Search

Search for projects by name

Value SecuredActivityOnchain costsData postedLivenessMilestones & IncidentsRisk summaryRisk analysisData availabilityState validationOperatorWithdrawalsOther considerationsPermissionsSmart contracts

Celo logo
Celo

Badges

About

Celo is an Ethereum Optimium based on the OP stack, scaling real-world solutions & leading a thriving new digital economy for all.

  • Total Value SecuredTVS
    $321.28 M2.61%
  • Past day UOPSDaily UOPS
    16.671.19%
  • Gas token
    CELO
  • Type
    Optimium
  • Purpose
    Universal
  • Chain ID
    42220

    • Tokens breakdown

    Value secured breakdown

    View TVS breakdown
    Sequencer failureState validationData availabilityExit windowProposer failure
    Explore more in Discovery UI

    Badges

    About

    Celo is an Ethereum Optimium based on the OP stack, scaling real-world solutions & leading a thriving new digital economy for all.

    Value SecuredView TVS breakdown
    Total
    Canonically BridgedCanonically Bridged ValueCanonical
    Natively MintedNatively Minted TokensNative
    Externally BridgedExternally Bridged ValueExternal
    ETH & derivatives
    Stablecoins
    BTC & derivatives
    Other
    View TVS breakdown
    Activity

    2025 Mar 26 — Dec 10

    Past Day UOPS
    16.67
    Past Day Ops count
    1.44 M
    Max. UOPS
    20.15
    2025 Oct 05
    Past day UOPS/TPS Ratio
    <1.01
    Onchain costs

    The section shows the operating costs that L2s pay to Ethereum.

    2025 Mar 26 — Dec 10

    Total cost
    $9.01 K
    Avg cost per L2 UOP
    $0.000029
    Avg cost per day
    $35.20
    Data posted

    This section shows how much data the project publishes to its data-availability (DA) layer over time. The project currently posts data toEthereumEthereumEigenDAEigenDA.

    Data source: API provided by EigenLayer

    2025 Mar 12 — Dec 10

    Data posted
    57.36 GiB
    Avg size per day
    214.36 MiB
    Avg size per L2 UOP
    191.50 B
    Liveness

    This section shows how "live" the project's operators are by displaying how frequently they submit transactions of the selected type. It also highlights anomalies - significant deviations from their typical schedule.

    No ongoing anomalies detected
    Avg. tx data subs. interval
    Avg. state updates interval
    Past 30 days anomalies
    Milestones & Incidents

    Jello hardfork activates OP Succinct Lite

    2025 Dec 10th

    Celo implements OP Succinct Lite, introducing ZK proofs for dispute resolution and DA verification.

    Learn more

    Celo becomes an Ethereum L2

    2025 Mar 26th

    Celo migrates from an L1 to an L2 architecture on Ethereum and EigenDA.

    Learn more
    Risk summary
    Fraud proof system is currently under development. Users need to trust the block proposer to submit correct L1 state roots.

    Funds can be stolen if

    1. a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL),
    2. the validity proof cryptography is broken or implemented incorrectly,
    3. the proposer routes proof verification through a malicious or faulty verifier.

    Funds can be lost if

    1. the sequencer posts an unavailable transaction root (CRITICAL),
    2. the data is not available on the external provider (CRITICAL).

    Funds can be frozen if

    1. the permissioned proposer fails to publish state roots to the L1.

    MEV can be extracted if

    1. the operator exploits their centralized position and frontruns user transactions.
    Risk analysis
    Fraud proof system is currently under development. Users need to trust the block proposer to submit correct L1 state roots.
    Sequencer failureState validationData availabilityExit windowProposer failure
    Sequencer failure
    Self sequence

    In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. There can be up to a 12h delay on this operation.

    State validation
    Validity proofs (ST, SN)

    STARKs and SNARKs are zero knowledge proofs that ensure state correctness. STARKs proofs are wrapped in SNARKs proofs for efficiency. SNARKs require a trusted setup.

    Data availability
    External

    Proof construction and state derivation fully rely on data that is posted on EigenDA. The sequencer is publishing data to EigenDA v2. Sequencer transaction data roots are checked against the DACert Verifier data roots, signed off by EigenDA operators.

