback
             (_from, _data) = abi.decode(_data, (address, bytes));
         }
 
+        // @note no rate limit here, since ETH is limited in messenger
+
         // 2. Generate message passed to L1ScrollMessenger.
         bytes memory _message = abi.encodeCall(IL2ETHGateway.finalizeDepositETH, (_from, _to, _amount, _data));
 

contracts/src/L2/L2ScrollMessenger.sol

@@ -137,6 +137,7 @@ contract L2ScrollMessenger is ScrollMessengerBase, IL2ScrollMessenger {
         uint256 _gasLimit
     ) internal nonReentrant {
         require(msg.value == _value, "msg.value mismatch");
+        _addUsedAmount(_value);
 
         uint256 _nonce = L2MessageQueue(messageQueue).nextMessageIndex();
         bytes32 _xDomainCalldataHash = keccak256(_encodeXDomainCalldata(msg.sender, _to, _value, _nonce, _message));
@@ -165,7 +166,7 @@ contract L2ScrollMessenger is ScrollMessengerBase, IL2ScrollMessenger {
     ) internal {
         // @note check more `_to` address to avoid attack in the future when we add more gateways.
         require(_to != messageQueue, "Forbid to call message queue");
-        require(_to != address(this), "Forbid to call self");
+        _validateTargetAddress(_to);
 
         // @note This usually will never happen, just in case.
         require(_from != xDomainMessageSender, "Invalid message sender");

contracts/src/L2/gateways/L2CustomERC20Gateway.sol

@@ -126,6 +126,9 @@ contract L2CustomERC20Gateway is L2ERC20Gateway {
             (_from, _data) = abi.decode(_data, (address, bytes));
         }
 
+        // rate limit
+        _addUsedAmount(_token, _amount);
+
         // 2. Burn token.
         IScrollERC20Upgradeable(_token).burn(_from, _amount);
 

contracts/src/L2/gateways/L2ETHGateway.sol

@@ -98,6 +98,8 @@ contract L2ETHGateway is ScrollGatewayBase, IL2ETHGateway {
             (_from, _data) = abi.decode(_data, (address, bytes));
         }
 
+        // @note no rate limit here, since ETH is limited in messenger
+
         bytes memory _message = abi.encodeCall(IL1ETHGateway.finalizeWithdrawETH, (_from, _to, _amount, _data));
         IL2ScrollMessenger(messenger).sendMessage{value: msg.value}(counterpart, _amount, _message, _gasLimit);
 

contracts/src/L2/gateways/L2StandardERC20Gateway.sol

@@ -140,6 +140,9 @@ contract L2StandardERC20Gateway is L2ERC20Gateway {
         address _l1Token = tokenMapping[_token];
         require(_l1Token != address(0), "no corresponding l1 token");
 
+        // rate limit
+        _addUsedAmount(_token, _amount);
+
         // 2. Burn token.
         IScrollERC20Upgradeable(_token).burn(_from, _amount);
 

contracts/src/L2/gateways/L2WETHGateway.sol

@@ -116,6 +116,9 @@ contract L2WETHGateway is L2ERC20Gateway {
             (_from, _data) = abi.decode(_data, (address, bytes));
         }
 
+        // rate limit
+        _addUsedAmount(_token, _amount);
+
         // 2. Transfer token into this contract.
         IERC20Upgradeable(_token).safeTransferFrom(_from, address(this), _amount);
         IWETH(_token).withdraw(_amount);

contracts/src/libraries/ScrollMessengerBase.sol

@@ -7,6 +7,7 @@ import {PausableUpgradeable} from "@openzeppelin/contracts-upgradeable/security/
 import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";
 
 import {ScrollConstants} from "./constants/ScrollConstants.sol";
+import {IETHRateLimiter} from "../rate-limiter/IETHRateLimiter.sol";
 import {IScrollMessenger} from "./IScrollMessenger.sol";
 
 // solhint-disable var-name-mixedcase
@@ -26,6 +27,11 @@ abstract contract ScrollMessengerBase is
     /// @param _newFeeVault The address of new fee vault contract.
     event UpdateFeeVault(address _oldFeeVault, address _newFeeVault);
 
+    /// @notice Emitted when owner updates rate limiter contract.
+    /// @param _oldRateLimiter The address of old rate limiter contract.
+    /// @param _newRateLimiter The address of new rate limiter contract.
+    event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter);
+
     /*************
      * Variables *
      *************/
@@ -39,8 +45,11 @@ abstract contract ScrollMessengerBase is
     /// @notice The address of fee vault, collecting cross domain messaging fee.
     address public feeVault;
 
