Base 开发的 #OP Stack 区块链监控系统

原文地址 base.mirror.xyz

We skipped Nihilism

We skipped Nihilism

我们跳过了虚无主义

TL;DR.* We’ve built Pessimism, an open source monitoring system designed to enhance the security of Base (as well as the broader OP Stack and Ethereum ecosystems) by quickly detecting and responding to a myriad of protocol threats.*

TL;DR.* 我们构建了 Pessimism，这是一个开源监控系统，旨在通过快速检测和响应大量协议威胁来增强 Base（以及更广泛的 OP Stack 和以太坊生态系统）的安全性。*

Introduction 介绍简介介绍

As we worked to launch Base, we chose to create an open and permissionless network that would allow creative projects of all kinds to come to life. At the same time, given this open nature, we wanted to ensure we have the best in-house monitoring capabilities to swiftly detect and respond to live protocol threats.

当我们致力于推出 Base 时，我们选择创建一个开放且无需许可的网络，让各种创意项目得以实现。与此同时，鉴于这种开放性，我们希望确保拥有最好的内部监控能力，以快速检测和响应实时协议威胁。

Enter Pessimism — a monitoring system crafted to help support the security of all OP Stack and EVM-compatible chains. The Coinbase team has been running Pessimism internally to oversee and monitor Base mainnet 24/7 since launch. Now, in the spirit of contributing to public goods, we are open-sourcing Pessimism under an MIT license as free and permissionless software.

悲观主义是一个监控系统，旨在帮助支持所有 OP 堆栈和 EVM 兼容链的安全。自推出以来，Coinbase 团队一直在内部运行 Pessimism，以 24/7 监督和监控 Base 主网。现在，本着为公共利益做出贡献的精神，我们在麻省理工学院的许可下将 Pessimism 作为免费且无需许可的软件进行开源。

What is monitoring and why does it matter? 什么是监控以及为什么它很重要？什么是监控以及为什么它很重要？什么是监控以及为什么它很重要？

Monitoring involves the collection, analysis, and interpretation of data to ensure that everything is functioning as expected. This is important for time-sensitive incident response as well as the overall security of a blockchain, as we can only take action against a threat once we become aware of it.

监控涉及数据的收集、分析和解释，以确保一切按预期运行。这对于时间敏感的事件响应以及区块链的整体安全性非常重要，因为我们只有在意识到威胁后才能采取行动。

Monitoring is crucial on Base for the following reasons:

出于以下原因，监控对于 Base 至关重要：

Performance Evaluation: We can assess the network’s performance by monitoring response times, throughput (how fast transactions are processed), and error rates. Because of this, we can take action in the event of a potential malfunction. Examples of performance data analyzed include the block production rate, the frequency of state updates to L1, and message passing between L2 and L1.

性能评估：我们可以通过监控响应时间、吞吐量（处理事务的速度）和错误率来评估网络的性能。因此，我们可以在发生潜在故障时采取行动。分析的性能数据示例包括区块生成率、L1 状态更新频率以及 L2 和 L1 之间的消息传递。

性能评估：我们可以通过监控响应时间、吞吐量（处理事务的速度）和错误率来评估网络的性能。因此，我们可以在发生潜在故障时采取行动。分析的性能数据示例包括区块生成率、L1 状态更新频率以及 L2 和 L1 之间的消息传递。
Security: We can identify and mitigate security threats and vulnerabilities, detecting unauthorized access attempts, unusual behavior, and potential breaches.

安全性：我们可以识别并减轻安全威胁和漏洞，检测未经授权的访问尝试、异常行为和潜在的违规行为。

How Pessimism detects threats 悲观主义如何发现威胁

Pessimism can detect protocol threats specific to the OP Stack (Withdrawal Enforcement, Fault Detection) as well as general EVM blockchain events (Balance Enforcement, Event Emission). This lets us detect unauthorized or malicious events on the Base native bridge as well as the L1/L2 system contracts on Base. Additionally, we can capture liveness failures for sensitive protocol roles like the proposer.

