diff --git a/deployment/keystone/capability_management.go b/deployment/keystone/capability_management.go index 888cba5b931..7e502d4f8ea 100644 --- a/deployment/keystone/capability_management.go +++ b/deployment/keystone/capability_management.go @@ -2,7 +2,9 @@ package keystone import ( "fmt" + "math/big" + "github.com/smartcontractkit/ccip-owner-contracts/pkg/proposal/mcms" "github.com/smartcontractkit/ccip-owner-contracts/pkg/proposal/timelock" "github.com/smartcontractkit/chainlink-common/pkg/logger" "github.com/smartcontractkit/chainlink/deployment" @@ -10,12 +12,11 @@ import ( ) // AddCapabilities adds the capabilities to the registry -// it tries to add all capabilities in one go, if that fails, it falls back to adding them one by one - -func AddCapabilities(lggr logger.Logger, registry *kcr.CapabilitiesRegistry, chain deployment.Chain, capabilities []kcr.CapabilitiesRegistryCapability, useMCMS bool) ([]timelock.MCMSWithTimelockProposal, error) { +func AddCapabilities(lggr logger.Logger, contractSet *ContractSet, chain deployment.Chain, capabilities []kcr.CapabilitiesRegistryCapability, useMCMS bool) (*timelock.BatchChainOperation, error) { if len(capabilities) == 0 { return nil, nil } + registry := contractSet.CapabilitiesRegistry deduped, err := dedupCapabilities(registry, capabilities) if err != nil { return nil, fmt.Errorf("failed to dedup capabilities: %w", err) @@ -29,7 +30,7 @@ func AddCapabilities(lggr logger.Logger, registry *kcr.CapabilitiesRegistry, cha err = DecodeErr(kcr.CapabilitiesRegistryABI, err) return nil, fmt.Errorf("failed to add capabilities: %w", err) } - var proposals []timelock.MCMSWithTimelockProposal + var batch *timelock.BatchChainOperation if !useMCMS { _, err = chain.Confirm(tx) if err != nil { @@ -37,9 +38,18 @@ func AddCapabilities(lggr logger.Logger, registry *kcr.CapabilitiesRegistry, cha } lggr.Info("registered capabilities", "capabilities", deduped) } else { - // TODO + batch = &timelock.BatchChainOperation{ + ChainIdentifier: mcms.ChainIdentifier(chain.Selector), + Batch: []mcms.Operation{ + { + To: registry.Address(), + Data: tx.Data(), + Value: big.NewInt(0), + }, + }, + } } - return proposals, nil + return batch, nil } // CapabilityID returns a unique id for the capability diff --git a/deployment/keystone/changeset/accept_ownership_test.go b/deployment/keystone/changeset/accept_ownership_test.go index 9ac0063143e..b2aa1b20194 100644 --- a/deployment/keystone/changeset/accept_ownership_test.go +++ b/deployment/keystone/changeset/accept_ownership_test.go @@ -37,6 +37,10 @@ func TestAcceptAllOwnership(t *testing.T) { Changeset: commonchangeset.WrapChangeSet(changeset.DeployForwarder), Config: registrySel, }, + { + Changeset: commonchangeset.WrapChangeSet(changeset.DeployFeedsConsumer), + Config: &changeset.DeployFeedsConsumerRequest{ChainSelector: registrySel}, + }, { Changeset: commonchangeset.WrapChangeSet(commonchangeset.DeployMCMSWithTimelock), Config: map[uint64]types.MCMSWithTimelockConfig{ diff --git a/deployment/keystone/changeset/append_node_capbilities.go b/deployment/keystone/changeset/append_node_capabilities.go similarity index 56% rename from deployment/keystone/changeset/append_node_capbilities.go rename to deployment/keystone/changeset/append_node_capabilities.go index 974c4970c51..f0bad959551 100644 --- a/deployment/keystone/changeset/append_node_capbilities.go +++ b/deployment/keystone/changeset/append_node_capabilities.go @@ -3,7 +3,11 @@ package changeset import ( "fmt" + "github.com/ethereum/go-ethereum/common" + "github.com/smartcontractkit/ccip-owner-contracts/pkg/gethwrappers" + "github.com/smartcontractkit/ccip-owner-contracts/pkg/proposal/timelock" "github.com/smartcontractkit/chainlink/deployment" + "github.com/smartcontractkit/chainlink/deployment/common/proposalutils" kslib "github.com/smartcontractkit/chainlink/deployment/keystone" "github.com/smartcontractkit/chainlink/deployment/keystone/changeset/internal" ) @@ -16,15 +20,39 @@ type AppendNodeCapabilitiesRequest = MutateNodeCapabilitiesRequest // AppendNodeCapabilities adds any new capabilities to the registry, merges the new capabilities with the existing capabilities // of the node, and updates the nodes in the registry host the union of the new and existing capabilities. func AppendNodeCapabilities(env deployment.Environment, req *AppendNodeCapabilitiesRequest) (deployment.ChangesetOutput, error) { - cfg, err := req.convert(env) + c, err := req.convert(env) if err != nil { return deployment.ChangesetOutput{}, err } - _, err = internal.AppendNodeCapabilitiesImpl(env.Logger, cfg) + r, err := internal.AppendNodeCapabilitiesImpl(env.Logger, c) if err != nil { return deployment.ChangesetOutput{}, err } - return deployment.ChangesetOutput{}, nil + out := deployment.ChangesetOutput{} + if req.UseMCMS { + if r.Ops == nil { + return out, fmt.Errorf("expected MCMS operation to be non-nil") + } + timelocksPerChain := map[uint64]common.Address{ + c.Chain.Selector: c.ContractSet.Timelock.Address(), + } + proposerMCMSes := map[uint64]*gethwrappers.ManyChainMultiSig{ + c.Chain.Selector: c.ContractSet.ProposerMcm, + } + + proposal, err := proposalutils.BuildProposalFromBatches( + timelocksPerChain, + proposerMCMSes, + []timelock.BatchChainOperation{*r.Ops}, + "proposal to set update node capabilities", + 0, + ) + if err != nil { + return out, fmt.Errorf("failed to build proposal: %w", err) + } + out.Proposals = []timelock.MCMSWithTimelockProposal{*proposal} + } + return out, nil } func (req *AppendNodeCapabilitiesRequest) convert(e deployment.Environment) (*internal.AppendNodeCapabilitiesRequest, error) { @@ -35,21 +63,19 @@ func (req *AppendNodeCapabilitiesRequest) convert(e deployment.Environment) (*in if !ok { return nil, fmt.Errorf("registry chain selector %d does not exist in environment", req.RegistryChainSel) } - contracts, err := kslib.GetContractSets(e.Logger, &kslib.GetContractSetsRequest{ + resp, err := kslib.GetContractSets(e.Logger, &kslib.GetContractSetsRequest{ Chains: map[uint64]deployment.Chain{req.RegistryChainSel: registryChain}, - AddressBook: req.AddressBook, + AddressBook: e.ExistingAddresses, }) if err != nil { return nil, fmt.Errorf("failed to get contract sets: %w", err) } - registry := contracts.ContractSets[req.RegistryChainSel].CapabilitiesRegistry - if registry == nil { - return nil, fmt.Errorf("capabilities registry not found for chain %d", req.RegistryChainSel) - } + contracts := resp.ContractSets[req.RegistryChainSel] return &internal.AppendNodeCapabilitiesRequest{ Chain: registryChain, - Registry: registry, + ContractSet: &contracts, P2pToCapabilities: req.P2pToCapabilities, + UseMCMS: req.UseMCMS, }, nil } diff --git a/deployment/keystone/changeset/append_node_capabilities_test.go b/deployment/keystone/changeset/append_node_capabilities_test.go new file mode 100644 index 00000000000..7fbbbfc8a83 --- /dev/null +++ b/deployment/keystone/changeset/append_node_capabilities_test.go @@ -0,0 +1,132 @@ +package changeset_test + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "golang.org/x/exp/maps" + + commonchangeset "github.com/smartcontractkit/chainlink/deployment/common/changeset" + "github.com/smartcontractkit/chainlink/deployment/keystone/changeset" + kcr "github.com/smartcontractkit/chainlink/v2/core/gethwrappers/keystone/generated/capabilities_registry" + "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/p2pkey" +) + +func TestAppendNodeCapabilities(t *testing.T) { + t.Parallel() + + var ( + capA = kcr.CapabilitiesRegistryCapability{ + LabelledName: "capA", + Version: "0.4.2", + } + capB = kcr.CapabilitiesRegistryCapability{ + LabelledName: "capB", + Version: "3.16.0", + } + caps = []kcr.CapabilitiesRegistryCapability{capA, capB} + ) + t.Run("no mcms", func(t *testing.T) { + te := SetupTestEnv(t, TestConfig{ + WFDonConfig: DonConfig{N: 4}, + AssetDonConfig: DonConfig{N: 4}, + WriterDonConfig: DonConfig{N: 4}, + NumChains: 1, + }) + + newCapabilities := make(map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability) + for id, _ := range te.WFNodes { + k, err := p2pkey.MakePeerID(id) + require.NoError(t, err) + newCapabilities[k] = caps + } + + t.Run("succeeds if existing capabilities not explicit", func(t *testing.T) { + cfg := changeset.AppendNodeCapabilitiesRequest{ + RegistryChainSel: te.RegistrySelector, + P2pToCapabilities: newCapabilities, + } + + csOut, err := changeset.AppendNodeCapabilities(te.Env, &cfg) + require.NoError(t, err) + require.Len(t, csOut.Proposals, 0) + require.Nil(t, csOut.AddressBook) + + validateCapabilityAppends(t, te, newCapabilities) + }) + }) + t.Run("with mcms", func(t *testing.T) { + te := SetupTestEnv(t, TestConfig{ + WFDonConfig: DonConfig{N: 4}, + AssetDonConfig: DonConfig{N: 4}, + WriterDonConfig: DonConfig{N: 4}, + NumChains: 1, + UseMCMS: true, + }) + + newCapabilities := make(map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability) + for id, _ := range te.WFNodes { + k, err := p2pkey.MakePeerID(id) + require.NoError(t, err) + newCapabilities[k] = caps + } + + cfg := changeset.AppendNodeCapabilitiesRequest{ + RegistryChainSel: te.RegistrySelector, + P2pToCapabilities: newCapabilities, + UseMCMS: true, + } + + csOut, err := changeset.AppendNodeCapabilities(te.Env, &cfg) + require.NoError(t, err) + require.Len(t, csOut.Proposals, 1) + require.Len(t, csOut.Proposals[0].Transactions, 1) + require.Len(t, csOut.Proposals[0].Transactions[0].Batch, 2) // add capabilities, update nodes + require.Nil(t, csOut.AddressBook) + + // now apply the changeset such that the proposal is signed and execed + contracts := te.ContractSets()[te.RegistrySelector] + timelockContracts := map[uint64]*commonchangeset.TimelockExecutionContracts{ + te.RegistrySelector: { + Timelock: contracts.Timelock, + CallProxy: contracts.CallProxy, + }, + } + + _, err = commonchangeset.ApplyChangesets(t, te.Env, timelockContracts, []commonchangeset.ChangesetApplication{ + { + Changeset: commonchangeset.WrapChangeSet(changeset.AppendNodeCapabilities), + Config: &cfg, + }, + }) + require.NoError(t, err) + validateCapabilityAppends(t, te, newCapabilities) + }) + +} + +// validateUpdate checks reads nodes from the registry and checks they have the expected updates +func validateCapabilityAppends(t *testing.T, te TestEnv, appended map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability) { + registry := te.ContractSets()[te.RegistrySelector].CapabilitiesRegistry + wfP2PIDs := p2pIDs(t, maps.Keys(te.WFNodes)) + nodes, err := registry.GetNodesByP2PIds(nil, wfP2PIDs) + require.NoError(t, err) + require.Len(t, nodes, len(wfP2PIDs)) + for _, node := range nodes { + want := appended[node.P2pId] + require.NotNil(t, want) + assertContainsCapabilities(t, registry, want, node) + } +} + +func assertContainsCapabilities(t *testing.T, registry *kcr.CapabilitiesRegistry, want []kcr.CapabilitiesRegistryCapability, got kcr.INodeInfoProviderNodeInfo) { + wantHashes := make([][32]byte, len(want)) + for i, c := range want { + h, err := registry.GetHashedCapabilityId(nil, c.LabelledName, c.Version) + require.NoError(t, err) + wantHashes[i] = h + assert.Contains(t, got.HashedCapabilityIds, h, "missing capability %v", c) + } + assert.LessOrEqual(t, len(want), len(got.HashedCapabilityIds)) +} diff --git a/deployment/keystone/changeset/internal/append_node_capabilities.go b/deployment/keystone/changeset/internal/append_node_capabilities.go index 6168356c351..892aa4c1e16 100644 --- a/deployment/keystone/changeset/internal/append_node_capabilities.go +++ b/deployment/keystone/changeset/internal/append_node_capabilities.go @@ -11,8 +11,8 @@ import ( ) type AppendNodeCapabilitiesRequest struct { - Chain deployment.Chain - Registry *kcr.CapabilitiesRegistry + Chain deployment.Chain + ContractSet *kslib.ContractSet P2pToCapabilities map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability UseMCMS bool @@ -22,7 +22,7 @@ func (req *AppendNodeCapabilitiesRequest) Validate() error { if len(req.P2pToCapabilities) == 0 { return fmt.Errorf("p2pToCapabilities is empty") } - if req.Registry == nil { + if req.ContractSet.CapabilitiesRegistry == nil { return fmt.Errorf("registry is nil") } return nil @@ -32,36 +32,37 @@ func AppendNodeCapabilitiesImpl(lggr logger.Logger, req *AppendNodeCapabilitiesR