Fault proof VM: MIPS.sol

The MIPS.sol smart contract implements an onchain MIPS III virtual machine as part of Optimism's Fault Proof system. This implementation works together with an off-chain Go implementation to form Cannon, which enables onchain verification of disputed L2 state transitions.

Architecture and implementation

The contract is designed to work alongside its offchain Go implementation as a stateless system where all execution state is passed in as parameters. This allows multiple dispute games to share a single deployment while maintaining consistent behavior across environments:

• Component architecture
  • Offchain component executes MIPS instructions across multiple threads for disputed L2 state transitions
  • Onchain component (MIPS.sol) executes single instructions with provided state and memory proofs
  • Both maintain deterministic execution through careful thread state management
• Key implementation features
  • Single immutable variable - the PreimageOracle contract address for L1/L2 state data access
  • VM state passed as tightly packed struct containing registers, program counter, and thread states
  • Memory implemented as binary Merkle tree with 27-level depth and 32-byte leaf values
  • Support for 8-byte reads/writes in 64-bit mode
  • Big-Endian byte ordering aligned with EVM's native ordering
  • Minimal syscalls focused on PreimageOracle interactions and thread management

Memory and state management

The memory and state management system in MIPS.sol implements a sophisticated architecture optimized for 64-bit addressing and multithreaded operations:

• Memory architecture
  • Binary Merkle tree with fixed depth of 28 levels for full 64-bit address space support
  • 32-byte leaf values enable efficient memory operations
  • Thread-safe memory access with deterministic scheduling
  • Supports up to 8-byte atomic operations in 64-bit mode
• State management
  • Stateless contract design with execution state passed as parameters
  • Enhanced 64-bit memory addressing supporting theoretical 16 exabytes of virtual memory
  • Thread states include register contexts, program counter, and memory management data
  • Maintains consistent thread states between onchain and offchain implementations

Thread management and PreimageOracle integration

The implementation features sophisticated thread management integrated with PreimageOracle interactions:

• Thread control and scheduling
  • Deterministic multi-threading using fixed sequence traversal
  • Context switching with sleep, yield, and wait operations
  • Wake signals for thread activation based on memory conditions
  • Forced thread preemption to prevent starvation
• PreimageOracle integration
  • Specialized syscalls for PreimageOracle communication
  • Support for concurrent PreimageOracle interactions
  • Thread-safe state access and verification
  • Up to 8-byte reads for improved efficiency

Key Functions

The main external interface is the step function which executes a single MIPS instruction:

• Takes packed VM state and memory proofs as input
• Executes one instruction according to MIPS III spec
• Returns a state hash incorporating execution status
• Handles memory access via Merkle proofs
• Manages PreimageOracle interactions for system calls

Internal functions handle specific instruction types:

• handleBranch - Implements branch instructions
• handleJump - Handles jump operations
• handleHiLo - Manages HI/LO register operations
• handleSyscall - Processes system calls

The implementation prioritizes gas efficiency while maintaining the minimal functionality needed for fault proof verification.

Table of supported MIPS instructions

Further reading

• Cannon Overview
• Cannon FPVM Specification (opens in a new tab)
• MIPS IV ISA Specification (opens in a new tab)
• Solidity ABI Encoding Specification (opens in a new tab)