Skip to content

Commit 29a99a9

Browse files
PabloMansanetPabloMansanet
committed
Fix authority on MCMS invocations
1 parent 6ff27b8 commit 29a99a9

File tree

1 file changed

+41
-10
lines changed

1 file changed

+41
-10
lines changed

deployment/ccip/changeset/ccip-attestation-solana/cs_ops_solana.go

Lines changed: 41 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,10 @@ import (
2020
solanastateview "github.com/smartcontractkit/chainlink/deployment/ccip/shared/stateview/solana"
2121
)
2222

23-
// ExecuteOrBuildMCMSProposal handles the decision to execute instructions directly or build an MCMS proposal.
23+
// executeOrBuildMCMSProposal handles the decision to execute instructions directly or build an MCMS proposal.
2424
// If mcmsConfig is nil, it executes the instructions directly on the chain.
2525
// If mcmsConfig is provided, it builds MCMS transactions and creates a proposal.
26-
func ExecuteOrBuildMCMSProposal(
26+
func executeOrBuildMCMSProposal(
2727
e cldf.Environment,
2828
chain *cldf_solana.Chain,
2929
instructions []solana.Instruction,
@@ -116,28 +116,36 @@ func RotateBaseSignerNopsChangeset(e cldf.Environment, c RotateBaseSignerNopsCon
116116
configPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("config")}, signer_registry.ProgramID)
117117
signersPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("signers")}, signer_registry.ProgramID)
118118
eventAuthorityPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("__event_authority")}, signer_registry.ProgramID)
119+
currentAuthority := chain.DeployerKey.PublicKey()
120+
if c.MCMS != nil {
121+
timelockSignerPDA, err := cs_solana.FetchTimelockSigner(e, chain.Selector)
122+
if err != nil {
123+
return cldf.ChangesetOutput{}, fmt.Errorf("failed to get timelock signer: %w", err)
124+
}
125+
currentAuthority = timelockSignerPDA
126+
}
119127

120128
var instructions []solana.Instruction
121129

122130
for _, hexKey := range c.NopKeysToRemove {
123131
key, _ := parseEVMAddress(hexKey)
124132

125-
ix, err := signer_registry.NewRemoveSignerInstruction(key, chain.DeployerKey.PublicKey(), configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
133+
ix, err := signer_registry.NewRemoveSignerInstruction(key, currentAuthority, configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
126134
if err != nil {
127135
return cldf.ChangesetOutput{}, fmt.Errorf("failed to remove signer: %w", err)
128136
}
129137
instructions = append(instructions, ix)
130138
}
131139
for _, hexKey := range c.NopKeysToAdd {
132140
key, _ := parseEVMAddress(hexKey)
133-
ix, err := signer_registry.NewAddSignerInstruction(key, chain.DeployerKey.PublicKey(), configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
141+
ix, err := signer_registry.NewAddSignerInstruction(key, currentAuthority, configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
134142
if err != nil {
135143
return cldf.ChangesetOutput{}, fmt.Errorf("failed to add signer: %w", err)
136144
}
137145
instructions = append(instructions, ix)
138146
}
139147

140-
return ExecuteOrBuildMCMSProposal(
148+
return executeOrBuildMCMSProposal(
141149
e,
142150
&chain,
143151
instructions,
@@ -219,21 +227,29 @@ func AddGreenKeysChangeset(e cldf.Environment, c AddGreenKeysConfig) (cldf.Chang
219227
configPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("config")}, signer_registry.ProgramID)
220228
signersPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("signers")}, signer_registry.ProgramID)
221229
eventAuthorityPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("__event_authority")}, signer_registry.ProgramID)
230+
currentAuthority := chain.DeployerKey.PublicKey()
231+
if c.MCMS != nil {
232+
timelockSignerPDA, err := cs_solana.FetchTimelockSigner(e, chain.Selector)
233+
if err != nil {
234+
return cldf.ChangesetOutput{}, fmt.Errorf("failed to get timelock signer: %w", err)
235+
}
236+
currentAuthority = timelockSignerPDA
237+
}
222238

223239
var instructions []solana.Instruction
224240

225241
for _, keyPair := range c.BlueGreenKeys {
226242
blue, _ := parseEVMAddress(keyPair[0])
227243
green, _ := parseEVMAddress(keyPair[1])
228244

229-
ix, err := signer_registry.NewSetSignerNewAddressInstruction(blue, green, chain.DeployerKey.PublicKey(), configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
245+
ix, err := signer_registry.NewSetSignerNewAddressInstruction(blue, green, currentAuthority, configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
230246
if err != nil {
231247
return cldf.ChangesetOutput{}, fmt.Errorf("failed to add green key: %w", err)
232248
}
233249
instructions = append(instructions, ix)
234250
}
235251

236-
return ExecuteOrBuildMCMSProposal(
252+
return executeOrBuildMCMSProposal(
237253
e,
238254
&chain,
239255
instructions,
@@ -309,20 +325,28 @@ func PromoteKeysChangeset(e cldf.Environment, c PromoteKeysConfig) (cldf.Changes
309325
configPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("config")}, signer_registry.ProgramID)
310326
signersPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("signers")}, signer_registry.ProgramID)
311327
eventAuthorityPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("__event_authority")}, signer_registry.ProgramID)
328+
currentAuthority := chain.DeployerKey.PublicKey()
329+
if c.MCMS != nil {
330+
timelockSignerPDA, err := cs_solana.FetchTimelockSigner(e, chain.Selector)
331+
if err != nil {
332+
return cldf.ChangesetOutput{}, fmt.Errorf("failed to get timelock signer: %w", err)
333+
}
334+
currentAuthority = timelockSignerPDA
335+
}
312336

313337
var instructions []solana.Instruction
314338

315339
for _, keyHex := range c.KeysToPromote {
316340
key, _ := parseEVMAddress(keyHex)
317341

318-
ix, err := signer_registry.NewPromoteSignerAddressInstruction(key, chain.DeployerKey.PublicKey(), configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
342+
ix, err := signer_registry.NewPromoteSignerAddressInstruction(key, currentAuthority, configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
319343
if err != nil {
320344
return cldf.ChangesetOutput{}, fmt.Errorf("failed to promote key: %w", err)
321345
}
322346
instructions = append(instructions, ix)
323347
}
324348

325-
return ExecuteOrBuildMCMSProposal(
349+
return executeOrBuildMCMSProposal(
326350
e,
327351
&chain,
328352
instructions,
@@ -381,11 +405,18 @@ func SetUpgradeAuthorityChangeset(
381405
) (cldf.ChangesetOutput, error) {
382406
chain := e.BlockChains.SolanaChains()[config.ChainSelector]
383407
currentAuthority := chain.DeployerKey.PublicKey()
408+
if config.MCMS != nil {
409+
timelockSignerPDA, err := cs_solana.FetchTimelockSigner(e, chain.Selector)
410+
if err != nil {
411+
return cldf.ChangesetOutput{}, fmt.Errorf("failed to get timelock signer: %w", err)
412+
}
413+
currentAuthority = timelockSignerPDA
414+
}
384415
e.Logger.Infow("Setting upgrade authority", "newUpgradeAuthority", config.NewUpgradeAuthority.String())
385416

386417
ixn := cs_solana.SetUpgradeAuthority(&e, &chain, signer_registry.ProgramID, currentAuthority, config.NewUpgradeAuthority, false)
387418

388-
return ExecuteOrBuildMCMSProposal(
419+
return executeOrBuildMCMSProposal(
389420
e,
390421
&chain,
391422
[]solana.Instruction{ixn},

0 commit comments

Comments
 (0)