Skip to content

Solana Attestation Signer Registry changeset #19149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 23 commits into from
Sep 23, 2025
Merged

Solana Attestation Signer Registry changeset #19149

merged 23 commits into from
Sep 23, 2025

Conversation

@PabloMansanet
Copy link
Contributor

@PabloMansanet PabloMansanet commented Aug 29, 2025

Requires

Supports

agusaldasoro
agusaldasoro previously approved these changes Aug 29, 2025
View reviewed changes
yashnevatia
yashnevatia reviewed Sep 1, 2025
View reviewed changes
deployment/ccip/changeset/ccip-base/cs_deploy_signer_registry_solana.go Outdated
return nil
}

func downloadReleaseArtifactsFromGithubWorkflowRun(
Copy link
Contributor

@yashnevatia yashnevatia Sep 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can any of this be reused from the function that does this for ccip contracts ?

Copy link
Contributor Author

@PabloMansanet PabloMansanet Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not easily no, the CCIP contracts one has a chain of closures and each of them has a bit of coupling to CCIP so it's hard to unravel that.

yashnevatia
yashnevatia reviewed Sep 1, 2025
View reviewed changes
deployment/ccip/changeset/ccip-base/cs_deploy_signer_registry_solana.go Outdated

configPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("config")}, signerRegistry.ProgramID)
signersPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("signers")}, signerRegistry.ProgramID)
ix, err := signerRegistry.NewInitializeInstruction(c.Owner, authority, solana.SystemProgramID, configPda, signersPda)
Copy link
Contributor

@yashnevatia yashnevatia Sep 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how come we are not doing signerRegistry.SetProgramId ?

Copy link
Contributor Author

@PabloMansanet PabloMansanet Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the latest version of anchor-go, the program ID is hardcoded in the bindings, so it's not necessary. Here's now the new binding looks:

// Code generated by https://github.com/gagliardetto/anchor-go. DO NOT EDIT.
// This file contains the program ID.

package ccip_signer_registry

import solanago "github.com/gagliardetto/solana-go"

var ProgramID = solanago.MustPublicKeyFromBase58("ULwL2Wcf7qdUkPhJc3nZmfQuGLAAP4kpnXBi2dkRitS")

And here's the old ones (for CCIP solana programs):

var ProgramID ag_solanago.PublicKey

func SetProgramID(pubkey ag_solanago.PublicKey) {
	ProgramID = pubkey
	ag_solanago.RegisterInstructionDecoder(ProgramID, registryDecodeInstruction)
}

yashnevatia
yashnevatia reviewed Sep 1, 2025
View reviewed changes
deployment/ccip/changeset/ccip-base/cs_ops.go Outdated
chain := e.BlockChains.SolanaChains()[c.ChainSelector]
c.Validate(e)

configPda, _, _ := solana.FindProgramAddress([][]byte{[]byte("config")}, signerRegistry.ProgramID)
Copy link
Contributor

@yashnevatia yashnevatia Sep 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same, how come we dont have setProgramId anywhere?

yashnevatia
yashnevatia reviewed Sep 1, 2025
View reviewed changes
deployment/ccip/changeset/ccip-base/cs_deploy_signer_registry_solana.go Outdated
@@ -0,0 +1,210 @@
package ccipbase
Copy link
Contributor

@yashnevatia yashnevatia Sep 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should be able to add a test pretty easily no ?
setup env -> deploy -> run the ops ?
if possible, best to do it because it really helps future dev

Copy link
Contributor Author

@PabloMansanet PabloMansanet Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are pushing this back for the time being as I ran into several issues when attempting to write a test. Had a chat with Agustina and it seems that was an issue for ccip-solana too. Would be nice to revisit later, but we can't block the release. on it.