+    /// @notice The address of ETH rate limiter contract.
+    address public rateLimiter;
+
     /// @dev The storage slots for future usage.
-    uint256[47] private __gap;
+    uint256[46] private __gap;
 
     /**********************
      * Function Modifiers *
@@ -89,6 +98,16 @@ abstract contract ScrollMessengerBase is
         emit UpdateFeeVault(_oldFeeVault, _newFeeVault);
     }
 
+    /// @notice Update rate limiter contract.
+    /// @dev This function can only called by contract owner.
+    /// @param _newRateLimiter The address of new rate limiter contract.
+    function updateRateLimiter(address _newRateLimiter) external onlyOwner {
+        address _oldRateLimiter = rateLimiter;
+
+        rateLimiter = _newRateLimiter;
+        emit UpdateRateLimiter(_oldRateLimiter, _newRateLimiter);
+    }
+
     /// @notice Pause the contract
     /// @dev This function can only called by contract owner.
     /// @param _status The pause status to update.
@@ -128,4 +147,27 @@ abstract contract ScrollMessengerBase is
                 _message
             );
     }
+
+    /// @dev Internal function to increase ETH usage for the given `_sender`.
+    /// @param _amount The amount of ETH used.
+    function _addUsedAmount(uint256 _amount) internal {
+        if (_amount == 0) return;
+
+        address _rateLimiter = rateLimiter;
+        if (_rateLimiter != address(0)) {
+            IETHRateLimiter(_rateLimiter).addUsedAmount(_amount);
+        }
+    }
+
+    /// @dev Internal function to check whether the `_target` address is allowed to avoid attack.
+    /// @param _target The address of target address to check.
+    function _validateTargetAddress(address _target) internal view {
+        // @note check more `_target` address to avoid attack in the future when we add more external contracts.
+
+        address _rateLimiter = rateLimiter;
+        if (_rateLimiter != address(0)) {
+            require(_target != _rateLimiter, "Forbid to call rate limiter");
+        }
+        require(_target != address(this), "Forbid to call self");
+    }
 }

contracts/src/libraries/gateway/ScrollGatewayBase.sol

@@ -9,8 +9,18 @@ import {IScrollGateway} from "./IScrollGateway.sol";
 import {IScrollMessenger} from "../IScrollMessenger.sol";
 import {IScrollGatewayCallback} from "../callbacks/IScrollGatewayCallback.sol";
 import {ScrollConstants} from "../constants/ScrollConstants.sol";
+import {ITokenRateLimiter} from "../../rate-limiter/ITokenRateLimiter.sol";
 
 abstract contract ScrollGatewayBase is ReentrancyGuardUpgradeable, OwnableUpgradeable, IScrollGateway {
+    /**********
+     * Events *
+     **********/
+
+    /// @notice Emitted when owner updates rate limiter contract.
+    /// @param _oldRateLimiter The address of old rate limiter contract.
+    /// @param _newRateLimiter The address of new rate limiter contract.
+    event UpdateRateLimiter(address indexed _oldRateLimiter, address indexed _newRateLimiter);
+
     /*************
      * Variables *
      *************/
@@ -24,8 +34,11 @@ abstract contract ScrollGatewayBase is ReentrancyGuardUpgradeable, OwnableUpgrad
     /// @inheritdoc IScrollGateway
     address public override messenger;
 
+    /// @notice The address of token rate limiter contract.
+    address public rateLimiter;
+
     /// @dev The storage slots for future usage.
-    uint256[47] private __gap;
+    uint256[46] private __gap;
 
     /**********************
      * Function Modifiers *
@@ -72,6 +85,20 @@ abstract contract ScrollGatewayBase is ReentrancyGuardUpgradeable, OwnableUpgrad
         }
     }
 
+    /************************
+     * Restricted Functions *
+     ************************/
+
+    /// @notice Update rate limiter contract.
+    /// @dev This function can only called by contract owner.
+    /// @param _newRateLimiter The address of new rate limiter contract.
+    function updateRateLimiter(address _newRateLimiter) external onlyOwner {
+        address _oldRateLimiter = rateLimiter;
+
+        rateLimiter = _newRateLimiter;
+        emit UpdateRateLimiter(_oldRateLimiter, _newRateLimiter);
+    }
+
     /**********************
      * Internal Functions *
      **********************/
@@ -84,4 +111,16 @@ abstract contract ScrollGatewayBase is ReentrancyGuardUpgradeable, OwnableUpgrad
             IScrollGatewayCallback(_to).onScrollGatewayCallback(_data);
         }
     }
+
+    /// @dev Internal function to increase token usage for the given `_sender`.
+    /// @param _token The address of token.
+    /// @param _amount The amount of token used.
+    function _addUsedAmount(address _token, uint256 _amount) internal {
+        if (_amount == 0) return;
+
+        address _rateLimiter = rateLimiter;
+        if (_rateLimiter != address(0)) {
+            ITokenRateLimiter(_rateLimiter).addUsedAmount(_token, _amount);
+        }
+    }
 }

