Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(svm): root bundles over cctp #687

Merged
merged 10 commits into from
Oct 25, 2024
Merged

fix(svm): root bundles over cctp #687

merged 10 commits into from
Oct 25, 2024

Conversation

Reinis-FRP
Copy link
Contributor

We require ability to relay and emergency delete root bundles over CCTP.

Fixes: https://linear.app/uma/issue/ACX-3029/instructionsadminrs-remote-relay-emergency-delete-root-bundle

@Reinis-FRP
fix: relay root bundle over cctp
2dee982 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
@Reinis-FRP
Merge branch 'master' into reinis-frp/remote-root-bundle
efdd292
@Reinis-FRP
fix: support emit_cpi in remote relay root bundle
cae5aa6 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
@Reinis-FRP
fix: update relay root bundle in tests and scripts
c8c04e1 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
@linear Linear
Copy link

linear bot commented Oct 24, 2024

ACX-3029 instructions/admin.rs: remote relay / emergency delete root bundle

@Reinis-FRP
Merge branch 'master' into reinis-frp/remote-root-bundle
5743fe2
@Reinis-FRP
fix: remote emergency delete bundle
ea73cc0 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
@Reinis-FRP
Merge branch 'master' into reinis-frp/remote-root-bundle
9080c0f 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
@Reinis-FRP
fix: remove redundant mut
a044a5a 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
@Reinis-FRP
fix: no mut state
e1e2844 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
@Reinis-FRP Reinis-FRP requested review from chrismaree and md0x October 24, 2024 12:49
@Reinis-FRP Reinis-FRP marked this pull request as ready for review October 24, 2024 12:49
@Reinis-FRP
fix: mut state in test
d422b64 
Signed-off-by: Reinis Martinsons <reinis@umaproject.org>
chrismaree
chrismaree reviewed Oct 24, 2024
View reviewed changes
programs/svm-spoke/src/instructions/admin.rs
constraint = is_local_or_remote_owner(&signer, &state) @ CustomError::NotOwner
)]
pub signer: Signer<'info>,

#[account(mut)]
// We do not restrict who can receive lamports from closing root_bundle account as that would require storing the
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense, as long as it's authenticated with is_local_or_remote_owner we don't really mind.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In remote authentication this checks only that this is coming from HubPool via CCTP, but we do not use permissioned caller to receive the message on Solana side (though CCTP has that option). So there might be a case that someone frontruns receiving message on Solana and gets all lamports from the closing of root bundle account. But I think this is rare enough when we would use this emergency method and it should be no concern that someone else could gain some extra lamports.

Copy link
Contributor

@md0x md0x Oct 25, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense. Anyone can “finalize” these messages.

However, I’m wondering if it might make sense to use the feature you mentioned, where CCTP allows authentication of specific finalizers, so we can handle these admin actions with more control if needed. (Just throwing an open question)

chrismaree
chrismaree reviewed Oct 24, 2024
View reviewed changes
programs/svm-spoke/src/instructions/handle_receive_message.rs
@@ -82,6 +82,18 @@ fn translate_message(data: &Vec<u8>) -> Result<Vec<u8>> {
(origin_token, destination_chain_id, enabled)
.encode_instruction_data("global:set_enable_route")
}
s if s == utils::encode_solidity_selector("relayRootBundle(bytes32,bytes32)") => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great! we can now test this on testnet as well over cctp

md0x
md0x reviewed Oct 25, 2024
View reviewed changes
test/svm/SvmSpoke.HandleReceiveMessage.ts
// Same 3 remaining accounts passed for HandleReceiveMessage context.
const relayRootBundleRemainingAccounts = remainingAccounts.slice(0, 3);
// payer in self-invoked SetEnableRoute.
relayRootBundleRemainingAccounts.push({
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does order matter here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regular accounts have named props, so the client can reorder them as needed, but remaining accounts is plain array, so I believe the ordering here matters.

md0x
md0x approved these changes Oct 25, 2024
View reviewed changes
Copy link
Contributor

@md0x md0x left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@Reinis-FRP Reinis-FRP merged commit 49448ff into master Oct 25, 2024
9 checks passed
@Reinis-FRP Reinis-FRP deleted the reinis-frp/remote-root-bundle branch October 25, 2024 14:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@md0x md0x md0x approved these changes

@chrismaree chrismaree chrismaree approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Reinis-FRP @chrismaree @md0x