feat(contracts): staking upgradeable (#193)

Author: mattstam

contracts/.gas-snapshot

@@ -106,39 +106,37 @@ Fill out `{CHAIN_ID}.json` with any pre-deployed contracts. For example, if ther
 
 #### Deploy each contract
 
+The broadcast flag is intentially removed from these scripts so that the predicted addresses are written to the `{CHAIN_ID}.json` file without actually deploying them. This is so that `initialize` functions can be atomically called to avoid [frontrunning attacks](https://dedaub.com/blog/the-cpimp-attack-an-insanely-far-reaching-vulnerability-successfully-mitigated/) on the `initialize` function.
+
 Deploy the SuccinctStaking contract:
 
 ```sh
-FOUNDRY_PROFILE=deploy forge script SuccinctStakingScript --private-key $PRIVATE_KEY --broadcast --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
+FOUNDRY_PROFILE=deploy forge script SuccinctStakingScript --private-key $PRIVATE_KEY --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
 ```
 
 This DOES NOT initalize the contract - this will be done in a later step once references to other contracts are available.
 
 Deploy the $iPROVE contract (assumes $PROVE is already deployed):
 
 ```sh
-FOUNDRY_PROFILE=deploy forge script IntermediateSuccinctScript --private-key $PRIVATE_KEY --broadcast --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
+FOUNDRY_PROFILE=deploy forge script IntermediateSuccinctScript --private-key $PRIVATE_KEY --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
 ```
 
 Deploy the SuccinctGovernor contract:
 
 ```sh
-FOUNDRY_PROFILE=deploy forge script SuccinctGovernorScript --private-key $PRIVATE_KEY --broadcast --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
+FOUNDRY_PROFILE=deploy forge script SuccinctGovernorScript --private-key $PRIVATE_KEY --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
 ```
 
 Deploy the SuccinctVApp implementation and proxy contracts (assumes verifier is already deployed):
 
 ```sh
-FOUNDRY_PROFILE=deploy forge script SuccinctVAppScript --private-key $PRIVATE_KEY --broadcast --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
+FOUNDRY_PROFILE=deploy forge script SuccinctVAppScript --private-key $PRIVATE_KEY --rpc-url $ETH_RPC_URL --verify --verifier etherscan --etherscan-api-key $ETHERSCAN_API_KEY
 ```
 
 If the SP1VerifierGateway is not already deployed, follow steps in [sp1-contracts](https://github.com/succinctlabs/sp1-contracts) to deploy it and fill out the address in your `{CHAIN_ID}.json` file.
 
-Initalize the SuccinctStaking contract:
-
-```sh
-FOUNDRY_PROFILE=deploy forge script SuccinctStakingScript --sig "initialize()" --private-key $PRIVATE_KEY --broadcast --rpc-url $ETH_RPC_URL
-```
+At this point, you should have all the predicted addresses in your `{CHAIN_ID}.json` file. You should now re-run these with the `--broadcast` flag to actually deploy the contracts.
 
 Run the integrity check:
 

contracts/README.md

@@ -21,18 +21,19 @@ contract AllScript is BaseScript, FixtureLoader {
         address OWNER = readAddress("OWNER");
 
         // Deploy contracts
-        address STAKING = address(new SuccinctStaking{salt: salt}(OWNER));
+        (address STAKING, address STAKING_IMPL) = _deployStakingAsProxy(salt);
         address PROVE = address(new Succinct{salt: salt}(OWNER));
         address I_PROVE = address(new IntermediateSuccinct{salt: salt}(PROVE, STAKING));
         address GOVERNOR = _deployGovernor(salt, I_PROVE);
         (address VERIFIER, address VAPP, address VAPP_IMPL) =
             _deployVAppAsProxy(salt, OWNER, PROVE, I_PROVE, STAKING);
 
         // Initialize staking contract
-        _initializeStaking(STAKING, GOVERNOR, VAPP, PROVE, I_PROVE);
+        _initializeStaking(OWNER, STAKING, GOVERNOR, VAPP, PROVE, I_PROVE);
 
         // Write addresses
         writeAddress("STAKING", STAKING);
+        writeAddress("STAKING_IMPL", STAKING_IMPL);
         writeAddress("VERIFIER", VERIFIER);
         writeAddress("VAPP", VAPP);
         writeAddress("VAPP_IMPL", VAPP_IMPL);
@@ -102,8 +103,18 @@ contract AllScript is BaseScript, FixtureLoader {
         return (VERIFIER, VAPP, VAPP_IMPL);
     }
 
