Findings for the wstETH bridging Op review ENV-setup deploy (it's better to have verifiable transparent source of all addresses and constants) To fit the transparency requirements before the deployment might be added ".env.optimis.wsteth" and ".env.arbitrum.wsteth" files with fixed variables for wstETH deployment. These files will be used as seed files for the actual .env file https://github.com/lidofinance/lido-l2/tree/develop/contracts/optimism#attack-on-l1crossdomainmessenger Maybe resolve the issue by whitelisting implementations and/or monitoring with Forta (request to the Automation team) Need to remove IERC20Metadata (reproducible for the develop branch).