contracts/src/rate-limiter/ETHRateLimiter.sol

@@ -0,0 +1,116 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity =0.8.16;
+
+import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
+import {SafeCast} from "@openzeppelin/contracts/utils/math/SafeCast.sol";
+
+import {IETHRateLimiter} from "./IETHRateLimiter.sol";
+
+// solhint-disable func-name-mixedcase
+// solhint-disable not-rely-on-time
+
+contract ETHRateLimiter is Ownable, IETHRateLimiter {
+    /***********
+     * Structs *
+     ***********/
+
+    struct TokenAmount {
+        // The timestamp when the amount is updated.
+        uint48 lastUpdateTs;
+        // The ETH limit in wei.
+        uint104 limit;
+        // The amount of ETH in current period.
+        uint104 amount;
+    }
+
+    /*************
+     * Constants *
+     *************/
+
+    /// @notice The period length in seconds.
+    /// @dev The time frame for the `k`-th period is `[periodDuration * k, periodDuration * (k + 1))`.
+    uint256 public immutable periodDuration;
+
+    /// @notice The address of ETH spender.
+    address public immutable spender;
+
+    /*************
+     * Variables *
+     *************/
+
+    /// @notice The token amount used in current period.
+    TokenAmount public currentPeriod;
+
+    /***************
+     * Constructor *
+     ***************/
+
+    constructor(
+        uint256 _periodDuration,
+        address _spender,
+        uint104 _totalLimit
+    ) {
+        if (_periodDuration == 0) {
+            revert PeriodIsZero();
+        }
+
+        if (_totalLimit == 0) {
+            revert TotalLimitIsZero();
+        }
+
+        periodDuration = _periodDuration;
+        spender = _spender;
+
+        currentPeriod.limit = _totalLimit;
+    }
+
+    /*****************************
+     * Public Mutating Functions *
+     *****************************/
+
+    /// @inheritdoc IETHRateLimiter
+    function addUsedAmount(uint256 _amount) external override {
+        if (msg.sender != spender) {
+            revert CallerNotSpender();
+        }
+        if (_amount == 0) return;
+
+        uint256 _currentPeriodStart = (block.timestamp / periodDuration) * periodDuration;
+
+        // check total limit
+        uint256 _currentTotalAmount;
+        TokenAmount memory _currentPeriod = currentPeriod;
+
+        if (_currentPeriod.lastUpdateTs < _currentPeriodStart) {
+            _currentTotalAmount = _amount;
+        } else {
+            _currentTotalAmount = _currentPeriod.amount + _amount;
+        }
+        if (_currentTotalAmount > _currentPeriod.limit) {
+            revert ExceedTotalLimit();
+        }
+
+        _currentPeriod.lastUpdateTs = uint48(block.timestamp);
+        _currentPeriod.amount = SafeCast.toUint104(_currentTotalAmount);
+
+        currentPeriod = _currentPeriod;
+    }
+
+    /************************
+     * Restricted Functions *
+     ************************/
+
+    /// @notice Update the total token amount limit.
+    /// @param _newTotalLimit The new total limit.
+    function updateTotalLimit(uint104 _newTotalLimit) external onlyOwner {
+        if (_newTotalLimit == 0) {
+            revert TotalLimitIsZero();
+        }
+
+        uint256 _oldTotalLimit = currentPeriod.limit;
+        currentPeriod.limit = _newTotalLimit;
+
+        emit UpdateTotalLimit(_oldTotalLimit, _newTotalLimit);
+    }
+}