+    /// @dev Deploys the staking contract as a proxy but does not initialize it.
+    function _deployStakingAsProxy(bytes32 salt) internal returns (address, address) {
+        address STAKING_IMPL = address(new SuccinctStaking{salt: salt}());
+        address STAKING = address(
+            SuccinctStaking(payable(address(new ERC1967Proxy{salt: salt}(STAKING_IMPL, ""))))
+        );
+        return (STAKING, STAKING_IMPL);
+    }
+
     /// @dev This is a stack-too-deep workaround.
     function _initializeStaking(
+        address OWNER,
         address STAKING,
         address GOVERNOR,
         address VAPP,
@@ -115,9 +126,9 @@ contract AllScript is BaseScript, FixtureLoader {
         uint256 MAX_UNSTAKE_REQUESTS = readUint256("MAX_UNSTAKE_REQUESTS");
         uint256 UNSTAKE_PERIOD = readUint256("UNSTAKE_PERIOD");
         uint256 SLASH_CANCELLATION_PERIOD = readUint256("SLASH_CANCELLATION_PERIOD");
-        uint256 DISPENSE_RATE = readUint256("DISPENSE_RATE");
 
         SuccinctStaking(STAKING).initialize(
+            OWNER,
             GOVERNOR,
             VAPP,
             PROVE,
@@ -126,8 +137,7 @@ contract AllScript is BaseScript, FixtureLoader {
             MIN_STAKE_AMOUNT,
             MAX_UNSTAKE_REQUESTS,
             UNSTAKE_PERIOD,
-            SLASH_CANCELLATION_PERIOD,
-            DISPENSE_RATE
+            SLASH_CANCELLATION_PERIOD
         );
     }
 }

contracts/script/deploy/All.s.sol

@@ -3,6 +3,8 @@ pragma solidity ^0.8.28;
 
 import {BaseScript} from "../utils/Base.s.sol";
 import {SuccinctStaking} from "../../src/SuccinctStaking.sol";
+import {ERC1967Proxy} from
+    "../../lib/openzeppelin-contracts/contracts/proxy/ERC1967/ERC1967Proxy.sol";
 
 contract SuccinctStakingScript is BaseScript {
     string internal constant KEY = "STAKING";
@@ -11,17 +13,6 @@ contract SuccinctStakingScript is BaseScript {
         // Read config
         bytes32 salt = readBytes32("CREATE2_SALT");
         address OWNER = readAddress("OWNER");
-
-        // Deploy contract
-        SuccinctStaking deployed = new SuccinctStaking{salt: salt}(OWNER);
-
-        // Write address
-        writeAddress(KEY, address(deployed));
-    }
-
-    /// @dev Only run this once all of the other contracts are deployed. Script must be ran with OWNER's private key.
-    function initialize() external broadcaster {
-        address STAKING = readAddress(KEY);
         address GOVERNOR = readAddress("GOVERNOR");
         address VAPP = readAddress("VAPP");
         address PROVE = readAddress("PROVE");
@@ -31,19 +22,32 @@ contract SuccinctStakingScript is BaseScript {
         uint256 MAX_UNSTAKE_REQUESTS = readUint256("MAX_UNSTAKE_REQUESTS");
         uint256 UNSTAKE_PERIOD = readUint256("UNSTAKE_PERIOD");
         uint256 SLASH_CANCELLATION_PERIOD = readUint256("SLASH_CANCELLATION_PERIOD");
-        uint256 DISPENSE_RATE = readUint256("DISPENSE_RATE");
 
-        SuccinctStaking(STAKING).initialize(
-            GOVERNOR,
-            VAPP,
-            PROVE,
-            I_PROVE,
-            DISPENSER,
-            MIN_STAKE_AMOUNT,
-            MAX_UNSTAKE_REQUESTS,
-            UNSTAKE_PERIOD,
-            SLASH_CANCELLATION_PERIOD,
-            DISPENSE_RATE
+        // Encode the initialize function call data
+        bytes memory initData = abi.encodeCall(
+            SuccinctStaking.initialize,
+            (
+                OWNER,
+                GOVERNOR,
+                VAPP,
+                PROVE,
+                I_PROVE,
+                DISPENSER,
+                MIN_STAKE_AMOUNT,
+                MAX_UNSTAKE_REQUESTS,
+                UNSTAKE_PERIOD,
+                SLASH_CANCELLATION_PERIOD
+            )
         );
+
+        // Deploy contract
+        address STAKING_IMPL = address(new SuccinctStaking{salt: salt}());
+        address STAKING = address(
+            SuccinctStaking(payable(address(new ERC1967Proxy{salt: salt}(STAKING_IMPL, initData))))
+        );
+
+        // Write address
+        writeAddress(KEY, STAKING);
+        writeAddress(string.concat(KEY, "_IMPL"), STAKING_IMPL);
     }
 }

contracts/script/deploy/SuccinctStaking.s.sol

@@ -21,12 +21,14 @@ contract PostDeploymentScript is BaseScript, Test {
         address VAPP = readAddress("VAPP");
         address VAPP_IMPL = readAddress("VAPP_IMPL");
         address STAKING = readAddress("STAKING");
+        address STAKING_IMPL = readAddress("STAKING_IMPL");
         address PROVE = readAddress("PROVE");
         address I_PROVE = readAddress("I_PROVE");
         address GOVERNOR = readAddress("GOVERNOR");
 
         _checkVAppImpl(VAPP, VAPP_IMPL);
         _checkVApp(VAPP, STAKING, PROVE, I_PROVE);
+        _checkStakingImpl(STAKING, STAKING_IMPL);
         _checkStaking(STAKING, VAPP, PROVE, I_PROVE);
         _checkGovernor(GOVERNOR, I_PROVE);
         _checkIProve(I_PROVE, STAKING, PROVE);
@@ -69,6 +71,16 @@ contract PostDeploymentScript is BaseScript, Test {
         assertEq(vapp.timestamp(), 0);
     }
 
+    function _checkStakingImpl(address _staking, address _stakingImpl) internal view {
+        bytes32 implRaw = vm.load(_staking, _IMPL_SLOT);
+        address currentImpl = address(uint160(uint256(implRaw)));
+        assertEq(
+            currentImpl,
+            _stakingImpl,
+            "staking implementation address mismatch (may have been upgraded)"
+        );
+    }
+
     function _checkStaking(address _staking, address _vapp, address _prove, address _iProve)
         internal
         view

contracts/script/utils/PostDeployment.s.sol

@@ -7,23 +7,28 @@ import {ISuccinctStaking} from "./interfaces/ISuccinctStaking.sol";
 import {IIntermediateSuccinct} from "./interfaces/IIntermediateSuccinct.sol";
 import {IProver} from "./interfaces/IProver.sol";
 import {SuccinctGovernor} from "./SuccinctGovernor.sol";
-import {Initializable} from "../lib/openzeppelin-contracts/contracts/proxy/utils/Initializable.sol";
-import {Ownable} from "../lib/openzeppelin-contracts/contracts/access/Ownable.sol";
+import {Initializable} from
+    "../lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/Initializable.sol";
+import {OwnableUpgradeable} from
+    "../lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
 import {IERC20} from "../lib/openzeppelin-contracts/contracts/interfaces/IERC20.sol";
 import {IERC20Permit} from
     "../lib/openzeppelin-contracts/contracts/token/ERC20/extensions/IERC20Permit.sol";
 import {IERC4626} from "../lib/openzeppelin-contracts/contracts/interfaces/IERC4626.sol";
 import {SafeERC20} from "../lib/openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol";
 import {Math} from "../lib/openzeppelin-contracts/contracts/utils/math/Math.sol";
+import {UUPSUpgradeable} from
+    "../lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/UUPSUpgradeable.sol";
 
 /// @title SuccinctStaking
 /// @author Succinct Labs
 /// @notice Manages staking, unstaking, dispensing, and slashing for the Succinct Prover Network.
 contract SuccinctStaking is
     Initializable,
-    Ownable,
+    OwnableUpgradeable,
     ProverRegistry,
     StakedSuccinct,
+    UUPSUpgradeable,
     ISuccinctStaking
 {
     using SafeERC20 for IERC20;
@@ -89,14 +94,15 @@ contract SuccinctStaking is
                               INITIALIZER
     //////////////////////////////////////////////////////////////*/
 
-    /// @dev Only the owner is set in the constructor. This is done because other contracts
-    ///      (e.g. SuccinctVApp) need a reference to this contract, and this contract needs a
-    ///      reference to it. So we deploy this first, then initialize it later.
-    constructor(address _owner) Ownable(_owner) {}
+    /// @custom:oz-upgrades-unsafe-allow constructor
+    constructor() {
+        _disableInitializers();
+    }
 
