From 5a7e551d7420439657e7fdcca8703f0cdc8bf9de Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Thu, 16 May 2024 22:48:54 +0700 Subject: [PATCH 01/15] script: add revoke role script --- .gitignore | 2 +- .../01_Revoke_Roles.s.sol | 43 +++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 script/20240516-revoke-roles/01_Revoke_Roles.s.sol diff --git a/.gitignore b/.gitignore index 516242c..986bc1f 100644 --- a/.gitignore +++ b/.gitignore @@ -23,4 +23,4 @@ yarn-error.log .yarnrc.yml script/data/* dependencies -deployments/**/exported_address \ No newline at end of file +deployments/**/exported_address diff --git a/script/20240516-revoke-roles/01_Revoke_Roles.s.sol b/script/20240516-revoke-roles/01_Revoke_Roles.s.sol new file mode 100644 index 0000000..0f00b59 --- /dev/null +++ b/script/20240516-revoke-roles/01_Revoke_Roles.s.sol @@ -0,0 +1,43 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import { Migration } from "script/Migration.s.sol"; +import { Contract } from "script/utils/Contract.sol"; +import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol"; +import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol"; +import { AccessControlEnumerable } from "@openzeppelin/contracts/access/AccessControlEnumerable.sol"; +import { LibRNSDomain } from "src/libraries/LibRNSDomain.sol"; +import { DefaultNetwork } from "foundry-deployment-kit/utils/DefaultNetwork.sol"; + +contract Migration__01_Revoke_Roles is Migration { + address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; + address multisig = 0x1FF1edE0242317b8C4229fC59E64DD93952019ef; + + function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { + address[] memory contracts = new address[](5); + contracts[0] = loadContract(Contract.RNSDomainPrice.key()); + contracts[1] = loadContract(Contract.RONRegistrarController.key()); + contracts[2] = loadContract(Contract.NameChecker.key()); + contracts[3] = loadContract(Contract.RNSUnified.key()); + contracts[4] = loadContract(Contract.RNSAuction.key()); + + vm.startBroadcast(duke); + + Ownable(loadContract(Contract.OwnedMulticaller.key())).transferOwnership(multisig); + Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); + // Transfer .ron domain ownership to multisig + ERC721(loadContract(Contract.RNSUnified.key())).transferFrom(duke, multisig, LibRNSDomain.RON_ID); + + for (uint256 i; i < contracts.length; i++) { + AccessControlEnumerable(contracts[i]).grantRole(0x0, multisig); + AccessControlEnumerable(contracts[i]).renounceRole(0x0, duke); + + assertTrue( + AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 0, + string.concat("Role is empty", "contract: ", vm.toString(contracts[i])) + ); + } + + vm.stopBroadcast(); + } +} From 8e8861f535e6d42da587bff1546ee6981805b77e Mon Sep 17 00:00:00 2001 From: "tu-do.ron" Date: Fri, 17 May 2024 11:49:43 +0700 Subject: [PATCH 02/15] Update script/20240516-revoke-roles/01_Revoke_Roles.s.sol --- script/20240516-revoke-roles/01_Revoke_Roles.s.sol | 1 - 1 file changed, 1 deletion(-) diff --git a/script/20240516-revoke-roles/01_Revoke_Roles.s.sol b/script/20240516-revoke-roles/01_Revoke_Roles.s.sol index 0f00b59..a723cc3 100644 --- a/script/20240516-revoke-roles/01_Revoke_Roles.s.sol +++ b/script/20240516-revoke-roles/01_Revoke_Roles.s.sol @@ -30,7 +30,6 @@ contract Migration__01_Revoke_Roles is Migration { for (uint256 i; i < contracts.length; i++) { AccessControlEnumerable(contracts[i]).grantRole(0x0, multisig); - AccessControlEnumerable(contracts[i]).renounceRole(0x0, duke); assertTrue( AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 0, From 20f91041815f035373e09e45607484f7eaf2b0ef Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Tue, 25 Jun 2024 14:03:13 +0700 Subject: [PATCH 03/15] script: fix import remapping --- script/20240516-revoke-roles/01_Revoke_Roles.s.sol | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/script/20240516-revoke-roles/01_Revoke_Roles.s.sol b/script/20240516-revoke-roles/01_Revoke_Roles.s.sol index a723cc3..9d312a2 100644 --- a/script/20240516-revoke-roles/01_Revoke_Roles.s.sol +++ b/script/20240516-revoke-roles/01_Revoke_Roles.s.sol @@ -7,7 +7,7 @@ import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol"; import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol"; import { AccessControlEnumerable } from "@openzeppelin/contracts/access/AccessControlEnumerable.sol"; import { LibRNSDomain } from "src/libraries/LibRNSDomain.sol"; -import { DefaultNetwork } from "foundry-deployment-kit/utils/DefaultNetwork.sol"; +import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; contract Migration__01_Revoke_Roles is Migration { address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; From 2cbc90619a09c9301597b184a9ea395279bf3fd8 Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Thu, 11 Jul 2024 17:06:13 +0700 Subject: [PATCH 04/15] script: update flow for revoke roles --- .../01_DeployNew_OwnedMulticaller.s.sol | 20 +++ .../01_Revoke_Roles.s.sol | 42 ----- .../02_Revoke_Roles.s.sol | 166 ++++++++++++++++++ 3 files changed, 186 insertions(+), 42 deletions(-) create mode 100644 script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller.s.sol delete mode 100644 script/20240516-revoke-roles/01_Revoke_Roles.s.sol create mode 100644 script/20240516-revoke-roles/02_Revoke_Roles.s.sol diff --git a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller.s.sol b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller.s.sol new file mode 100644 index 0000000..6268344 --- /dev/null +++ b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller.s.sol @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import { console } from "forge-std/console.sol"; +import { Contract } from "script/utils/Contract.sol"; +import { Migration } from "script/Migration.s.sol"; +import { OwnedMulticaller, OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; + +contract Migration__01_DeployNew_OwnedMulticaller is Migration { + address internal constant DUKE = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; + OwnedMulticaller multicall; + + function run() external { + multicall = new OwnedMulticallerDeploy().run(); + } + + function _postCheck() internal virtual override { + assertEq(multicall.owner(), DUKE); + } +} diff --git a/script/20240516-revoke-roles/01_Revoke_Roles.s.sol b/script/20240516-revoke-roles/01_Revoke_Roles.s.sol deleted file mode 100644 index 9d312a2..0000000 --- a/script/20240516-revoke-roles/01_Revoke_Roles.s.sol +++ /dev/null @@ -1,42 +0,0 @@ -// SPDX-License-Identifier: MIT -pragma solidity ^0.8.19; - -import { Migration } from "script/Migration.s.sol"; -import { Contract } from "script/utils/Contract.sol"; -import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol"; -import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol"; -import { AccessControlEnumerable } from "@openzeppelin/contracts/access/AccessControlEnumerable.sol"; -import { LibRNSDomain } from "src/libraries/LibRNSDomain.sol"; -import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; - -contract Migration__01_Revoke_Roles is Migration { - address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; - address multisig = 0x1FF1edE0242317b8C4229fC59E64DD93952019ef; - - function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { - address[] memory contracts = new address[](5); - contracts[0] = loadContract(Contract.RNSDomainPrice.key()); - contracts[1] = loadContract(Contract.RONRegistrarController.key()); - contracts[2] = loadContract(Contract.NameChecker.key()); - contracts[3] = loadContract(Contract.RNSUnified.key()); - contracts[4] = loadContract(Contract.RNSAuction.key()); - - vm.startBroadcast(duke); - - Ownable(loadContract(Contract.OwnedMulticaller.key())).transferOwnership(multisig); - Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); - // Transfer .ron domain ownership to multisig - ERC721(loadContract(Contract.RNSUnified.key())).transferFrom(duke, multisig, LibRNSDomain.RON_ID); - - for (uint256 i; i < contracts.length; i++) { - AccessControlEnumerable(contracts[i]).grantRole(0x0, multisig); - - assertTrue( - AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 0, - string.concat("Role is empty", "contract: ", vm.toString(contracts[i])) - ); - } - - vm.stopBroadcast(); - } -} diff --git a/script/20240516-revoke-roles/02_Revoke_Roles.s.sol b/script/20240516-revoke-roles/02_Revoke_Roles.s.sol new file mode 100644 index 0000000..0da6eae --- /dev/null +++ b/script/20240516-revoke-roles/02_Revoke_Roles.s.sol @@ -0,0 +1,166 