dbd517b279
- Update dbis_core, cross-chain-pmm-lps, explorer-monorepo, metamask-integration, pr-workspace/chains - Omit embedded publish git dirs and empty placeholders from index Made-with: Cursor
30 lines
1.2 KiB
Markdown
30 lines
1.2 KiB
Markdown
# Key custody checklist (Standard Rollup) — example
|
|
|
|
Copy this checklist to your internal CMDB. **Do not** commit filled copies with addresses of multisig signers if classified.
|
|
|
|
## Roles (separate keys per role in production)
|
|
|
|
- [ ] Sequencer signing (L2 block production)
|
|
- [ ] Batcher (L1 transaction submission)
|
|
- [ ] Proposer (L2 output roots on L1)
|
|
- [ ] Challenger (fault-proof participation)
|
|
- [ ] L1 deployer (one-time or gated contract deploy)
|
|
- [ ] Upgrade / admin (multisig; align with [standard-config-roles-mainnet.toml](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-config-roles-mainnet.toml) and charter)
|
|
|
|
## Custody
|
|
|
|
- [ ] Multisig vendor + threshold recorded
|
|
- [ ] Hardware / institutional custody for hot keys where required
|
|
- [ ] Break-glass procedure documented
|
|
- [ ] Key rotation and incident response contacts
|
|
|
|
## Funding
|
|
|
|
- [ ] L1 ETH budget for deploy, batching, proposals, challenger bonds
|
|
- [ ] L2 gas funding for operational tests
|
|
|
|
## Evidence
|
|
|
|
- [ ] `pinned-versions.manifest.yaml` filled and stored with deploy artifacts
|
|
- [ ] Addresses recorded under `config/op-stack-superchain/deployed/` (non-secret files only)
|