contracts/src/rate-limiter/IETHRateLimiter.sol

@@ -0,0 +1,38 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.16;
+
+interface IETHRateLimiter {
+    /**********
+     * Events *
+     **********/
+
+    /// @notice Emitted when the total limit is updated.
+    /// @param oldTotalLimit The previous value of total limit before updating.
+    /// @param newTotalLimit The current value of total limit after updating.
+    event UpdateTotalLimit(uint256 oldTotalLimit, uint256 newTotalLimit);
+
+    /**********
+     * Errors *
+     **********/
+
+    /// @dev Thrown when the `periodDuration` is initialized to zero.
+    error PeriodIsZero();
+
+    /// @dev Thrown when the `totalAmount` is initialized to zero.
+    error TotalLimitIsZero();
+
+    /// @dev Thrown when an amount breaches the total limit in the period.
+    error ExceedTotalLimit();
+
+    /// @dev Thrown when the call is not spender.
+    error CallerNotSpender();
+
+    /*****************************
+     * Public Mutating Functions *
+     *****************************/
+
+    /// @notice Request some ETH usage for `sender`.
+    /// @param _amount The amount of ETH to use.
+    function addUsedAmount(uint256 _amount) external;
+}

contracts/src/rate-limiter/ITokenRateLimiter.sol

@@ -0,0 +1,38 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.16;
+
+interface ITokenRateLimiter {
+    /**********
+     * Events *
+     **********/
+
+    /// @notice Emitted when the total limit is updated.
+    /// @param oldTotalLimit The previous value of total limit before updating.
+    /// @param newTotalLimit The current value of total limit after updating.
+    event UpdateTotalLimit(address indexed token, uint256 oldTotalLimit, uint256 newTotalLimit);
+
+    /**********
+     * Errors *
+     **********/
+
+    /// @dev Thrown when the `periodDuration` is initialized to zero.
+    error PeriodIsZero();
+
+    /// @dev Thrown when the `totalAmount` is initialized to zero.
+    /// @param token The address of the token.
+    error TotalLimitIsZero(address token);
+
+    /// @dev Thrown when an amount breaches the total limit in the period.
+    /// @param token The address of the token.
+    error ExceedTotalLimit(address token);
+
+    /*****************************
+     * Public Mutating Functions *
+     *****************************/
+
+    /// @notice Request some token usage for `sender`.
+    /// @param token The address of the token.
+    /// @param amount The amount of token to use.
+    function addUsedAmount(address token, uint256 amount) external;
+}

contracts/src/rate-limiter/TokenRateLimiter.sol

@@ -0,0 +1,106 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity =0.8.16;
+
+import {AccessControlEnumerable} from "@openzeppelin/contracts/access/AccessControlEnumerable.sol";
+import {SafeCast} from "@openzeppelin/contracts/utils/math/SafeCast.sol";
+
+import {ITokenRateLimiter} from "./ITokenRateLimiter.sol";
+
+// solhint-disable func-name-mixedcase
+// solhint-disable not-rely-on-time
+
+contract TokenRateLimiter is AccessControlEnumerable, ITokenRateLimiter {
+    /***********
+     * Structs *
+     ***********/
+
+    struct TokenAmount {
+        // The timestamp when the amount is updated.
+        uint48 lastUpdateTs;
+        // The token limit.
+        uint104 limit;
+        // The amount of token in current period.
+        uint104 amount;
+    }
+
+    /*************
+     * Constants *
+     *************/
+
+    /// @notice The role for token spender.
+    bytes32 public constant TOKEN_SPENDER_ROLE = keccak256("TOKEN_SPENDER_ROLE");
+
+    /// @notice The period length in seconds.
+    /// @dev The time frame for the `k`-th period is `[periodDuration * k, periodDuration * (k + 1))`.
+    uint256 public immutable periodDuration;
+
+    /*************
+     * Variables *
+     *************/
+
+    /// @notice Mapping from token address to the total amounts used in current period and total token amount limit.
+    mapping(address => TokenAmount) public currentPeriod;
+
+    /// @dev The storage slots for future usage.
+    uint256[49] private __gap;
+
+    /***************
+     * Constructor *
+     ***************/
+
+    constructor(uint256 _periodDuration) {
+        if (_periodDuration == 0) {
+            revert PeriodIsZero();
+        }
+
+        _setupRole(DEFAULT_ADMIN_ROLE, msg.sender);
+
+        periodDuration = _periodDuration;
+    }
+
+    /*****************************
+     * Public Mutating Functions *
+     *****************************/
+
+    /// @inheritdoc ITokenRateLimiter
+    function addUsedAmount(address _token, uint256 _amount) external override onlyRole(TOKEN_SPENDER_ROLE) {
+        if (_amount == 0) return;
+
+        uint256 _currentPeriodStart = (block.timestamp / periodDuration) * periodDuration;
+
+        // check total limit, `0` means no limit at all.
+        uint256 _currentTotalAmount;
+        TokenAmount memory _currentPeriod = currentPeriod[_token];
+        if (_currentPeriod.lastUpdateTs < _currentPeriodStart) {
+            _currentTotalAmount = _amount;
+        } else {
+            _currentTotalAmount = _currentPeriod.amount + _amount;
+        }
+        if (_currentPeriod.limit != 0 && _currentTotalAmount > _currentPeriod.limit) {
+            revert ExceedTotalLimit(_token);
+        }
+
+        _currentPeriod.lastUpdateTs = uint48(block.timestamp);
+        _currentPeriod.amount = SafeCast.toUint104(_currentTotalAmount);
+
+        currentPeriod[_token] = _currentPeriod;
+    }
+
+    /************************
+     * Restricted Functions *
+     ************************/
+
+    /// @notice Update the total token amount limit.
+    /// @param _newTotalLimit The new total limit.
+    function updateTotalLimit(address _token, uint104 _newTotalLimit) external onlyRole(DEFAULT_ADMIN_ROLE) {
+        if (_newTotalLimit == 0) {
+            revert TotalLimitIsZero(_token);
+        }
+
+        uint256 _oldTotalLimit = currentPeriod[_token].limit;
+        currentPeriod[_token].limit = _newTotalLimit;
+
+        emit UpdateTotalLimit(_token, _oldTotalLimit, _newTotalLimit);
+    }
+}