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import { console } from "forge-std/console.sol"; +import { Migration } from "script/Migration.s.sol"; +import { Contract } from "script/utils/Contract.sol"; +import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol"; +import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol"; +import { Strings } from "@openzeppelin/contracts/utils/Strings.sol"; +import { AccessControlEnumerable } from "@openzeppelin/contracts/access/AccessControlEnumerable.sol"; +import { LibRNSDomain } from "src/libraries/LibRNSDomain.sol"; +import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; +import { RNSUnified } from "src/RNSUnified.sol"; +import { RNSAuction } from "src/RNSAuction.sol"; +import { NameChecker } from "src/NameChecker.sol"; +import { RNSDomainPrice } from "src/RNSDomainPrice.sol"; +import { PublicResolver } from "src/resolvers/PublicResolver.sol"; +import { RNSReverseRegistrar } from "src/RNSReverseRegistrar.sol"; +import { RONRegistrarController } from "src/RONRegistrarController.sol"; +import { OwnedMulticaller } from "src/utils/OwnedMulticaller.sol"; +import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; + +contract Migration__01_Revoke_Roles is Migration { + using Strings for *; + using LibRNSDomain for string; + + address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; + address multisig = 0x1FF1edE0242317b8C4229fC59E64DD93952019ef; + + RNSUnified internal _rns; + RNSAuction internal _auction; + NameChecker internal _nameChecker; + RNSDomainPrice internal _domainPrice; + PublicResolver internal _publicResolver; + RNSReverseRegistrar internal _reverseRegistrar; + RONRegistrarController internal _ronController; + OwnedMulticaller internal _ownedMulticaller; + + function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { + _rns = RNSUnified(loadContract(Contract.RNSUnified.key())); + _auction = RNSAuction(loadContract(Contract.RNSAuction.key())); + _nameChecker = NameChecker(loadContract(Contract.NameChecker.key())); + _domainPrice = RNSDomainPrice(loadContract(Contract.RNSDomainPrice.key())); + _publicResolver = PublicResolver(loadContract(Contract.PublicResolver.key())); + _reverseRegistrar = RNSReverseRegistrar(loadContract(Contract.RNSReverseRegistrar.key())); + _ronController = RONRegistrarController(loadContract(Contract.RONRegistrarController.key())); + _ownedMulticaller = OwnedMulticaller(loadContract(Contract.OwnedMulticaller.key())); + + _upgradeProxy(Contract.RNSUnified.key()); + + address[] memory contracts = new address[](5); + contracts[0] = address(_domainPrice); + contracts[1] = address(_ronController); + contracts[2] = address(_nameChecker); + contracts[3] = address(_rns); + contracts[4] = address(_auction); + + vm.startBroadcast(duke); + + // Transfer .ron domain ownership to owned multicaller + _rns.transferFrom(duke, address(_ownedMulticaller), 0x0); + _rns.transferFrom(duke, address(_ownedMulticaller), LibRNSDomain.RON_ID); + _rns.transferFrom(duke, address(_ownedMulticaller), LibRNSDomain.ADDR_REVERSE_ID); + + address[] memory tos = new address[](3); + bytes[] memory callDatas = new bytes[](3); + uint256[] memory values = new uint256[](3); + + tos[0] = address(_rns); + tos[1] = address(_rns); + tos[2] = address(_rns); + + callDatas[0] = abi.encodeCall(ERC721.setApprovalForAll, (address(_auction), true)); + callDatas[1] = abi.encodeCall(ERC721.setApprovalForAll, (address(_ronController), true)); + callDatas[2] = abi.encodeCall(ERC721.approve, (address(_reverseRegistrar), LibRNSDomain.ADDR_REVERSE_ID)); + + values[0] = 0; + values[1] = 0; + values[2] = 0; + + _ownedMulticaller.multicall(tos, callDatas, values); + + uint256 length; + + for (uint256 i; i < length; i++) { + AccessControlEnumerable(contracts[i]).grantRole(0x0, multisig); + + assertTrue( + AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 0, + string.concat("Role is empty", "contract: ", vm.toString(contracts[i])) + ); + } + + // Duke will do this manually + // Ownable(loadContract(Contract.OwnedMulticaller.key())).transferOwnership(multisig); + // Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); + + vm.stopBroadcast(); + } + + function _postCheck() internal virtual override { + _validateController(); + _validateAuction(); + _validateReverseRegistrar(); + } + + function _validateReverseRegistrar() internal view logFn("validateReverseRegistrar") { + assertEq(_rns.getApproved(LibRNSDomain.ADDR_REVERSE_ID), address(_reverseRegistrar)); + } + + function _validateController() internal logFn("_validateController") { + Account memory user = makeAccount("tudo"); + uint64 duration = 30 days; + bytes32 secret = keccak256("secret"); + string memory domain = "tudo-controller-promax"; + + bytes[] memory data; + bytes32 commitment = + _ronController.computeCommitment(domain, user.addr, duration, secret, address(_publicResolver), data, true); + + (, uint256 ronPrice) = _ronController.rentPrice(domain, duration); + console.log("domain price:", ronPrice); + vm.deal(user.addr, ronPrice); + + vm.startPrank(user.addr); + _ronController.commit(commitment); + vm.warp(block.timestamp + 1 hours); + _ronController.register{ value: ronPrice }( + domain, user.addr, duration, secret, address(_publicResolver), data, true + ); + vm.stopPrank(); + + uint256 expectedId = uint256(string.concat(domain, ".ron").namehash()); + assertEq(_rns.ownerOf(expectedId), user.addr); + console.log(unicode"✅ Controller checks are passed"); + } + + function _validateAuction() internal logFn("validateAuction") { + address operator = _auction.getRoleMember(_auction.OPERATOR_ROLE(), 0); + string[] memory domainNames = new string[](1); + string memory domainName = "tudo-reserved-provip"; + domainNames[0] = domainName; + bytes32[] memory lbHashes = new bytes32[](1); + lbHashes[0] = LibRNSDomain.hashLabel(domainName); + uint256[] memory setTypes = new uint256[](1); + uint256[] memory ronPrices = new uint256[](1); + bytes32[] memory proofHashes = new bytes32[](1); + ronPrices[0] = _domainPrice.convertUSDToRON(2e18); + + vm.startPrank(operator); + + _auction.bulkRegister(domainNames); + _domainPrice.bulkSetDomainPrice(lbHashes, ronPrices, proofHashes, setTypes); + + uint256 id = LibRNSDomain.toId(LibRNSDomain.RON_ID, domainNames[0]); + (, INSDomainPrice.UnitPrice memory tax) = _domainPrice.getRenewalFee(domainName, 365 days); + assertTrue(tax.usd != 0, "reversed name not have tax"); + + vm.stopPrank(); + + assertTrue(_auction.reserved(id), "invalid bulkRegister"); + assertEq(_rns.getRecord(id).mut.expiry, _rns.MAX_EXPIRY(), "invalid expiry time"); + + console.log(unicode"✅ Auction checks are passed"); + } +} From a4ec1a8718c63cc0e03e68a4a24723510a919e92 Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Thu, 11 Jul 2024 17:21:41 +0700 Subject: [PATCH 05/15] script: remove upgrade rns unified --- .../20240516-revoke-roles/02_Revoke_Roles.s.sol | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/script/20240516-revoke-roles/02_Revoke_Roles.s.sol b/script/20240516-revoke-roles/02_Revoke_Roles.s.sol index 0da6eae..3e8e8a5 100644 --- a/script/20240516-revoke-roles/02_Revoke_Roles.s.sol +++ b/script/20240516-revoke-roles/02_Revoke_Roles.s.sol @@ -46,8 +46,6 @@ contract Migration__01_Revoke_Roles is Migration { _ronController = RONRegistrarController(loadContract(Contract.RONRegistrarController.key())); _ownedMulticaller = OwnedMulticaller(loadContract(Contract.OwnedMulticaller.key())); - _upgradeProxy(Contract.RNSUnified.key()); - address[] memory contracts = new address[](5); contracts[0] = address(_domainPrice); contracts[1] = address(_ronController); @@ -80,10 +78,11 @@ contract Migration__01_Revoke_Roles is Migration { _ownedMulticaller.multicall(tos, callDatas, values); - uint256 length; + uint256 length = contracts.length; for (uint256 i; i < length; i++) { AccessControlEnumerable(contracts[i]).grantRole(0x0, multisig); + console.log("Duke will renounce his admin roles of contract:", vm.getLabel(contracts[i]), "manually"); assertTrue( AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 0, @@ -93,7 +92,17 @@ contract Migration__01_Revoke_Roles is Migration { // Duke will do this manually // Ownable(loadContract(Contract.OwnedMulticaller.key())).transferOwnership(multisig); + console.log( + "Duke will renounce his owner role of contract:", + vm.getLabel(loadContract(Contract.OwnedMulticaller.key())), + "manually" + ); // Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); + console.log( + "Duke will renounce his owner role of contract:", + vm.getLabel(loadContract(Contract.RNSReverseRegistrar.key())), + "manually" + ); vm.stopBroadcast(); } From adfe7b4dcfd7d0c20cc0198d56e2cc742b6f60bf Mon Sep 17 00:00:00 2001 From: "tu-do.ron" Date: Thu, 11 Jul 2024 17:30:57 +0700 Subject: [PATCH 06/15] Apply suggestions from code review --- script/20240516-revoke-roles/02_Revoke_Roles.s.sol | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/script/20240516-revoke-roles/02_Revoke_Roles.s.sol b/script/20240516-revoke-roles/02_Revoke_Roles.s.sol index 3e8e8a5..af04c10 100644 --- a/script/20240516-revoke-roles/02_Revoke_Roles.s.sol +++ b/script/20240516-revoke-roles/02_Revoke_Roles.s.sol @@ -93,13 +93,13 @@ contract Migration__01_Revoke_Roles is Migration { // Duke will do this manually // Ownable(loadContract(Contract.OwnedMulticaller.key())).transferOwnership(multisig); console.log( - "Duke will renounce his owner role of contract:", + "Duke will transfer to multisig his owner role of contract:", vm.getLabel(loadContract(Contract.OwnedMulticaller.key())), "manually" ); // Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); console.log( - "Duke will renounce his owner role of contract:", + "Duke will transfer to multisig his owner role of contract:", vm.getLabel(loadContract(Contract.RNSReverseRegistrar.key())), "manually" ); From 69871920222f1b2c2f7c91d354826b9e211428af Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Mon, 15 Jul 2024 13:52:25 +0700 Subject: [PATCH 07/15] script(revoke-roles): update scripts --- ..._DeployNew_OwnedMulticaller_Mainnet.s.sol} | 9 +- .../01_DeployNew_OwnedMulticaller_Testnet.sol | 21 ++ .../02_Revoke_Roles_Mainnet.s.sol | 200 ++++++++++++++++++ ...oles.s.sol => 02_Revoke_Roles_Testnet.sol} | 14 +- script/GeneralConfig.sol | 11 + script/utils/Contract.sol | 4 +- 6 files changed, 247 insertions(+), 12 deletions(-) rename script/20240516-revoke-roles/{01_DeployNew_OwnedMulticaller.s.sol => 01_DeployNew_OwnedMulticaller_Mainnet.s.sol} (56%) create mode 100644 script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Testnet.sol create mode 100644 script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol rename script/20240516-revoke-roles/{02_Revoke_Roles.s.sol => 02_Revoke_Roles_Testnet.sol} (95%) diff --git a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller.s.sol b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol similarity index 56% rename from script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller.s.sol rename to script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol index 6268344..00b79b8 100644 --- a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller.s.sol +++ b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol @@ -4,17 +4,18 @@ pragma solidity ^0.8.19; import { console } from "forge-std/console.sol"; import { Contract } from "script/utils/Contract.sol"; import { Migration } from "script/Migration.s.sol"; +import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; import { OwnedMulticaller, OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; contract Migration__01_DeployNew_OwnedMulticaller is Migration { - address internal constant DUKE = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; + address internal constant TUDO = 0x0Ebf93387093D7b7cDa9a4dE5d558507810af5eD; // TuDo's trezor OwnedMulticaller multicall; - function run() external { - multicall = new OwnedMulticallerDeploy().run(); + function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { + multicall = OwnedMulticaller(new OwnedMulticallerDeploy().overrideArgs(abi.encode(TUDO)).run()); } function _postCheck() internal virtual override { - assertEq(multicall.owner(), DUKE); + assertEq(multicall.owner(), TUDO); } } diff --git a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Testnet.sol b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Testnet.sol new file mode 100644 index 0000000..614c88f --- /dev/null +++ b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Testnet.sol @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import { console } from "forge-std/console.sol"; +import { Contract } from "script/utils/Contract.sol"; +import { Migration } from "script/Migration.s.sol"; +import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; +import { OwnedMulticaller, OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; + +contract Migration__01_DeployNew_OwnedMulticaller_Testnet is Migration { + address internal constant DUKE = 0x968D0Cd7343f711216817E617d3f92a23dC91c07; + OwnedMulticaller multicall; + + function run() external onlyOn(DefaultNetwork.RoninTestnet.key()) { + multicall = OwnedMulticaller(new OwnedMulticallerDeploy().overrideArgs(abi.encode(DUKE)).run()); + } + + function _postCheck() internal virtual override { + assertEq(multicall.owner(), DUKE); + } +} diff --git a/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol b/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol new file mode 100644 index 0000000..f8e48e1 --- /dev/null +++ b/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol @@ -0,0 +1,200 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import { console } from "forge-std/console.sol"; +import { Migration } from "script/Migration.s.sol"; +import { Contract } from "script/utils/Contract.sol"; +import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol"; +import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol"; +import { Strings } from "@openzeppelin/contracts/utils/Strings.sol"; +import { AccessControlEnumerable } from "@openzeppelin/contracts/access/AccessControlEnumerable.sol"; +import { LibRNSDomain } from "src/libraries/LibRNSDomain.sol"; +import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; +import { RNSUnified } from "src/RNSUnified.sol"; +import { RNSAuction } from "src/RNSAuction.sol"; +import { NameChecker } from "src/NameChecker.sol"; +import { RNSDomainPrice } from "src/RNSDomainPrice.sol"; +import { PublicResolver } from "src/resolvers/PublicResolver.sol"; +import { RNSReverseRegistrar } from "src/RNSReverseRegistrar.sol"; +import { RONRegistrarController } from "src/RONRegistrarController.sol"; +import { OwnedMulticaller } from "src/utils/OwnedMulticaller.sol"; +import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; +import { OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; +import { ErrorHandler } from "src/libraries/ErrorHandler.sol"; + +contract Migration__02_Revoke_Roles_Mainnet is Migration { + using Strings for *; + using ErrorHandler for bool; + using LibRNSDomain for string; + + address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; + address multisig = 0x1FF1edE0242317b8C4229fC59E64DD93952019ef; + + RNSUnified internal _rns; + RNSAuction internal _auction; + NameChecker internal _nameChecker; + RNSDomainPrice internal _domainPrice; + PublicResolver internal _publicResolver; + RNSReverseRegistrar internal _reverseRegistrar; + RONRegistrarController internal _ronController; + OwnedMulticaller internal _ownedMulticaller; + address internal _batchTransfer; + + function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { + _rns = RNSUnified(loadContract(Contract.RNSUnified.key())); + _auction = RNSAuction(loadContract(Contract.RNSAuction.key())); + _nameChecker = NameChecker(loadContract(Contract.NameChecker.key())); + _domainPrice = RNSDomainPrice(loadContract(Contract.RNSDomainPrice.key())); + _publicResolver = PublicResolver(loadContract(Contract.PublicResolver.key())); + _reverseRegistrar = RNSReverseRegistrar(loadContract(Contract.RNSReverseRegistrar.key())); + _ronController = RONRegistrarController(loadContract(Contract.RONRegistrarController.key())); + _ownedMulticaller = OwnedMulticaller(loadContract(Contract.OwnedMulticaller.key())); + _batchTransfer = loadContract(Contract.ERC721BatchTransfer.key()); + + address[] memory contracts = new address[](5); + contracts[0] = address(_domainPrice); + contracts[1] = address(_ronController); + contracts[2] = address(_nameChecker); + contracts[3] = address(_rns); + contracts[4] = address(_auction); + + address multicallOwner = _ownedMulticaller.owner(); + console.log("Multicaller owner:", multicallOwner); + + vm.startBroadcast(multicallOwner); + + address[] memory tos = new address[](3); + bytes[] memory callDatas = new bytes[](3); + uint256[] memory values = new uint256[](3); + + tos[0] = address(_rns); + tos[1] = address(_rns); + tos[2] = address(_rns); + + callDatas[0] = abi.encodeCall(ERC721.setApprovalForAll, (address(_auction), true)); + callDatas[1] = abi.encodeCall(ERC721.setApprovalForAll, (address(_ronController), true)); + callDatas[2] = abi.encodeCall(ERC721.setApprovalForAll, (address(_reverseRegistrar), true)); + + _ownedMulticaller.multicall(tos, callDatas, values); + + vm.stopBroadcast(); + + vm.startBroadcast(duke); + // Transfer .ron domain ownership to owned multicaller + uint256[] memory ids = new uint256[](3); + ids[0] = 0x0; + ids[1] = LibRNSDomain.RON_ID; + ids[2] = LibRNSDomain.ADDR_REVERSE_ID; + _rns.setApprovalForAll(_batchTransfer, true); + + // Bulk transfer .ron domain ownership to owned multicaller + (bool success, bytes memory returnOrRevertData) = _batchTransfer.call( + abi.encodeWithSignature("safeBatchTransfer(address,uint256[],address)", _rns, ids, _ownedMulticaller) + ); + success.handleRevert(returnOrRevertData); + + _rns.setApprovalForAll(_batchTransfer, false); + + _rns.setApprovalForAll(address(_auction), false); + _rns.setApprovalForAll(address(_ronController), false); + _rns.setApprovalForAll(address(_reverseRegistrar), false); + + uint256 length = contracts.length; + + for (uint256 i; i < length; i++) { + AccessControlEnumerable(contracts[i]).grantRole(0x0, multisig); + console.log("Duke will renounce his admin roles of contract:", vm.getLabel(contracts[i]), "manually"); + + assertTrue( + AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 1, + string.concat("Role is empty", "contract: ", vm.toString(contracts[i])) + ); + } + + console.log("Revoke roles for domain price", 0xAdc6a8fEB5C53303323A1D0280c0a0d5F2e1a14D); + // Remove another admin roles: https://sky-mavis.slack.com/archives/C06C3HW1HS7/p1712812933009569 + AccessControlEnumerable(address(_domainPrice)).revokeRole(0x0, 0xAdc6a8fEB5C53303323A1D0280c0a0d5F2e1a14D); + + // Duke will do this manually + // Ownable(loadContract(Contract.OwnedMulticaller.key())).transferOwnership(multisig); + console.log( + "Duke will transfer to multisig his owner role of contract:", + vm.getLabel(loadContract(Contract.OwnedMulticaller.key())), + "manually" + ); + // Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); + console.log( + "Duke will transfer to multisig his owner role of contract:", + vm.getLabel(loadContract(Contract.RNSReverseRegistrar.key())), + "manually" + ); + + vm.stopBroadcast(); + } + + function _postCheck() internal virtual override { + _validateController(); + _validateAuction(); + _validateReverseRegistrar(); + } + + function _validateReverseRegistrar() internal view logFn("validateReverseRegistrar") { + assertEq(_rns.getApproved(LibRNSDomain.ADDR_REVERSE_ID), address(_reverseRegistrar)); + } + + function _validateController() internal logFn("_validateController") { + Account memory user = makeAccount("tudo"); + uint64 duration = 30 days; + bytes32 secret = keccak256("secret"); + string memory domain = "tudo-controller-promax"; + + bytes[] memory data; + bytes32 commitment = + _ronController.computeCommitment(domain, user.addr, duration, secret, address(_publicResolver), data, true); + + (, uint256 ronPrice) = _ronController.rentPrice(domain, duration); + console.log("domain price:", ronPrice); + vm.deal(user.addr, ronPrice); + + vm.startPrank(user.addr); + _ronController.commit(commitment); + vm.warp(block.timestamp + 1 hours); + _ronController.register{ value: ronPrice }( + domain, user.addr, duration, secret, address(_publicResolver), data, true + ); + vm.stopPrank(); + + uint256 expectedId = uint256(string.concat(domain, ".ron").namehash()); + assertEq(_rns.ownerOf(expectedId), user.addr); + console.log(unicode"✅ Controller checks are passed"); + } + + function _validateAuction() internal logFn("validateAuction") { + address operator = _auction.getRoleMember(_auction.OPERATOR_ROLE(), 0); + string[] memory domainNames = new string[](1); + string memory domainName = "tudo-reserved-provip"; + domainNames[0] = domainName; + bytes32[] memory lbHashes = new bytes32[](1); + lbHashes[0] = LibRNSDomain.hashLabel(domainName); + uint256[] memory setTypes = new uint256[](1); + uint256[] memory ronPrices = new uint256[](1); + bytes32[] memory proofHashes = new bytes32[](1); + ronPrices[0] = _domainPrice.convertUSDToRON(2e18); + + vm.startPrank(operator); + + _auction.bulkRegister(domainNames); + _domainPrice.bulkSetDomainPrice(lbHashes, ronPrices, proofHashes, setTypes); + + uint256 id = LibRNSDomain.toId(LibRNSDomain.RON_ID, domainNames[0]); + (, INSDomainPrice.UnitPrice memory tax) = _domainPrice.getRenewalFee(domainName, 365 days); + assertTrue(tax.usd != 0, "reversed name not have tax"); + + vm.stopPrank(); + + assertTrue(_auction.reserved(id), "invalid bulkRegister"); + assertEq(_rns.getRecord(id).mut.expiry, _rns.MAX_EXPIRY(), "invalid expiry time"); + + console.log(unicode"✅ Auction checks are passed"); + } +} diff --git a/script/20240516-revoke-roles/02_Revoke_Roles.s.sol b/script/20240516-revoke-roles/02_Revoke_Roles_Testnet.sol similarity index 95% rename from script/20240516-revoke-roles/02_Revoke_Roles.s.sol rename to script/20240516-revoke-roles/02_Revoke_Roles_Testnet.sol index af04c10..c6a6ae1 100644 --- a/script/20240516-revoke-roles/02_Revoke_Roles.s.sol +++ b/script/20240516-revoke-roles/02_Revoke_Roles_Testnet.sol @@ -20,12 +20,12 @@ import { RONRegistrarController } from "src/RONRegistrarController.sol"; import { OwnedMulticaller } from "src/utils/OwnedMulticaller.sol"; import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; -contract Migration__01_Revoke_Roles is Migration { +contract Migration__01_Revoke_Roles_Testnet is Migration { using Strings for *; using LibRNSDomain for string; - address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; - address multisig = 0x1FF1edE0242317b8C4229fC59E64DD93952019ef; + address duke = 0x968D0Cd7343f711216817E617d3f92a23dC91c07; + address multisig = 0x792428597158d73fF55333659957057f93362dfc; RNSUnified internal _rns; RNSAuction internal _auction; @@ -36,7 +36,7 @@ contract Migration__01_Revoke_Roles is Migration { RONRegistrarController internal _ronController; OwnedMulticaller internal _ownedMulticaller; - function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { + function run() external onlyOn(DefaultNetwork.RoninTestnet.key()) { _rns = RNSUnified(loadContract(Contract.RNSUnified.key())); _auction = RNSAuction(loadContract(Contract.RNSAuction.key())); _nameChecker = NameChecker(loadContract(Contract.NameChecker.key())); @@ -85,7 +85,7 @@ contract Migration__01_Revoke_Roles is Migration { console.log("Duke will renounce his admin roles of contract:", vm.getLabel(contracts[i]), "manually"); assertTrue( - AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 0, + AccessControlEnumerable(contracts[i]).getRoleMemberCount(0x0) > 1, string.concat("Role is empty", "contract: ", vm.toString(contracts[i])) ); } @@ -109,7 +109,7 @@ contract Migration__01_Revoke_Roles is Migration { function _postCheck() internal virtual override { _validateController(); - _validateAuction(); + _validateDomainPrice(); _validateReverseRegistrar(); } @@ -144,7 +144,7 @@ contract Migration__01_Revoke_Roles is Migration { console.log(unicode"✅ Controller checks are passed"); } - function _validateAuction() internal logFn("validateAuction") { + function _validateDomainPrice() internal logFn("_validateDomainPrice") { address operator = _auction.getRoleMember(_auction.OPERATOR_ROLE(), 0); string[] memory domainNames = new string[](1); string memory domainName = "tudo-reserved-provip"; diff --git a/script/GeneralConfig.sol b/script/GeneralConfig.sol index d5f0870..d13cb46 100644 --- a/script/GeneralConfig.sol +++ b/script/GeneralConfig.sol @@ -3,6 +3,7 @@ pragma solidity ^0.8.19; import { BaseGeneralConfig } from "@fdk/BaseGeneralConfig.sol"; import { Contract } from "./utils/Contract.sol"; +import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; contract GeneralConfig is BaseGeneralConfig { constructor() BaseGeneralConfig("", "deployments/") { } @@ -18,6 +19,16 @@ contract GeneralConfig is BaseGeneralConfig { _mapContractName(Contract.RNSReverseRegistrar); _mapContractName(Contract.RONRegistrarController); _mapContractName(Contract.RNSCommission); + _mapContractName(Contract.ERC721BatchTransfer); + + // Verify: https://app.roninchain.com/address/0x2368dfED532842dB89b470fdE9Fd584d48D4F644 + setAddress( + DefaultNetwork.RoninMainnet.key(), Contract.ERC721BatchTransfer.key(), 0x2368dfED532842dB89b470fdE9Fd584d48D4F644 + ); + // Verify: https://saigon-app.roninchain.com/address/0x2E889348bD37f192063Bfec8Ff39bD3635949e20 + setAddress( + DefaultNetwork.RoninTestnet.key(), Contract.ERC721BatchTransfer.key(), 0x2E889348bD37f192063Bfec8Ff39bD3635949e20 + ); } function _mapContractName(Contract contractEnum) internal { diff --git a/script/utils/Contract.sol b/script/utils/Contract.sol index 15042b5..cfef2d6 100644 --- a/script/utils/Contract.sol +++ b/script/utils/Contract.sol @@ -14,7 +14,8 @@ enum Contract { OwnedMulticaller, RNSReverseRegistrar, RONRegistrarController, - RNSCommission + RNSCommission, + ERC721BatchTransfer } using { key, name } for Contract global; @@ -34,5 +35,6 @@ function name(Contract contractEnum) pure returns (string memory) { if (contractEnum == Contract.RNSReverseRegistrar) return "RNSReverseRegistrar"; if (contractEnum == Contract.RONRegistrarController) return "RONRegistrarController"; if (contractEnum == Contract.RNSCommission) return "RNSCommission"; + if (contractEnum == Contract.ERC721BatchTransfer) return "ERC721BatchTransfer"; revert("Contract: Unknown contract"); } From 5ef9ddc5fab782270c83f0a565ac187096fca0c1 Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Mon, 15 Jul 2024 14:39:23 +0700 Subject: [PATCH 08/15] script: minor refactor --- ...1_DeployNew_OwnedMulticaller_Mainnet.s.sol | 40 +++++++++++++++++-- .../02_Revoke_Roles_Mainnet.s.sol | 21 ---------- 2 files changed, 37 insertions(+), 24 deletions(-) diff --git a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol index 00b79b8..68c2acf 100644 --- a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol +++ b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol @@ -5,17 +5,51 @@ import { console } from "forge-std/console.sol"; import { Contract } from "script/utils/Contract.sol"; import { Migration } from "script/Migration.s.sol"; import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; +import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol"; import { OwnedMulticaller, OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; contract Migration__01_DeployNew_OwnedMulticaller is Migration { address internal constant TUDO = 0x0Ebf93387093D7b7cDa9a4dE5d558507810af5eD; // TuDo's trezor - OwnedMulticaller multicall; + + OwnedMulticaller _multicaller; + address internal _rns; + address internal _auction; + address internal _nameChecker; + address internal _domainPrice; + address internal _publicResolver; + address internal _reverseRegistrar; + address internal _ronController; function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { - multicall = OwnedMulticaller(new OwnedMulticallerDeploy().overrideArgs(abi.encode(TUDO)).run()); + _rns = loadContract(Contract.RNSUnified.key()); + _auction = loadContract(Contract.RNSAuction.key()); + _nameChecker = loadContract(Contract.NameChecker.key()); + _domainPrice = loadContract(Contract.RNSDomainPrice.key()); + _publicResolver = loadContract(Contract.PublicResolver.key()); + _reverseRegistrar = loadContract(Contract.RNSReverseRegistrar.key()); + _ronController = loadContract(Contract.RONRegistrarController.key()); + _multicaller = OwnedMulticaller(new OwnedMulticallerDeploy().overrideArgs(abi.encode(TUDO)).run()); + + vm.startBroadcast(TUDO); + + address[] memory tos = new address[](3); + bytes[] memory callDatas = new bytes[](3); + uint256[] memory values = new uint256[](3); + + tos[0] = address(_rns); + tos[1] = address(_rns); + tos[2] = address(_rns); + + callDatas[0] = abi.encodeCall(ERC721.setApprovalForAll, (address(_auction), true)); + callDatas[1] = abi.encodeCall(ERC721.setApprovalForAll, (address(_ronController), true)); + callDatas[2] = abi.encodeCall(ERC721.setApprovalForAll, (address(_reverseRegistrar), true)); + + _multicaller.multicall(tos, callDatas, values); + + vm.stopBroadcast(); } function _postCheck() internal virtual override { - assertEq(multicall.owner(), TUDO); + assertEq(_multicaller.owner(), TUDO); } } diff --git a/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol b/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol index f8e48e1..3ff1cac 100644 --- a/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol @@ -58,27 +58,6 @@ contract Migration__02_Revoke_Roles_Mainnet is Migration { contracts[3] = address(_rns); contracts[4] = address(_auction); - address multicallOwner = _ownedMulticaller.owner(); - console.log("Multicaller owner:", multicallOwner); - - vm.startBroadcast(multicallOwner); - - address[] memory tos = new address[](3); - bytes[] memory callDatas = new bytes[](3); - uint256[] memory values = new uint256[](3); - - tos[0] = address(_rns); - tos[1] = address(_rns); - tos[2] = address(_rns); - - callDatas[0] = abi.encodeCall(ERC721.setApprovalForAll, (address(_auction), true)); - callDatas[1] = abi.encodeCall(ERC721.setApprovalForAll, (address(_ronController), true)); - callDatas[2] = abi.encodeCall(ERC721.setApprovalForAll, (address(_reverseRegistrar), true)); - - _ownedMulticaller.multicall(tos, callDatas, values); - - vm.stopBroadcast(); - vm.startBroadcast(duke); // Transfer .ron domain ownership to owned multicaller uint256[] memory ids = new uint256[](3); From d98139a498c5581d45ba77b6cd3ff3d4d4595493 Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Mon, 15 Jul 2024 15:55:19 +0700 Subject: [PATCH 09/15] script: add more post check --- .../02_Revoke_Roles_Mainnet.s.sol | 74 +++++++++++++++++-- 1 file changed, 68 insertions(+), 6 deletions(-) diff --git a/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol b/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol index 3ff1cac..6b194b6 100644 --- a/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol @@ -21,6 +21,7 @@ import { OwnedMulticaller } from "src/utils/OwnedMulticaller.sol"; import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; import { OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; import { ErrorHandler } from "src/libraries/ErrorHandler.sol"; +import { EventRange } from "src/libraries/LibEventRange.sol"; contract Migration__02_Revoke_Roles_Mainnet is Migration { using Strings for *; @@ -112,13 +113,68 @@ contract Migration__02_Revoke_Roles_Mainnet is Migration { } function _postCheck() internal virtual override { - _validateController(); _validateAuction(); - _validateReverseRegistrar(); + _validateController(); + _validateDomainPrice(); } - function _validateReverseRegistrar() internal view logFn("validateReverseRegistrar") { - assertEq(_rns.getApproved(LibRNSDomain.ADDR_REVERSE_ID), address(_reverseRegistrar)); + function _validateAuction() internal logFn("_validateAuction") { + address operator = _auction.getRoleMember(_auction.OPERATOR_ROLE(), 0); + address admin = _auction.getRoleMember(_auction.DEFAULT_ADMIN_ROLE(), 0); + + string[] memory lbs = new string[](3); + lbs[0] = "liem"; + lbs[1] = "aliem"; + lbs[2] = "dukedepchai"; + + vm.prank(operator); + uint256[] memory ids = _auction.bulkRegister(lbs); + + assembly { + mstore(ids, 2) + } + + address[] memory tos = new address[](2); + tos[0] = duke; + tos[1] = duke; + + vm.warp(block.timestamp + 10 minutes); + vm.prank(operator); + _auction.bulkClaimUnbiddedNames(tos, ids, false); + + assembly { + mstore(ids, 3) + } + + EventRange memory eventRange = EventRange(block.timestamp + 10 minutes, block.timestamp + 11 minutes); + vm.prank(admin); + bytes32 auctionId = _auction.createAuctionEvent(eventRange); + + uint256[] memory listedIds = new uint256[](1); + uint256[] memory startingPrices = new uint256[](1); + startingPrices[0] = 20 ether; + listedIds[0] = ids[2]; + + vm.prank(operator); + _auction.listNamesForAuction(auctionId, listedIds, startingPrices); + + address userA = makeAddr("userA"); + address userB = makeAddr("userB"); + + vm.deal(userA, 100 ether); + vm.deal(userB, 200 ether); + + vm.warp(block.timestamp + 10 minutes); + vm.prank(userA, userA); + _auction.placeBid{ value: 50 ether }(listedIds[0]); + vm.prank(userB, userB); + _auction.placeBid{ value: 100 ether }(listedIds[0]); + + vm.warp(block.timestamp + 11 minutes); + vm.prank(admin); + _auction.bulkClaimBidNames(listedIds); + + console.log(unicode"✅ Auction checks are passed"); } function _validateController() internal logFn("_validateController") { @@ -145,10 +201,16 @@ contract Migration__02_Revoke_Roles_Mainnet is Migration { uint256 expectedId = uint256(string.concat(domain, ".ron").namehash()); assertEq(_rns.ownerOf(expectedId), user.addr); + + (, uint256 rentPrice) = _ronController.rentPrice(domain, 365 days); + vm.deal(user.addr, rentPrice); + vm.prank(user.addr); + _ronController.renew{ value: rentPrice }(domain, 365 days); + console.log(unicode"✅ Controller checks are passed"); } - function _validateAuction() internal logFn("validateAuction") { + function _validateDomainPrice() internal logFn("_validateDomainPrice") { address operator = _auction.getRoleMember(_auction.OPERATOR_ROLE(), 0); string[] memory domainNames = new string[](1); string memory domainName = "tudo-reserved-provip"; @@ -174,6 +236,6 @@ contract Migration__02_Revoke_Roles_Mainnet is Migration { assertTrue(_auction.reserved(id), "invalid bulkRegister"); assertEq(_rns.getRecord(id).mut.expiry, _rns.MAX_EXPIRY(), "invalid expiry time"); - console.log(unicode"✅ Auction checks are passed"); + console.log(unicode"✅ Domain Price checks are passed"); } } From 20477812f804bdae68cec203145b3f4ee3e2b907 Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Mon, 15 Jul 2024 16:07:59 +0700 Subject: [PATCH 10/15] script: explicit owned multicaller contract address --- ...nnet.s.sol => 02_GrantAdminRoleForMultisig_Mainnet.s.sol} | 5 +++-- ..._Testnet.sol => 02_GrantAdminRoleForMultisig_Testnet.sol} | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) rename script/20240516-revoke-roles/{02_Revoke_Roles_Mainnet.s.sol => 02_GrantAdminRoleForMultisig_Mainnet.s.sol} (97%) rename script/20240516-revoke-roles/{02_Revoke_Roles_Testnet.sol => 02_GrantAdminRoleForMultisig_Testnet.sol} (96%) diff --git a/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol similarity index 97% rename from script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol rename to script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol index 6b194b6..07e318d 100644 --- a/script/20240516-revoke-roles/02_Revoke_Roles_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol @@ -23,7 +23,7 @@ import { OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy. import { ErrorHandler } from "src/libraries/ErrorHandler.sol"; import { EventRange } from "src/libraries/LibEventRange.sol"; -contract Migration__02_Revoke_Roles_Mainnet is Migration { +contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { using Strings for *; using ErrorHandler for bool; using LibRNSDomain for string; @@ -49,7 +49,8 @@ contract Migration__02_Revoke_Roles_Mainnet is Migration { _publicResolver = PublicResolver(loadContract(Contract.PublicResolver.key())); _reverseRegistrar = RNSReverseRegistrar(loadContract(Contract.RNSReverseRegistrar.key())); _ronController = RONRegistrarController(loadContract(Contract.RONRegistrarController.key())); - _ownedMulticaller = OwnedMulticaller(loadContract(Contract.OwnedMulticaller.key())); + // Verify: https://app.roninchain.com/address/0x27876429DB2cDDF017DBb63560D0366E4B4E6f8a + _ownedMulticaller = OwnedMulticaller(0x27876429DB2cDDF017DBb63560D0366E4B4E6f8a); _batchTransfer = loadContract(Contract.ERC721BatchTransfer.key()); address[] memory contracts = new address[](5); diff --git a/script/20240516-revoke-roles/02_Revoke_Roles_Testnet.sol b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Testnet.sol similarity index 96% rename from script/20240516-revoke-roles/02_Revoke_Roles_Testnet.sol rename to script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Testnet.sol index c6a6ae1..46029bd 100644 --- a/script/20240516-revoke-roles/02_Revoke_Roles_Testnet.sol +++ b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Testnet.sol @@ -20,7 +20,7 @@ import { RONRegistrarController } from "src/RONRegistrarController.sol"; import { OwnedMulticaller } from "src/utils/OwnedMulticaller.sol"; import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; -contract Migration__01_Revoke_Roles_Testnet is Migration { +contract Migration__02_GrantAdminRoleForMultisig_Testnet is Migration { using Strings for *; using LibRNSDomain for string; @@ -44,7 +44,8 @@ contract Migration__01_Revoke_Roles_Testnet is Migration { _publicResolver = PublicResolver(loadContract(Contract.PublicResolver.key())); _reverseRegistrar = RNSReverseRegistrar(loadContract(Contract.RNSReverseRegistrar.key())); _ronController = RONRegistrarController(loadContract(Contract.RONRegistrarController.key())); - _ownedMulticaller = OwnedMulticaller(loadContract(Contract.OwnedMulticaller.key())); + // Verify: https://saigon-app.roninchain.com/address/0xAcC5b257F42A14436B8f231769E2f22E91EE39dc + _ownedMulticaller = OwnedMulticaller(0xAcC5b257F42A14436B8f231769E2f22E91EE39dc); address[] memory contracts = new address[](5); contracts[0] = address(_domainPrice); From e7b5d77d51e16695cc75bdc0a899d965c278ec4b Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Mon, 15 Jul 2024 16:38:24 +0700 Subject: [PATCH 11/15] script: grant role and revoke role for RNS Operation --- ...1_DeployNew_OwnedMulticaller_Mainnet.s.sol | 12 +- ...02_GrantAdminRoleForMultisig_Mainnet.s.sol | 122 +++++++++++++++++- 2 files changed, 124 insertions(+), 10 deletions(-) diff --git a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol index 68c2acf..776df07 100644 --- a/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol +++ b/script/20240516-revoke-roles/01_DeployNew_OwnedMulticaller_Mainnet.s.sol @@ -7,6 +7,8 @@ import { Migration } from "script/Migration.s.sol"; import { DefaultNetwork } from "@fdk/utils/DefaultNetwork.sol"; import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol"; import { OwnedMulticaller, OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; +import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; +import { Math } from "@openzeppelin/contracts/utils/math/Math.sol"; contract Migration__01_DeployNew_OwnedMulticaller is Migration { address internal constant TUDO = 0x0Ebf93387093D7b7cDa9a4dE5d558507810af5eD; // TuDo's trezor @@ -32,17 +34,21 @@ contract Migration__01_DeployNew_OwnedMulticaller is Migration { vm.startBroadcast(TUDO); - address[] memory tos = new address[](3); - bytes[] memory callDatas = new bytes[](3); - uint256[] memory values = new uint256[](3); + address[] memory tos = new address[](4); + bytes[] memory callDatas = new bytes[](4); + uint256[] memory values = new uint256[](4); tos[0] = address(_rns); tos[1] = address(_rns); tos[2] = address(_rns); + tos[3] = address(_rns); callDatas[0] = abi.encodeCall(ERC721.setApprovalForAll, (address(_auction), true)); callDatas[1] = abi.encodeCall(ERC721.setApprovalForAll, (address(_ronController), true)); callDatas[2] = abi.encodeCall(ERC721.setApprovalForAll, (address(_reverseRegistrar), true)); + // Grant approval for RNSOperation contract. + // Verify: https://app.roninchain.com/address/0xCD245263eDdEE593a5A66f93f74C58c544957339 + callDatas[3] = abi.encodeCall(ERC721.setApprovalForAll, (0xCD245263eDdEE593a5A66f93f74C58c544957339, true)); _multicaller.multicall(tos, callDatas, values); diff --git a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol index 07e318d..de7927a 100644 --- a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol @@ -22,6 +22,10 @@ import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; import { OwnedMulticallerDeploy } from "script/contracts/OwnedMulticallerDeploy.s.sol"; import { ErrorHandler } from "src/libraries/ErrorHandler.sol"; import { EventRange } from "src/libraries/LibEventRange.sol"; +import { RNSOperation } from "src/utils/RNSOperation.sol"; +import { Math } from "@openzeppelin/contracts/utils/math/Math.sol"; +import { INSAuction } from "src/interfaces/INSAuction.sol"; +import { INSDomainPrice } from "src/interfaces/INSDomainPrice.sol"; contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { using Strings for *; @@ -39,6 +43,7 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { RNSReverseRegistrar internal _reverseRegistrar; RONRegistrarController internal _ronController; OwnedMulticaller internal _ownedMulticaller; + RNSOperation internal rnsOperation; address internal _batchTransfer; function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { @@ -52,6 +57,8 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { // Verify: https://app.roninchain.com/address/0x27876429DB2cDDF017DBb63560D0366E4B4E6f8a _ownedMulticaller = OwnedMulticaller(0x27876429DB2cDDF017DBb63560D0366E4B4E6f8a); _batchTransfer = loadContract(Contract.ERC721BatchTransfer.key()); + // Verify: https://app.roninchain.com/address/0xCD245263eDdEE593a5A66f93f74C58c544957339 + rnsOperation = RNSOperation(0xCD245263eDdEE593a5A66f93f74C58c544957339); address[] memory contracts = new address[](5); contracts[0] = address(_domainPrice); @@ -74,11 +81,17 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { ); success.handleRevert(returnOrRevertData); + // Remove approval for batch transfer _rns.setApprovalForAll(_batchTransfer, false); - _rns.setApprovalForAll(address(_auction), false); _rns.setApprovalForAll(address(_ronController), false); _rns.setApprovalForAll(address(_reverseRegistrar), false); + // Remove approval for Legacy Owned Multicaller + // Verify: https://app.roninchain.com/address/0x8975923D01132bEB6c412F827f63D44712726E13 + _rns.setApprovalForAll(0x8975923D01132bEB6c412F827f63D44712726E13, false); + // Remove approval for Legacy RNS Operation contracts + _rns.setApprovalForAll(0xCD245263eDdEE593a5A66f93f74C58c544957339, false); + _rns.setApprovalForAll(0xd9b3CC879113C7ABaa7694d25801bFFD8Fae0F27, false); uint256 length = contracts.length; @@ -97,12 +110,6 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { AccessControlEnumerable(address(_domainPrice)).revokeRole(0x0, 0xAdc6a8fEB5C53303323A1D0280c0a0d5F2e1a14D); // Duke will do this manually - // Ownable(loadContract(Contract.OwnedMulticaller.key())).transferOwnership(multisig); - console.log( - "Duke will transfer to multisig his owner role of contract:", - vm.getLabel(loadContract(Contract.OwnedMulticaller.key())), - "manually" - ); // Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); console.log( "Duke will transfer to multisig his owner role of contract:", @@ -117,6 +124,107 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { _validateAuction(); _validateController(); _validateDomainPrice(); + + // Validate Functionalities of RNS Operation contract + _validateBulkMint(); + _validateOverriddenTiers(); + _validateBulkSetProtected(); + _validateBulkOverrideRenewalFees(); + _validateReclaimAuctionNames({ searchSize: 20 }); + } + + function _validateOverriddenTiers() internal logFn("_validateOverriddenTiers") { + string[] memory labels = new string[](5); + labels[0] = "heidi"; + labels[1] = "luke"; + labels[2] = "sophia"; + labels[3] = "chief"; + labels[4] = "slim"; + + for (uint256 i; i < labels.length; ++i) { + assertEq( + uint8(_domainPrice.getTier(labels[i])), + uint8(INSDomainPrice.Tier.Tier1), + string.concat("invalid tier for _auction label ", labels[i]) + ); + } + } + + function _validateBulkOverrideRenewalFees() internal logFn("_validateBulkOverrideRenewalFees") { + string memory label = "tudo-provip-maximum-ultra"; + string[] memory labels = new string[](1); + labels[0] = label; + uint256[] memory yearlyUSDPrices = new uint256[](1); + // 10 usd per year + yearlyUSDPrices[0] = 10; + + vm.prank(rnsOperation.owner()); + rnsOperation.bulkOverrideRenewalFees(labels, yearlyUSDPrices); + + assertEq(_domainPrice.getOverriddenRenewalFee(label), Math.mulDiv(yearlyUSDPrices[0], 1 ether, 365 days)); + } + + function _validateReclaimAuctionNames(uint256 searchSize) internal logFn("_validateReclaimAuctionNames") { + INSAuction.DomainAuction[] memory domainAuctions = new INSAuction.DomainAuction[](searchSize); + uint256[] memory reservedIds = new uint256[](searchSize); + for (uint256 i; i < searchSize; ++i) { + reservedIds[i] = _rns.tokenOfOwnerByIndex(address(_auction), i); + (domainAuctions[i],) = _auction.getAuction(reservedIds[i]); + } + + uint256 reclaimableAuctionNameId; + for (uint256 i; i < searchSize; ++i) { + if (domainAuctions[i].bid.bidder == address(0x0)) { + reclaimableAuctionNameId = reservedIds[i]; + break; + } + } + + address to = makeAddr("to"); + address[] memory tos = new address[](1); + tos[0] = to; + string memory label = _rns.getRecord(reclaimableAuctionNameId).immut.label; + console.log("reclaimable _auction label", label); + string[] memory labels = new string[](1); + labels[0] = label; + + vm.prank(rnsOperation.owner()); + rnsOperation.reclaimUnbiddedNames({ tos: tos, labels: labels, allowFailure: false }); + } + + function _validateBulkMint() internal logFn("_validateBulkMint") { + address to = makeAddr("to"); + address[] memory tos = new address[](1); + tos[0] = to; + string[] memory labels = new string[](1); + labels[0] = "tudo-provip-maximum-utra"; + uint64 duration = uint64(3 days); + + vm.prank(rnsOperation.owner()); + rnsOperation.bulkMint(tos, labels, duration); + + uint256 id = uint256(string.concat(labels[0], ".ron").namehash()); + assertEq(_rns.ownerOf(id), to); + } + + function _validateBulkSetProtected() internal logFn("_validateBulkSetProtected") { + string[] memory labels = new string[](1); + labels[0] = "tudo-provip-maximum-utra"; + + bool shouldProtect = true; + + vm.prank(rnsOperation.owner()); + rnsOperation.bulkSetProtected(labels, shouldProtect); + + uint256 id = uint256(string.concat(labels[0], ".ron").namehash()); + assertTrue(_rns.getRecord(id).mut.protected); + + shouldProtect = false; + + vm.prank(rnsOperation.owner()); + rnsOperation.bulkSetProtected(labels, shouldProtect); + + assertFalse(_rns.getRecord(id).mut.protected); } function _validateAuction() internal logFn("_validateAuction") { From 26eaabc8f09a279ddecfac2a7dc1d6bad28809bb Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Mon, 15 Jul 2024 16:49:52 +0700 Subject: [PATCH 12/15] chore(update-deps.sh): use soldeer instead of forge soldeer --- .../02_GrantAdminRoleForMultisig_Mainnet.s.sol | 2 +- update-deps.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol index de7927a..89194b0 100644 --- a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol @@ -133,7 +133,7 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { _validateReclaimAuctionNames({ searchSize: 20 }); } - function _validateOverriddenTiers() internal logFn("_validateOverriddenTiers") { + function _validateOverriddenTiers() internal view logFn("_validateOverriddenTiers") { string[] memory labels = new string[](5); labels[0] = "heidi"; labels[1] = "luke"; diff --git a/update-deps.sh b/update-deps.sh index d07e2b8..9e118f9 100755 --- a/update-deps.sh +++ b/update-deps.sh @@ -27,7 +27,7 @@ for dir in */; do fi # Run soldeer update - forge soldeer update + $HOME/.cargo/bin/soldeer update # Return to the dependencies folder cd .. From d727fffaaded320d3fdab89bdee7e91ad12057ed Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Wed, 2 Oct 2024 13:34:39 +0700 Subject: [PATCH 13/15] script: also remve operator roles --- foundry.toml | 27 ++++++++++++++++--- remappings.txt | 12 ++++----- run.sh | 2 +- ...02_GrantAdminRoleForMultisig_Mainnet.s.sol | 12 +++++++++ soldeer.lock | 27 ++++++++++--------- 5 files changed, 57 insertions(+), 23 deletions(-) diff --git a/foundry.toml b/foundry.toml index 525a604..db06d00 100644 --- a/foundry.toml +++ b/foundry.toml @@ -30,6 +30,27 @@ runs = 256 runs = 256 [dependencies] -"@fdk" = { version = "0.3.0-beta", url = "https://github.com/axieinfinity/foundry-deployment-kit/archive/refs/tags/v0.3.0-beta.zip" } -"@pythnetwork-pyth-sdk-solidity" = { version = "2.2.0" } -"@openzeppelin-contracts" = { version = "4.9.3" } +fdk = { version = "0.3.1-beta", url = "https://github.com/axieinfinity/foundry-deployment-kit/archive/refs/tags/v0.3.1-beta.zip" } +openzeppelin = { version = "4.9.3", url = "https://github.com/OpenZeppelin/openzeppelin-contracts/archive/refs/tags/v4.9.3.zip" } +pyth-sdk-solidity = { version = "2.2.0", url = "https://github.com/pyth-network/pyth-sdk-solidity/archive/refs/tags/v2.2.0.zip" } + + +[soldeer] +# whether soldeer manages remappings +remappings_generate = false + +# whether soldeer re-generates all remappings when installing, updating or uninstalling deps +remappings_regenerate = false + +# whether to suffix the remapping with the version: `name-a.b.c` +remappings_version = true + +# a prefix to add to the remappings ("@" would give `@name`) +remappings_prefix = "@" + +# where to store the remappings ("txt" for `remappings.txt` or "config" for `foundry.toml`) +# ignored when `soldeer.toml` is used as config (uses `remappings.txt`) +remappings_location = "txt" + +# whether to install sub-dependencies or not. If true this wil install the dependencies of dependencies 1 level down. +recursive_deps = true diff --git a/remappings.txt b/remappings.txt index 3bc9792..2d2ee1d 100644 --- a/remappings.txt +++ b/remappings.txt @@ -1,10 +1,8 @@ @rns-contracts/=src/ -ds-test/=lib/forge-std/lib/ds-test/src/ -forge-std/=dependencies/@fdk-0.3.0-beta/dependencies/forge-std-1.8.2/src/ -@openzeppelin/contracts/=dependencies/@openzeppelin-contracts-4.9.3/ -contract-template/=lib/contract-template/src/ -@solady/=dependencies/@fdk-0.3.0-beta/dependencies/solady-0.0.206/src/ +forge-std/=dependencies/fdk-0.3.1-beta/dependencies/@forge-std-1.9.1/src/ +@openzeppelin/=dependencies/openzeppelin-4.9.3/ +@solady/=dependencies/fdk-0.3.1-beta/dependencies/@solady-0.0.228/src/ @ensdomains/ens-contracts/=lib/ens-contracts/contracts/ @ensdomains/buffer/=lib/buffer/ -@pythnetwork/=dependencies/@pythnetwork-pyth-sdk-solidity-2.2.0/ -@fdk/=dependencies/@fdk-0.3.0-beta/script \ No newline at end of file +@pythnetwork/=dependencies/pyth-sdk-solidity-2.2.0/ +@fdk/=dependencies/fdk-0.3.1-beta/script \ No newline at end of file diff --git a/run.sh b/run.sh index d99f730..04afed5 100755 --- a/run.sh +++ b/run.sh @@ -1 +1 @@ -source dependencies/@fdk-0.3.0-beta/run.sh +source dependencies/fdk-0.3.1-beta/run.sh diff --git a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol index 89194b0..7ca5e1f 100644 --- a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol @@ -109,6 +109,18 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { // Remove another admin roles: https://sky-mavis.slack.com/archives/C06C3HW1HS7/p1712812933009569 AccessControlEnumerable(address(_domainPrice)).revokeRole(0x0, 0xAdc6a8fEB5C53303323A1D0280c0a0d5F2e1a14D); + // Remove operator role for RNS Unified + AccessControlEnumerable(address(_rns)).revokeRole(_rns.PAUSER_ROLE(), duke); + AccessControlEnumerable(address(_rns)).revokeRole(_rns.PROTECTED_SETTLER_ROLE(), duke); + + // Remove operator role for RNS Auction + AccessControlEnumerable(address(_auction)).revokeRole(_auction.OPERATOR_ROLE(), duke); + // Remove operator role for RNS Domain Price + AccessControlEnumerable(address(_domainPrice)).revokeRole(_domainPrice.OVERRIDER_ROLE(), duke); + // Remove operator role for RNS Registrar Controller + AccessControlEnumerable(address(_ronController)).revokeRole(_ronController.OPERATOR_ROLE(), duke); + AccessControlEnumerable(address(_ronController)).revokeRole(_ronController.PAUSER_ROLE(), duke); + // Duke will do this manually // Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); console.log( diff --git a/soldeer.lock b/soldeer.lock index 026df44..4838b97 100644 --- a/soldeer.lock +++ b/soldeer.lock @@ -1,17 +1,20 @@ [[dependencies]] -name = "@fdk" -version = "0.3.0-beta" -source = "https://github.com/axieinfinity/foundry-deployment-kit/archive/refs/tags/v0.3.0-beta.zip" -checksum = "aabeda6cc1fe02227d26f3edd86d4af6c91e2167e8b9f1971cc1ea7ce33d34f9" +name = "fdk" +version = "0.3.1-beta" +source = "https://github.com/axieinfinity/foundry-deployment-kit/archive/refs/tags/v0.3.1-beta.zip" +checksum = "53cb5bf15abdc909d177c64e78070387af24ef39b2a4b408651836ac9de059c4" +integrity = "967cb0aee7c770a82c4708ff50b2b6ffc529aaa1c800bca250cb96eeb98f806b" [[dependencies]] -name = "@pythnetwork-pyth-sdk-solidity" -version = "2.2.0" -source = "https://soldeer-revisions.s3.amazonaws.com/@pythnetwork-pyth-sdk-solidity/2_2_0_15-04-2024_18:50:54_pyth-sdk-solidity.zip" -checksum = "54e3bda3b27467f84c1605722f58e1d2b5a19d6ca3c24840550f1d6cf3bc2231" +name = "openzeppelin" +version = "4.9.3" +source = "https://github.com/OpenZeppelin/openzeppelin-contracts/archive/refs/tags/v4.9.3.zip" +checksum = "94270990c32ff2d00c06a9dabaf5b7a8e36773e017254acbb39d13733eb82960" +integrity = "5cca086987dbce97760f8a337c0d29e6383fcafaffa9662897695f17566756d0" [[dependencies]] -name = "@openzeppelin-contracts" -version = "4.9.3" -source = "https://soldeer-revisions.s3.amazonaws.com/@openzeppelin-contracts/4_9_3_22-01-2024_13:13:53_contracts.zip" -checksum = "95886307069cf73310b41396c49df51801a73f31f18f62e7d05adfc2031e7725" +name = "pyth-sdk-solidity" +version = "2.2.0" +source = "https://github.com/pyth-network/pyth-sdk-solidity/archive/refs/tags/v2.2.0.zip" +checksum = "71431ac3fe4e61ce2b8abd649d3e741277ca4dba287c2a4291d040190b8fb8da" +integrity = "845f9e662935eb347e9189da9b156f0062bcab1d372c7397777dbda609776a5c" From c4571ab2410f15be2a78124fa53e8a5233e51a0e Mon Sep 17 00:00:00 2001 From: "tu-do.ron" Date: Wed, 2 Oct 2024 15:15:00 +0700 Subject: [PATCH 14/15] Update script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol --- .../02_GrantAdminRoleForMultisig_Mainnet.s.sol | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol index 7ca5e1f..c48e550 100644 --- a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol @@ -33,7 +33,7 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { using LibRNSDomain for string; address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; - address multisig = 0x1FF1edE0242317b8C4229fC59E64DD93952019ef; + address multisig = 0x9d05d1f5b0424f8fde534bc196ffb6dd211d902a; RNSUnified internal _rns; RNSAuction internal _auction; From 11ceba36bc9913c6843ec51ee9fe186f7e1044e7 Mon Sep 17 00:00:00 2001 From: TuDo1403 Date: Fri, 4 Oct 2024 11:41:12 +0700 Subject: [PATCH 15/15] script: resolve sec comment && add rotated duke wallet --- ...02_GrantAdminRoleForMultisig_Mainnet.s.sol | 30 +++++++++++++++---- 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol index c48e550..a3e2da7 100644 --- a/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol +++ b/script/20240516-revoke-roles/02_GrantAdminRoleForMultisig_Mainnet.s.sol @@ -33,7 +33,8 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { using LibRNSDomain for string; address duke = 0x0F68eDBE14C8f68481771016d7E2871d6a35DE11; - address multisig = 0x9d05d1f5b0424f8fde534bc196ffb6dd211d902a; + address multisig = 0x9D05D1F5b0424F8fDE534BC196FFB6Dd211D902a; + address dukeRotated = 0x35558cFFB77C6BdEeD90Cb582eF9404F2032F069; RNSUnified internal _rns; RNSAuction internal _auction; @@ -47,6 +48,10 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { address internal _batchTransfer; function run() external onlyOn(DefaultNetwork.RoninMainnet.key()) { + vm.label(duke, "Duke"); + vm.label(multisig, "Multisig"); + vm.label(dukeRotated, "Duke Rotated"); + _rns = RNSUnified(loadContract(Contract.RNSUnified.key())); _auction = RNSAuction(loadContract(Contract.RNSAuction.key())); _nameChecker = NameChecker(loadContract(Contract.NameChecker.key())); @@ -69,11 +74,12 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { vm.startBroadcast(duke); // Transfer .ron domain ownership to owned multicaller - uint256[] memory ids = new uint256[](3); + uint256[] memory ids = new uint256[](4); ids[0] = 0x0; ids[1] = LibRNSDomain.RON_ID; ids[2] = LibRNSDomain.ADDR_REVERSE_ID; - _rns.setApprovalForAll(_batchTransfer, true); + ids[3] = LibRNSDomain.toId(0x0, "reverse"); + // _rns.setApprovalForAll(_batchTransfer, true); Already approved on mainnet // Bulk transfer .ron domain ownership to owned multicaller (bool success, bytes memory returnOrRevertData) = _batchTransfer.call( @@ -82,7 +88,7 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { success.handleRevert(returnOrRevertData); // Remove approval for batch transfer - _rns.setApprovalForAll(_batchTransfer, false); + // _rns.setApprovalForAll(_batchTransfer, false); Revoke manually _rns.setApprovalForAll(address(_auction), false); _rns.setApprovalForAll(address(_ronController), false); _rns.setApprovalForAll(address(_reverseRegistrar), false); @@ -109,7 +115,19 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { // Remove another admin roles: https://sky-mavis.slack.com/archives/C06C3HW1HS7/p1712812933009569 AccessControlEnumerable(address(_domainPrice)).revokeRole(0x0, 0xAdc6a8fEB5C53303323A1D0280c0a0d5F2e1a14D); - // Remove operator role for RNS Unified + // Add operator role for RNS Unified + AccessControlEnumerable(address(_rns)).grantRole(_rns.PAUSER_ROLE(), dukeRotated); + AccessControlEnumerable(address(_rns)).grantRole(_rns.PROTECTED_SETTLER_ROLE(), dukeRotated); + + // Add operator role for RNS Auction + AccessControlEnumerable(address(_auction)).grantRole(_auction.OPERATOR_ROLE(), dukeRotated); + // Add operator role for RNS Domain Price + AccessControlEnumerable(address(_domainPrice)).grantRole(_domainPrice.OVERRIDER_ROLE(), dukeRotated); + // Add operator role for RNS Registrar Controller + AccessControlEnumerable(address(_ronController)).grantRole(_ronController.OPERATOR_ROLE(), dukeRotated); + AccessControlEnumerable(address(_ronController)).grantRole(_ronController.PAUSER_ROLE(), dukeRotated); + + // Add operator role for RNS Unified AccessControlEnumerable(address(_rns)).revokeRole(_rns.PAUSER_ROLE(), duke); AccessControlEnumerable(address(_rns)).revokeRole(_rns.PROTECTED_SETTLER_ROLE(), duke); @@ -124,7 +142,7 @@ contract Migration__02_GrantAdminRoleForMultisig_Mainnet is Migration { // Duke will do this manually // Ownable(loadContract(Contract.RNSReverseRegistrar.key())).transferOwnership(multisig); console.log( - "Duke will transfer to multisig his owner role of contract:", + "Duke will transfer his ownership to multisig of contract:", vm.getLabel(loadContract(Contract.RNSReverseRegistrar.key())), "manually" );