Sequencer plugin to send a L2 pausing tx when sequencer hasn't produced block recently

[julien-marchand]

Description

Extend the sequencer plugin to send an L2 tx if the last block produced is older than X seconds.

Motivation

This should allow Aave and other protocols to have a smoother approach to liquidations if the sequencer hasn't been producing any block recently and prices haven't been able to be updated.

Architecture

• No impact on the architecture. This should sit in the existing sequencer plugin.

Implementation guidelines

• When building a block, if the last block produced is more than X seconds old, add a first transaction to the block that calls the SequencerUptimeFeed contract
  • LineaSequencerUptimeFeed.updateStatus(false, lastBlockTimestamp)
  • LineaSequencerUptimeFeed.updateStatus(true, currentTimestamp)
• The added transaction shouldn't be subject to gas price checks
• Transaction signature should be done using Web3Signer
• Add e2e tests to cover this
• This feature should be optional

Metrics/monitoring

• What needs to be monitored once this epic has been shipped?

Rollout

• Create Web3Signer account and have it configured on the contract
• Deploy the contracts
• Add/configure plugin on the sequencer

Infrastructure & Node operators

• No impact expected

Documentation & communication

• Communicate to Aave and Chainlink that this feature is available.

---

Technical specification

Objectives

• Ensure protocols such as Aave can better handle liquidations during sequencer downtime
• Provide a mechanism to inform the LineaSequencerUptimeFeed contract when the sequencer is inactive
• Integrate the solution into the existing sequencer plugin without modifying its architecture
• Ensure the feature remains optional and can be toggled on/off

Functional Requirements

• Monitor the latest produced block timestamp, also on sequencer start up
• If the latest block is older than X seconds, prepend a transaction in the next block that updates the LineaSequencerUptimeFeed contract
• Ensure the transaction is exempt from gas price checks
• Use Web3Signer for signing the transaction
• Implement end-to-end (e2e) tests to validate the feature
• Provide necessary monitoring and alerting mechanisms

Technical Design

1. Triggering the L2 Transaction

• The sequencer checks the timestamp of the last produced block when preparing a new block
• If the last block is older than X seconds, a transaction is added at the beginning of the new block
• This transaction will call the LineaSequencerUptimeFeed contract:

  LineaSequencerUptimeFeed.updateStatus(false, lastBlockTimestamp);
  LineaSequencerUptimeFeed.updateStatus(true, currentTimestamp);

2. Transaction Handling

• The added transaction should not be subject to standard gas price checks
• It must be signed using Web3Signer to ensure security and consistency

3. Feature Toggle

• This mechanism should be optional, controlled by a configuration flag
• Default state should be disabled, requiring explicit activation

Implementation Plan

1. Develop the transaction insertion logic
   • Modify the sequencer plugin to check block timestamps
   • Ensure transactions are added only when the required conditions are met
2. Integrate Web3Signer for signing transactions
   • Ensure compatibility with existing sequencer infrastructure
   • Verify proper account management and permissions
3. Implement e2e tests
   • Validate the feature with simulated downtime scenarios
   • Ensure the inserted transaction behaves as expected
4. Monitoring & Observability
   • Define necessary metrics for tracking sequencer inactivity
   • Implement alerts for when the L2 pausing transaction is triggered
5. Deployment & Rollout
   • Create a Web3Signer account and configure it for transaction signing
   • Deploy and verify the LineaSequencerUptimeFeed contract
   • Update the sequencer configuration to enable the feature

Infrastructure & Node Operators

• No expected impact on existing infrastructure
• Node operators will not need to perform additional setup beyond configuration changes

Communication Plan

• Notify Aave and Chainlink about the availability of this feature
• Provide documentation outlining the integration process and expected behaviour

Open Questions

• What monitoring framework should be used to track this feature in production?
• Should there be a manual override mechanism to force the transaction in case of emergency?
• Should this be a dedicated plugin or directly at the sequencer level?

Conclusion

This enhancement ensures better protocol resilience during sequencer downtime while integrating seamlessly into the existing architecture. It provides optional, configurable behaviour to allow fine-tuning based on network needs

[jpnovais]

I read the contracts and cannot figure out exactly how this "protocol" is supposed to work. (we shall improve some poor names e.g bool initialStatus makes it hard to understand. Is this supposed to mean sequencerIsUp?)

Additionally, I want to raise awareness of some concerns for some edge cases:

• 1. dependency on Web3Signer can be problematic if there are network issues, it can cause a sequencer outage.
• 2. What shall sequencer do if:
     2.1 the account runs out of funds or
     2.2 cannot reach Web3J, halt? Very unlikely i hope we shall define what to do and test it