悲观主义可以检测特定于 OP 堆栈的协议威胁（提款执行、故障检测）以及一般 EVM 区块链事件（平衡执行、事件发射）。这使我们能够检测 Base 本机桥上的未经授权或恶意事件以及 Base 上的 L1/L2 系统合约。此外，我们还可以捕获提案者等敏感协议角色的活跃失败情况。

Currently, Pessimism supports monitoring for the following use cases:

目前，Pessimism 支持监控以下用例：

(OP Stack) Ensuring user withdrawal safety: Many critical exploits happen on bridges, which is why it’s critical to monitor withdrawal events. Pessimism’s withdrawal-enforcement heuristic determines whether a proven OP Stack bridge withdrawal on L1 has a corresponding initiation event on the L2 chain. This is essential for ensuring that all native bridge withdrawals undergo proper two-step accreditation for L2→L1 withdrawals. If not, it could be an indication of a potential exploit.

（OP Stack）确保用户提现安全：许多关键漏洞发生在网桥上，这就是监控提现事件至关重要的原因。悲观主义的撤回执行启发式决定了 L1 上经过验证的 OP Stack 桥撤回是否在 L2 链上有相应的启动事件。这对于确保所有本地桥提款都经过适当的 L2→L1 提款两步认证至关重要。如果没有，则可能表明存在潜在的漏洞。
(OP Stack) Detecting potential faults: The fault-detector heuristic ensures that all proposer submitted output roots from L2→L1 (hashed transactions showing activity from L2 to L1) are valid. To do this, Pessimism actually recreates an output root locally to cross validate it for equivalence with the one submitted to the L2OutputOracle contract. This is crucial for ensuring integrity of the L2Proposer and the output roots that are submitted. If a forged output root could ever be generated, an attacker could drain all funds from the L1 portal contract. *

（OP 堆栈）检测潜在故障：故障检测器启发式确保所有提议者提交的从 L2→L1 的输出根（显示从 L2 到 L1 的活动的哈希交易）都是有效的。为此，Pessimism 实际上在本地重新创建了一个输出根，以交叉验证它与提交给 L2OutputOracle 合约的输出根是否等效。这对于确保 L2Proposer 和提交的输出根的完整性至关重要。如果可以生成伪造的输出根，攻击者就可以耗尽 L1 门户合约中的所有资金。 *
(EVM) Enforcing balance boundaries for accounts: The balance-enforcement heuristic ensures that an address’s native ETH amount always falls above or below some user defined thresholds. This is critical for monitoring privileged protocol accounts (e.g. proposer, batcher) on OP Stack chains for potential out-of-funds liveness failures. *

(EVM) 强制账户余额边界：强制余额启发式确保地址的原生 ETH 金额始终高于或低于某些用户定义的阈值。这对于监控 OP Stack 链上的特权协议账户（例如提议者、批处理者）是否存在潜在的资金不足活跃故障至关重要。 *
(EVM) Detecting smart contract events: The contract-event heuristic monitors for emitted smart contract events. It requires a smart contract address and a set of event signatures to run. This is critical for catching potential access management changes (e.g threshold update for a gnosis safe multisig) and malicious superuser operations (e.g. an OP Stack Guardian pausing the native bridge unexpectedly).

(EVM) 检测智能合约事件：合约事件启发式监控发出的智能合约事件。它需要一个智能合约地址和一组事件签名才能运行。这对于捕获潜在的访问管理更改（例如 gnosis 安全多重签名的阈值更新）和恶意超级用户操作（例如 OP Stack Guardian 意外暂停本机桥）至关重要。

The most up-to-date information about the heuristics that Pessimism supports can be found in the project’s documentation.

有关悲观主义支持的启发式方法的最新信息可以在项目文档中找到。

Pessimism consists of three primary subsystems that monitor, assess, and alert:

悲观主义由三个主要的监控、评估和警报子系统组成：

ETL: The ETL (extract, transform, load) subsystem is responsible for parsing and transforming real-time blockchain data (e.g. blocks, events, account balances) into application-consumable formats.

ETL：ETL（提取、转换、加载）子系统负责解析实时区块链数据（例如块、事件、账户余额）并将其转换为应用程序可使用的格式。
Risk Engine: The risk engine is where heuristics are actively assessed for alerts using data from the ETL.

风险引擎：风险引擎是使用来自 ETL 的数据主动评估警报启发式的地方。
Alerting: The alerting subsystem is responsible for propagating alerts to downstream dependency systems (i.e. Slack, Pagerduty).