if err := req.Validate(); err != nil { return nil, fmt.Errorf("failed to validate request: %w", err) } - // collect all the capabilities and add them to the registry - var capabilities []kcr.CapabilitiesRegistryCapability - for _, cap := range req.P2pToCapabilities { - capabilities = append(capabilities, cap...) - } - proposals, err := kslib.AddCapabilities(lggr, req.Registry, req.Chain, capabilities, req.UseMCMS) - if err != nil { - return nil, fmt.Errorf("failed to add capabilities: %w", err) - } // for each node, merge the new capabilities with the existing ones and update the node updatesByPeer := make(map[p2pkey.PeerID]NodeUpdate) for p2pID, caps := range req.P2pToCapabilities { - caps, err := AppendCapabilities(lggr, req.Registry, req.Chain, []p2pkey.PeerID{p2pID}, caps) + caps, err := AppendCapabilities(lggr, req.ContractSet.CapabilitiesRegistry, req.Chain, []p2pkey.PeerID{p2pID}, caps) if err != nil { return nil, fmt.Errorf("failed to append capabilities for p2p %s: %w", p2pID, err) } updatesByPeer[p2pID] = NodeUpdate{Capabilities: caps[p2pID]} } + // collect all the capabilities and add them to the registry + var capabilities []kcr.CapabilitiesRegistryCapability + for _, cap := range req.P2pToCapabilities { + capabilities = append(capabilities, cap...) + } + op, err := kslib.AddCapabilities(lggr, req.ContractSet, req.Chain, capabilities, req.UseMCMS) + if err != nil { + return nil, fmt.Errorf("failed to add capabilities: %w", err) + } + updateNodesReq := &UpdateNodesRequest{ Chain: req.Chain, - Registry: req.Registry, + ContractSet: req.ContractSet, P2pToUpdates: updatesByPeer, UseMCMS: req.UseMCMS, + Ops: op, } resp, err := UpdateNodes(lggr, updateNodesReq) if err != nil { return nil, fmt.Errorf("failed to update nodes: %w", err) } - resp.Proposals = append(proposals, resp.Proposals...) return resp, nil } diff --git a/deployment/keystone/changeset/internal/append_node_capabilities_test.go b/deployment/keystone/changeset/internal/append_node_capabilities_test.go index d28dcd73230..f2ec2bf5c8f 100644 --- a/deployment/keystone/changeset/internal/append_node_capabilities_test.go +++ b/deployment/keystone/changeset/internal/append_node_capabilities_test.go @@ -94,8 +94,8 @@ func TestAppendNodeCapabilities(t *testing.T) { t.Run(tt.name, func(t *testing.T) { setupResp := kstest.SetupTestRegistry(t, lggr, tt.args.initialState) - tt.args.req.Registry = setupResp.Registry tt.args.req.Chain = setupResp.Chain + tt.args.req.ContractSet = setupResp.ContractSet got, err := internal.AppendNodeCapabilitiesImpl(tt.args.lggr, tt.args.req) if (err != nil) != tt.wantErr { diff --git a/deployment/keystone/changeset/internal/test/utils.go b/deployment/keystone/changeset/internal/test/utils.go index a7aed2c9cb1..0a23f7e60a7 100644 --- a/deployment/keystone/changeset/internal/test/utils.go +++ b/deployment/keystone/changeset/internal/test/utils.go @@ -40,6 +40,7 @@ type SetupTestRegistryResponse struct { Registry *kcr.CapabilitiesRegistry Chain deployment.Chain RegistrySelector uint64 + ContractSet *kslib.ContractSet } func SetupTestRegistry(t *testing.T, lggr logger.Logger, req *SetupTestRegistryRequest) *SetupTestRegistryResponse { @@ -100,6 +101,9 @@ func SetupTestRegistry(t *testing.T, lggr logger.Logger, req *SetupTestRegistryR Registry: registry, Chain: chain, RegistrySelector: chain.Selector, + ContractSet: &kslib.ContractSet{ + CapabilitiesRegistry: registry, + }, } } diff --git a/deployment/keystone/changeset/internal/update_don.go b/deployment/keystone/changeset/internal/update_don.go index d56f77c1c78..dae0e46eca7 100644 --- a/deployment/keystone/changeset/internal/update_don.go +++ b/deployment/keystone/changeset/internal/update_don.go @@ -27,8 +27,8 @@ type CapabilityConfig struct { } type UpdateDonRequest struct { - Registry *kcr.CapabilitiesRegistry - Chain deployment.Chain + Chain deployment.Chain + ContractSet *kslib.ContractSet // contract set for the given chain P2PIDs []p2pkey.PeerID // this is the unique identifier for the don CapabilityConfigs []CapabilityConfig // if Config subfield is nil, a default config is used @@ -39,7 +39,7 @@ type UpdateDonRequest struct { func (r *UpdateDonRequest) appendNodeCapabilitiesRequest() *AppendNodeCapabilitiesRequest { out := &AppendNodeCapabilitiesRequest{ Chain: r.Chain, - Registry: r.Registry, + ContractSet: r.ContractSet, P2pToCapabilities: make(map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability), UseMCMS: r.UseMCMS, } @@ -55,7 +55,7 @@ func (r *UpdateDonRequest) appendNodeCapabilitiesRequest() *AppendNodeCapabiliti } func (r *UpdateDonRequest) Validate() error { - if r.Registry == nil { + if r.ContractSet.CapabilitiesRegistry == nil { return fmt.Errorf("registry is required") } if len(r.P2PIDs) == 0 { @@ -74,7 +74,8 @@ func UpdateDon(lggr logger.Logger, req *UpdateDonRequest) (*UpdateDonResponse, e return nil, fmt.Errorf("failed to validate request: %w", err) } - getDonsResp, err := req.Registry.GetDONs(&bind.CallOpts{}) + registry := req.ContractSet.CapabilitiesRegistry + getDonsResp, err := registry.GetDONs(&bind.CallOpts{}) if err != nil { return nil, fmt.Errorf("failed to get Dons: %w", err) } @@ -83,7 +84,7 @@ func UpdateDon(lggr logger.Logger, req *UpdateDonRequest) (*UpdateDonResponse, e if err != nil { return nil, fmt.Errorf("failed to lookup don by p2pIDs: %w", err) } - cfgs, err := computeConfigs(req.Registry, req.CapabilityConfigs, don) + cfgs, err := computeConfigs(registry, req.CapabilityConfigs, don) if err != nil { return nil, fmt.Errorf("failed to compute configs: %w", err) } @@ -93,7 +94,7 @@ func UpdateDon(lggr logger.Logger, req *UpdateDonRequest) (*UpdateDonResponse, e return nil, fmt.Errorf("failed to append node capabilities: %w", err) } - tx, err := req.Registry.UpdateDON(req.Chain.DeployerKey, don.Id, don.NodeP2PIds, cfgs, don.IsPublic, don.F) + tx, err := registry.UpdateDON(req.Chain.DeployerKey, don.Id, don.NodeP2PIds, cfgs, don.IsPublic, don.F) if err != nil { err = kslib.DecodeErr(kcr.CapabilitiesRegistryABI, err) return nil, fmt.Errorf("failed to call UpdateDON: %w", err) diff --git a/deployment/keystone/changeset/internal/update_don_test.go