Skip to content

Commit

Permalink
Merge branch 'OffchainLabs:master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
Essenceone1 authored Jul 27, 2024
2 parents 9c13e9e + e74b022 commit 5679a19
Show file tree
Hide file tree
Showing 36 changed files with 574 additions and 91 deletions.
26 changes: 13 additions & 13 deletions arbitrum-docs/audit-reports.mdx
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
# Security Audit Reports

- [Code4rena, 6/17/2024: Arbitrum BoLD](https://code4rena.com/reports/2024-05-arbitrum-foundation)

- [Trail of Bits, 6/10/2024: Arbitrum Stylus](https://github.com/trailofbits/publications/blob/master/reviews/2024-05-offchain-arbitrumstylus-securityreview.pdf)

- [Trail of Bits, 5/2/2024: Arbitrum BoLD & Delay Buffer](https://github.com/trailofbits/publications/blob/master/reviews/2024-04-offchainbold-securityreview.pdf)

- [Trail of Bits, 1/6/2023: Governance, Token Bridge ](https://github.com/ArbitrumFoundation/governance/blob/master/audits/trail_of_bits_governance_report_1_6_2023.pdf)

- [Trail of Bits, 10/10/2022: Nitro Node & Core Contracts](https://github.com/OffchainLabs/nitro/blob/master/audits/Trail_Of_Bits_Nitro_10_2022.pdf)

- [ ConsenSys Diligence, 6/24/2022: Nitro Node & Core Contracts](https://github.com/OffchainLabs/nitro/blob/master/audits/ConsenSys_Diligence_Nitro_Contracts_5_2022.pdf)

- [ ConsenSys Diligence, 11/5/2021: Core Contracts, Token Bridge](https://github.com/OffchainLabs/nitro/blob/master/audits/ConsenSys_Diligence_Arbitrum_Contracts_11_2021.pdf)
| Auditor | Audit date | Audited code | View report |
|-------------------------|------------|------------------------------------------------|-----------------------------------------------------------------------------------------|
| **ConsenSys Diligence** | 11/05/2021 | Core Contracts, Token Bridge | [view](hosted-audit-reports/ConsenSys_Diligence_Arbitrum_Contracts_11_2021.pdf) |
| **ConsenSys Diligence** | 06/24/2022 | Nitro Node & Core Contracts | [view](hosted-audit-reports/ConsenSys_Diligence_Nitro_Contracts_5_2022.pdf) |
| **Trail of Bits** | 10/10/2022 | Nitro Node & Core Contracts | [view](hosted-audit-reports/Trail_Of_Bits_Nitro_10_2022.pdf) |
| **Trail of Bits** | 01/06/2023 | Governance& Token Bridge | [view](hosted-audit-reports/trail_of_bits_governance_report_1_6_2023.pdf) |
| **chainsecurity** | 03/20/2024 | Nova Fee Router Updates (ArbOS 31) | [view](https://www.chainsecurity.com/security-audit/offchain-labs-fund-distribution) |
| **Trail of Bits** | 05/02/2024 | Arbitrum BoLD & Delay Buffer | [view](hosted-audit-reports/2024-04-offchainbold-securityreview.pdf) |
| **Code4rena** | 06/17/2024 | Arbitrum BoLD: Public Audit Competition Report | [view](https://code4rena.com/reports/2024-05-arbitrum-foundation) |
| **Trail of Bits** | 06/10/2024 | Arbitrum Stylus | [view](hosted-audit-reports/2024-05-offchain-arbitrumstylus-securityreview.pdf) |
| **Trail of Bits** | 07/24/2024 | Arbos30 Nitro upgrade | [view](hosted-audit-reports/2024-04-offchain-arbos-30-nitro-upgrade-securityreview.pdf) |
| **Trail of Bits** | 07/24/2024 | Arbos 31 | [view](hosted-audit-reports/2024-04-offchain-arbos-31-securityreview.pdf) |
| **Trail of Bits** | 07/24/2024 | l1-l3-teleporter | [view](hosted-audit-reports/2024-04-offchain-l1-l3-teleporter-securityreview.pdf) |
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ content_type: concept

Arbitrum is designed to be as compatible and consistent with Ethereum as possible, from its high-level RPCs to its low-level bytecode and everything in between. <a data-quicklook-from="dapp">Decentralized app (dApp)</a> developers with experience building on Ethereum will likely find that little-to-no new specific knowledge is required to build on Arbitrum.

