Add protocol peg keeper allowlist#981
Draft
mswilkison wants to merge 7 commits into
Draft
Conversation
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
beginPegKeeperUpdate(keeper, allowed)/finalizePegKeeperUpdate()cancelPegKeeperUpdate()so governance can clear an abandoned or misencoded pending keeper update without applying itbalanceOwner == redeemerplus an allowlisted redeemer for redemption fee waiversunstakingPeriodandrebatePerTokento zero, and preserves user-controlled exitsinitializeV2_Deprecate()path restricted to the proxy admin for timelockupgradeAndCallexecution, plus owner-callabledeprecate()initializeV2_Deprecate()idempotent if owner deprecation already happened before the upgrade initializer is executedwithdrawStake(receiver)so existing stakers can withdraw the full locked stake in one transaction after deprecationDeployment notes
ProxyAdmin.upgradeAndCall(... initializeV2_Deprecate()).ProxyAdmin.upgradeAndCall(... initializeV6_ConfigurePegKeeper(initialPegKeeper))to allowlist the initial keeper, clear the bridge rebate hook, and permanently block future rebate hook wiring.initializeV6_ConfigurePegKeeperis restricted to the Bridge proxy admin, rejectsaddress(0)as the initial keeper, and emitsRebateStakingRepaired(oldRebateStaking, address(0))when clearing the bridge rebate hook.beginPegKeeperUpdate(keeper, true)/finalizePegKeeperUpdate().beginPegKeeperUpdate(keeper, false)/finalizePegKeeperUpdate().startUnstaking/finalizeUnstakingcan complete immediately, andwithdrawStake(receiver)exits the whole stake in one call.Tests
npm run buildnpm run test -- --grep "RebateStaking"npm run test -- --grep "Bridge - Peg keeper"npm run test -- ./test/bridge/Bridge.RebateRecovery.test.tsnpm run test -- ./test/bridge/Bridge.PegKeeper.test.ts ./test/bridge/Bridge.Deposit.test.ts ./test/bridge/Bridge.Redemption.test.ts ./test/bridge/Bridge.Governance.test.tsnpm run test -- ./test/cross-chain/wormhole/L1BTCDepositorWormhole.test.tsnpm exec eslint -- test/bridge/Bridge.PegKeeper.test.tsnpm exec eslint -- test/bridge/Bridge.PegKeeper.test.ts test/bridge/RebateStaking.test.tsnpm run lint:sol -- contracts/bridge/Bridge.sol contracts/bridge/BridgeGovernance.sol contracts/bridge/BridgeGovernanceParameters.sol contracts/bridge/BridgeState.sol contracts/bridge/Deposit.sol contracts/bridge/Redemption.solnpm run lint:sol -- contracts/bridge/RebateStaking.sol contracts/bridge/Bridge.sol contracts/bridge/BridgeGovernance.sol contracts/bridge/BridgeGovernanceParameters.sol contracts/bridge/BridgeState.sol contracts/bridge/Deposit.sol contracts/bridge/Redemption.solNotes
BridgeGovernanceParameters.cancelPegKeeperUpdateis internal so the new cancel path does not add another external library link reference to BridgeGovernance; this avoids the OpenZeppelin validation-cache bytecode failure seen inL1BTCDepositorWormholeCI.