b/deployment/keystone/changeset/internal/update_don_test.go index e500ade60d7..49ddee538bf 100644 --- a/deployment/keystone/changeset/internal/update_don_test.go +++ b/deployment/keystone/changeset/internal/update_don_test.go @@ -118,9 +118,9 @@ func TestUpdateDon(t *testing.T) { testCfg := setupUpdateDonTest(t, lggr, cfg) req := &internal.UpdateDonRequest{ - Registry: testCfg.Registry, - Chain: testCfg.Chain, - P2PIDs: []p2pkey.PeerID{p2p_1.PeerID(), p2p_2.PeerID(), p2p_3.PeerID(), p2p_4.PeerID()}, + ContractSet: testCfg.ContractSet, + Chain: testCfg.Chain, + P2PIDs: []p2pkey.PeerID{p2p_1.PeerID(), p2p_2.PeerID(), p2p_3.PeerID(), p2p_4.PeerID()}, CapabilityConfigs: []internal.CapabilityConfig{ {Capability: cap_A}, {Capability: cap_B}, }, diff --git a/deployment/keystone/changeset/internal/update_node_capabilities.go b/deployment/keystone/changeset/internal/update_node_capabilities.go index 72e6f99ee49..fe101c90296 100644 --- a/deployment/keystone/changeset/internal/update_node_capabilities.go +++ b/deployment/keystone/changeset/internal/update_node_capabilities.go @@ -11,9 +11,8 @@ import ( ) type UpdateNodeCapabilitiesImplRequest struct { - Chain deployment.Chain - Registry *kcr.CapabilitiesRegistry - + Chain deployment.Chain + ContractSet *kslib.ContractSet P2pToCapabilities map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability UseMCMS bool @@ -23,7 +22,7 @@ func (req *UpdateNodeCapabilitiesImplRequest) Validate() error { if len(req.P2pToCapabilities) == 0 { return fmt.Errorf("p2pToCapabilities is empty") } - if req.Registry == nil { + if req.ContractSet == nil { return fmt.Errorf("registry is nil") } @@ -39,7 +38,7 @@ func UpdateNodeCapabilitiesImpl(lggr logger.Logger, req *UpdateNodeCapabilitiesI for _, cap := range req.P2pToCapabilities { capabilities = append(capabilities, cap...) } - proposals, err := kslib.AddCapabilities(lggr, req.Registry, req.Chain, capabilities, req.UseMCMS) + op, err := kslib.AddCapabilities(lggr, req.ContractSet, req.Chain, capabilities, req.UseMCMS) if err != nil { return nil, fmt.Errorf("failed to add capabilities: %w", err) } @@ -51,14 +50,14 @@ func UpdateNodeCapabilitiesImpl(lggr logger.Logger, req *UpdateNodeCapabilitiesI updateNodesReq := &UpdateNodesRequest{ Chain: req.Chain, - Registry: req.Registry, P2pToUpdates: p2pToUpdates, + ContractSet: req.ContractSet, + Ops: op, UseMCMS: req.UseMCMS, } resp, err := UpdateNodes(lggr, updateNodesReq) if err != nil { return nil, fmt.Errorf("failed to update nodes: %w", err) } - resp.Proposals = append(proposals, resp.Proposals...) return resp, nil } diff --git a/deployment/keystone/changeset/internal/update_node_capabilities_test.go b/deployment/keystone/changeset/internal/update_node_capabilities_test.go index 0346ff20dd6..ac39e57b32d 100644 --- a/deployment/keystone/changeset/internal/update_node_capabilities_test.go +++ b/deployment/keystone/changeset/internal/update_node_capabilities_test.go @@ -92,8 +92,8 @@ func TestUpdateNodeCapabilities(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { setupResp := kstest.SetupTestRegistry(t, lggr, tt.args.initialState) - tt.args.req.Registry = setupResp.Registry tt.args.req.Chain = setupResp.Chain + tt.args.req.ContractSet = setupResp.ContractSet got, err := kslib.UpdateNodeCapabilitiesImpl(tt.args.lggr, tt.args.req) if (err != nil) != tt.wantErr { diff --git a/deployment/keystone/changeset/internal/update_nodes.go b/deployment/keystone/changeset/internal/update_nodes.go index 2eba6d063df..3480f39b084 100644 --- a/deployment/keystone/changeset/internal/update_nodes.go +++ b/deployment/keystone/changeset/internal/update_nodes.go @@ -9,9 +9,7 @@ import ( "sort" "github.com/ethereum/go-ethereum/accounts/abi/bind" - "github.com/ethereum/go-ethereum/common" - "github.com/smartcontractkit/ccip-owner-contracts/pkg/gethwrappers" "github.com/smartcontractkit/ccip-owner-contracts/pkg/proposal/mcms" "github.com/smartcontractkit/ccip-owner-contracts/pkg/proposal/timelock" "github.com/smartcontractkit/chainlink-common/pkg/logger" @@ -19,7 +17,6 @@ import ( "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/p2pkey" "github.com/smartcontractkit/chainlink/deployment" - "github.com/smartcontractkit/chainlink/deployment/common/proposalutils" kslib "github.com/smartcontractkit/chainlink/deployment/keystone" ) @@ -32,17 +29,19 @@ type NodeUpdate struct { } type UpdateNodesRequest struct { - Chain deployment.Chain - Registry *kcr.CapabilitiesRegistry + Chain deployment.Chain + ContractSet *kslib.ContractSet // contract set for the given chain P2pToUpdates map[p2pkey.PeerID]NodeUpdate - ContractSet kslib.ContractSet // contract set for the given chain - UseMCMS bool + UseMCMS bool + // If UseMCMS is true, and Ops is not nil then the UpdateNodes contract operation + // will be added to the Ops.Batch + Ops *timelock.BatchChainOperation } func (req *UpdateNodesRequest) NodeParams() ([]kcr.CapabilitiesRegistryNodeParams, error) { - return makeNodeParams(req.Registry, req.P2pToUpdates) + return makeNodeParams(req.ContractSet.CapabilitiesRegistry, req.P2pToUpdates) } // P2PSignerEnc represent the key fields in kcr.CapabilitiesRegistryNodeParams @@ -80,7 +79,7 @@ func (req *UpdateNodesRequest) Validate() error { } } - if req.Registry == nil { + if req.ContractSet.CapabilitiesRegistry == nil { return errors.New("registry is nil") } @@ -89,7 +88,9 @@ func (req *UpdateNodesRequest) Validate() error { type UpdateNodesResponse struct { NodeParams []kcr.CapabilitiesRegistryNodeParams - Proposals []timelock.MCMSWithTimelockProposal + // MCMS operation to update the nodes + // The operation is added to the Batch of the given Ops if not nil + Ops *timelock.BatchChainOperation } // UpdateNodes updates the nodes in the registry @@ -109,50 +110,39 @@ func UpdateNodes(lggr logger.Logger, req *UpdateNodesRequest) (*UpdateNodesRespo if req.UseMCMS { txOpts = deployment.SimTransactOpts() } - tx, err := req.Registry.UpdateNodes(txOpts, params) + registry := req.ContractSet.CapabilitiesRegistry + tx, err := registry.UpdateNodes(txOpts, params) if err != nil { err = kslib.DecodeErr(kcr.CapabilitiesRegistryABI, err) return