This section describes the differences, perks, and gotchas that devs are advised to be aware of when working with Arbitrum. This first page serves as an overview of where you might these differences, with links to the relevant pages when needed.
This section describes the differences, perks, and gotchas that devs are advised to be aware of when working with Arbitrum. This first page serves as an overview of where you might find these differences, with links to the relevant pages when needed.

## Block numbers and time

Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: 'Block numbers and time'
title: 'Block gas limit, numbers and time'
sidebar_position: 2
description: This concept page provides information about the differences between Arbitrum and Ethereum in terms of block numbers and timing, so developers can easily understand what to expect when deploying to Arbitrum
description: This concept page provides information about the differences between Arbitrum and Ethereum in terms of block gas limit, numbers and timing, so developers can easily understand what to expect when deploying to Arbitrum
author: dzgoldman
target_audience: developers who want to build on Arbitrum
content_type: concept
Expand All @@ -15,9 +15,17 @@ With the release of Arbitrum Orbit, Arbitrum chains can now be L2s that settle t

As in Ethereum, Arbitrum clients submit transactions, and the system executes those transactions at some later time. In Arbitrum, clients submit transactions by posting messages to the Ethereum chain, either [through the sequencer](/how-arbitrum-works/sequencer.md#happycommon-case-sequencer-is-live-and-well-behaved) or via the chain's [delayed inbox](/how-arbitrum-works/sequencer.md#unhappyuncommon-case-sequencer-isnt-doing-its-job).

Once in the chain's core inbox contract, transactions are processed in order. Generally, some time will elapse between the time when a message is put into the inbox (and timestamped) and the time when the contract processes the message and carries out the transaction requested by the message.
Once in the chain's core inbox contract, transactions are processed in order. Generally, some time will elapse between when a message is put into the inbox (and timestamped) and when the contract processes the message and carries out the transaction requested by the message.

In this page we describe what does this mechanism mean for the block numbers and the time assumptions of the transactions submitted to Arbitrum.
Additionally, since the calldata of Arbitrum transactions (or the DAC certificate on <a data-quicklook-from="arbitrum-anytrust-chain">AnyTrust</a>chains) is posted to Ethereum, the gas paid when executing them includes an L1 component to cover the costs of the batch poster.

This page describes what this mechanism means for the block gas limit, block numbers, and the time assumptions of the transactions submitted to Arbitrum.

## Block gas limit

When submitting a transaction to Arbitrum, the user is required to cover the execution cost on Arbitrum and the relative cost of posting its calldata to Ethereum. Arbitrum manages this [2-dimensional fee structure](https://medium.com/offchainlabs/understanding-arbitrum-2-dimensional-fees-fd1d582596c9) by adjusting the transaction's gas limit to cover the L1 posting costs. Hence, a given transaction might show a very high value as the gas limit.

Then, the gas limit of an Arbitrum block is set as the sum of the total gas limit (execution + adjustment of the L1 costs) of all transactions. Because of that, the `gasLimit` shown when querying a block will likely be higher than the effective block gas limit (32 million). To check the actual gas used for execution on a specific block, we can look at the `gasUsed` field.

## Block numbers: Arbitrum vs. Ethereum

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,11 @@ Complete [this form](@portalApplicationForm@) , if you'd like to see your projec

This section provides an overview of the available public RPC endpoints for different Arbitrum chains and necessary details to interact with them.

