Skip to content

Audit: Gravity Testnet v1.0.0 — Full diff vs reth v1.8.3#258

Draft
Richard1048576 wants to merge 216 commits intoaudit/base-reth-v1.8.3from
audit/gravity-testnet-v1.0.0
Draft

Audit: Gravity Testnet v1.0.0 — Full diff vs reth v1.8.3#258
Richard1048576 wants to merge 216 commits intoaudit/base-reth-v1.8.3from
audit/gravity-testnet-v1.0.0

Conversation

@Richard1048576
Copy link
Collaborator

@Richard1048576 Richard1048576 commented Feb 26, 2026

Overview

This PR captures the complete set of Gravity-specific changes on top of upstream reth v1.8.3 for external security audit purposes.

  • Release tag: gravity-testnet-v1.0.0
  • Upstream base: paradigmxyz/reth v1.8.3
  • Gravity-only commits: 216
  • Files changed: 254
  • Lines: +28,172 / −2,104

⚠️ This PR is read-only for audit review — it is NOT intended to be merged.

Scope

New Gravity-Specific Crates (highest priority)

Crate Path LOC Description
gravity-primitives crates/gravity-primitives/ ~67 Global config (OnceLock), Gravity CLI flags
gravity-storage crates/gravity-storage/ ~243 GravityStorage trait, ParallelDatabase, BlockViewStorage
pipe-exec (execute) crates/pipe-exec-layer-ext-v2/execute/ ~2,400 Core execution pipeline: OrderedBlock → EVM → ExecutionResult, on-chain config, BLS/Mint precompiles
pipe-exec (event-bus) crates/pipe-exec-layer-ext-v2/event-bus/ ~85 Static event dispatcher (MakeCanonicalEvent, WaitForPersistenceEvent)
pipe-exec (relayer) crates/pipe-exec-layer-ext-v2/relayer/ ~1,400 Oracle/bridge cross-chain data relayer
RocksDB backend crates/storage/db/src/implementation/rocksdb/ ~1,744 3-CF sharded RocksDB (state, account_trie, storage_trie)

Modified Upstream Crates

Area Key Paths Changes Description
Engine Tree crates/engine/tree/ ~925 LOC Recovery, persistence, RocksDB integration
EVM Execution crates/ethereum/evm/, crates/evm/evm/ ~700 LOC Grevm parallel execution (parallel_execute.rs, debug_ext.rs)
Node/CLI crates/node/builder/, crates/node/core/ ~350 LOC Gravity CLI args, database config
Storage DB crates/storage/db/ ~1,000 LOC DB abstraction, parallel MDBX tx, RocksDB feature gate
Trie crates/trie/ ~500 LOC Parallel state root, nested hash

Custom External Dependencies

Dependency Repository Description
grevm v2.2.4 Galxe/grevm@26b586c Parallel EVM (DAG + Block-STM), ~2,998 LOC
gravity-api-types Galxe/gravity-aptos@c9ae04b Consensus-execution interface types, ~1,485 LOC
revm v29.0.1-gravity Galxe/revm Custom revm fork
alloy-evm v0.21.3-gravity Galxe/alloy Custom alloy fork

Pipeline Architecture

OrderedBlock (from consensus)
    │
    ▼
┌──────────────┐    ┌──────────────────┐    ┌──────────────┐    ┌────────┐
│  Execution   │ →  │  Merklization    │ →  │ Verification │ →  │ Commit │
│  (Grevm)     │    │  (16-way parallel│    │              │    │(RocksDB│
│              │    │   state root)    │    │              │    │  3-CF) │
└──────────────┘    └──────────────────┘    └──────────────┘    └────────┘

Related Resources

nekomoto911 and others added 30 commits November 26, 2024 22:25
@nekomoto911
merge into v1.0.7
166c622 
feat(grevm): introduce grevm to reth

feat(grevm): implement grevm batch executor (#3)

* support GrevmBatchExecutor

* implement post execution for grevm executor

chore(grevm): support some debug extension for block execution (#5)

chore(grevm): update grevm dependency (#6)
@nekomoto911
chore(grevm): update grevm git url (#7)
5ab03c2
@nekomoto911
skip comparing previous status in transition account
7175f09
@nekomoto911
update grevm and add debug log for block executor
0144779
@nekomoto911
bump revm to a32cd92
906e4ac
@ByteYue
max
3112314
@nekomoto911
feat(pipe): add pipe-exec-layer-ext (#8)
9a27caf
@nekomoto911
implement pipeline execution layer extension functions (#9)
231474f
@nekomoto911
fix(grevm): fix pre-execution in GrevmBlockExecutor (#10)
e876a41 
* fix missed pre-execution in `EthBlockExecutor` and rewrite state in grevm executor

