Overview
Piltover is the core settlement contract responsible for settling L3 state on StarkNet (L2). It is the foundational piece of Cartridge's L3 architecture — every block produced by the Katana L3 sequencer must ultimately be verified and settled through this contract.
This contract was deployed for the first L3 run on StarkNet, making it the first production L3 settlement system on the network.
From Mock to Production
When I started working on Piltover, it existed as a mock implementation — correct enough for testing but not hardened against adversarial inputs or edge cases that a production system would face.
The work involved:
- Soundness analysis — reviewed the contract's security model and identified conditions under which invalid state transitions could be accepted
- Bug fixing — resolved soundness issues in the state update logic and message passing between L3 and L2
- Security audit preparation — refactored the contract to improve auditability and fixed issues surfaced during the audit process
- Production deployment — coordinated the deployment for the first live L3 run on StarkNet
Architecture
Piltover follows the core contract pattern established by StarkNet itself:
- State root tracking — maintains the canonical L3 state root on L2
- Proof verification — accepts STARK proofs of valid state transitions
- Message passing — facilitates L3→L2 and L2→L3 message queues
- Config governance — manages the set of trusted provers and verifiers
Why This Matters
L3s enable application-specific chains that settle on an existing L2 instead of directly on Ethereum. This dramatically reduces costs — users pay fees in terms of L3 gas, not L1 gas. A well-designed settlement contract is the security root of the entire stack; any flaw here undermines the whole L3.
Getting this audited and to production was a prerequisite for Cartridge's game infrastructure running on L3.