devHolesky deployment for protocol v1.2.0 (#282)

* chore: devHolesky deployment for protocol v1.2.0 * chore: v1.2.0 deployment with updated license
liquid-collective · Aug 26, 2024 · 7f7a245 · 7f7a245
1 parent 30934d2
commit 7f7a245
Show file tree

Hide file tree

Showing 15 changed files with 10,580 additions and 58 deletions.
diff --git a/deploy/devHolesky/08_deployment_v1_2_0.ts b/deploy/devHolesky/08_deployment_v1_2_0.ts
@@ -0,0 +1,86 @@
+import { DeployFunction } from "hardhat-deploy/dist/types";
+import { HardhatRuntimeEnvironment } from "hardhat/types";
+import { isDeployed, logStep, logStepEnd } from "../../ts-utils/helpers/index";
+import { verify } from "../../scripts/helpers";
+
+const func: DeployFunction = async function ({ deployments, getNamedAccounts }: HardhatRuntimeEnvironment) {
+  const { deployer } = await getNamedAccounts();
+
+  const allowlistDeployment = await deployments.deploy("AllowlistV1_Implementation_1_2_0", {
+    contract: "AllowlistV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("AllowlistV1", allowlistDeployment.address, []);
+
+  const coverageFundDeployment = await deployments.deploy("CoverageFundV1_Implementation_1_2_0", {
+    contract: "CoverageFundV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("CoverageFundV1", coverageFundDeployment.address, []);
+
+  const elFeeRecipientDeployment = await deployments.deploy("ELFeeRecipientV1_Implementation_1_2_0", {
+    contract: "ELFeeRecipientV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("ELFeeRecipientV1", elFeeRecipientDeployment.address, []);
+
+  const operatorsRegistryDeployment = await deployments.deploy("OperatorsRegistryV1_Implementation_1_2_0", {
+    contract: "OperatorsRegistryV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("OperatorsRegistryV1", operatorsRegistryDeployment.address, []);
+
+  const oracleDeployment = await deployments.deploy("OracleV1_Implementation_1_2_0", {
+    contract: "OracleV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("OracleV1", oracleDeployment.address, []);
+
+  const redeemManagerDeployment = await deployments.deploy("RedeemManagerV1_Implementation_1_2_0", {
+    contract: "RedeemManagerV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("RedeemManagerV1", redeemManagerDeployment.address, []);
+
+  const riverDeployment = await deployments.deploy("RiverV1_Implementation_1_2_0", {
+    contract: "RiverV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("RiverV1", riverDeployment.address, []);
+
+  const withdrawDeployment = await deployments.deploy("WithdrawV1_Implementation_1_2_0", {
+    contract: "WithdrawV1",
+    from: deployer,
+    log: true,
+  });
+  await verify("WithdrawV1", withdrawDeployment.address, []);
+
+  logStepEnd(__filename);
+};
+
+func.skip = async function ({ deployments }: HardhatRuntimeEnvironment): Promise<boolean> {
+  logStep(__filename);
+  const shouldSkip =
+    (await isDeployed("AllowlistV1_Implementation_1_2_0", deployments, __filename)) &&
+    (await isDeployed("CoverageFundV1_Implementation_1_2_0", deployments, __filename)) &&
+    (await isDeployed("ELFeeRecipientV1_Implementation_1_2_0", deployments, __filename)) &&
+    (await isDeployed("OperatorsRegistryV1_Implementation_1_2_0", deployments, __filename)) &&
+    (await isDeployed("OracleV1_Implementation_1_2_0", deployments, __filename)) &&
+    (await isDeployed("RedeemManagerV1_Implementation_1_2_0", deployments, __filename)) &&
+    (await isDeployed("RiverV1_Implementation_1_2_0", deployments, __filename)) &&
+    (await isDeployed("WithdrawV1_Implementation_1_2_0", deployments, __filename));
+  if (shouldSkip) {
+    console.log("Skipped");
+    logStepEnd(__filename);
+  }
+  return shouldSkip;
+};
+
+export default func;
diff --git a/deploy/devHolesky/09_upgrade_transactions_v1_2_0.ts b/deploy/devHolesky/09_upgrade_transactions_v1_2_0.ts
@@ -0,0 +1,117 @@
+import { DeployFunction } from "hardhat-deploy/dist/types";
+import { HardhatRuntimeEnvironment } from "hardhat/types";
+
+const func: DeployFunction = async function ({ deployments, getNamedAccounts, ethers }: HardhatRuntimeEnvironment) {
+  const { proxyAdministrator, governor } = await getNamedAccounts();
+
+  const allowlistNewImplementationDeployment = await deployments.get("AllowlistV1_Implementation_1_2_0");
+  const coverageFundNewImplementationDeployment = await deployments.get("CoverageFundV1_Implementation_1_2_0");