@PabloMansanet PabloMansanet force-pushed the ccip-base branch 2 times, most recently from 6a6d08a to 20b1ae0 Compare September 5, 2025 10:37
@PabloMansanet PabloMansanet marked this pull request as ready for review September 15, 2025 09:54
@PabloMansanet PabloMansanet requested review from a team as code owners September 15, 2025 09:54
@product-security-plaid-test product-security-plaid-test bot requested review from bytesizedroll and mchain0 and removed request for bytesizedroll September 15, 2025 09:54
@PabloMansanet
CCIP attestation signer registry changesets
9d3d96d 
Deploy base signer registry changeset

Error improvements

Add initialize changeset

Add changeset for NOP rotation

Add green key changeset

Add promotion changesets

Adjust visibility

WIP test

Add IDL changeset

Add timelock transfer

Cleanup

Add upgrade authority transfer changeset

Add MCMS ownership validation checks

MCMS support

Update with contract changes from audit feedback
agusaldasoro
agusaldasoro reviewed Sep 19, 2025
View reviewed changes
deployment/ccip/changeset/ccip-attestation-solana/cs_ops_solana.go Outdated
// ExecuteOrBuildMCMSProposal handles the decision to execute instructions directly or build an MCMS proposal.
// If mcmsConfig is nil, it executes the instructions directly on the chain.
// If mcmsConfig is provided, it builds MCMS transactions and creates a proposal.
func ExecuteOrBuildMCMSProposal(
Copy link
Contributor

@agusaldasoro agusaldasoro Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this method can be private, right?

agusaldasoro
agusaldasoro reviewed Sep 19, 2025
View reviewed changes
deployment/ccip/changeset/ccip-attestation-solana/cs_ops_solana.go Outdated
for _, hexKey := range c.NopKeysToRemove {
key, _ := parseEVMAddress(hexKey)

ix, err := signer_registry.NewRemoveSignerInstruction(key, chain.DeployerKey.PublicKey(), configPda, signersPda, eventAuthorityPda, signer_registry.ProgramID)
Copy link
Contributor

@agusaldasoro agusaldasoro Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

who is the authority for this ix? signer_registry.ProgramID? Is it always the same if you are running it through MCMS or with the deployer key?

Copy link
Contributor Author

@PabloMansanet PabloMansanet Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, will fix!

agusaldasoro
agusaldasoro previously approved these changes Sep 19, 2025
View reviewed changes
@cl-sonarqube-production
Copy link

cl-sonarqube-production bot commented Sep 19, 2025

Quality Gate passed Quality Gate passed

Issues
43 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
8.8% Duplication on New Code

See analysis details on SonarQube

matYang
matYang previously approved these changes Sep 19, 2025
View reviewed changes
@PabloMansanet PabloMansanet dismissed stale reviews from matYang and agusaldasoro via d137b22 September 23, 2025 12:26
@PabloMansanet PabloMansanet added this pull request to the merge queue Sep 23, 2025
Merged via the queue into develop with commit 9e1f207 Sep 23, 2025
236 of 239 checks passed
@PabloMansanet PabloMansanet deleted the ccip-base branch September 23, 2025 14:38
This was referenced Sep 23, 2025
Draft
Draft
Draft
This was referenced Oct 6, 2025
Draft
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yashnevatia yashnevatia yashnevatia left review comments

@winder winder winder approved these changes

@matYang matYang matYang approved these changes

@agusaldasoro agusaldasoro agusaldasoro left review comments

@asoliman92 asoliman92 Awaiting requested review from asoliman92 asoliman92 is a code owner automatically assigned from smartcontractkit/ccip-offchain

@makramkd makramkd Awaiting requested review from makramkd makramkd is a code owner automatically assigned from smartcontractkit/ccip-offchain

@AmrMohamedRezk AmrMohamedRezk Awaiting requested review from AmrMohamedRezk AmrMohamedRezk is a code owner automatically assigned from smartcontractkit/ccip-offchain

@KodeyThomas KodeyThomas Awaiting requested review from KodeyThomas KodeyThomas is a code owner automatically assigned from smartcontractkit/ccip-offchain

@mchain0 mchain0 Awaiting requested review from mchain0

@Tofel Tofel Awaiting requested review from Tofel

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@PabloMansanet @winder @matYang @agusaldasoro @yashnevatia