nil, fmt.Errorf("failed to call UpdateNodes: %w", err) } - var proposals []timelock.MCMSWithTimelockProposal + ops := req.Ops if !req.UseMCMS { _, err = req.Chain.Confirm(tx) if err != nil { return nil, fmt.Errorf("failed to confirm UpdateNodes confirm transaction %s: %w", tx.Hash().String(), err) } } else { - ops := timelock.BatchChainOperation{ - ChainIdentifier: mcms.ChainIdentifier(req.Chain.Selector), - Batch: []mcms.Operation{ - { - To: req.Registry.Address(), - Data: tx.Data(), - Value: big.NewInt(0), - }, - }, - } - timelocksPerChain := map[uint64]common.Address{ - req.Chain.Selector: req.ContractSet.Timelock.Address(), - } - proposerMCMSes := map[uint64]*gethwrappers.ManyChainMultiSig{ - req.Chain.Selector: req.ContractSet.ProposerMcm, + op := mcms.Operation{ + To: registry.Address(), + Data: tx.Data(), + Value: big.NewInt(0), } - proposal, err := proposalutils.BuildProposalFromBatches( - timelocksPerChain, - proposerMCMSes, - []timelock.BatchChainOperation{ops}, - "proposal to set update nodes", - 0, - ) - if err != nil { - return nil, fmt.Errorf("failed to build proposal: %w", err) + if ops == nil { + ops = &timelock.BatchChainOperation{ + ChainIdentifier: mcms.ChainIdentifier(req.Chain.Selector), + Batch: []mcms.Operation{ + op, + }, + } + } else { + ops.Batch = append(ops.Batch, op) } - proposals = append(proposals, *proposal) } - return &UpdateNodesResponse{NodeParams: params, Proposals: proposals}, nil + return &UpdateNodesResponse{NodeParams: params, Ops: ops}, nil } // AppendCapabilities appends the capabilities to the existing capabilities of the nodes listed in p2pIds in the registry diff --git a/deployment/keystone/changeset/internal/update_nodes_test.go b/deployment/keystone/changeset/internal/update_nodes_test.go index b167f210811..e730668f806 100644 --- a/deployment/keystone/changeset/internal/update_nodes_test.go +++ b/deployment/keystone/changeset/internal/update_nodes_test.go @@ -30,7 +30,7 @@ func Test_UpdateNodesRequest_validate(t *testing.T) { p2pToUpdates map[p2pkey.PeerID]internal.NodeUpdate nopToNodes map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc chain deployment.Chain - registry *kcr.CapabilitiesRegistry + contractSet *kslib.ContractSet } tests := []struct { name string @@ -43,7 +43,7 @@ func Test_UpdateNodesRequest_validate(t *testing.T) { p2pToUpdates: map[p2pkey.PeerID]internal.NodeUpdate{}, nopToNodes: nil, chain: deployment.Chain{}, - registry: nil, + contractSet: nil, }, wantErr: true, }, @@ -55,9 +55,9 @@ func Test_UpdateNodesRequest_validate(t *testing.T) { EncryptionPublicKey: "jk", }, }, - nopToNodes: nil, - chain: deployment.Chain{}, - registry: nil, + nopToNodes: nil, + chain: deployment.Chain{}, + contractSet: nil, }, wantErr: true, }, @@ -69,9 +69,9 @@ func Test_UpdateNodesRequest_validate(t *testing.T) { EncryptionPublicKey: "aabb", }, }, - nopToNodes: nil, - chain: deployment.Chain{}, - registry: nil, + nopToNodes: nil, + chain: deployment.Chain{}, + contractSet: nil, }, wantErr: true, }, @@ -81,7 +81,7 @@ func Test_UpdateNodesRequest_validate(t *testing.T) { req := &internal.UpdateNodesRequest{ P2pToUpdates: tt.fields.p2pToUpdates, Chain: tt.fields.chain, - Registry: tt.fields.registry, + ContractSet: tt.fields.contractSet, } if err := req.Validate(); (err != nil) != tt.wantErr { t.Errorf("internal.UpdateNodesRequest.validate() error = %v, wantErr %v", err, tt.wantErr) @@ -130,8 +130,7 @@ func TestUpdateNodes(t *testing.T) { }, }, }, - Chain: chain, - Registry: nil, // set in test to ensure no conflicts + Chain: chain, }, nopsToNodes: map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc{ testNop(t, "nop1"): []*internal.P2PSignerEnc{ @@ -177,8 +176,7 @@ func TestUpdateNodes(t *testing.T) { }, }, }, - Chain: chain, - Registry: nil, // set in test to ensure no conflicts + Chain: chain, }, nopsToNodes: map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc{ testNop(t, "nop1"): []*internal.P2PSignerEnc{ @@ -235,8 +233,7 @@ func TestUpdateNodes(t *testing.T) { }, }, }, - Chain: chain, - Registry: nil, // set in test to ensure no conflicts + Chain: chain, }, nopsToNodes: map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc{ testNop(t, "nopA"): []*internal.P2PSignerEnc{ @@ -300,8 +297,7 @@ func TestUpdateNodes(t *testing.T) { }, }, }, - Chain: chain, - Registry: nil, // set in test to ensure no conflicts + Chain: chain, }, nopsToNodes: map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc{ testNop(t, "nopA"): []*internal.P2PSignerEnc{ @@ -350,8 +346,8 @@ func TestUpdateNodes(t *testing.T) { EncryptionPublicKey: newKeyStr, }, }, - Chain: chain, - Registry: nil, // set in test to ensure no conflicts + Chain: chain, + ContractSet: nil, // set in test to ensure no conflicts }, nopsToNodes: map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc{ testNop(t, "nop1"): []*internal.P2PSignerEnc{ @@ -385,8 +381,8 @@ func TestUpdateNodes(t *testing.T) { Signer: [32]byte{0: 2, 1: 3}, }, }, - Chain: chain, - Registry: nil, // set in test to ensure no conflicts + Chain: chain, + ContractSet: nil, // set in test to ensure no conflicts }, nopsToNodes: map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc{ testNop(t, "nop1"): []*internal.P2PSignerEnc{ @@ -420,8 +416,7 @@ func TestUpdateNodes(t *testing.T) { NodeOperatorID: 2, }, }, - Chain: chain, - Registry: nil, // set in test to ensure no conflicts + Chain: chain, }, nopsToNodes: map[kcr.CapabilitiesRegistryNodeOperator][]*internal.P2PSignerEnc{ testNop(t, "nop1"): []*internal.P2PSignerEnc{ @@ -463,7 +458,7 @@ func TestUpdateNodes(t *testing.T) { NopToNodes: tt.args.nopsToNodes, }) registry := setupResp.Registry - tt.args.req.Registry = setupResp.Registry + tt.args.req.ContractSet = setupResp.ContractSet tt.args.req.Chain = setupResp.Chain id, err := registry.GetHashedCapabilityId(&bind.CallOpts{}, phonyCap.LabelledName, phonyCap.Version) @@ -581,8 +576,8 @@ func TestUpdateNodes(t *testing.T) { Capabilities: toRegister, }, }, - Chain: chain, - Registry: registry, + Chain: chain, + ContractSet: setupResp.ContractSet, } _, err = internal.UpdateNodes(lggr, req) require.NoError(t, err) diff --git