contracts/src/test/ETHRateLimiter.t.sol

@@ -0,0 +1,75 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity =0.8.16;
+
+import {DSTestPlus} from "solmate/test/utils/DSTestPlus.sol";
+
+import {ETHRateLimiter} from "../rate-limiter/ETHRateLimiter.sol";
+import {IETHRateLimiter} from "../rate-limiter/IETHRateLimiter.sol";
+
+contract ETHRateLimiterTest is DSTestPlus {
+    event UpdateTotalLimit(uint256 oldTotalLimit, uint256 newTotalLimit);
+
+    ETHRateLimiter private limiter;
+
+    function setUp() public {
+        hevm.warp(86400);
+        limiter = new ETHRateLimiter(86400, address(this), 100 ether);
+    }
+
+    function testUpdateTotalLimit(uint104 _newTotalLimit) external {
+        hevm.assume(_newTotalLimit > 0);
+
+        // not owner, revert
+        hevm.startPrank(address(1));
+        hevm.expectRevert("Ownable: caller is not the owner");
+        limiter.updateTotalLimit(_newTotalLimit);
+        hevm.stopPrank();
+
+        // zero revert
+        hevm.expectRevert(IETHRateLimiter.TotalLimitIsZero.selector);
+        limiter.updateTotalLimit(0);
+
+        // success
+        hevm.expectEmit(false, false, false, true);
+        emit UpdateTotalLimit(100 ether, _newTotalLimit);
+        limiter.updateTotalLimit(_newTotalLimit);
+        (, uint104 _totalLimit, ) = limiter.currentPeriod();
+        assertEq(_totalLimit, _newTotalLimit);
+    }
+
+    function testAddUsedAmount() external {
+        // non-spender, revert
+        hevm.startPrank(address(1));
+        hevm.expectRevert(IETHRateLimiter.CallerNotSpender.selector);
+        limiter.addUsedAmount(0);
+        hevm.stopPrank();
+
+        // exceed total limit on first call
+        hevm.expectRevert(IETHRateLimiter.ExceedTotalLimit.selector);
+        limiter.addUsedAmount(100 ether + 1);
+        _checkTotalCurrentPeriodAmountAmount(0);
+
+        // exceed total limit on second call
+        limiter.addUsedAmount(50 ether);
+        _checkTotalCurrentPeriodAmountAmount(50 ether);
+        hevm.expectRevert(IETHRateLimiter.ExceedTotalLimit.selector);
+        limiter.addUsedAmount(50 ether + 1);
+        _checkTotalCurrentPeriodAmountAmount(50 ether);
+
+        // one period passed
+        hevm.warp(86400 * 2);
+        limiter.addUsedAmount(1 ether);
+        _checkTotalCurrentPeriodAmountAmount(1 ether);
+
+        // exceed
+        hevm.expectRevert(IETHRateLimiter.ExceedTotalLimit.selector);
+        limiter.addUsedAmount(99 ether + 1);
+        _checkTotalCurrentPeriodAmountAmount(1 ether);
+    }
+
+    function _checkTotalCurrentPeriodAmountAmount(uint256 expected) internal {
+        (, , uint256 totalAmount) = limiter.currentPeriod();
+        assertEq(totalAmount, expected);
+    }
+}

contracts/src/test/L1ScrollMessengerTest.t.sol

@@ -42,6 +42,26 @@ contract L1ScrollMessengerTest is L1GatewayTestBase {
         l1Messenger.relayMessageWithProof(address(this), address(messageQueue), 0, 0, new bytes(0), proof);
     }
 
