Skip to main content


The Inbox is a contract deployed on L1 that handles message passing from L1 to the rollup (L2)

Links: Interface, Implementation.


Sends a message from L1 to L2.

* @notice Inserts a new message into the Inbox
* @dev Emits `MessageSent` with data for easy access by the sequencer
* @param _recipient - The recipient of the message
* @param _content - The content of the message (application specific)
* @param _secretHash - The secret hash of the message (make it possible to hide when a specific message is consumed on L2)
* @return The key of the message in the set
function sendL2Message(
DataStructures.L2Actor memory _recipient,
bytes32 _content,
bytes32 _secretHash
) external returns (bytes32);
Source code: l1-contracts/src/core/interfaces/messagebridge/IInbox.sol#L21-L35
RecipientL2ActorThe recipient of the message. This MUST match the rollup version and an Aztec contract that is attached to the contract making this call. If the recipient is not attached to the caller, the message cannot be consumed by it.
Contentfield (~254 bits)The content of the message. This is the data that will be passed to the recipient. The content is limited to be a single field for rollup purposes. If the content is small enough it can just be passed along, otherwise it should be hashed and the hash passed along (you can use our Hash utilities with sha256ToField functions)
Secret Hashfield (~254 bits)A hash of a secret that is used when consuming the message on L2. Keep this preimage a secret to make the consumption private. To consume the message the caller must know the pre-image (the value that was hashed) - so make sure your app keeps track of the pre-images! Use computeSecretHash to compute it from a secret.
ReturnValuebytes32The message hash, used as an identifier

Edge cases

  • Will revert with Inbox__ActorTooLarge(bytes32 actor) if the recipient is larger than the field size (~254 bits).
  • Will revert with Inbox__ContentTooLarge(bytes32 content) if the content is larger than the field size (~254 bits).
  • Will revert with Inbox__SecretHashTooLarge(bytes32 secretHash) if the secret hash is larger than the field size (~254 bits).


Allows the Rollup to consume multiple messages in a single transaction.

* @notice Consumes the current tree, and starts a new one if needed
* @dev Only callable by the rollup contract
* @dev In the first iteration we return empty tree root because first block's messages tree is always
* empty because there has to be a 1 block lag to prevent sequencer DOS attacks
* @return The root of the consumed tree
function consume() external returns (bytes32);
Source code: l1-contracts/src/core/interfaces/messagebridge/IInbox.sol#L37-L46
ReturnValuebytes32Root of the consumed tree.

Edge cases

  • Will revert with Inbox__Unauthorized() if msg.sender != ROLLUP (rollup contract is sometimes referred to as state transitioner in the docs).