a/deployment/keystone/changeset/update_node_capabilities.go b/deployment/keystone/changeset/update_node_capabilities.go index 655614ed7f0..d50c07c9f06 100644 --- a/deployment/keystone/changeset/update_node_capabilities.go +++ b/deployment/keystone/changeset/update_node_capabilities.go @@ -1,13 +1,16 @@ package changeset import ( - "encoding/json" "fmt" "strconv" + "github.com/ethereum/go-ethereum/common" chainsel "github.com/smartcontractkit/chain-selectors" + "github.com/smartcontractkit/ccip-owner-contracts/pkg/gethwrappers" + "github.com/smartcontractkit/ccip-owner-contracts/pkg/proposal/timelock" "github.com/smartcontractkit/chainlink/deployment" + "github.com/smartcontractkit/chainlink/deployment/common/proposalutils" kslib "github.com/smartcontractkit/chainlink/deployment/keystone" "github.com/smartcontractkit/chainlink/deployment/keystone/changeset/internal" @@ -50,7 +53,6 @@ type UpdateNodeCapabilitiesRequest = MutateNodeCapabilitiesRequest // MutateNodeCapabilitiesRequest is a request to change the capabilities of nodes in the registry type MutateNodeCapabilitiesRequest struct { - AddressBook deployment.AddressBook RegistryChainSel uint64 P2pToCapabilities map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability @@ -58,9 +60,6 @@ type MutateNodeCapabilitiesRequest struct { } func (req *MutateNodeCapabilitiesRequest) Validate() error { - if req.AddressBook == nil { - return fmt.Errorf("address book is nil") - } if len(req.P2pToCapabilities) == 0 { return fmt.Errorf("p2pToCapabilities is empty") } @@ -80,39 +79,61 @@ func (req *MutateNodeCapabilitiesRequest) updateNodeCapabilitiesImplRequest(e de if !ok { return nil, fmt.Errorf("registry chain selector %d does not exist in environment", req.RegistryChainSel) } - contracts, err := kslib.GetContractSets(e.Logger, &kslib.GetContractSetsRequest{ + resp, err := kslib.GetContractSets(e.Logger, &kslib.GetContractSetsRequest{ Chains: map[uint64]deployment.Chain{req.RegistryChainSel: registryChain}, - AddressBook: req.AddressBook, + AddressBook: e.ExistingAddresses, }) if err != nil { return nil, fmt.Errorf("failed to get contract sets: %w", err) } - registry := contracts.ContractSets[req.RegistryChainSel].CapabilitiesRegistry - if registry == nil { - return nil, fmt.Errorf("capabilities registry not found for chain %d", req.RegistryChainSel) + contractSet, exists := resp.ContractSets[req.RegistryChainSel] + if !exists { + return nil, fmt.Errorf("contract set not found for chain %d", req.RegistryChainSel) } return &internal.UpdateNodeCapabilitiesImplRequest{ Chain: registryChain, - Registry: registry, + ContractSet: &contractSet, P2pToCapabilities: req.P2pToCapabilities, UseMCMS: req.UseMCMS, }, nil } // UpdateNodeCapabilities updates the capabilities of nodes in the registry -func UpdateNodeCapabilities(env deployment.Environment, req *MutateNodeCapabilitiesRequest) (deployment.ChangesetOutput, error) { +func UpdateNodeCapabilities(env deployment.Environment, req *UpdateNodeCapabilitiesRequest) (deployment.ChangesetOutput, error) { c, err := req.updateNodeCapabilitiesImplRequest(env) if err != nil { return deployment.ChangesetOutput{}, fmt.Errorf("failed to convert request: %w", err) } r, err := internal.UpdateNodeCapabilitiesImpl(env.Logger, c) - if err == nil { - b, err2 := json.Marshal(r) - if err2 != nil { - env.Logger.Debugf("Updated node capabilities '%s'", b) + if err != nil { + return deployment.ChangesetOutput{}, fmt.Errorf("failed to update nodes: %w", err) + } + + out := deployment.ChangesetOutput{} + if req.UseMCMS { + if r.Ops == nil { + return out, fmt.Errorf("expected MCMS operation to be non-nil") + } + timelocksPerChain := map[uint64]common.Address{ + c.Chain.Selector: c.ContractSet.Timelock.Address(), + } + proposerMCMSes := map[uint64]*gethwrappers.ManyChainMultiSig{ + c.Chain.Selector: c.ContractSet.ProposerMcm, + } + + proposal, err := proposalutils.BuildProposalFromBatches( + timelocksPerChain, + proposerMCMSes, + []timelock.BatchChainOperation{*r.Ops}, + "proposal to set update node capabilities", + 0, + ) + if err != nil { + return out, fmt.Errorf("failed to build proposal: %w", err) } + out.Proposals = []timelock.MCMSWithTimelockProposal{*proposal} } - return deployment.ChangesetOutput{}, err + return out, nil } diff --git a/deployment/keystone/changeset/update_node_capabilities_test.go b/deployment/keystone/changeset/update_node_capabilities_test.go new file mode 100644 index 00000000000..8c6378d809f --- /dev/null +++ b/deployment/keystone/changeset/update_node_capabilities_test.go @@ -0,0 +1,206 @@ +package changeset_test + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "golang.org/x/exp/maps" + + commonchangeset "github.com/smartcontractkit/chainlink/deployment/common/changeset" + "github.com/smartcontractkit/chainlink/deployment/keystone/changeset" + kcr "github.com/smartcontractkit/chainlink/v2/core/gethwrappers/keystone/generated/capabilities_registry" + "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/p2pkey" +) + +func TestUpdateNodeCapabilities(t *testing.T) { + t.Parallel() + + var ( + capA = kcr.CapabilitiesRegistryCapability{ + LabelledName: "capA", + Version: "0.4.2", + } + capB = kcr.CapabilitiesRegistryCapability{ + LabelledName: "capB", + Version: "3.16.0", + } + caps = []kcr.CapabilitiesRegistryCapability{capA, capB} + ) + t.Run("no mcms", func(t *testing.T) { + te := SetupTestEnv(t, TestConfig{ + WFDonConfig: DonConfig{N: 4}, + AssetDonConfig: DonConfig{N: 4}, + WriterDonConfig: DonConfig{N: 4}, + NumChains: 1, + }) + + // contract set is already deployed with capabilities + // we have to keep track of the existing capabilities to add to the new ones + var p2pIDs []p2pkey.PeerID + newCapabilities := make(map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability) + for id, _ := range te.WFNodes { + k, err := p2pkey.MakePeerID(id) + require.NoError(t, err) + p2pIDs = append(p2pIDs, k) + newCapabilities[k] = caps + } + + t.Run("fails if update drops existing capabilities", func(t *testing.T) { + + cfg := changeset.UpdateNodeCapabilitiesRequest{ + RegistryChainSel: te.RegistrySelector, + P2pToCapabilities: newCapabilities, + } + + _, err := changeset.UpdateNodeCapabilities(te.Env, &cfg) + require.Error(t, err) + assert.Contains(t, err.Error(), "CapabilityRequiredByDON") + }) + t.Run("succeeds if update sets new and existing capabilities", func(t *testing.T) { + existing := getNodeCapabilities(te.ContractSets()[te.RegistrySelector].CapabilitiesRegistry, p2pIDs) + + capabiltiesToSet := existing + for k, v := range newCapabilities { + capabiltiesToSet[k] = append(capabiltiesToSet[k], v...) + } + cfg := changeset.UpdateNodeCapabilitiesRequest{ + RegistryChainSel: te.RegistrySelector, + P2pToCapabilities: capabiltiesToSet, + } + + csOut, err := changeset.UpdateNodeCapabilities(te.Env, &cfg) + require.NoError(t, err) + require.Len(t, csOut.Proposals, 0) + require.Nil(t, csOut.AddressBook) + + validateCapabilityUpdates(t, te, capabiltiesToSet) + }) + }) + t.Run("with mcms", func(t *testing.T) { + te := SetupTestEnv(t, TestConfig{ + WFDonConfig: DonConfig{N: 4}, + AssetDonConfig: DonConfig{N: 4}, + WriterDonConfig: DonConfig{N: 4}, + NumChains: 1, + UseMCMS: true, + }) + + // contract set is already deployed with capabilities + // we have to keep track of the existing capabilities to add to the new ones + var p2pIDs []p2pkey.PeerID + newCapabilities := make(map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability) + for id, _ := range te.WFNodes { + k, err := p2pkey.MakePeerID(id) + require.NoError(t, err) + p2pIDs = append(p2pIDs, k) + newCapabilities[k] = caps + } + + existing := getNodeCapabilities(te.ContractSets()[te.RegistrySelector].CapabilitiesRegistry, p2pIDs) + + capabiltiesToSet := existing + for k, v := range newCapabilities { + capabiltiesToSet[k] = append(capabiltiesToSet[k], v...) + } + cfg := changeset.UpdateNodeCapabilitiesRequest{ + RegistryChainSel: te.RegistrySelector, + P2pToCapabilities: capabiltiesToSet, + UseMCMS: true, + } + + csOut, err := changeset.UpdateNodeCapabilities(te.Env, &cfg) + require.NoError(t, err) + require.Len(t, csOut.Proposals, 1) + require.Len(t, csOut.Proposals[0].Transactions, 1) + require.Len(t, csOut.Proposals[0].Transactions[0].Batch, 2) // add capabilities, update nodes + require.Nil(t, csOut.AddressBook) + + // now apply the changeset such that the proposal is signed and execed + contracts := te.ContractSets()[te.RegistrySelector] + timelockContracts := map[uint64]*commonchangeset.TimelockExecutionContracts{ + te.RegistrySelector: { + Timelock: contracts.Timelock, + CallProxy: contracts.CallProxy, + }, + } + + _, err = commonchangeset.ApplyChangesets(t, te.Env, timelockContracts, []commonchangeset.ChangesetApplication{ + { + Changeset: commonchangeset.WrapChangeSet(changeset.UpdateNodeCapabilities), + Config: &cfg, + }, + }) + require.NoError(t, err) + validateCapabilityUpdates(t, te, capabiltiesToSet) + + }) + +} + +// validateUpdate checks reads nodes from the registry and checks they have the expected updates +func validateCapabilityUpdates(t *testing.T, te TestEnv, expected map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability) { + registry := te.ContractSets()[te.RegistrySelector].CapabilitiesRegistry + wfP2PIDs := p2pIDs(t, maps.Keys(te.WFNodes)) + nodes, err := registry.GetNodesByP2PIds(nil, wfP2PIDs) + require.NoError(t, err) + require.Len(t, nodes, len(wfP2PIDs)) + for _, node := range nodes { + want := expected[node.P2pId] + require.NotNil(t, want) + assertEqualCapabilities(t, registry, want, node) + } +} + +func assertEqualCapabilities(t *testing.T, registry *kcr.CapabilitiesRegistry, want []kcr.CapabilitiesRegistryCapability, got kcr.INodeInfoProviderNodeInfo) { + wantHashes := make([][32]byte, len(want)) + for i, c := range want { + h, err := registry.GetHashedCapabilityId(nil, c.LabelledName, c.Version) + require.NoError(t, err) + wantHashes[i] = h + } + assert.Equal(t, len(want), len(got.HashedCapabilityIds)) + assert.ElementsMatch(t, wantHashes, got.HashedCapabilityIds) +} + +func getNodeCapabilities(registry *kcr.CapabilitiesRegistry, p2pIDs []p2pkey.PeerID) map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability { + m := make(map[p2pkey.PeerID][]kcr.CapabilitiesRegistryCapability) + caps, err := registry.GetCapabilities(nil) + if err != nil { + panic(err) + } + var capMap = make(map[[32]byte]kcr.CapabilitiesRegistryCapability) + for _, c := range caps { + capMap[c.HashedId] = kcr.CapabilitiesRegistryCapability{ + LabelledName: c.LabelledName, + Version: c.Version, + CapabilityType: c.CapabilityType, + ResponseType: c.ResponseType, + ConfigurationContract: c.ConfigurationContract, + } + } + nodes, err := registry.GetNodesByP2PIds(nil, peerIDsToBytes(p2pIDs)) + if err != nil { + panic(err) + } + for _, n := range nodes { + caps := make([]kcr.CapabilitiesRegistryCapability, len(n.HashedCapabilityIds)) + for i, h := range n.HashedCapabilityIds { + c, ok := capMap[h] + if !ok { + panic("capability not found") + } + caps[i] = c + } + m[n.P2pId] = caps + } + return m +} + +func peerIDsToBytes(p2pIDs []p2pkey.PeerID) [][32]byte { + bs := make([][32]byte, len(p2pIDs)) + for i, p := range p2pIDs { + bs[i] = p + } + return bs +} diff --git a/deployment/keystone/changeset/update_nodes.go b/deployment/keystone/changeset/update_nodes.go index 76b095d0949..4e2a4f7f4c6 100644 --- a/deployment/keystone/changeset/update_nodes.go +++ b/deployment/keystone/changeset/update_nodes.go @@ -3,7 +3,11 @@ package changeset import ( "fmt" + "github.com/ethereum/go-ethereum/common" + "github.com/smartcontractkit/ccip-owner-contracts/pkg/gethwrappers" + "github.com/smartcontractkit/ccip-owner-contracts/pkg/proposal/timelock" "github.com/smartcontractkit/chainlink/deployment" + "github.com/smartcontractkit/chainlink/deployment/common/proposalutils" kslib "github.com/smartcontractkit/chainlink/deployment/keystone" "github.com/smartcontractkit/chainlink/deployment/keystone/changeset/internal" @@ -28,25 +32,52 @@ func UpdateNodes(env deployment.Environment, req *UpdateNodesRequest) (deploymen if !ok { return deployment.ChangesetOutput{}, fmt.Errorf("registry chain selector %d does not exist in environment", req.RegistryChainSel) } - contracts, err := kslib.GetContractSets(env.Logger, &kslib.GetContractSetsRequest{ + cresp, err := kslib.GetContractSets(env.Logger, &kslib.GetContractSetsRequest{ Chains: env.Chains, AddressBook: env.ExistingAddresses, }) if err != nil { return deployment.ChangesetOutput{}, fmt.Errorf("failed to get contract sets: %w", err) } + contracts, exists := cresp.ContractSets[req.RegistryChainSel] + if !exists { + return deployment.ChangesetOutput{}, fmt.Errorf("contract set not found for chain %d", req.RegistryChainSel) + } resp, err := internal.UpdateNodes(env.Logger, &internal.UpdateNodesRequest{ Chain: registryChain, - Registry: contracts.ContractSets[req.RegistryChainSel].CapabilitiesRegistry, - ContractSet: contracts.ContractSets[req.RegistryChainSel], + ContractSet: &contracts, P2pToUpdates: req.P2pToUpdates, UseMCMS: req.UseMCMS, }) if err != nil { return deployment.ChangesetOutput{}, fmt.Errorf("failed to update don: %w", err) } - return deployment.ChangesetOutput{ - Proposals: resp.Proposals, - }, nil + + out := deployment.ChangesetOutput{} + if req.UseMCMS { + if resp.Ops == nil { + return out, fmt.Errorf("expected MCMS operation to be non-nil") + } + timelocksPerChain := map[uint64]common.Address{ + req.RegistryChainSel: contracts.Timelock.Address(), + } + proposerMCMSes := map[uint64]*gethwrappers.ManyChainMultiSig{ + req.RegistryChainSel: contracts.ProposerMcm, + } + + proposal, err := proposalutils.BuildProposalFromBatches( + timelocksPerChain, + proposerMCMSes, + []timelock.BatchChainOperation{*resp.Ops}, + "proposal to set update nodes", + 0, + ) + if err != nil { + return out, fmt.Errorf("failed to build proposal: %w", err) + } + out.Proposals = []timelock.MCMSWithTimelockProposal{*proposal} + } + + return out, nil } diff --git a/deployment/keystone/deploy.go b/deployment/keystone/deploy.go index 4dd8b8c495a..b83b5114391 100644 --- a/deployment/keystone/deploy.go +++ b/deployment/keystone/deploy.go @@ -169,7 +169,7 @@ func DonInfos(dons []DonCapabilities, jd deployment.OffchainClient) ([]DonInfo, return donInfos, nil } -func GetRegistryContract(e *deployment.Environment, registryChainSel uint64, addrBook deployment.AddressBook) (*kcr.CapabilitiesRegistry, deployment.Chain, error) { +func GetRegistryContract(e *deployment.Environment, registryChainSel uint64) (*kcr.CapabilitiesRegistry, deployment.Chain, error) { registryChain, ok := e.Chains[registryChainSel] if !ok { return nil, deployment.Chain{}, fmt.Errorf("chain %d not found in environment", registryChainSel) @@ -177,7 +177,7 @@ func GetRegistryContract(e *deployment.Environment, registryChainSel uint64, add contractSetsResp, err := GetContractSets(e.Logger, &GetContractSetsRequest{ Chains: e.Chains, - AddressBook: addrBook, + AddressBook: e.ExistingAddresses, }) if err != nil { return nil, deployment.Chain{}, fmt.Errorf("failed to get contract sets: %w", err) @@ -426,7 +426,7 @@ type RegisteredCapability struct { } func FromCapabilitiesRegistryCapability(cap *kcr.CapabilitiesRegistryCapability, e deployment.Environment, registryChainSelector uint64) (*RegisteredCapability, error) { - registry, _, err := GetRegistryContract(&e, registryChainSelector, e.ExistingAddresses) + registry, _, err := GetRegistryContract(&e, registryChainSelector) if err != nil { return nil, fmt.Errorf("failed to get registry: %w", err) } @@ -445,10 +445,14 @@ func RegisterCapabilities(lggr logger.Logger, req RegisterCapabilitiesRequest) ( if len(req.DonToCapabilities) == 0 { return nil, fmt.Errorf("no capabilities to register") } - registry, registryChain, err := GetRegistryContract(req.Env, req.RegistryChainSelector, req.Env.ExistingAddresses) - if err != nil { - return nil, fmt.Errorf("failed to get registry: %w", err) - } + cresp, err := GetContractSets(req.Env.Logger, &GetContractSetsRequest{ + Chains: req.Env.Chains, + AddressBook: req.Env.ExistingAddresses, + }) + contracts := cresp.ContractSets[req.RegistryChainSelector] + registry := contracts.CapabilitiesRegistry + registryChain := req.Env.Chains[req.RegistryChainSelector] + lggr.Infow("registering capabilities...", "len", len(req.DonToCapabilities)) resp := &RegisterCapabilitiesResponse{ DonToCapabilities: make(map[string][]RegisteredCapability), @@ -483,7 +487,7 @@ func RegisterCapabilities(lggr logger.Logger, req RegisterCapabilitiesRequest) ( capabilities = append(capabilities, cap) } // not using mcms; ignore proposals - _, err = AddCapabilities(lggr, registry, registryChain, capabilities, false) + _, err = AddCapabilities(lggr, &contracts, registryChain, capabilities, false) if err != nil { return nil, fmt.Errorf("failed to add capabilities: %w", err) } @@ -501,7 +505,7 @@ type RegisterNOPSResponse struct { } func RegisterNOPS(ctx context.Context, lggr logger.Logger, req RegisterNOPSRequest) (*RegisterNOPSResponse, error) { - registry, registryChain, err := GetRegistryContract(req.Env, req.RegistryChainSelector, req.Env.ExistingAddresses) + registry, registryChain, err := GetRegistryContract(req.Env, req.RegistryChainSelector) if err != nil { return nil, fmt.Errorf("failed to get registry: %w", err) } @@ -640,7 +644,7 @@ type RegisterNodesResponse struct { // can sign the transactions update the contract state // TODO: 467 refactor to support MCMS. Specifically need to separate the call data generation from the actual contract call func RegisterNodes(lggr logger.Logger, req *RegisterNodesRequest) (*RegisterNodesResponse, error) { - registry, registryChain, err := GetRegistryContract(req.Env, req.RegistryChainSelector, req.Env.ExistingAddresses) + registry, registryChain, err := GetRegistryContract(req.Env, req.RegistryChainSelector) if err != nil { return nil, fmt.Errorf("failed to get registry: %w", err) } @@ -808,7 +812,7 @@ func sortedHash(p2pids [][32]byte) string { } func RegisterDons(lggr logger.Logger, req RegisterDonsRequest) (*RegisterDonsResponse, error) { - registry, registryChain, err := GetRegistryContract(req.Env, req.RegistryChainSelector, req.Env.ExistingAddresses) + registry, registryChain, err := GetRegistryContract(req.Env, req.RegistryChainSelector) if err != nil { return nil, fmt.Errorf("failed to get registry: %w", err) }