Streamline allowlist management by moving multicast group memberships into AccessPass

[juan-malbeclabs]

This pull request makes several important changes to how user allowlists and multicast group memberships are managed and displayed in the DoubleZero project. The main update is the removal of user-level allowlist management from the CLI and admin interfaces, with multicast group memberships now shown directly in access pass listings. Additionally, error messages and formatting have been improved for clarity and consistency, and related tests have been updated to reflect these changes.

CLI and API Changes:

• Removed user allowlist management commands and related code from both client/doublezero and controlplane/doublezero-admin CLIs, simplifying user management and focusing allowlist operations at the multicast group level. [1] [2] [3] [4] [5] [6] [7] [8]
• Updated e2e test scripts to use --user-payer and --client-ip arguments for multicast group allowlist commands, reflecting the new allowlist management approach.

Access Pass and Multicast Group Display:

• Enhanced the access pass listing to include a summary of multicast group memberships (publisher/subscriber roles) for each access pass, improving visibility into group associations. [1] [2] [3]
• Updated related tests to cover new multicast group fields and removed obsolete allowlist and subscriber fields from test fixtures. [1] [2] [3] [4] [5] [6] [7] [8]

Error Message and Formatting Improvements:

• Refactored error messages in Rust code to use inline formatting for better readability and consistency. [1] [2] [3] [4] [5] [6] [7]

These changes streamline allowlist management, improve the clarity of user and group relationships, and enhance error reporting throughout the codebase.

[Copilot]

Pull Request Overview

This pull request streamlines allowlist management by moving multicast group membership control from the user level to AccessPass entities. The changes simplify user management while improving visibility into group relationships through enhanced access pass listings.

Key changes:

• Removal of user-level allowlist commands from CLI interfaces
• Multicast group allowlist management now operates through AccessPass accounts
• Enhanced display of multicast group memberships in access pass listings

Reviewed Changes

Copilot reviewed 70 out of 70 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
smartcontract/test/start-test.sh	Updated test script to use new allowlist command parameters
smartcontract/sdk/rs/src/commands/multicastgroup/subscribe.rs	Migrated allowlist checks from multicast groups to access passes
smartcontract/programs/doublezero-serviceability/src/state/multicastgroup.rs	Replaced publisher/subscriber lists with simple counts
smartcontract/programs/doublezero-serviceability/src/processors/multicastgroup/allowlist/publisher/add.rs	Refactored to manage allowlists via AccessPass accounts
smartcontract/cli/src/accesspass/list.rs	Added multicast group membership display to access pass listings

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Pull Request Overview

Copilot reviewed 74 out of 74 changed files in this pull request and generated 5 comments.

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[snormore]

We should test this in devnet really well before merging to main - all the workflows related to multicast and users in general since it makes changes on those, and run the QA tests.

It changes a lot of things throughout the code in ways that are not super isolated, so I'd be a bit uncomfortable with merging to main without being pretty confident that if we had to rollout an update to mainnet-beta from main we wouldn't be introducing issues/problems.

[juan-malbeclabs]

Test of the new version against the current one on testnet.

