Ownership Model
An overview of the most important contracts and roles in the ZKsync Stack ecosystem.
This section covers L1 and L2 contracts, their relationships, and the roles that manage them.
Contracts overview
| Contract | Description | Owned by | Shared within ecosystem | Source code |
|---|---|---|---|---|
| CTM (ChainTypeManager) | Trust zone that ensures unified state transition process across chains | ProtocolUpgradeHandler | Yes, but might have multiple instances with different ownership | Source |
| Bridgehub | Primary ecosystem entry point for L1↔L2 messaging, CTM management, chain registration | ProtocolUpgradeHandler | Yes | Source |
| L1 SharedBridge (legacy) | Bridges assets between L1 and all ZKsync chains | ProtocolUpgradeHandler | Yes | Source |
| DiamondProxy | Main contract of a specific chain, responsible for state transition | CTM (Admin can control some processes) | No | Facets |
| ValidatorTimelock | Trustlessly sets a batch execution delay | ProtocolUpgradeHandler | Yes, enforced within CTM | Source |
| Verifier | Verifies ZK proofs | - | Yes, within CTM | Source |
| L1/L2 NativeTokenVault | Holds L1 native ETH and ERC20 tokens bridged into ZKsync chains | ProtocolUpgradeHandler | Yes | NTV |
| L1/L2 AssetRouter | Bridges assets between L1 and ZKsync chains, supporting both ETH and ERC20 tokens | ProtocolUpgradeHandler | Yes | Asset Router |
| L1/L2 DA Validators | Ensure that pubdata is committed properly | - | L1: optionally shared, L2: no | Default L1 3rd Party L1 L2 |
Roles overview
| Name | Purpose | Owned by | Shared | Source code |
|---|---|---|---|---|
| DecentralizedGovernance (set of contracts) | Owns ProtocolUpgradeHandler, controls all ecosystem contracts, accepts/vetoes proposals. | - | Yes | Repository |
| ChainAdmin | - Change fee parameters - Set validator for a chain - Set transaction filterer - Set base token multiplier - Set pubdata pricing mode - Set the timestamp when the protocol upgrade will be applied | Chain operator’s Multisig | No | Source |
| ProtocolUpgradeHandler | Ownership of CTM, Bridgehub, L1 and L2 bridges, AssetRouters, NTVs | DecentralizedGovernance | Yes | Source |
| EcosystemAdmin | - Revert batches within CTM - Set validator to any chain (will be removed in gateway upgrade) - Create new chain in Bridgehub - Add a base token in Bridgehub - Allow bridging to some L2SharedBridge | ML Multisig | Yes | Source |
| ChainAdmin | - Change fee parameters - Set validator for a chain - Set transaction filterer - Set base token multiplier - Set pubdata pricing mode - Set the timestamp when the protocol upgrade will be applied | Chain operator’s Multisig | No | Source |
| BlobOperator | EOA that sends CommitBatches transactions | Chain operator | No | EOA |
| Operator | EOA that sends ProveBatches and ExecuteBatches transactions | Chain operator | No | EOA |
| FeeCollector | An address that receives the funds from fees paid by user transactions on L2 | Chain operator | No | Not enforced |
| TokenMultiplierSetter | An address nominated by the ChainAdmin that can set the ETH↔BaseToken price ratio | Chain operator | No | EOA |