feat(sui)!: add script option to pause sui contracts #519
Conversation
…yments to the factory.
Co-authored-by: Milap Sheth <[email protected]>
|
|
||
| // Do not dissalow `allow_function` because that locks the gateway forever. | ||
| if (Number(version) === allowedFunctionsArray.length - 1) { | ||
| const index = allowedFunctions.indexOf('allow_function'); |
There was a problem hiding this comment.
we also don't want to disallow disallow_function as well
| @@ -510,6 +509,65 @@ async function testNewField(value, options) { | |||
| console.log(`Set the value to ${value} and it was set to ${returnedValue}.`); | |||
| } | |||
|
|
|||
| async function pause(keypair, client, config, chain, contracts, args, options) { | |||
There was a problem hiding this comment.
I think we should support a few approaches based on the use-cases:
pause: Allow pausing a curated list of critical entrypoints. In an emergency, we want to pause critical entrypoints but not necessary all (e.g. functions that allow changing configuration like trusted chains / flow limit should be kept available for operations).pause --all: Allow pausing all exposed methods except allow/disallow functiondisableVersion: Allow disabling all methods of a given version, including allow/disallow function, but ensure that this can be only run for older versions. This allows us to disable the previous version after an upgrade dynamically. The upgrade after this one will also enforce this in the source code later.
There was a problem hiding this comment.
For both gateway, and ITS, let's hardcode a curated list of entrypoints that should be paused. For gateway, perhaps approve_messages and rotate_signers that can be affected by proof validation issues
| .action((options) => { | ||
| mainProcessor(unpause, [], options); | ||
| }); | ||
|
|
There was a problem hiding this comment.
update test-sui.yaml to run pause/unpause for gateway and ITS. Want to ensure that this action always work, instead of finding issues during an emergency
| versions: versionsArg, | ||
| disallowedFunctions: allowedFunctionsArg, | ||
| }, | ||
| `${__dirname}/../axelar-chains-config/info/sui-gateway-allowed-functions-${options.env}.json`, |
There was a problem hiding this comment.
save to the existing sui.contracts.AxelarGateway config which is already included in git
There was a problem hiding this comment.
Instead of dynamically querying this, we should look into creating a json file in the cgp sui that lists the version controlled methods, and including it in the npm release. We already do something like this for the golden test, so shouldn't be hard to add a JSON file containing contract name -> allowed function list mapping
| const allowFunctionsProgram = new Command() | ||
| .name('allow-functions') | ||
| .description('Allow functions') | ||
| .command('allow-functions <versions> <functions>') | ||
| .action((versions, functions, options) => { | ||
| mainProcessor(allowFunctions, options, [versions, functions], processCommand); | ||
| }); | ||
|
|
There was a problem hiding this comment.
create a separate contract.js script that allows generically allowing/disallowing function by version for any of our contract. It can do also support pause --all, unpause --all. And for the curated pause and unpause we can create an object mapping for contract name -> curated function list
No description provided.