     /// @dev We don't do this in the constructor because we must deploy this contract
     ///      first.
     function initialize(
+        address _owner,
         address _governor,
         address _vApp,
         address _prove,
@@ -105,13 +111,12 @@ contract SuccinctStaking is
         uint256 _minStakeAmount,
         uint256 _maxUnstakeRequests,
         uint256 _unstakePeriod,
-        uint256 _slashCancellationPeriod,
-        uint256 _dispenseRate
-    ) external onlyOwner initializer {
+        uint256 _slashCancellationPeriod
+    ) external initializer {
         // Ensure that parameters critical for functionality are non-zero.
         if (
-            _governor == address(0) || _vApp == address(0) || _prove == address(0)
-                || _intermediateProve == address(0) || _dispenser == address(0)
+            _owner == address(0) || _governor == address(0) || _vApp == address(0)
+                || _prove == address(0) || _intermediateProve == address(0) || _dispenser == address(0)
         ) {
             revert ZeroAddress();
         }
@@ -120,16 +125,16 @@ contract SuccinctStaking is
         }
 
         // Setup the initial state.
+        __UUPSUpgradeable_init();
+        __Ownable_init(_owner);
+        __StakedSuccinct_init();
         __ProverRegistry_init(_governor, _vApp, _prove, _intermediateProve);
         dispenser = _dispenser;
         minStakeAmount = _minStakeAmount;
         maxUnstakeRequests = _maxUnstakeRequests;
         unstakePeriod = _unstakePeriod;
         slashCancellationPeriod = _slashCancellationPeriod;
 
-        // Setup the dispense rate.
-        _updateDispenseRate(_dispenseRate);
-
         // Approve the $iPROVE contract to transfer $PROVE from this contract during stake().
         IERC20(prove).approve(iProve, type(uint256).max);
     }
@@ -657,4 +662,7 @@ contract SuccinctStaking is
 
         dispenseRate = _dispenseRate;
     }
+
+    /// @dev Authorizes an ERC1967 proxy upgrade to a new implementation contract.
+    function _authorizeUpgrade(address _newImplementation) internal override onlyOwner {}
 }

contracts/src/SuccinctStaking.sol

@@ -130,6 +130,7 @@ contract SuccinctVApp is
         }
 
         // Set the state variables.
+        __UUPSUpgradeable_init();
         __Ownable_init(_owner);
         vkey = _vkey;
         prove = _prove;

contracts/src/SuccinctVApp.sol

@@ -45,6 +45,9 @@ abstract contract ProverRegistry is IProverRegistry {
     /// @dev A mapping from prover vault to whether it is deactivated.
     mapping(address => bool) internal deactivatedProvers;
 
+    /// @dev This empty reserved space to add new variables without shifting down storage.
+    uint256[10] private __gap;
+
     /// @dev This call must be sent by the VApp contract. This also acts as a check to ensure that the contract
     ///      has been initialized.
     modifier onlyVApp() {

contracts/src/libraries/ProverRegistry.sol

@@ -1,7 +1,8 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.28;
 
-import {ERC20} from "../../lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol";
+import {ERC20Upgradeable} from
+    "../../lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/ERC20Upgradeable.sol";
 
 string constant NAME = "StakedSuccinct";
 string constant SYMBOL = "stPROVE";
@@ -12,19 +13,24 @@ string constant SYMBOL = "stPROVE";
 /// @dev This contract balance stays 1:1 with $PROVER-N vaults to give one unified
 ///      source of truth to track staked $PROVE. It is non-transferable outside of
 ///      staking operations.
-abstract contract StakedSuccinct is ERC20 {
+abstract contract StakedSuccinct is ERC20Upgradeable {
     error NonTransferable();
 
     /// @dev Only true if in the process of staking or unstaking.
     bool internal transient isStakingOperation;
 
+    /// @dev This empty reserved space to add new variables without shifting down storage.
+    uint256[10] private __gap;
+
     modifier stakingOperation() {
         isStakingOperation = true;
         _;
         isStakingOperation = false;
     }
 
-    constructor() ERC20(NAME, SYMBOL) {}
+    function __StakedSuccinct_init() internal onlyInitializing {
+        __ERC20_init(NAME, SYMBOL);
+    }
 
     function name() public pure virtual override returns (string memory) {
         return NAME;
@@ -36,7 +42,10 @@ abstract contract StakedSuccinct is ERC20 {
 
     /// @dev Only can update balances when staking operations are occuring. This is equivalent to
     /// the only staking checks that we have on $iPROVE and $PROVER-N tokens.
-    function _update(address _from, address _to, uint256 _value) internal override(ERC20) {
+    function _update(address _from, address _to, uint256 _value)
+        internal
+        override(ERC20Upgradeable)
+    {
         if (!isStakingOperation) {
             revert NonTransferable();
         }