Conversation
alessandromazza98
left a comment
There was a problem hiding this comment.
great work. As I wrote in the RFC, I still think it would be a good idea to initially start by only using something like wormhole (I mean a third party bridge) for all destination chains (Ethereum included) so that you only need one type of adapter and it's easier to handle at the start. It's also cheaper from a gas perspective.
With only one concrete solution you can bridge to all chains you need because they all support wormhole.
What do you think about it?
I agree it'd be easier, but I disagree that this is the correct approach. The way I have built this now is as a verifiable rolling hash chain of the sequence of updates that occur on any of the 3 contracts - Verifiable against only an L1 block hash. Without a verifiable link from World Chain State -> Destination Chain state then we have a very brittle, and high trust bridge. In the current implementation any chain with access to an Ethereum block hash via Oracle, or Native rollup can verify both the correctness of order, and timing on any inbound state changes without having to trust the relayer at all. Less importantly we now "finalize" state, and have a way to provably invalidate previous state at dispute game resolution (even though this should never happen) Wormhole, Hyperlane, etc. are just transports by which we provide these proofs to the destination Verifier contracts - Integrating transports is the easy part |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 40 out of 43 changed files in this pull request and generated 5 comments.
Comments suppressed due to low confidence (2)
bridge/contracts/src/types/IStateBridge.sol:1
- Correct spelling: 'commiting' → 'committing'.
justfiles/forge.just:1 --via--irlooks like a typo and will likely be rejected by solc/forge. If the intent is IR compilation, use the correct flag (--via-ir), and consider whether it should be a forge flag (pre---) vs a solc passthrough (post---).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
contracts/src/crosschain/adapters/PermissionedGatewayAdapter.sol
Outdated
Show resolved
Hide resolved
|
@cursoragent review @codex review |
|
Unable to authenticate your request. Please make sure to connect your GitHub account to Cursor. Go to Cursor |
|
|
||
| ### Environment Variables | ||
|
|
||
| Only three env vars exist. Everything else lives in the config JSON. |
There was a problem hiding this comment.
nit: there are 4 env vars in the table below
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
This is necessary to inherit the ERC-7786 interfaces
There was a problem hiding this comment.
Necessary for ERC-7786
| @@ -107,7 +107,6 @@ abstract contract WorldIDBase is Initializable, Ownable2StepUpgradeable, UUPSUpg | |||
| __Ownable_init(msg.sender); | |||
| __Ownable2Step_init(); | |||
| __EIP712_init(name, version); | |||
| __UUPSUpgradeable_init(); | |||
There was a problem hiding this comment.
Not on UUPSUpgradeable api anymore. This was a no-op previously
| ProvenPubKeyInfo memory issuerPubKeyInfo = issuerSchemaIdToPubkeyAndProofId(issuerSchemaId); | ||
| if (issuerPubKeyInfo.pubKey.x == 0 && issuerPubKeyInfo.pubKey.y == 0) revert UnregisteredIssuerSchemaId(); | ||
|
|
||
| ProvenPubKeyInfo memory oprfPubKeyInfo = oprfKeyIdToPubkeyAndProofId(uint160(issuerSchemaId)); |
There was a problem hiding this comment.
Should be using rpId here not issuerSchemaId
State Bridge (ERC-7786) — PR Overview
Addresses: #191
Spec: RFC — World ID 4.0 State Bridge
Standard: ERC-7786 (Interop Messaging)
Overview
This PR introduces the first implementation of the World ID 4.0 State Bridge, designed to align with ERC-7786.
The system follows a hub-and-spoke architecture:
A Satellite’s security model is determined entirely by its configured Gateway.
ERC-7786 Message Flow
Gateway Entrypoint:
Gateway Adapters
Three authentication strategies for gateway chain head verification, each targeting a different trust/availability tradeoff.
PermissionedGatewayAdapterEthereumMPTGatewayAdapterLightClientGatewayAdapterPermissionedGatewayAdapterMultisig-validated relayer that forwards chain heads directly. Enables day-one interoperability on arbitrary destination chains with no protocol-level dependencies.
EthereumMPTGatewayAdapterAuthenticates chain heads via Ethereum L1 storage proofs. Verifies the OP DisputeGame output root, then proves the
WorldChainSource.keccakChainslot against the claimed World Chain state root using an MPT account proof + storage proof.LightClientGatewayAdapterVerifies a ZK proof of Ethereum consensus (Helios light client) — specifically, the sync committee's aggregated BLS signature over an L1 state root. The proven state root is then used to verify an MPT storage proof of the
StateBridge.keccakChainslot on L1.Review Scope:
crosschain/adapters,crosschain/lib/,crosschain/Source.sol,crosschain/Satellite.sol