警报：警报子系统负责将警报传播到下游依赖系统（即 Slack、Pagerduty）。

Pessimism also has a REST API that will allow for the creation, deletion, and modification of monitoring heuristics. As of now, only heuristic creation requests are supported. We expect to roll out support for deletion and modification in the near future.

Pessimism 还有一个 REST API，允许创建、删除和修改监控启发式方法。截至目前，仅支持启发式创建请求。我们预计在不久的将来推出对删除和修改的支持。

When an abnormal activity or event perceived as a security threat is detected, Pessimism alerts the team to swiftly address any potential risks.

当检测到被视为安全威胁的异常活动或事件时，悲观主义会提醒团队迅速解决任何潜在风险。

Performance 表现

Currently, our metrics are reporting that Pessimism performs ETL processing in less than 100 ms, with the average invariant execution taking less than 15 ms, for end-to-end processing within 200 ms.

目前，我们的指标报告悲观主义在不到 100 毫秒的时间内执行 ETL 处理，平均不变执行时间不到 15 毫秒，端到端处理在 200 毫秒内完成。

One of the greatest parts of the OP Stack is its modularized design; modularity being the organization of a system into separate, self-contained modules that can be developed and operated independently while interacting with each other. Due to this modularity, we’ve been able to seamlessly test every heuristic implementation end-to-end utilizing the op-e2e testing framework. This allows us to build confidence in each heuristic, since failure cases are reproduced and captured using a localized instance of an OP Stack chain. Additionally, we’ve taken great diligence in unit testing the software.

OP Stack 最伟大的部分之一是它的模块化设计；模块化是将系统组织成独立的、独立的模块，这些模块可以在彼此交互的同时独立开发和操作。由于这种模块化，我们能够利用 op-e2e 测试框架端到端地无缝测试每个启发式实现。这使我们能够对每个启发式建立信心，因为使用 OP 堆栈链的本地化实例来重现和捕获故障案例。此外，我们还非常努力地对软件进行单元测试。

Going forward, we plan to run coverage audits with third-party data providers to ensure our heuristics are appropriately capturing all events.

展望未来，我们计划与第三方数据提供商一起进行覆盖率审核，以确保我们的启发式方法能够正确捕获所有事件。

Alert Routing 警报路由

Pessimism supports alert routing, which enables teams to define global alerting policies that specify alerting destinations by severity. We currently support Slack and PagerDuty as alerting destinations, with plans to add additional integrations as needed. More information about global alert policies can be found here.

悲观主义支持警报路由，使团队能够定义全局警报策略，按严重性指定警报目的地。我们目前支持 Slack 和 PagerDuty 作为警报目的地，并计划根据需要添加其他集成。有关全局警报策略的更多信息可以在此处找到。

What’s next for Pessimism? 悲观主义的下一步是什么？

Comprehensive Bridge Coverage 桥梁综合覆盖

The native bridge is a critical piece of technology within the OP Stack that allows users to transfer funds from L2 to Ethereum. Given that this is where the highest TVL lives, it's absolutely critical to ensure that we’re monitoring all failure cases and threat scenarios that can affect its secure operation. We’ll be dedicating the next months to implement supply monitoring as well as large withdrawal detections within Pessimism.

本机桥是 OP Stack 中的一项关键技术，允许用户将资金从 L2 转移到以太坊。鉴于这里是 TVL 最高的地方，确保我们监控所有可能影响其安全运行的故障案例和威胁场景绝对至关重要。我们将在接下来的几个月里致力于实施供应监控以及悲观主义中的大额提款检测。

Emerging Threat Detections 新兴威胁检测

The OP Stack will continue to undergo upgrades (e.g. fraud proofs, shared sequencing), and we will continue to introduce new features and heuristics to Pessimism to ensure adequate coverage of the evolving protocol threat landscape.

OP 堆栈将继续进行升级（例如欺诈证明、共享排序），我们将继续向悲观主义引入新功能和启发式方法，以确保充分覆盖不断发展的协议威胁形势。

You Decide 你决定

Pessimism is a community-driven technology, and we welcome all users to file feature requests via GitHub issues within the repository. Additionally, if you’d like to start working on Pessimism, we have a lot of good first issues that could use your help and attention!

悲观主义是一种社区驱动的技术，我们欢迎所有用户通过存储库中的 GitHub 问题提交功能请求。此外，如果您想开始研究悲观主义，我们有很多好的首要问题需要您的帮助和关注！