    Exit window
    None

    There is no exit window for users to exit in case of unwanted regular upgrades as they are initiated by the Security Council with instant upgrade power and without proper notice.

    Proposer failure
    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    Data availability

    Data is posted to EigenDA

    Transactions roots are posted onchain and the full data is posted on EigenDA. The sequencer is publishing data to EigenDA v2. The DACert Verifier is used to verify attestations from the EigenDA operator set that the data is indeed available. If EigenDA becomes unavailable, the sequencer falls back to Ethereum.

    • Funds can be lost if the sequencer posts an unavailable transaction root (CRITICAL).

    • Funds can be lost if the data is not available on the external provider (CRITICAL).

    1. EigenDA Docs - Overview
    2. Derivation: Batch submission - OP Mainnet specs
    3. BatchInbox - address
    4. OptimismPortal2.sol - source code, depositTransaction function
    Learn more about the DA layer here: EigenDA logoEigenDA
    State validation
    Validity proofs

    State roots are proposed by whitelisted proposers who create dispute games via the DisputeGameFactory by posting a bond. Once created, the game enters a challenge period during which whitelisted challengers can dispute the proposal by also posting a bond. If challenged, anyone can submit a ZK proof to prove the correct state within the proving period. After the challenge period passes without a successful challenge, or after a valid proof is submitted, anyone can resolve the game and finalize the state root.

    • Funds can be stolen if the validity proof cryptography is broken or implemented incorrectly.

    • Funds can be stolen if the proposer routes proof verification through a malicious or faulty verifier.

    • Funds can be frozen if the permissioned proposer fails to publish state roots to the L1.

    1. Op-Succinct architecture
    PROVER
    SP1SP1

    Trusted Setups

    Used in

    Projects used in

    Search for projects used in

    Verifiers

    1by
    1

    Used in

    Projects used in

    Search for projects used in

    Verifiers

    1by
    1

    Program Hashes

    Name
    Hash
    Repository
    Verification
    Used in
    0x0075...f31c
    		Code unknown
    None
    0x223f...9a83
    		Code unknown
    None
    Operator

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    Users can force any transaction

    Because the state of the system is based on transactions submitted on the underlying host chain and anyone can submit their transactions there it allows the users to circumvent censorship by interacting with the smart contract on the host chain directly.

    1. Sequencing Window - OP Mainnet Specs
    2. OptimismPortal2.sol - source code, depositTransaction function
    Withdrawals

    Regular exits

    The user initiates the withdrawal by submitting a regular transaction on this chain. When a state root containing such transaction is settled, the funds become available for withdrawal on L1 after 3d 12h. Withdrawal inclusion can be proven before state root settlement, but a 7d period has to pass before it becomes actionable. The process of state root settlement takes a challenge period of at least 3d 12h to complete. Finally the user submits an L1 transaction to claim the funds. This transaction requires a merkle proof.

    1. OptimismPortal2.sol - Etherscan source code, proveWithdrawalTransaction function
    2. OptimismPortal2.sol - Etherscan source code, finalizeWithdrawalTransaction function

    Forced messaging

    If the user experiences censorship from the operator with regular L2->L1 messaging they can submit their messages directly on L1. The system is then obliged to service this request or halt all messages, including forced withdrawals from L1 and regular messages initiated on L2. Once the force operation is submitted and if the request is serviced, the operation follows the flow of a regular message.

    1. Forced withdrawal from an OP Stack blockchain
    Other considerations

    EVM compatible smart contracts are supported

    OP stack chains are pursuing the EVM Equivalence model. No changes to smart contracts are required regardless of the language they are written in, i.e. anything deployed on L1 can be deployed on L2.

    1. Introducing EVM Equivalence
    Permissions
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco

    Ethereum

    Roles:

    Challenger (7) EOA 5EOA 6EOA 7EOA 8EOA 9EOA 12EOA 13

    Allowed to challenge or delete state roots proposed by a Proposer.

    Guardian (4) OpFoundationUpgradeSafeOptimism Security CouncilOptimism EOA 1EOA 2

    Allowed to pause withdrawals. In op stack systems with a proof system, the Guardian can also blacklist dispute games and set the respected game type (permissioned / permissionless).