+    function testForbidCallRateLimiterFromL2() external {
+        l1Messenger.updateRateLimiter(address(1));
+        bytes32 _xDomainCalldataHash = keccak256(
+            abi.encodeWithSignature(
+                "relayMessage(address,address,uint256,uint256,bytes)",
+                address(this),
+                address(1),
+                0,
+                0,
+                new bytes(0)
+            )
+        );
+        prepareL2MessageRoot(_xDomainCalldataHash);
+        IL1ScrollMessenger.L2MessageProof memory proof;
+        proof.batchIndex = rollup.lastFinalizedBatchIndex();
+
+        hevm.expectRevert("Forbid to call rate limiter");
+        l1Messenger.relayMessageWithProof(address(this), address(1), 0, 0, new bytes(0), proof);
+    }
+
     function testForbidCallSelfFromL2() external {
         bytes32 _xDomainCalldataHash = keccak256(
             abi.encodeWithSignature(

contracts/src/test/L2ScrollMessenger.t.sol

@@ -51,10 +51,15 @@ contract L2ScrollMessengerTest is DSTestPlus {
     }
 
     function testForbidCallFromL1() external {
+        l2Messenger.updateRateLimiter(address(1));
+
         hevm.startPrank(AddressAliasHelper.applyL1ToL2Alias(address(l1Messenger)));
         hevm.expectRevert("Forbid to call message queue");
         l2Messenger.relayMessage(address(this), address(l2MessageQueue), 0, 0, new bytes(0));
 
+        hevm.expectRevert("Forbid to call rate limiter");
+        l2Messenger.relayMessage(address(this), address(1), 0, 0, new bytes(0));
+
         hevm.expectRevert("Forbid to call self");
         l2Messenger.relayMessage(address(this), address(l2Messenger), 0, 0, new bytes(0));
         hevm.stopPrank();

contracts/src/test/TokenRateLimiter.t.sol

@@ -0,0 +1,82 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity =0.8.16;
+
+import {DSTestPlus} from "solmate/test/utils/DSTestPlus.sol";
+
+import {TokenRateLimiter} from "../rate-limiter/TokenRateLimiter.sol";
+import {ITokenRateLimiter} from "../rate-limiter/ITokenRateLimiter.sol";
+
+contract TokenRateLimiterTest is DSTestPlus {
+    event UpdateTotalLimit(address indexed token, uint256 oldTotalLimit, uint256 newTotalLimit);
+
+    TokenRateLimiter private limiter;
+
+    function setUp() public {
+        hevm.warp(86400);
+        limiter = new TokenRateLimiter(86400);
+    }
+
+    function testUpdateTotalLimit(address _token, uint104 _newTotalLimit) external {
+        hevm.assume(_newTotalLimit > 0);
+
+        // not admin, revert
+        hevm.startPrank(address(1));
+        hevm.expectRevert(
+            "AccessControl: account 0x0000000000000000000000000000000000000001 is missing role 0x0000000000000000000000000000000000000000000000000000000000000000"
+        );
+        limiter.updateTotalLimit(_token, _newTotalLimit);
+        hevm.stopPrank();
+
+        // zero revert
+        hevm.expectRevert(abi.encodeWithSelector(ITokenRateLimiter.TotalLimitIsZero.selector, _token));
+        limiter.updateTotalLimit(_token, 0);
+
+        // success
+        hevm.expectEmit(true, false, false, true);
+        emit UpdateTotalLimit(_token, 0 ether, _newTotalLimit);
+        limiter.updateTotalLimit(_token, _newTotalLimit);
+        (, uint104 _totalLimit, ) = limiter.currentPeriod(_token);
+        assertEq(_totalLimit, _newTotalLimit);
+    }
+
+    function testAddUsedAmount(address _token) external {
+        // non-spender, revert
+        hevm.startPrank(address(1));
+        hevm.expectRevert(
+            "AccessControl: account 0x0000000000000000000000000000000000000001 is missing role 0x267f05081a073059ae452e6ac77ec189636e43e41051d4c3ec760734b3d173cb"
+        );
+        limiter.addUsedAmount(_token, 0);
+        hevm.stopPrank();
+
+        limiter.grantRole(bytes32(0x267f05081a073059ae452e6ac77ec189636e43e41051d4c3ec760734b3d173cb), address(this));
+        limiter.updateTotalLimit(_token, 100 ether);
+
+        // exceed total limit on first call
+        hevm.expectRevert(abi.encodeWithSelector(ITokenRateLimiter.ExceedTotalLimit.selector, _token));
+        limiter.addUsedAmount(_token, 100 ether + 1);
+        _checkTotalCurrentPeriodAmountAmount(_token, 0);
+
+        // exceed total limit on second call
+        limiter.addUsedAmount(_token, 50 ether);
+        _checkTotalCurrentPeriodAmountAmount(_token, 50 ether);
+        hevm.expectRevert(abi.encodeWithSelector(ITokenRateLimiter.ExceedTotalLimit.selector, _token));
+        limiter.addUsedAmount(_token, 50 ether + 1);
+        _checkTotalCurrentPeriodAmountAmount(_token, 50 ether);
+
+        // one period passed
+        hevm.warp(86400 * 2);
+        limiter.addUsedAmount(_token, 1 ether);
+        _checkTotalCurrentPeriodAmountAmount(_token, 1 ether);
+
+        // exceed
+        hevm.expectRevert(abi.encodeWithSelector(ITokenRateLimiter.ExceedTotalLimit.selector, _token));
+        limiter.addUsedAmount(_token, 99 ether + 1);
+        _checkTotalCurrentPeriodAmountAmount(_token, 1 ether);
+    }
+
+    function _checkTotalCurrentPeriodAmountAmount(address token, uint256 expected) internal {
+        (, , uint256 totalAmount) = limiter.currentPeriod(token);
+        assertEq(totalAmount, expected);
+    }
+}