+  const elFeeRecipientNewImplementationDeployment = await deployments.get("ELFeeRecipientV1_Implementation_1_2_0");
+  const operatorsRegistryNewImplementationDeployment = await deployments.get(
+    "OperatorsRegistryV1_Implementation_1_2_0"
+  );
+  const oracleNewImplementationDeployment = await deployments.get("OracleV1_Implementation_1_2_0");
+  const redeemManagerNewImplementationDeployment = await deployments.get("RedeemManagerV1_Implementation_1_2_0");
+  const riverNewImplementationDeployment = await deployments.get("RiverV1_Implementation_1_2_0");
+  const withdrawNewImplementationDeployment = await deployments.get("WithdrawV1_Implementation_1_2_0");
+
+  const riverProxyFirewallDeployment = await deployments.get("RiverProxyFirewall");
+  const operatorsRegistryFirewallDeployment = await deployments.get("OperatorsRegistryProxyFirewall");
+  const oracleProxyFirewallDeployment = await deployments.get("OracleProxyFirewall");
+  const redeemManagerProxyFirewallDeployment = await deployments.get("RedeemManagerProxyFirewall");
+  const allowlistProxyFirewallDeployment = await deployments.get("AllowlistProxyFirewall");
+  const withdrawProxyDeployment = await deployments.get("Withdraw");
+  const coverageFundProxyDeployment = await deployments.get("CoverageFund");
+  const eLFeeRecipientProxyDeployment = await deployments.get("ELFeeRecipient");
+  const proxyAdministratorSigner = await ethers.getSigner(proxyAdministrator);
+
+  await upgradeTo(
+    deployments,
+    ethers,
+    allowlistNewImplementationDeployment,
+    proxyAdministratorSigner,
+    allowlistProxyFirewallDeployment.address,
+    "Allowlist"
+  );
+
+  await upgradeTo(
+    deployments,
+    ethers,
+    coverageFundNewImplementationDeployment,
+    proxyAdministratorSigner,
+    coverageFundProxyDeployment.address,
+    "CoverageFund"
+  );
+
+  await upgradeTo(
+    deployments,
+    ethers,
+    elFeeRecipientNewImplementationDeployment,
+    proxyAdministratorSigner,
+    eLFeeRecipientProxyDeployment.address,
+    "ELFeeRecipient"
+  );
+
+  await upgradeTo(
+    deployments,
+    ethers,
+    oracleNewImplementationDeployment,
+    proxyAdministratorSigner,
+    oracleProxyFirewallDeployment.address,
+    "Oracle"
+  );
+
+  await upgradeTo(
+    deployments,
+    ethers,
+    operatorsRegistryNewImplementationDeployment,
+    proxyAdministratorSigner,
+    operatorsRegistryFirewallDeployment.address,
+    "OperatorsRegistry"
+  );
+
+  await upgradeTo(
+    deployments,
+    ethers,
+    redeemManagerNewImplementationDeployment,
+    proxyAdministratorSigner,
+    redeemManagerProxyFirewallDeployment.address,
+    "RedeemManager"
+  );
+
+  await upgradeTo(
+    deployments,
+    ethers,
+    riverNewImplementationDeployment,
+    proxyAdministratorSigner,
+    riverProxyFirewallDeployment.address,
+    "River"
+  );
+  await upgradeTo(
+    deployments,
+    ethers,
+    withdrawNewImplementationDeployment,
+    proxyAdministratorSigner,
+    withdrawProxyDeployment.address,
+    "Withdraw"
+  );
+
+  // TODO: Have to add a keeper transaction setKeeper
+};
+
+async function upgradeTo(deployments, ethers, newImplementation, signer, sendTo, upgrading) {
+  const proxyTransparentArtifact = await deployments.getArtifact("ITransparentUpgradeableProxy");
+  const proxyTransparentInterface = new ethers.utils.Interface(proxyTransparentArtifact.abi);
+  let upgradeData = proxyTransparentInterface.encodeFunctionData("upgradeTo", [newImplementation.address]);
+  let txCount = await signer.getTransactionCount();
+  let tx = await signer.sendTransaction({
+    to: sendTo,
+    data: upgradeData,
+    nonce: txCount,
+  });
+  await tx.wait();
+  console.log("tx >> ", tx);
+  console.log(`${upgrading} Proxy upgraded to ${newImplementation.address}`);
+}
+
+export default func;
diff --git a/deploy/devHolesky/07_deployment_check.ts → deploy/devHolesky/deployment_check.ts b/deploy/devHolesky/07_deployment_check.ts → deploy/devHolesky/deployment_check.ts
@@ -13,6 +13,8 @@ const func: DeployFunction = async function ({
   const { deployer, governor, executor, proxyAdministrator, collector } = await getNamedAccounts();
   let proxyArtifact = await deployments.getArtifact("TUPProxy");
   let proxyInterface = new ethers.utils.Interface(proxyArtifact.abi);
+  let transparentUpgradeableProxyArtifact = await deployments.getArtifact("ITransparentUpgradeableProxy");
+  let transparentUpgradeableProxyInterface = new ethers.utils.Interface(transparentUpgradeableProxyArtifact.abi);
 
   const riverDeployment = await deployments.get("River");
   const RiverContract = await ethers.getContractAt("RiverV1", riverDeployment.address);
@@ -286,7 +288,7 @@ const func: DeployFunction = async function ({
   //   Check if executor should not have permission to call changeAdmin
   if (
     await operatorsRegistryProxyFirewallContract.callStatic.executorCanCall(
-      proxyInterface.getSighash("changeAdmin(address)")
+      transparentUpgradeableProxyInterface.getSighash("changeAdmin(address)")
     )
   ) {
     throw new Error("Executor have permission to call changeAdmin");
@@ -296,7 +298,7 @@ const func: DeployFunction = async function ({
   // Check if executor should not have permission to call upgrade
   if (
     await operatorsRegistryProxyFirewallContract.callStatic.executorCanCall(
-      proxyInterface.getSighash("upgradeTo(address)")
+      transparentUpgradeableProxyInterface.getSighash("upgradeTo(address)")
     )
   ) {
     throw new Error("Executor have permission to call upgradeToAndCall");
@@ -306,7 +308,7 @@ const func: DeployFunction = async function ({
   // Check if executor should not have permission to call upgradeToAndCall
   if (
     await operatorsRegistryProxyFirewallContract.callStatic.executorCanCall(
-      proxyInterface.getSighash("upgradeToAndCall(address,bytes)")
+      transparentUpgradeableProxyInterface.getSighash("upgradeToAndCall(address,bytes)")
     )
   ) {
     throw new Error("Executor have permission to call upgradeToAndCall");
@@ -399,22 +401,22 @@ const func: DeployFunction = async function ({
     console.log("Executor should not have permission to call unpause");
   }
   // Oracle Executor should not have permission to call changeAdmin
-  if (await oracleFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("changeAdmin(address)"))) {
+  if (await oracleFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("changeAdmin(address)"))) {
     throw new Error("Executor have permission to call changeAdmin");
   } else {
     console.log("Executor should not have permission to call changeAdmin");
   }
 
   // Oracle Executor should not have permission to call upgrade
-  if (await oracleFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeTo(address)"))) {
+  if (await oracleFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeTo(address)"))) {
     throw new Error("Executor have permission to call upgradeToAndCall");
   } else {
     console.log("Executor should not have permission to call upgradeToAndCall");
   }
   // Oracle Executor should not have permission to call upgradeToAndCall
   if (
     await oracleFirewallContract.callStatic.executorCanCall(
-      proxyInterface.getSighash("upgradeToAndCall(address,bytes)")
+      transparentUpgradeableProxyInterface.getSighash("upgradeToAndCall(address,bytes)")
     )
   ) {
     throw new Error("Executor have permission to call upgradeToAndCall");
@@ -436,7 +438,7 @@ const func: DeployFunction = async function ({
   // Allowlist Executor should not have permission to call allow
   if (
     await allowlistFirewallContract.callStatic.executorCanCall(
-      allowlistContract.interface.getSighash("allow(address[],uint256[])")
+      allowlistContract.interface.getSighash("setAllowPermissions(address[],uint256[])")
     )
   ) {
     throw new Error("Executor have permission to call allow");
@@ -459,22 +461,22 @@ const func: DeployFunction = async function ({
   }
 
   // Allowlist Executor should not have permission to call changeAdmin
-  if (await allowlistFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("changeAdmin(address)"))) {
+  if (await allowlistFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("changeAdmin(address)"))) {
     throw new Error("Executor have permission to call changeAdmin");
   } else {
     console.log("Executor should not have permission to call changeAdmin");
   }
 