    • OpFoundationUpgradeSafe has the role if the number of Optimism Security Council members falls below 8
    • Optimism EOA 1 has the role though restricted to the SuperchainConfig’s pause() function
    Proposer (3) EOA 3EOA 4EOA 10

    Allowed to post new state roots of the current layer to the host chain.

    Sequencer EOA 1

    Allowed to commit transactions from the current layer to the host chain.

    Actors:

    CeloProxyAdminOwner 0x4092…E112

    A Multisig with 2/2 threshold.

    • Can upgrade with no delay
      • Celo native asset Token
      • L1CrossDomainMessenger
      • L1ERC721Bridge
      • OptimismMintableERC20Factory
      • SystemConfig
      • DelayedWETH
      • L1StandardBridge
      • AnchorStateRegistry
      • DelayedWETH
      • SuperchainConfigLocal
      • OptimismPortal2
      • DisputeGameFactory
    • Can interact with AddressManager
      • set and change address mappings
    • Can interact with SystemConfig
      • it can update the preconfer address, the batch submitter (Sequencer) address and the gas configuration of the system
    • Can interact with DelayedWETH
      • can pull funds from the contract in case of emergency

    Participants (2):

    Celo Multisig 1Celo Multisig 2
    OpFoundationUpgradeSafe 0x847B…9D92

    A Multisig with 5/7 threshold. Member of SuperchainProxyAdminOwner.

    Participants (7):

    GnosisSafe0x3041…16230xE7dE…d02e0xBF93…a2c80x4D01…6d150x69ac…Fd020x9bbF…31aa
    Used in:
    SuperchainConfig 0x9570…4a4C

    Used to manage global configuration values for multiple OP Chains within a single Superchain network. The SuperchainConfig contract manages individual pause states for each chain connected to it, as well as a global pause state for all chains. The guardian role can pause either separately, but each pause expires after 3 months if left untouched.

    • Can interact with SuperchainConfigLocal
      • act as an override that pauses the SuperchainConfigLocal
    Used in:
    Optimism Security Council 0xc281…Bd03

    A Multisig with 10/13 threshold. It uses the following modules: LivenessModule (used to remove members inactive for 3mo 8d while making sure that the threshold remains above 75%. If the number of members falls below 8, the OpFoundationUpgradeSafe takes ownership of the multisig). Member of Optimism Guardian Multisig, SuperchainProxyAdminOwner.

    • A Guardian Optimism Guardian Multisig

    Participants (13):

    0x07dC…d0730x652B…cB5f0x1822…925e0x4A73…e61E0x3A53…aa940xEF9A…877c0x6323…c8650xd5b7…aC900x7ed8…9E390x0aA3…75D70x0a87…efE60xbfA0…E0d90x9282…cACb
    Used in:
    SuperchainProxyAdminOwner 0x5a0A…3d2A

    A Multisig with 2/2 threshold.

    • Can upgrade with no delay
      • SuperchainConfig
    • Can interact with AddressManager
      • set and change address mappings

    Participants (2):

    OpFoundationUpgradeSafeOptimism Security Council
    Used in:
    LivenessGuard 0x2442…4a25

    Modular contract to be used together with the LivenessModule. Tracks liveness / activity of Safe owners.

    • Can interact with LivenessModule
    Used in:
    SP1VerifierGatewayMultisig 0xCafE…6878

    A Multisig with 2/3 threshold.

    • Can interact with SP1VerifierGateway
      • affect the liveness and safety of the gateway - can transfer ownership, add and freeze verifier routes

    Participants (3):

    0xBaB2…11260x72Ff…4f540x9395…8885
    Used in:
    Optimism Guardian Multisig 0x09f7…dAf2

    A Multisig with 1/1 threshold. It uses the following modules: DeputyPauseModule (Allows 0x352f1defB49718e7Ea411687E850aA8d6299F7aC, called the deputy pauser, to act on behalf of the OpFoundationUpgradeSafe if set as its Safe module).

