Ethereum & Alpha Testnet Differences
Scroll Alpha Testnet is now deprecated.
There are a number of technical details that differ between Ethereum mainnet's EVM and Scroll's modified design for a zkEVM. Below you can see those differences as they exist now.
For open-source contributors and infrastructure builders, please contact our team for additional support.
For the average Solidity developer, these details won't affect your development experience.
Opcode | Solidity equivalent | Ethereum Behavior | Scroll Behavior |
|---|---|---|---|
BLOCKHASH | block.blockhash | Input: blockNumber from top of the stack, and the valid range is [NUMBER-256, NUMBER-1].Output: hash of the given block number, or 0 if the block number is not in the valid range. | Matches Ethereum, but limits the range of input blockNumber to be NUMBER-1. |
COINBASE | block.coinbase | In Ethereum Clique, the eth address of the signer. | |
DIFFICULTY / PREVRANDAO | block.difficulty | After PoS, the previous block’s randao value. | Returns 0. |
SELFDESTRUCT | selfdestruct | Disabled in the sequencer. Runtime error, same behavior as the INVALID opcode.
Will change to adopt Ethereum’s solution in the future. | |
PUSH0 | / | Runtime Error, will act as an INVALID opcode. Will be supported on the Mainnet |
The
SHA2-256 (address 0x2), RIPEMD-160 (address 0x3), and blake2f (address 0x9) precompiles are currently not supported. Calls to these precompiled contracts will revert. We plan to enable these three precompiles in a future hard fork.The
modexp precompile is supported but only supports inputs of size less than or equal to 32 bytes (i. e. u256).The
ecPairing precompile is supported but the number of points(sets, pairs) is limited to 4, instead of 6.The other EVM precompiles are all supported:
ecRecover, identity, ecAdd, ecMul.We added two fields in the current
StateAccount object: PoseidonCodehash and CodeSize.type StateAccount struct {
Nonce uint64
Balance *big.Int
Root common.Hash // merkle root of the storage trie
KeccakCodeHash []byte // still the Keccak codehash
// added fields
PoseidonCodeHash []byte // the Poseidon codehash
CodeSize uint64
}
Related to this, we maintain two types of codehash for each contract bytecode: Keccak hash and Poseidon hash.
KeccakCodeHash is kept to maintain compatibility for EXTCODEHASH. PoseidonCodeHash is used for verifying correctness of bytecodes loaded in the zkEVM, where Poseidon hashing is far more efficient.When verifying
EXTCODESIZE, it is expensive to load the whole contract data into the zkEVM. Instead, we store the contract size in storage during contract creation. This way, we do not need to load the code — a storage proof is sufficient to verify this opcode.The Alpha Testnet aims for a constant block time of 3 seconds. This is shorter and more consistent than the 12 seconds used in the Ethereum under ideal conditions.
This was chosen for two reasons:
- Having faster, constant block time results in quicker feedback and a better user experience.
- As we optimize the zkEVM circuits in our testnets, even if we maintain a smaller gas limit per block or batch, we can still reach higher throughput than Ethereum.
The 3 second block time is maintained on a best effort basis, it is not guaranteed or enforced by the protocol.
We keep a close on eye on all emerging EIPs adopted by Ethereum and adopt them when suitable. If you’re interested in more specifics, reach out in our community forum or on the Scroll Discord.
To ensure no unexpected behaviour happens in your contracts, we recommend using
london as target version when compiling your smart contracts.
You can read in more details on Shanghai hard fork differences from London on the Ethereum Execution spec and how the new PUSH0 instruction impacts the Solidity compiler.The fee charged to Alpha Testnet transactions contains two parts:
- L2 gas fee: similar to L1, the amount of L2 execution fee equals to
L2_gas_price * L2_gas_used. This part covers the following costs:- L2 sequencer execution & storage cost
- Validity proof verification and finalization cost on L1
- Prover cost
- L1 data fee: additional fee on top of L2 gas fee. The L1 data fee is only charged to L2-initiated transactions, not to L1-initiated transactions. The fee covers the cost of sending data to L1 for data availability. Because we roll up the tx data to L1, the L1 rollup fee is calculated based on the size of tx data.
Last modified 1mo ago