coordinator/internal/logic/submitproof/proof_receiver.go

@@ -128,7 +128,7 @@ func (m *ProofReceiverLogic) HandleZkProof(ctx *gin.Context, proofMsg *message.P
 		return fmt.Errorf("get public key from context failed")
 	}
 	pv := ctx.GetString(coordinatorType.ProverVersion)
-	if len(pk) == 0 {
+	if len(pv) == 0 {
 		return fmt.Errorf("get ProverVersion from context failed")
 	}
 
@@ -148,8 +148,7 @@ func (m *ProofReceiverLogic) HandleZkProof(ctx *gin.Context, proofMsg *message.P
 		return err
 	}
 
-	proverVersion := ctx.GetString(coordinatorType.ProverVersion)
-	m.verifierTotal.WithLabelValues(proverVersion).Inc()
+	m.verifierTotal.WithLabelValues(pv).Inc()
 
 	var success bool
 	var verifyErr error
@@ -160,7 +159,7 @@ func (m *ProofReceiverLogic) HandleZkProof(ctx *gin.Context, proofMsg *message.P
 	}
 
 	if verifyErr != nil || !success {
-		m.verifierFailureTotal.WithLabelValues(proverVersion).Inc()
+		m.verifierFailureTotal.WithLabelValues(pv).Inc()
 		m.proofRecover(ctx, proofMsg.ID, pk, proofMsg)
 
 		log.Info("proof verified by coordinator failed", "proof id", proofMsg.ID, "prover name", proverTask.ProverName,
@@ -310,8 +309,8 @@ func (m *ProofReceiverLogic) updateProofStatus(ctx context.Context, hash string,
 		}
 
 		// if the block batch has proof verified, so the failed status not update block batch proving status
-		if status == types.ProvingTaskFailed && m.checkIsTaskSuccess(ctx, hash, proofMsg.Type) {
-			log.Info("update proof status ProvingTaskFailed skip because other prover have prove success", "hash", hash, "public key", proverPublicKey)
+		if m.checkIsTaskSuccess(ctx, hash, proofMsg.Type) {
+			log.Info("update proof status skip because this chunk / batch has been verified", "hash", hash, "public key", proverPublicKey)
 			return nil
 		}
 

database/migrate/migrate_test.go

@@ -63,7 +63,7 @@ func testResetDB(t *testing.T) {
 	cur, err := Current(pgDB.DB)
 	assert.NoError(t, err)
 	// total number of tables.
-	assert.Equal(t, 7, int(cur))
+	assert.Equal(t, 8, int(cur))
 }
 
 func testMigrate(t *testing.T) {

prover/client/client.go

@@ -176,23 +176,24 @@ func (c *CoordinatorClient) SubmitProof(ctx context.Context, req *SubmitProofReq
 
 	if err != nil {
 		log.Error("submit proof request failed: %v", err)
-		return fmt.Errorf("submit proof request failed: %w", ConnectErr)
+		return fmt.Errorf("submit proof request failed: %w", ErrCoordinatorConnect)
 	}
 