| Name | RPC Url(s) | Chain ID | Block explorer | Underlying chain | Tech stack | Sequencer feed URL | Sequencer endpoint<sup>⚠️</sup> |
| -------------------------- | -------------------------------------- | -------- | -------------------------------------- | ---------------- | ---------------- | ------------------------------------- | ------------------------------------------------ |
| Arbitrum One | https://arb1.arbitrum.io/rpc | 42161 | https://arbiscan.io/ | Ethereum | Nitro (Rollup) | wss://arb1.arbitrum.io/feed | https://arb1-sequencer.arbitrum.io/rpc |
| Arbitrum Nova | https://nova.arbitrum.io/rpc | 42170 | https://nova.arbiscan.io/ | Ethereum | Nitro (AnyTrust) | wss://nova.arbitrum.io/feed | https://nova-sequencer.arbitrum.io/rpc |
| Arbitrum Sepolia (Testnet) | https://sepolia-rollup.arbitrum.io/rpc | 421614 | https://sepolia.arbiscan.io | Sepolia | Nitro (Rollup) | wss://sepolia-rollup.arbitrum.io/feed | https://sepolia-rollup-sequencer.arbitrum.io/rpc |
| Name | RPC Url(s) | Chain ID | Block explorer | Underlying chain | Tech stack | Sequencer feed URL | Sequencer endpoint<sup>⚠️</sup> |
| -------------------------- | -------------------------------------- | -------- | --------------------------- | ---------------- | ---------------- | ------------------------------------- | ------------------------------------------------ |
| Arbitrum One | https://arb1.arbitrum.io/rpc | 42161 | https://arbiscan.io/ | Ethereum | Nitro (Rollup) | wss://arb1.arbitrum.io/feed | https://arb1-sequencer.arbitrum.io/rpc |
| Arbitrum Nova | https://nova.arbitrum.io/rpc | 42170 | https://nova.arbiscan.io/ | Ethereum | Nitro (AnyTrust) | wss://nova.arbitrum.io/feed | https://nova-sequencer.arbitrum.io/rpc |
| Arbitrum Sepolia (Testnet) | https://sepolia-rollup.arbitrum.io/rpc | 421614 | https://sepolia.arbiscan.io | Sepolia | Nitro (Rollup) | wss://sepolia-rollup.arbitrum.io/feed | https://sepolia-rollup-sequencer.arbitrum.io/rpc |

:::caution

Expand All @@ -44,7 +44,7 @@ Alternatively, to interact with public Arbitrum chains, you can rely on many of
| Provider | Arb One? | Arb Nova? | Arb Sepolia? | Websocket? |
| ------------------------------------------------------------------------------------ | -------- | --------- | ------------ | ---------- |
| [1RPC](https://docs.1rpc.io/overview/supported-networks#arbitrum) || | | |
| [Alchemy](https://docs.alchemy.com/reference/arbitrum-api-quickstart) || |||
| [Alchemy](https://docs.alchemy.com/reference/arbitrum-api-quickstart) || |||
| [Allnodes](https://arbitrum.publicnode.com) ||| ||
| [Ankr](https://www.ankr.com/docs/rpc-service/chains/chains-list/#arbitrum) || | ||
| [Blast](https://blastapi.io/public-api/arbitrum) ||| ||
Expand Down
185 changes: 185 additions & 0 deletions arbitrum-docs/for-devs/third-party-docs/TheGraph/thegraph.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,185 @@
# The Graph

Getting historical data on a smart contract can be frustrating when building a dApp. [The Graph](https://thegraph.com/) provides an easy way to query smart contract data through APIs known as subgraphs, which utilize `GraphQL`.  The Graph's infrastructure relies on a decentralized network of indexers, enabling your dApp to become truly decentralized.

## Quick start

These subgraphs only take a few minutes to set up and get running. To get started, follow these three steps:

1. [Initialize your subgraph project](#1-initialize-your-subgraph-project)
2. [Deploy & publish](#2-deploy--publish)
3. [Query from your dApp](#sample-query)

Pricing: **All developers receive 100K free monthly queries on the decentralized network**. After these free queries, you only pay based on usage at $4 for every 100K queries.

Here's a step by step walkthrough:

## 1. Initialize your subgraph project

### Create a subgraph on Subgraph Studio⁠

Go to the [Subgraph Studio](https://thegraph.com/studio/) and connect your wallet. Once your wallet is connected, you can begin by clicking "Create a Subgraph". Please choose a good name for the subgraph: this name can't be edited later. It is recommended to use Title Case: "Subgraph Name Chain Name."