    Participants (1):

    Optimism Security Council
    Used in:
    GnosisSafe 0x42d2…9c64

    A Multisig with 2/2 threshold. Member of OpFoundationUpgradeSafe.

    Participants (2):

    0xb237…97A50x4665…7429
    Used in:
    Celo Multisig 2 0x9Eb4…D34d

    A Multisig with 6/8 threshold. Member of CeloProxyAdminOwner.

    Participants (8):

    0x0Bd0…25e00x21e5…875D0x09c0…e7970x326b…659d0x4813…0f8F0x4D89…D02d0x8b4b…0daE0xE002…1A84
    Celo Multisig 1 0xC031…4636

    A Multisig with 6/8 threshold. Member of CeloProxyAdminOwner.

    Participants (8):

    0xB963…f3e20x6FDb…13A10xd0cE…c6Db0x148d…B5Ca0x5f70…fb85Safe0x2BE5…FaD80xc3E9…C0cA
    EOA 1 0x0cd0…cA60
    Optimism EOA 1 0x352f…F7aC
    • A Guardian DeputyPauseModule though restricted to the SuperchainConfig’s pause() function → Optimism Guardian Multisig
    Used in:
    EOA 2 0x6E22…1f47
    • A Guardian - acting directly
    EOA 3, EOA 4 and EOA 10 (3) 0x0B7d…Fe620x1204…A6890x79D1…5d33
    EOA 5, EOA 6, EOA 7, EOA 8, EOA 9, EOA 12 and EOA 13 (7) 0x53E8…75Ca0x5696…8cA80x6b14…95830x7247…c32f0x77E8…3f6F0xc6E6…C4630xe4ce…eC78
    • A Challenger - acting directly
    EOA 11 0xbcA6…64f3
    • Can interact with DelayedWETH
      • can pull funds from the contract in case of emergency
    Smart contracts
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    Ethereum

    SystemConfig 0x89E3…9861Implementation (Upgradable)Admin

    Contains configuration parameters such as the Sequencer address, gas limit on this chain and the unsafe block signer address.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
      • batcherHash: EOA 1
      • owner: CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    OptimismPortal2 0xc5c5…AEDCImplementation (Upgradable)Admin

    The OptimismPortal contract is the main entry point to deposit funds from L1 to L2. It also allows to prove and finalize withdrawals. It specifies which game type can be used for withdrawals, which currently is the 42.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    • This contract stores the following tokens: ETH.
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    DisputeGameFactory 0xFbAC…F683Implementation (Upgradable)Admin

    The dispute game factory allows the creation of dispute games, used to propose state roots and eventually challenge them.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    Implementation used in:
    SuperchainConfigLocal 0xa440…3D33Implementation (Upgradable)Admin

    A local contract acting as source of truth for the paused status and the guardian role for the local chain.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
      • guardian: EOA 2
      • superchainConfig: SuperchainConfig if the (global) SuperchainConfig is paused
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    L1CrossDomainMessenger 0x1AC1…bB95Implementation (Upgradable)Admin

    Sends messages from host chain to this chain, and relays messages back onto host chain. In the event that a message sent from host chain to this chain is rejected for exceeding this chain’s epoch gas limit, it can be resubmitted via this contract’s replay function.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    L1ERC721Bridge 0x3C51…7f13Implementation (Upgradable)Admin

    Used to bridge ERC-721 tokens from host chain to this chain.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    Implementation used in:
    L1StandardBridge 0x9C49…adfeImplementation (Upgradable)Admin

    The main entry point to deposit ERC20 tokens from host chain to this chain.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    • This contract can store any token.
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    LivenessModule 0x0454…a748

    used to remove members inactive for 3mo 8d while making sure that the threshold remains above 75%. If the number of members falls below 8, the OpFoundationUpgradeSafe takes ownership of the multisig

    • Roles:
      • fallbackOwner: OpFoundationUpgradeSafe if the number of Optimism Security Council members falls below 8
      • livenessGuard: LivenessGuard
    Implementation used in:
    SP1Verifier 0x0459…C459

    Verifier contract for SP1 proofs (v5.0.0).