* add debug ext EVM_COMPARE_WITH_REVM_EXECUTOR

* fix pre-execution in `GrevmBlockExecutor`
@nekomoto911
fix(pipe): avoid entering blocking region in tokio async tasks (#11)
331bdca
@nekomoto911
fix(pipe): fix block gas limit (#12)
c2219ed
@nekomoto911
fix(pipe) fix error handling (#13)
4f9d8c2
@Lchangliang @nekomoto911
[Improve] Support GravityStorage & BlockViewStorage
1491ec6
@nekomoto911
feat(pipe): implement pipe-exec-layer-ext-v2 (#15)
ad76c41 
* implement pipe-exec-layer-ext-v2

* introduce gravity storage in pipe-exec-layer-ext-v2
@Lchangliang
[improve] Return error if block number too new
bfae8a6
@nekomoto911
feat(pipe): implement pipe barrier in PipeExecService (#17)
d51d3cf 
* implement pipe barrier in PipeExecService

* adapt gravity storage interface
@nekomoto911
make BlockViewStorage::new pub (#18)
e6ed94b
@nekomoto911
init barrier in new_pipe_exec_layer_api (#19)
1f6014c
@Lchangliang
[improve] Support merklization pipeline (#20)
c1e0d54
@nekomoto911
let execute_ordered_block be sync fn (#21)
a154341
@Lchangliang
[improve] insert block id first (#22)
6a32223
@keanji-x
[fix] check block id with parent id #23
a15034e 
Co-authored-by: kk-x <exmple@example.com>
@nekomoto911
fix(pipe): some fix (#24)
3d720e0 
- fix `state_root_with_updates` and narrow down the critical area of the lock in `BlockViewStorage`
- implement `state_root_with_updates_v2` for `LatestStateProviderRef`
- skip `try_recv_engine_message` if enable `PIPE_EXEC_LAYER_EXT_V2`
- fix cancun fields
@nekomoto911
fix(pipe): some fix (#25)
91fb413 
- fix range in BlockViewStorage::get_state_view
- block waiting for make canonical to complete
- implement missing state_root_with_updates_v2 function for structs which implement StateRootProvider trait
- use std::mpsc channel as event channel, because the receiver side is not in tokio task and we need recv_timeout function.
@nekomoto911
feat(io): implement ParallelStateProvider (#26)
d4d2f9d 
* implement ParallelStateProvider

* implement functions that support build parallel state provider
@nekomoto911
feat(io): support parallel IO for historical sync (#27)
052450e 
* implement `block_hash` for `ParallelStateProvider`

* support get latest state provider in `Stage::execute`

* support parallel state provider for latest block

* use `ParallelStateProvider` in `ExecutionStage`
@nekomoto911
chore(io): support STATE_PROVIDER_OPTS for tuning (#28)
ff0bed1
@nekomoto911
opt(io): optimize ParallelStateProvider (#29)
744c965 
If there are no concurrent requests, process the requests in place to eliminate synchronization overhead.
Benchmark for block 17034870 to 17134870 using grevm 1.0:
- LatestStateProvider (no parallel): 403.92 Mgas/second
- ParallelStateProvider before opt. (parallel = 8): 331.64 Mgas/second
- ParallelStateProvider after opt. (parallel = 8): 544.19 Mgas/second
@Lchangliang
[improve] Add annotation for GravityStorage (#30)
2674ec2
@nekomoto911
fix(pipe): add merklize barrier (#31)
1ee1b28
AshinGau and others added 26 commits December 31, 2025 10:34
@AshinGau
opt(persist): not write index tables if validator node only (#224)
3975693
@ByteYue
fix: Fix timestamp unit (#226)
a25dc1e 
Keep the block header timestamp in seconds, while using microseconds for ordered blocks to pass to metadata transactions.
@AshinGau
fix(pipe): wait PipeExecLayerEventBus ready in a loop (#228)
f6863ba
@AshinGau
fix(metrics): add gravity node grafana metrics json spec (#230)
a5b429b
@AshinGau
update rocksdb to 0.24.0 (#232)
22dcb26
@AshinGau
opt(persist): use sharding rocksdb instances to optimize persist stage (
041db3f 
#225)