![Create a Subgraph](https://lh7-us.googleusercontent.com/docsz/AD_4nXf8OTdwMxlKQGKzIF_kYR7NPKeh9TmWnZBYxb7ft_YbdOdx_VVtbp6PslN7N1KGUzNpIDCmaXppdrllM1cw_J4L8Na03BXOWzJTK1POCve0nkRjQYgWJ60QHAdtQ4Niy83SMM8m0F0f-N-AJj4PDqDPlA5M?key=fnI6SyFgXU9SZRNX5C5vPQ)

You will then land on your subgraph's page. All the CLI commands you need will be visible on the right side of the page:

![CLI commands](https://lh7-us.googleusercontent.com/docsz/AD_4nXe3YvCxiOH_LupSWe8zh9AmP-VrV4PlOq3f7Ix6hNlBUYcANUFuLuVIWR74OGiBs0nrugTyT0v3o6RPmTsgHONdv_ZJNWtcDWEkRntXPHlQGFcqmEBa-D6j4aoIPzUKYdOJMVUPu8O3fwjdZ4IaXXZoTzY?key=fnI6SyFgXU9SZRNX5C5vPQ)

### Install the Graph CLI⁠

On your local machine, run the following:

```shell
npm install -g @graphprotocol/graph-cli
```

### Initialize your Subgraph⁠

You can copy this directly from your subgraph page to include your specific subgraph slug:

```shell
graph init --studio <SUBGRAPH_SLUG>
```

You'll be prompted to provide some info on your subgraph like this:

![cli sample](https://lh7-us.googleusercontent.com/docsz/AD_4nXdTAUsUb5vbs3GtCrhKhuXM1xYoqqooYTxw6lfJfYtLJNP8GKVOhTPmjxlM1b6Qpx-pXNVOzRuc8BL12wZXqy4MIj8ja0tp15znfuJD_Mg84SSNj3JpQ4d31lNTxPYnpba4UOzZx8pmgOIsbI7vCz70v9gC?key=fnI6SyFgXU9SZRNX5C5vPQ)

Simply have your contract verified on the block explorer, and the CLI will automatically obtain the ABI and set up your subgraph. The default settings will generate an entity for each event.

## 2. Deploy & publish

### Deploy to Subgraph Studio⁠

First, run these commands in your terminal

```shell
graph codegen
graph build
```

Then, invoke these commands to authenticate and deploy your subgraph. You can copy these commands directly from your subgraph's page in Studio to include your specific deploy key and subgraph slug:

```shell
graph auth --studio <DEPLOY_KEY>
graph deploy --studio <SUBGRAPH_SLUG>
```

You will be asked for a version label. You can enter something like `V0.0.1`, but you're free to choose the format.

### Test your subgraph⁠

You can test your subgraph by making a sample query in the playground section. The Details tab will show you an API endpoint. You can use that endpoint to test from your dApp.

![Playground](https://lh7-us.googleusercontent.com/docsz/AD_4nXf3afwSins8_eO7BceGPN79VvwolDxmFNUnkPk0zAJCaUA-3-UAAjVvrMzwr7q9vNYWdrEUNgm2De2VfQpWauiT87RkFc-cVfoPSsQbYSgsmwhyY1-tpPdv2J1H4JAMq70nfWBhb8PszZBFjsbDAaJ5eto?key=fnI6SyFgXU9SZRNX5C5vPQ)

### Publish your subgraph to The Graph's decentralized network

Once your subgraph is ready for production, you can publish it to the decentralized network. On your subgraph's page in Subgraph Studio, click on the Publish button:

![publish button](https://edgeandnode.notion.site/image/https%3A%2F%2Fprod-files-secure.s3.us-west-2.amazonaws.com%2Fa7d6afae-8784-4b15-a90e-ee8f6ee007ba%2F2f9c4526-123d-4164-8ea8-39959c8babbf%2FUntitled.png?table=block&id=37005371-76b4-4780-b044-040a570e3af6&spaceId=a7d6afae-8784-4b15-a90e-ee8f6ee007ba&width=1420&userId=&cache=v2)

Before you can query your subgraph, Indexers need to begin serving queries on it. In order to streamline this process, you can curate your own subgraph using `$GRT`.

When publishing, you'll see the option to curate your subgraph. As of May 2024, it is recommended that you curate your own subgraph with at least 3,000 `$GRT` to ensure that it is indexed and available for querying as soon as possible.