    Implementation used in:
    Celo native asset Token 0x0578…b19fImplementation (Upgradable)Admin
    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    OPSuccinctFaultDisputeGame 0x113f…b73e

    Logic of the dispute game. When a state root is proposed, a dispute game contract is deployed. Challengers can use such contracts to challenge the proposed state root.

    PreimageOracle 0x1fb8…aDD3

    The PreimageOracle contract is used to load the required data from L1 for a dispute game.

    Implementation used in:
    PermissionedDisputeGame 0x25c2…5d02

    Same as FaultDisputeGame, but only two permissioned addresses are designated as proposer and challenger.

    • Roles:
    SP1VerifierGateway 0x3B60…185e

    This contract is the router for zk proof verification. It stores the mapping between identifiers and the address of onchain verifier contracts, routing each identifier to the corresponding verifier contract.

    • Roles:
      • owner: SP1VerifierGatewayMultisig
    Implementation used in:
    SuperchainProxyAdmin 0x543b…fB04
    • Roles:
      • owner: SuperchainProxyAdminOwner
    Implementation used in:
    OptimismMintableERC20Factory 0x6f0E…A906Implementation (Upgradable)Admin

    A helper contract that generates OptimismMintableERC20 contracts on the network it’s deployed to. OptimismMintableERC20 is a standard extension of the base ERC20 token contract designed to allow the L1StandardBridge contracts to mint and burn tokens. This makes it possible to use an OptimismMintableERC20 as this chain’s representation of a token on the host chain, or vice-versa.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    Implementation used in:
    DeputyPauseModule 0x76fC…1754

    Allows 0x352f1defB49718e7Ea411687E850aA8d6299F7aC, called the deputy pauser, to act on behalf of the OpFoundationUpgradeSafe if set as its Safe module.

    • Roles:
      • deputy: Optimism EOA 1 though restricted to the SuperchainConfig’s pause() function
    Implementation used in:
    ProxyAdmin 0x783A…E374
    • Roles:
      • owner: CeloProxyAdminOwner
    DelayedWETH 0x9c31…DE91Implementation (Upgradable)Admin

    Contract designed to hold the bonded ETH for each game. It is designed as a wrapper around WETH to allow an owner to function as a backstop if a game would incorrectly distribute funds.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
      • owner: EOA 11
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    AnchorStateRegistry 0x9F18…28CCImplementation (Upgradable)Admin

    Contains the latest confirmed state root that can be used as a starting point in a dispute game.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    Implementation used in:
    DelayedWETH 0xa316…f95aImplementation (Upgradable)Admin

    Contract designed to hold the bonded ETH for each game. It is designed as a wrapper around WETH to allow an owner to function as a backstop if a game would incorrectly distribute funds.

    • Roles:
      • admin: ProxyAdmin; ultimately CeloProxyAdminOwner
      • owner: CeloProxyAdminOwner
    Can be upgraded by:
    CeloProxyAdminOwner with no delay
    MIPS 0xaA59…112a

    The MIPS contract is used to execute the final step of the dispute game which objectively determines the winner of the dispute.

    Implementation used in:
    FaultDisputeGame 0xcc74…90a5

    Logic of the dispute game. When a state root is proposed, a dispute game contract is deployed. Challengers can use such contracts to challenge the proposed state root.

    AccessManager 0xF59a…2816

    Contract managing access control for proposers and challengers in OPSuccinct.

    • Roles:
      • challengers: EOA 12, EOA 13, EOA 5, EOA 6, EOA 8, EOA 9
      • proposers: EOA 10, EOA 3

    Value Secured is calculated based on these smart contracts and tokens:

    Generic escrow 0x9C49…adfeImplementation (Upgradable)Admin

    Main entry point for users depositing ERC20 token that do not require custom gateway.

    Can be upgraded by:
    ProxyAdmin with no delay
    Escrow for ETH 0xc5c5…AEDCImplementation (Upgradable)Admin

    Main entry point for users depositing ETH.

    Can be upgraded by:
    ProxyAdmin with no delay

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Program Hashes

    Name
    Hash
    Repository
    Verification
    Used in
    0x0075...f31c
    		Code unknown
    None
    0x223f...9a83
    		Code unknown
    None