 	if resp.StatusCode() != 200 {
 		log.Error("failed to submit proof, status code: %v", resp.StatusCode())
-		return fmt.Errorf("failed to submit proof, status code not 200: %w", ConnectErr)
+		return fmt.Errorf("failed to submit proof, status code not 200: %w", ErrCoordinatorConnect)
 	}
 
 	if result.ErrCode == types.ErrJWTTokenExpired {
 		log.Info("JWT expired, attempting to re-login")
 		if err := c.Login(ctx); err != nil {
 			log.Error("JWT expired, re-login failed: %v", err)
-			return fmt.Errorf("JWT expired, re-login failed: %w", ConnectErr)
+			return fmt.Errorf("JWT expired, re-login failed: %w", ErrCoordinatorConnect)
 		}
 		log.Info("re-login success")
 		return c.SubmitProof(ctx, req)
 	}
+
 	if result.ErrCode != types.Success {
 		return fmt.Errorf("error code: %v, error message: %v", result.ErrCode, result.ErrMsg)
 	}

prover/client/types.go

@@ -6,7 +6,8 @@ import (
 	"scroll-tech/common/types/message"
 )
 
-var ConnectErr = errors.New("connect coordinator error")
+// ErrCoordinatorConnect connect to coordinator error
+var ErrCoordinatorConnect = errors.New("connect coordinator error")
 
 // ChallengeResponse defines the response structure for random API
 type ChallengeResponse struct {

prover/prover.go

@@ -162,7 +162,7 @@ func (r *Prover) proveAndSubmit() error {
 		proofMsg, err = r.prove(task)
 		if err != nil { // handling error from prove
 			log.Error("failed to prove task", "task_type", task.Task.Type, "task-id", task.Task.ID, "err", err)
-			return r.submitErr(task, true, message.ProofFailureNoPanic, err)
+			return r.submitErr(task, message.ProofFailureNoPanic, err)
 		}
 		return r.submitProof(proofMsg)
 	}
@@ -322,7 +322,7 @@ func (r *Prover) submitProof(msg *message.ProofDetail) error {
 
 	// send the submit request
 	if err := r.coordinatorClient.SubmitProof(r.ctx, req); err != nil {
-		if !errors.Is(errors.Unwrap(err), client.ConnectErr) {
+		if !errors.Is(errors.Unwrap(err), client.ErrCoordinatorConnect) {
 			if deleteErr := r.stack.Delete(msg.ID); deleteErr != nil {
 				log.Error("prover stack pop failed", "task_type", msg.Type, "task_id", msg.ID, "err", deleteErr)
 			}
@@ -330,12 +330,15 @@ func (r *Prover) submitProof(msg *message.ProofDetail) error {
 		return fmt.Errorf("error submitting proof: %v", err)
 	}
 
+	if deleteErr := r.stack.Delete(msg.ID); deleteErr != nil {
+		log.Error("prover stack pop failed", "task_type", msg.Type, "task_id", msg.ID, "err", deleteErr)
+	}
 	log.Info("proof submitted successfully", "task-id", msg.ID, "task-type", msg.Type, "task-status", msg.Status, "err", msg.Error)
 
 	return nil
 }
 
-func (r *Prover) submitErr(task *store.ProvingTask, isRetry bool, proofFailureType message.ProofFailureType, err error) error {
+func (r *Prover) submitErr(task *store.ProvingTask, proofFailureType message.ProofFailureType, err error) error {
 	// prepare the submit request
 	req := &client.SubmitProofRequest{
 		TaskID:      task.Task.ID,
@@ -348,13 +351,16 @@ func (r *Prover) submitErr(task *store.ProvingTask, isRetry bool, proofFailureTy
 
 	// send the submit request
 	if submitErr := r.coordinatorClient.SubmitProof(r.ctx, req); submitErr != nil {
-		if !errors.Is(errors.Unwrap(err), client.ConnectErr) {
+		if !errors.Is(errors.Unwrap(err), client.ErrCoordinatorConnect) {
 			if deleteErr := r.stack.Delete(task.Task.ID); deleteErr != nil {
 				log.Error("prover stack pop failed", "task_type", task.Task.Type, "task_id", task.Task.ID, "err", deleteErr)
 			}
 		}
 		return fmt.Errorf("error submitting proof: %v", submitErr)
 	}
+	if deleteErr := r.stack.Delete(task.Task.ID); deleteErr != nil {
+		log.Error("prover stack pop failed", "task_type", task.Task.Type, "task_id", task.Task.ID, "err", deleteErr)
+	}
 
 	log.Info("proof submitted report failure successfully",
 		"task-id", task.Task.ID, "task-type", task.Task.Type,