![Publish screen](https://lh7-us.googleusercontent.com/docsz/AD_4nXerUr-IgWjwBZvp9Idvz5hTq8AFB0n_VlXCzyDtUxKaCTANT4gkk-2O77oW-a0ZWOh3hnqQsY7zcSaLeCQin9XU1NTX1RVYOLFX9MuVxBEqcMryqgnGQKx-MbDnOWKuMoLBhgyVWQereg3cdWtCPcTQKFU?key=fnI6SyFgXU9SZRNX5C5vPQ)

## 3. Query your Subgraph

Congratulations! You can now query your subgraph on the decentralized network!

You can start querying any subgraph on the decentralized network by passing a `GraphQL` query into the subgraph's query URL, which can be found at the top of its Explorer page.

Here's an example from the [CryptoPunks Ethereum subgraph](https://thegraph.com/explorer/subgraphs/HdVdERFUe8h61vm2fDyycHgxjsde5PbB832NHgJfZNqK) by Messari:

![Query URL](https://lh7-us.googleusercontent.com/docsz/AD_4nXebivsPOUjPHAa3UVtvxoYTFXaGBao9pQOAJvFK0S7Uv0scfL6TcTVjmNCzT4DgsIloAQyrPTCqHjFPtmjyrzoKkfSeV28FjS32F9-aJJm0ILAHey2gqMr7Seu4IqPz2d__QotsWG3OKv2dEghiD74eypzs?key=fnI6SyFgXU9SZRNX5C5vPQ)

The query URL for this subgraph is:

```shell
https://gateway-arbitrum.network.thegraph.com/api/**[api-key]**/subgraphs/id/HdVdERFUe8h61vm2fDyycHgxjsde5PbB832NHgJfZNqK
```

Now, you simply need to  fill in your own API Key to start sending `GraphQL` queries to this endpoint.

### Getting your own API key

![API keys](https://lh7-us.googleusercontent.com/docsz/AD_4nXdz7H8hSRf2XqrU0jN3p3KbmuptHvQJbhRHOJh67nBfwh8RVnhTsCFDGA_JQUFizyMn7psQO0Vgk6Vy7cKYH47OyTq5PqycB0xxLyF4kSPsT7hYdMv2MEzAo433sJT6VlQbUAzgPnSxKI9a5Tn3ShSzaxI?key=fnI6SyFgXU9SZRNX5C5vPQ)

In Subgraph Studio, you'll see the "API Keys" menu at the top of the page. Here, you can create API Keys.

## Appendix

### Sample query

This query shows the most expensive CryptoPunks sold.

```graphql
{
trades(orderBy: priceETH, orderDirection: desc) {
priceETH
tokenId
}
}
```

Passing this into the query URL returns this result:

```graphql
{
"data": {
"trades": [
{
"priceETH": "124457.067524886018255505",
"tokenId": "9998"
},
{
"priceETH": "8000",
"tokenId": "5822"
},
// ...
```

💡 Trivia: Looking at the top sales on [CryptoPunks website](https://cryptopunks.app/cryptopunks/topsales) it looks like the top sale is Punk #5822, not #9998. Why? Because they censored the flash-loan sale that happened.

### Sample code

```js
const axios = require('axios');

const graphqlQuery = `{
trades(orderBy: priceETH, orderDirection: desc) {
priceETH
tokenId
}
}`;
const queryUrl =
'https://gateway-arbitrum.network.thegraph.com/api/[api-key]/subgraphs/id/HdVdERFUe8h61vm2fDyycHgxjsde5PbB832NHgJfZNqK';

const graphQLRequest = {
method: 'post',
url: queryUrl,
data: {
query: graphqlQuery,
},
};

// Send the `GraphQL` query
axios(graphQLRequest)
.then((response) => {
// Handle the response here
const data = response.data.data;
console.log(data);
})
.catch((error) => {
// Handle any errors
console.error(error);
});
```

### Additional resources:

- To explore all the ways you can optimize & customize your subgraph for better performance, read more about [creating a subgraph here](https://thegraph.com/docs/en/developing/creating-a-subgraph/).
- You can find more information in our article about [querying data from your subgraph](https://thegraph.com/docs/en/querying/querying-the-graph/).
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading

0 comments on commit 5679a19

Please sign in to comment.