use sharding rocksdb instances to optimize persist stage
@ByteYue
feature(onchain_config): align with new contract ABIs from gravity_ch…
0e2a822 
…ain_core_contracts (#231)
@AshinGau
fix(rocksdb): Detected interrupted trie update, but trie has idempote…
2a89eb9 
…ncy (#236)
@AshinGau
feat(trie): support eth_getProof for nested hash, step 1 (#237)
5a6fd72 
* feat(trie): support eth_getProof for nested hash, step 1
@Lchangliang
feat: Support new dkg contract (#240)
2127206
@nekomoto911
chore(deps): update gaptos deps to include peer_id consistency fix (#242
5066193 
)
@ByteYue
feat: Use new oracle contract and fix validator set fetcher (#235)
0dd2090 
- suite new contract
- fix validator set
@AshinGau
fix(test): fix CI test of unit.yml (#241)
7bb5362
@Lchangliang
feat: Split the validator transaction and execute it separately. (#229)
9099f25
@Lchangliang
ci: Support hive in Greth (#244)
af48c80 
Support hive in Greth
@AshinGau
fix(trie): fix merkle stage of history sync (#246)
b48aeb4
@ByteYue
feat: Add block number tracking and oracle state fetching #245
42dcc28 
Add blockNumber field to JWK oracle commitMessageSent ABIs
Extract and carry source block number from MessageSent events
Add OracleStateFetcher to fetch latest DataRecord from NativeOracle
Add persistence module for tracking processed state across restarts
Remove auto-discovery from BlockchainEventSource, use explicit cursor
Update gravity-api-types dependency to latest revision
This enables the relayer to track the source block number for each oracle
event and fetch consistent oracle state from the chain, improving state
reconciliation across restarts.
@AshinGau
fix(CI): ignore and skip unsupported actions (#247)
44a57b2 
 ignore and skip unsupported actions
@Lchangliang
feat: upgrade gravity-api-types version to fix randomnessconfig error (
3937143 
…#248)
@AshinGau
fix(unwind): calculate storage state root even if is an EOA (#249)
4d92000
@nekomoto911
fix(pipe): fix header timestamp in epoch change block (#250)
6b0351b 
* fix header timestamp in epoch change block

* debug assertions for block execution validation

* fix gravity pipe test
@AshinGau
fix(rpc): set safe and finalized block when making canonical (#251)
3ec8bfe
@AshinGau @Snezhkko
fix(zstd): use transaction dictionary for tx compressor (#21382) (#252)
8f96232 
Co-authored-by: Snezhkko <snezhkodaria38@gmail.com>
@AshinGau
fix(recovery): heal segments that have existing static files (#253)
e0fda67
@nekomoto911
feat: implement bls verify precompile for gravity pipe execution (#254)
229deee 
* support custom precompiles for ParallelExecutor

* support bls verify precompile

* apply custom precompiles
@AshinGau
fix(recovery): prune the extra static file rows when checkpoint < hig…
cc244ee 
…hest (#255)
@github-actions
Copy link
Contributor

github-actions bot commented Feb 26, 2026

Your PR title doesn't follow the Conventional Commit guidelines.

Example of valid titles:

  • feat: add new user login
  • fix: correct button size
  • docs: update README

Usage:

  • feat: Introduces a new feature
  • fix: Patches a bug
  • chore: General maintenance tasks or updates
  • test: Adding new tests or modifying existing tests
  • bench: Adding new benchmarks or modifying existing benchmarks
  • perf: Performance improvements
  • refactor: Changes to improve code structure
  • docs: Documentation updates
  • ci: Changes to CI/CD configurations
  • revert: Reverts a previously merged PR
  • deps: Updates dependencies

Breaking Changes

Breaking changes are noted by using an exclamation mark. For example:

  • feat!: changed the API
  • chore(node)!: Removed unused public function

Help

For more information, follow the guidelines here: https://www.conventionalcommits.org/en/v1.0.0/

@nekomoto911 nekomoto911 mentioned this pull request Feb 27, 2026
Merged
@nekomoto911 nekomoto911 marked this pull request as draft February 28, 2026 06:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

S-stale

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@Richard1048576 @nekomoto911 @ByteYue @Lchangliang @keanji-x @AshinGau @jaxxjj @Stumble