AggLayer: Add emergency pause mechanism

## Description

The Solidity base bridge contract ([`PolygonZkEVMBridgeV2.sol`](https://github.com/agglayer/agglayer-contracts/blob/main/contracts/v2/PolygonZkEVMBridgeV2.sol)) inherits `EmergencyManager`, which provides a simple emergency state toggle controlled by the rollup manager (a trusted system contract). When emergency state is active, the `ifNotEmergencyState` modifier blocks all user-facing operations:

- [`activateEmergencyState()`](https://github.com/agglayer/agglayer-contracts/blob/main/contracts/v2/PolygonZkEVMBridgeV2.sol) - gated by `onlyRollupManager`
- [`deactivateEmergencyState()`](https://github.com/agglayer/agglayer-contracts/blob/main/contracts/v2/PolygonZkEVMBridgeV2.sol) - gated by `onlyRollupManager`
- `ifNotEmergencyState` modifier gates: `bridgeAsset`, `claimAsset`, `bridgeMessage`, `claimMessage`

The emergency state is a simple boolean flag managed by a single trusted role.

The Miden bridge has no equivalent mechanism. All bridge operations ([`bridge_out`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/asm/agglayer/bridge/bridge_out.masm), [`claim`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/asm/agglayer/bridge/bridge_in.masm), [`register_faucet`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/asm/agglayer/bridge/bridge_config.masm), [`update_ger`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/asm/agglayer/bridge/bridge_config.masm)) execute unconditionally with no pause flag check. There is no storage slot for an emergency state and no note type to toggle it.

## Impact

If a vulnerability is discovered in the bridge logic, or a GER manager is compromised and inserts fraudulent GERs, there is no way to stop the bridge from processing transactions while the issue is investigated and fixed.

## Recommended Action

Add an `emergency_paused` flag in bridge storage. All entry-point procedures (`bridge_out`, `claim`, `register_faucet`, `update_ger`) should check this flag at the start and panic if set. Add a bridge-admin-gated `set_emergency_paused` procedure to toggle the flag, along with a corresponding note script or CONFIG_AGG_BRIDGE extension to invoke it.

### Dependencies

- Issue [001b](../sovereignContracts/001b-no-emergency-pause-sovereign.md) extends this with separate pauser/unpauser roles

## References

- [`bridge_out.masm`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/asm/agglayer/bridge/bridge_out.masm)
- [`bridge_in.masm`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/asm/agglayer/bridge/bridge_in.masm)
- [`bridge_config.masm`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/asm/agglayer/bridge/bridge_config.masm)
- [`bridge.rs`](https://github.com/0xMiden/miden-base/blob/next/crates/miden-agglayer/src/bridge.rs)
- [`PolygonZkEVMBridgeV2.sol`](https://github.com/agglayer/agglayer-contracts/blob/main/contracts/v2/PolygonZkEVMBridgeV2.sol)

## Classification

This is a core feature of the base bridge contract (`PolygonZkEVMBridgeV2`).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AggLayer: Add emergency pause mechanism #2696

Description

Impact

Recommended Action

Dependencies

References

Classification

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

AggLayer: Add emergency pause mechanism #2696

Description

Description

Impact

Recommended Action

Dependencies

References

Classification

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions