Merge pull request #795 from ebtc-protocol/feat/r0.8-gov

Feat/r0.8 gov
ebtc-protocol · Mar 14, 2024 · bbf26ed · bbf26ed
2 parents 1ca3031 + ac25177
commit bbf26ed
Show file tree

Hide file tree

Showing 7 changed files with 157 additions and 127 deletions.
diff --git a/packages/contracts/mainnetDeployment/eBTCDeployScript.js b/packages/contracts/mainnetDeployment/eBTCDeployScript.js
@@ -357,91 +357,95 @@ class EBTCDeployerScript {
         let tx;
         const authority = coreContracts.authority;
 
-        // === Timelocks Configuration === //
-
-        const PROPOSER_ROLE = await this.highSecTimelock.PROPOSER_ROLE();
-        const EXECUTOR_ROLE = await this.highSecTimelock.EXECUTOR_ROLE();
-        const CANCELLER_ROLE = await this.highSecTimelock.CANCELLER_ROLE();
-        const TIMELOCK_ADMIN_ROLE = await this.highSecTimelock.TIMELOCK_ADMIN_ROLE();
-
-        // HIGHSEC TIMELOCK
-        // ==========================
-        // PROPOSERS: Security
-        // CANCELLERS: Security
-        // EXECUTORS: Security
-        // Admin: Only Timelock
-        // Delay: 7 days (mainnet)
-        // ==========================
-
-        assert.isTrue(await this.highSecTimelock.getMinDelay() == configParams.HIGHSEC_MIN_DELAY);
-
-        assert.isTrue(await this.highSecTimelock.getRoleMemberCount(PROPOSER_ROLE) == 1);
-        assert.isTrue(await this.highSecTimelock.getRoleMemberCount(EXECUTOR_ROLE) == 1);
-        assert.isTrue(await this.highSecTimelock.getRoleMemberCount(CANCELLER_ROLE) == 1);
-
-        assert.isTrue(await this.highSecTimelock.hasRole(PROPOSER_ROLE, this.securityMultisig));
-        assert.isTrue(await this.highSecTimelock.hasRole(EXECUTOR_ROLE, this.securityMultisig));
-        assert.isTrue(await this.highSecTimelock.hasRole(CANCELLER_ROLE, this.securityMultisig));
-
-        // Only after confirming that the Timelock has admin role on itself, we revoke it from the deployer
-        assert.isTrue(await this.highSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, this.highSecTimelock.address));
-        if (await this.highSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address)) {
-            tx = await this.highSecTimelock.revokeRole(TIMELOCK_ADMIN_ROLE, _deployer.address);
-            await tx.wait();
-            console.log("Revoked TIMELOCK_ADMIN_ROLE of deployer on highSecTimelock");
-        }
-        assert.isFalse(await this.highSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address));
-        assert.isTrue(await this.highSecTimelock.getRoleMemberCount(TIMELOCK_ADMIN_ROLE) == 1);
-
-        // Print out final state for sanity check
-        console.log(chalk.cyan("HIGH SEC TIMELOCK CONFIGURATION"))
-        await printOutTimelockState(this.highSecTimelock);
-
-        // LOWSEC TIMELOCK
-        // ==========================
-        // PROPOSERS: Security and CDP TechOps
-        // CANCELLERS: Security
-        // EXECUTORS: Security and CDP TechOps
-        // Admin: Only Timelock
-        // Delay: 2 days (mainnet)
-        // ==========================
-
-        assert.isTrue(await this.lowSecTimelock.getMinDelay() == configParams.LOWSEC_MIN_DELAY);
-
-        console.log(await this.lowSecTimelock.getRoleMemberCount(PROPOSER_ROLE))
-        console.log(await this.lowSecTimelock.getRoleMemberCount(EXECUTOR_ROLE))
-
-        assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(PROPOSER_ROLE) == 2);
-        assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(EXECUTOR_ROLE) == 2);
-
-        assert.isTrue(await this.lowSecTimelock.hasRole(PROPOSER_ROLE, this.securityMultisig));
-        assert.isTrue(await this.lowSecTimelock.hasRole(PROPOSER_ROLE, this.cdpTechOpsMultisig));
-        assert.isTrue(await this.lowSecTimelock.hasRole(EXECUTOR_ROLE, this.securityMultisig));
-        assert.isTrue(await this.lowSecTimelock.hasRole(EXECUTOR_ROLE, this.cdpTechOpsMultisig));
-        assert.isTrue(await this.lowSecTimelock.hasRole(CANCELLER_ROLE, this.securityMultisig));
-
-        // We remove the canceller from TechOps
-        if (await this.lowSecTimelock.hasRole(CANCELLER_ROLE, this.cdpTechOpsMultisig)) {
-            tx = await this.lowSecTimelock.revokeRole(CANCELLER_ROLE, this.cdpTechOpsMultisig);
-            await tx.wait();
-            console.log("Revoked CANCELLER_ROLE of cdpTechOpsMultisig on lowSecTimelock");
-        }
-        assert.isFalse(await this.lowSecTimelock.hasRole(CANCELLER_ROLE, this.cdpTechOpsMultisig));
-        assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(CANCELLER_ROLE) == 1); // Only Security should be canceller
-
-        // Only after confirming that the Timelock has admin role on itself, we revoke it from the deployer
-        assert.isTrue(await this.lowSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, this.lowSecTimelock.address));
-        if (await this.lowSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address)) {
-            tx = await this.lowSecTimelock.revokeRole(TIMELOCK_ADMIN_ROLE, _deployer.address);
-            await tx.wait();
-            console.log("Revoked TIMELOCK_ADMIN_ROLE of deployer on lowSecTimelock");
-        }
-        assert.isFalse(await this.lowSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address));
-        assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(TIMELOCK_ADMIN_ROLE) == 1); // Only timelock should be admin
+        if (!configParams.SKIP_TIMELOCK_CONFIG) {
+
+            // === Timelocks Configuration === //
+
+            const PROPOSER_ROLE = await this.highSecTimelock.PROPOSER_ROLE();
+            const EXECUTOR_ROLE = await this.highSecTimelock.EXECUTOR_ROLE();
+            const CANCELLER_ROLE = await this.highSecTimelock.CANCELLER_ROLE();
+            const TIMELOCK_ADMIN_ROLE = await this.highSecTimelock.TIMELOCK_ADMIN_ROLE();
+
+            // HIGHSEC TIMELOCK
+            // ==========================
+            // PROPOSERS: Security
+            // CANCELLERS: Security
+            // EXECUTORS: Security
+            // Admin: Only Timelock
+            // Delay: 7 days (mainnet)
+            // ==========================
+
+            assert.isTrue(await this.highSecTimelock.getMinDelay() == configParams.HIGHSEC_MIN_DELAY);
+
+            assert.isTrue(await this.highSecTimelock.getRoleMemberCount(PROPOSER_ROLE) == 1);
+            assert.isTrue(await this.highSecTimelock.getRoleMemberCount(EXECUTOR_ROLE) == 1);
+            assert.isTrue(await this.highSecTimelock.getRoleMemberCount(CANCELLER_ROLE) == 1);
+
+            assert.isTrue(await this.highSecTimelock.hasRole(PROPOSER_ROLE, this.securityMultisig));
+            assert.isTrue(await this.highSecTimelock.hasRole(EXECUTOR_ROLE, this.securityMultisig));
+            assert.isTrue(await this.highSecTimelock.hasRole(CANCELLER_ROLE, this.securityMultisig));
+
+            // Only after confirming that the Timelock has admin role on itself, we revoke it from the deployer
+            assert.isTrue(await this.highSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, this.highSecTimelock.address));
+            if (await this.highSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address)) {
+                tx = await this.highSecTimelock.revokeRole(TIMELOCK_ADMIN_ROLE, _deployer.address);
+                await tx.wait();
+                console.log("Revoked TIMELOCK_ADMIN_ROLE of deployer on highSecTimelock");
+            }
+            assert.isFalse(await this.highSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address));
+            assert.isTrue(await this.highSecTimelock.getRoleMemberCount(TIMELOCK_ADMIN_ROLE) == 1);
+
+            // Print out final state for sanity check
+            console.log(chalk.cyan("HIGH SEC TIMELOCK CONFIGURATION"))
+            await printOutTimelockState(this.highSecTimelock);
+
+            // LOWSEC TIMELOCK
+            // ==========================
+            // PROPOSERS: Security and CDP TechOps
+            // CANCELLERS: Security
+            // EXECUTORS: Security and CDP TechOps
+            // Admin: Only Timelock
+            // Delay: 2 days (mainnet)
+            // ==========================
+
+            assert.isTrue(await this.lowSecTimelock.getMinDelay() == configParams.LOWSEC_MIN_DELAY);
+
+            console.log(await this.lowSecTimelock.getRoleMemberCount(PROPOSER_ROLE))
+            console.log(await this.lowSecTimelock.getRoleMemberCount(EXECUTOR_ROLE))
+
+            assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(PROPOSER_ROLE) == 2);
+            assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(EXECUTOR_ROLE) == 2);
+
+            assert.isTrue(await this.lowSecTimelock.hasRole(PROPOSER_ROLE, this.securityMultisig));
+            assert.isTrue(await this.lowSecTimelock.hasRole(PROPOSER_ROLE, this.cdpTechOpsMultisig));
+            assert.isTrue(await this.lowSecTimelock.hasRole(EXECUTOR_ROLE, this.securityMultisig));
+            assert.isTrue(await this.lowSecTimelock.hasRole(EXECUTOR_ROLE, this.cdpTechOpsMultisig));
+            assert.isTrue(await this.lowSecTimelock.hasRole(CANCELLER_ROLE, this.securityMultisig));
+
+            // We remove the canceller from TechOps
+            if (await this.lowSecTimelock.hasRole(CANCELLER_ROLE, this.cdpTechOpsMultisig)) {
+                tx = await this.lowSecTimelock.revokeRole(CANCELLER_ROLE, this.cdpTechOpsMultisig);
+                await tx.wait();
+                console.log("Revoked CANCELLER_ROLE of cdpTechOpsMultisig on lowSecTimelock");
+            }
+            assert.isFalse(await this.lowSecTimelock.hasRole(CANCELLER_ROLE, this.cdpTechOpsMultisig));
+            assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(CANCELLER_ROLE) == 1); // Only Security should be canceller
+
+            // Only after confirming that the Timelock has admin role on itself, we revoke it from the deployer
+            assert.isTrue(await this.lowSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, this.lowSecTimelock.address));
+            if (await this.lowSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address)) {
+                tx = await this.lowSecTimelock.revokeRole(TIMELOCK_ADMIN_ROLE, _deployer.address);
+                await tx.wait();
+                console.log("Revoked TIMELOCK_ADMIN_ROLE of deployer on lowSecTimelock");
+            }
+            assert.isFalse(await this.lowSecTimelock.hasRole(TIMELOCK_ADMIN_ROLE, _deployer.address));
+            assert.isTrue(await this.lowSecTimelock.getRoleMemberCount(TIMELOCK_ADMIN_ROLE) == 1); // Only timelock should be admin
 
-        // Print out final state for sanity check
-        console.log(chalk.cyan("LOW SEC TIMELOCK CONFIGURATION"))
-        await printOutTimelockState(this.lowSecTimelock);
+            // Print out final state for sanity check
+            console.log(chalk.cyan("LOW SEC TIMELOCK CONFIGURATION"))
+            await printOutTimelockState(this.lowSecTimelock);
+
+        }
 
         // === CDP Authority Configuration === //
 
@@ -626,7 +630,7 @@ async function main() {
     // Flag if useMockCollateral and useMockPriceFeed 
     // also specify which parameter config file to use
     let useMockCollateral = false;
-    let useMockPriceFeed = true;
+    let useMockPriceFeed = false;
 
     let configParams = configParamsLocal;
     // let configParams = configParamsSepolia;

diff --git a/packages/contracts/mainnetDeployment/eBTCDeploymentParams.goerli.js b/packages/contracts/mainnetDeployment/eBTCDeploymentParams.goerli.js
@@ -23,6 +23,9 @@ const LOWSEC_MIN_DELAY = "300" // 5 mins
 const ADDITIONAL_HIGHSEC_ADMIN = ""
 const ADDITIONAL_LOWSEC_ADMIN = ""
 
+// Toggle if reusing Timelocks already configured or if configuration is handled manually
+const SKIP_TIMELOCK_CONFIG = true
+
 module.exports = {
   OUTPUT_FILE,
   DEPLOY_WAIT,
@@ -35,5 +38,6 @@ module.exports = {
   HIGHSEC_MIN_DELAY,
   LOWSEC_MIN_DELAY,
   ADDITIONAL_HIGHSEC_ADMIN,
-  ADDITIONAL_LOWSEC_ADMIN
+  ADDITIONAL_LOWSEC_ADMIN,
+  SKIP_TIMELOCK_CONFIG
 };
diff --git a/packages/contracts/mainnetDeployment/eBTCDeploymentParams.local.js b/packages/contracts/mainnetDeployment/eBTCDeploymentParams.local.js
@@ -18,6 +18,9 @@ const LOWSEC_MIN_DELAY = 300 // 5 mins
 const ADDITIONAL_HIGHSEC_ADMIN = ""
 const ADDITIONAL_LOWSEC_ADMIN = ""
 
+// Toggle if reusing Timelocks already configured or if configuration is handled manually
+const SKIP_TIMELOCK_CONFIG = true
+
 module.exports = {
   OUTPUT_FILE,
   DEPLOY_WAIT,
@@ -29,5 +32,6 @@ module.exports = {
   HIGHSEC_MIN_DELAY,
   LOWSEC_MIN_DELAY,
   ADDITIONAL_HIGHSEC_ADMIN,
-  ADDITIONAL_LOWSEC_ADMIN
+  ADDITIONAL_LOWSEC_ADMIN,
+  SKIP_TIMELOCK_CONFIG
 };
diff --git a/packages/contracts/mainnetDeployment/eBTCDeploymentParams.mainnet.js b/packages/contracts/mainnetDeployment/eBTCDeploymentParams.mainnet.js
@@ -3,10 +3,10 @@ const externalAddress  = {
   "collEthCLFeed": "0x86392dC19c0b719886221c78AB11eb8Cf5c52812",//mainnet
   "btcUsdCLFeed": "0xF4030086522a5bEEa4988F8cA5B36dbC97BeE88c",
   "ethUsdCLFeed": "0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419",
-  "authorityOwner": "",// security multisig
-  "securityMultisig": "", //mainnet
-  "cdpTechOpsMultisig": "", //mainnet
-  "feeRecipientMultisig": "", //mainnet
+  "authorityOwner": "", // Leave empty for deployer, required for atomic governance wireup.
+  "securityMultisig": "0xB3d3B6482fb50C82aa042A710775c72dfa23F7B4", //mainnet
+  "cdpTechOpsMultisig": "0x690C74AF48BE029e763E61b4aDeB10E06119D3ba", //mainnet
+  "feeRecipientMultisig": "0x2CEB95D4A67Bf771f1165659Df3D11D8871E906f", //mainnet
   "treasuryVaultMultisig": "", //mainnet
 }
 
@@ -27,6 +27,9 @@ const LOWSEC_MIN_DELAY = 172800 // 2 days
 const ADDITIONAL_HIGHSEC_ADMIN = ""
 const ADDITIONAL_LOWSEC_ADMIN = ""
 
+// Toggle if reusing Timelocks already configured or if configuration is handled manually
+const SKIP_TIMELOCK_CONFIG = true
+
 module.exports = {
   OUTPUT_FILE,
   DEPLOY_WAIT,
@@ -39,5 +42,6 @@ module.exports = {
   HIGHSEC_MIN_DELAY,
   LOWSEC_MIN_DELAY,
   ADDITIONAL_HIGHSEC_ADMIN,
-  ADDITIONAL_LOWSEC_ADMIN
+  ADDITIONAL_LOWSEC_ADMIN,
+  SKIP_TIMELOCK_CONFIG
 };
diff --git a/packages/contracts/mainnetDeployment/eBTCDeploymentParams.sepolia.js b/packages/contracts/mainnetDeployment/eBTCDeploymentParams.sepolia.js
@@ -1,9 +1,9 @@
 const externalAddress  = {
   "collEthCLFeed": "0x007C2f192D648cBe79Ef3CC5A3DaB43D7D8c893e",
-  "btcUsdCLFeed": "",
-  "ethUsdCLFeed": "",
-  "chainlinkAdapter": "",
-  "authorityOwner": "0xC8A7768D2a9EE15437c981a7130268622083c2BD",// security multisig
+  "btcUsdCLFeed": "0x95ed2698f28c1038846b133a409Ae2Aaf0571EEa",
+  "ethUsdCLFeed": "0x2Cf513b4ba3725F88bf599029Ae1A7930c84d485",
+  "chainlinkAdapter": "0x7a2ed89C0E2E5acF20ccf3284A012ABbfac36D62",
+  "authorityOwner": "", // Leave empty for deployer, required for atomic governance wireup.
   "collateral": "0x97BA9AA7B7DC74f7a74864A62c4fF93b2b22f015", //sepolia
   "securityMultisig": "0xC8A7768D2a9EE15437c981a7130268622083c2BD", //sepolia
   "cdpTechOpsMultisig": "0x664F43229dDa9fdEE00e723753f88f3Ba81967F6", //sepolia
@@ -28,6 +28,9 @@ const LOWSEC_MIN_DELAY = 300 // 5 mins
 const ADDITIONAL_HIGHSEC_ADMIN = "0xC8A7768D2a9EE15437c981a7130268622083c2BD" // security msig
 const ADDITIONAL_LOWSEC_ADMIN = "0xC8A7768D2a9EE15437c981a7130268622083c2BD" // security msig
 
+// Toggle if reusing Timelocks already configured or if configuration is handled manually
+const SKIP_TIMELOCK_CONFIG = true
+
 module.exports = {
   OUTPUT_FILE,
   DEPLOY_WAIT,
@@ -40,5 +43,6 @@ module.exports = {
   HIGHSEC_MIN_DELAY,
   LOWSEC_MIN_DELAY,
   ADDITIONAL_HIGHSEC_ADMIN,
-  ADDITIONAL_LOWSEC_ADMIN
+  ADDITIONAL_LOWSEC_ADMIN,
+  SKIP_TIMELOCK_CONFIG
 };
diff --git a/packages/contracts/mainnetDeployment/eBTCMainnetDeploymentOutput.json b/packages/contracts/mainnetDeployment/eBTCMainnetDeploymentOutput.json
@@ -0,0 +1,10 @@
+{
+    "highSecTimelock": {
+      "address": "0xaDDeE229Bd103bb5B10C3CdB595A01c425dd3264",
+      "verification": "https://etherscan.io/address/0xaDDeE229Bd103bb5B10C3CdB595A01c425dd3264#code"
+    },
+    "lowSecTimelock": {
+      "address": "0xE2F2D9e226e5236BeC4531FcBf1A22A7a2bD0602",
+      "verification": "https://etherscan.io/address/0xE2F2D9e226e5236BeC4531FcBf1A22A7a2bD0602#code"
+    }
+  }