   // Allowlist Executor should not have permission to call upgrade
-  if (await allowlistFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeTo(address)"))) {
+  if (await allowlistFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeTo(address)"))) {
     throw new Error("Executor have permission to call upgradeToAndCall");
   } else {
     console.log("Executor should not have permission to call upgradeToAndCall");
   }
   // Allowlist Executor should not have permission to call upgradeToAndCall
   if (
     await allowlistFirewallContract.callStatic.executorCanCall(
-      proxyInterface.getSighash("upgradeToAndCall(address,bytes)")
+      transparentUpgradeableProxyInterface.getSighash("upgradeToAndCall(address,bytes)")
     )
   ) {
     throw new Error("Executor have permission to call upgradeToAndCall");
@@ -589,19 +591,19 @@ const func: DeployFunction = async function ({
     console.log("Executor should not have permission to call unpause");
   }
   // River Executor should not have permission to call changeAdmin
-  if (await RiverFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("changeAdmin(address)"))) {
+  if (await RiverFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("changeAdmin(address)"))) {
     throw new Error("Executor have permission to call changeAdmin");
   } else {
     console.log("Executor should not have permission to call changeAdmin");
   }
   // River Executor should not have permission to call upgrade
-  if (await RiverFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeTo(address)"))) {
+  if (await RiverFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeTo(address)"))) {
     throw new Error("Executor have permission to call upgrade");
   } else {
     console.log("Executor should not have permission to call upgrade");
   }
   // River Executor should not have permission to call upgradeToAndCall
-  if (await RiverFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeToAndCall(address,bytes)"))) {
+  if (await RiverFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeToAndCall(address,bytes)"))) {
     throw new Error("Executor have permission to call upgradeToAndCall");
   } else {
     console.log("Executor should not have permission to call upgradeToAndCall");
@@ -623,19 +625,19 @@ const func: DeployFunction = async function ({
   }
 
   // Redeem Manager Executor should not have permission to call changeAdmin
-  if (await redeemManagerFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("changeAdmin(address)"))) {
+  if (await redeemManagerFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("changeAdmin(address)"))) {
     throw new Error("Executor have permission to call changeAdmin");
   } else {
     console.log("Executor should not have permission to call changeAdmin");
   }
   // Redeem Manager Executor should not have permission to call upgrade
-  if (await redeemManagerFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeTo(address)"))) {
+  if (await redeemManagerFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeTo(address)"))) {
     throw new Error("Executor have permission to call upgrade");
   } else {
     console.log("Executor should not have permission to call upgrade");
   }
   // Redeem Manager Executor should not have permission to call upgradeToAndCall
-  if (await redeemManagerFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeToAndCall(address,bytes)"))) {
+  if (await redeemManagerFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeToAndCall(address,bytes)"))) {
     throw new Error("Executor have permission to call upgradeToAndCall");
   } else {
     console.log("Executor should not have permission to call upgradeToAndCall");
@@ -654,19 +656,19 @@ const func: DeployFunction = async function ({
     console.log("Executor should not have permission to call unpause");
   }
   // TLC Executor should not have permission to call changeAdmin
-  if (await tlcFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("changeAdmin(address)"))) {
+  if (await tlcFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("changeAdmin(address)"))) {
     throw new Error("Executor have permission to call changeAdmin");
   } else {
     console.log("Executor should not have permission to call changeAdmin");
   }
   // TLC Executor should not have permission to call upgrade
-  if (await tlcFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeTo(address)"))) {
+  if (await tlcFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeTo(address)"))) {
     throw new Error("Executor have permission to call upgrade");
   } else {
     console.log("Executor should not have permission to call upgrade");
   }
   // TLC Executor should not have permission to call upgradeToAndCall
-  if (await tlcFirewallContract.callStatic.executorCanCall(proxyInterface.getSighash("upgradeToAndCall(address,bytes)"))) {
+  if (await tlcFirewallContract.callStatic.executorCanCall(transparentUpgradeableProxyInterface.getSighash("upgradeToAndCall(address,bytes)"))) {
     throw new Error("Executor have permission to call upgradeToAndCall");
   } else {
     console.log("Executor should not have permission to call upgradeToAndCall");
@@ -704,7 +706,7 @@ const func: DeployFunction = async function ({
     console.log("Executor should not have permission to call setConsensusLayerData");
   }
   // River Executor should not have permission to call legacy depositToConsensusLayerWithDepositRoot = $(cast call ${RIVER_FIREWALL} "executorCanCall(bytes4)(bool)" $(cast sig "depositToConsensusLayerWithDepositRoot(uint256)"))"
-  if (await RiverFirewallContract.callStatic.executorCanCall(RiverContract.interface.getSighash("depositToConsensusLayerWithDepositRoot(uint256)"))) {
+  if (await RiverFirewallContract.callStatic.executorCanCall(RiverContract.interface.getSighash("depositToConsensusLayerWithDepositRoot(uint256,bytes32)"))) {
     throw new Error("Executor have permission to call depositToConsensusLayerWithDepositRoot");
   } else {
     console.log("Executor should not have permission to call depositToConsensusLayerWithDepositRoot");