feat: mainnet validator hot swaps #4203
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
joelsmith-2019
requested review from
nik-suri,
johnsaigle,
mdulin2 and
evan-gray
as code owners
nik-suri
reviewed
Dec 19, 2024
mdulin2
reviewed
Jan 13, 2025
|
Is this truly affecting only mainnet. Please, be reminded that in testnet the guardian set size is one (1) and we should keep the ability to rotate the key. cc @andreclaro |
|
This is expanding the ability to rotate keys. Right now, there is a restriction that the hot swap is only allowed when there is a single Guardian (aka testnet). This allows for all Guardians to do the hot swap at any point. |
mdulin2
reviewed
Jan 15, 2025
mdulin2
previously approved these changes
Jan 15, 2025
nik-suri
previously approved these changes
Jan 27, 2025
nik-suri
approved these changes
Jan 28, 2025
mdulin2
approved these changes
Jan 29, 2025
evan-gray
approved these changes
Jan 29, 2025
kakucodes
added a commit
that referenced
this pull request
Feb 3, 2025
wormchain: pulled in the pre-release cw_wormhole ict/integration test added shutdown tests lint cleanup shutdown utils cleanup Deploy SeiEVM testnet (#4209) * cli: arbitrary chain registration * Deploy SeiEVM Testnet --------- Co-authored-by: Evan Gray <[email protected]> Node: Update Celo watcher (#4210) * Node: Update Celo watcher * Code review rework docs: add TransferFees conformance note (#4212) * docs: add TransferFees conformance note * docs: clarify cosmwasm core contract * fix: make link relative Deploy Monad testnet (#4218) CONTRIBUTING: update to forbid PRs the contain only minor wording adjustments Node/Solana: Reobservation by transaction ID (#4223) * Node/Solana: Reobservation by transaction ID * Code review rework Double the limits on Ethereum and Solana (#4225) * Double the limits on Ethereum and Solana Due to high network volumes on Ethereum and Solana, the limits are being doubled for these 2 chains * Fixed the hardcoded max daily limit in the tests chore: add cw wormhole interchain tests (#4189) * wormchain: cw_wormhole ict start * wormchain(interchaintest): initial test implementation * Add Additional Core Contract ICTs * Finish Core Contract VAA ICTs * Add Replay Protection Checks * Extract Helper Commands * Fix Modify Genesis * Hook into ICT Workflow * Add Missing UpgradeContract VAA Test * Add Additional Fee Checks --------- Co-authored-by: Kaku <[email protected]> Co-authored-by: Obie Kaku <[email protected]> node: Add Transfer Verifier mechanism (#4169) Adds a new package and command-line tool for Transfer Verification. This is a process of validating message publications from the core contracts. When a message is emitted, Transfer Verification will examine the corresponding receipt or other logs to ensure that funds were sent into the token bridge whenever this kind of message is emitted from the core bridge. This is a defense-in-depth mechanism to guard against a scenario where an attacker finds a way to spoof message publications. Node/Solana: Beef up commitment check (#4231) Github: Update node code owners (#4232) Node: Change TxHash to TxID in MessagePublication (#4219) * Node: Change TxHash to TxID in MessagePublication * Code review rework * More code review rework * Limit TxID to 255 bytes and add test for it * Code review rework node: Governor token list update (#4208) * node: governor token list update * Update based on USD depeg stats * Update codeowners --------- Co-authored-by: djb15 <[email protected]> clients/js: support alternative aptos networks Node: Add support for Movement (#4236) pulled in joel's ict based shutdown contract tests update ict cw_wormhole wasm binary updated makefile to run the tests with proper features updated rust tests in workflow ignore unused variables and functions during shutdown mode fixing package exclusion rerendered artifacts rerendered artifacts Node: Audit chain IDs Node: Allow no heartbeating in testnet (#4240) Deploy token bridge to Monad testnet (#4238) Node/Aptos: Don't replay old observation on startup (#4243) Deployment: Add Movement testnet token bridge (#4245) Node/Solana: Shim support in testnet (#4241) * Node/Solana: Shim support in testnet * Code review rework Node: Remove references to SignedObservation (#4244) * Node: Remove references to SignedObservation * Code review rework Node/Hack: Add tool to test go-ethereum subscriptions (#4214) * Node/Hack: SeiEVM watcher test app * Make tool general purpose Revert #4225 (#4247) Node: Remove Monad Devnet support (#4248) Node/Solana: Fix shim observation message (#4249) feat: mainnet validator hot swaps (#4203) * Add ICT Local Image * Fix ICT Workflow * feat: allow validator hot swapping in mainnet * Integrate with CI * fix: comments * readd state lookup updated ict workflow versions updated dockerfile to seperately generate the shutdown contracts removed unnecessary files
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR allows mainnet validator hot swapping. Previously, only single validator clusters allowed hot swapping for testnet purposes. This PR removes that check and introduces an integration test which validates the process of swapping an existing guardian's validator to a new validator and then back again.