From 1b013f0044f369cfe279a22e0efc3d25b355c8f7 Mon Sep 17 00:00:00 2001
From: Ethen Pociask <ethen@eigenlabs.org>
Date: Thu, 17 Oct 2024 20:48:29 -0400
Subject: [PATCH 1/3] fix(sigmap-audit): Add precursor invariants to EigenDA
 entrypoint

---
 src/bridge/SequencerInbox.sol | 3 +++
 src/libraries/Error.sol       | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/src/bridge/SequencerInbox.sol b/src/bridge/SequencerInbox.sol
index c9d9f90d..2e7aa7ec 100644
--- a/src/bridge/SequencerInbox.sol
+++ b/src/bridge/SequencerInbox.sol
@@ -8,6 +8,7 @@ import {
     AlreadyInit,
     HadZeroInit,
     BadPostUpgradeInit,
+    NotEOA,
     NotOrigin,
     DataTooLarge,
     DelayedBackwards,
@@ -479,7 +480,9 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
         uint256 prevMessageCount,
         uint256 newMessageCount
     ) external refundsGas(gasRefunder, IReader4844(address(0))) {
+        if(msg.sender != tx.origin) revert NotOrigin();
         if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
+        if (address(msg.sender).code.length > 0) revert NotEOA();
         // Verify that the blob was actually included before continuing
         eigenDARollupManager.verifyBlob(cert.blobHeader, cert.blobVerificationProof);
         // Form the EigenDA data hash and get the time bounds
diff --git a/src/libraries/Error.sol b/src/libraries/Error.sol
index 2eb496e7..0b94d464 100644
--- a/src/libraries/Error.sol
+++ b/src/libraries/Error.sol
@@ -158,6 +158,9 @@ error IncorrectMessagePreimage();
 /// @dev This can only be called by the batch poster
 error NotBatchPoster();
 
+/// @dev This can only be called by an EOA account without EIP-7702 enabled
+error NotEOA();
+
 /// @dev The sequence number provided to this message was inconsistent with the number of batches already included
 error BadSequencerNumber(uint256 stored, uint256 received);
 

From 5f2420850c10e6fd89744b9efe1141cc12806e6b Mon Sep 17 00:00:00 2001
From: Ethen Pociask <ethen@eigenlabs.org>
Date: Thu, 17 Oct 2024 20:50:01 -0400
Subject: [PATCH 2/3] fix(sigmap-audit): Add precursor invariants to EigenDA
 entrypoint - use custom runners

---
 .github/workflows/audit-ci.yml          |  4 ++--
 .github/workflows/base-branch-check.yml |  2 +-
 .github/workflows/contract-tests.yml    | 10 +++++-----
 .github/workflows/slither.yml           |  2 +-
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/audit-ci.yml b/.github/workflows/audit-ci.yml
index 661d4e37..d8daf03e 100644
--- a/.github/workflows/audit-ci.yml
+++ b/.github/workflows/audit-ci.yml
@@ -12,7 +12,7 @@ on:
 jobs:
   install:
     name: 'Install'
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     strategy:
       matrix:
         node-version: [18, 20]
@@ -30,7 +30,7 @@ jobs:
 
   yarn-audit:
     name: Audit
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     needs: install
     steps:
       - name: Checkout
diff --git a/.github/workflows/base-branch-check.yml b/.github/workflows/base-branch-check.yml
index 1cb9003c..4ebe8942 100644
--- a/.github/workflows/base-branch-check.yml
+++ b/.github/workflows/base-branch-check.yml
@@ -7,7 +7,7 @@ on:
 jobs:
   base_branch_check:
     name: Pull request base branch check
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     steps:
       - name: Check the pull request base branch
         run: |
diff --git a/.github/workflows/contract-tests.yml b/.github/workflows/contract-tests.yml
index 1a987dc2..b98fbc41 100644
--- a/.github/workflows/contract-tests.yml
+++ b/.github/workflows/contract-tests.yml
@@ -12,7 +12,7 @@ on:
 jobs:
   test-unit:
     name: Test unit
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     steps:
       - uses: actions/checkout@v3
         with:
@@ -112,7 +112,7 @@ jobs:
           token: ${{ secrets.CODECOV_TOKEN }}
   test-4844:
     name: 4844 tests
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     steps:
       - uses: actions/checkout@v3
         with:
@@ -146,7 +146,7 @@ jobs:
         run: yarn test:4844
   test-e2e:
     name: Test e2e
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     steps:
       - uses: actions/checkout@v3
         with:
@@ -176,7 +176,7 @@ jobs:
         run: yarn test:e2e
   test-e2e-custom-fee-token:
     name: Test e2e custom fee token
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     steps:
       - uses: actions/checkout@v3
         with:
@@ -207,7 +207,7 @@ jobs:
         run: yarn test:e2e
   test-e2e-fee-token-6-decimals:
     name: Test e2e fee token with 6 decimals
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     steps:
       - uses: actions/checkout@v3
         with:
diff --git a/.github/workflows/slither.yml b/.github/workflows/slither.yml
index 87fa4e3f..509064a6 100644
--- a/.github/workflows/slither.yml
+++ b/.github/workflows/slither.yml
@@ -6,7 +6,7 @@ on:
 
 jobs:
   analyze:
-    runs-on: ubuntu-latest
+    runs-on: linux-2xl
     steps:
       - uses: actions/checkout@v4
 

From c313f6f77c77148c1ffd2855864ebabddbd8c1c2 Mon Sep 17 00:00:00 2001
From: Ethen Pociask <ethen@eigenlabs.org>
Date: Sun, 20 Oct 2024 03:54:08 -0400
Subject: [PATCH 3/3] fix(sigmap-audit): Add precursor invariants to EigenDA
 entrypoint - update contract-tests

---
 .github/workflows/contract-tests.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/contract-tests.yml b/.github/workflows/contract-tests.yml
index b98fbc41..db7d2406 100644
--- a/.github/workflows/contract-tests.yml
+++ b/.github/workflows/contract-tests.yml
@@ -125,7 +125,6 @@ jobs:
 
       - uses: Layr-Labs/arbitrum-actions/run-nitro-test-node@main
         with:
-          nitro-testnode-ref: deneb-integration
           args: --pos
           no-token-bridge: true