$ cargo run latency --env testnet
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.27s
     Running `/home/jolveira/malbeclabs/doublezero/target/debug/doublezero latency --env testnet`
 pubkey                                       | code         | ip             | min      | max      | avg      | reachable 
 6E1fuqbDBG5ejhYEGKHNkWG5mSTczjy4R77XCKEdUtpb | nyc-dz001    | 64.86.249.22   | 161.58ms | 163.76ms | 162.54ms | true      
 CT8mP6RUoRcAB67HjKV9am7SBTCpxaJEwfQrSjVLdZfD | lax-dz001    | 207.45.216.134 | 191.02ms | 192.79ms | 191.67ms | true      
 Cpt3doj17dCF6bEhvc7VeAuZbXLD88a1EboTyE8uj6ZL | lon-dz001    | 195.219.120.66 | 232.45ms | 234.75ms | 233.31ms | true      
 4Wr7PQr5kyqCNJo3RKa8675K7ZtQ6fBUeorcexgp49Zp | ams-dz001    | 195.219.138.50 | 237.40ms | 239.98ms | 238.44ms | true      
 29ghthsKeH2ZCUmN2sUvhJtpEXn2ZxqAuq4sZFBFZmEs | fra-dz001    | 195.219.220.58 | 242.09ms | 249.89ms | 246.61ms | true      
 hWffRFpLrsZoF5r9qJS6AL2D9TEmSvPUBEbDrLc111Y  | fra-dz-001-x | 195.12.227.250 | 252.50ms | 254.81ms | 253.41ms | true      
 8jyamHfu3rumSEJt9YhtYw3J4a7aKeiztdqux17irGSj | prg-dz-001-x | 195.12.228.250 | 256.31ms | 258.99ms | 257.48ms | true      
 5tqXoiQtZmuL6CjhgAC6vA49JRUsgB9Gsqh4fNjEhftU | tyo-dz001    | 180.87.154.78  | 298.50ms | 303.63ms | 301.70ms | true      
 D3ZjDiLzvrGi5NJGzmM7b3YZg6e2DrUcBCQznJr3KfC8 | sin-dz001    | 180.87.102.98  | 358.56ms | 366.92ms | 363.57ms | true   

$ cargo run connect ibrl --env testnet
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 1.01s
     Running `/home/jolveira/malbeclabs/doublezero/target/debug/doublezero connect ibrl --env testnet`
DoubleZero Service Provisioning
🔗  Start Provisioning User...
Public IP detected: 190.229.37.107 - If you want to use a different IP, you can specify it with `--client-ip x.x.x.x`
🔍  Provisioning User for IP: 190.229.37.107
    User account created
    Connected to device: nyc-dz001 
    Service provisioned with status: ok
✅  User Provisioned

$ cargo run disconnect --env testnet
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.26s
     Running `/home/jolveira/malbeclabs/doublezero/target/debug/doublezero disconnect --env testnet`
DoubleZero Service Provisioning
🔍  Decommissioning User
Public IP detected: 190.229.37.107 - If you want to use a different IP, you can specify it with `--client-ip x.x.x.x`
\ [00:00:01] [##########>-----------------------------] 1/4 deleting user account...                                                                                                                                                                 🔍  Deleting User Account for: 9erSMjsq8Akjo48XyrLoSSwkMTMVCGJsa4vCekDbqEhA
🔍  User Account deleting...
✅  Deprovisioning Complete

Testing the current version (currently on testnet) against devnet with the new version of the program

$ cargo run latency --env devnet
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.98s
     Running `/home/jolveira/malbeclabs/doublezero/target/debug/doublezero latency --env devnet`
 pubkey                                       | code        | ip         | min      | max      | avg      | reachable 
 8PQkip3CxWhQTdP7doCyhT2kwjSL2csRTdnRg2zbDPs1 | chi-dn-dzd1 | 100.0.0.1  | 162.47ms | 165.76ms | 164.35ms | true      
 5FGpQsGgRZh9LggKdwJ6Vime9ecXVosRMQA4qVAQJnYX | chi-dn-dzd2 | 100.0.0.17 | 0.00ms   | 0.00ms   | 0.00ms   | false     
 4CkvmyquGN4qtXLNj3hpJcqYbb7PCanLbU1rQHHdp6xp | chi-dn-dzd3 | 100.0.0.33 | 0.00ms   | 0.00ms   | 0.00ms   | false     
 7g6TT8RU2iBKaWzAxBx87S4aYq5HMztTA1vedQmMpREZ | test789     | 1.2.3.6    | 0.00ms   | 0.00ms   | 0.00ms   | false     
 3JT6EPj4ESTRevv6MadpLYLvijBVDTQXhuHWuZzFgNfV | dz-test     | 1.2.3.7    | 0.00ms   | 0.00ms   | 0.00ms   | false     
 JATksU22Uc6uwJ5bQvEisf3XWFJAtJrdh3n7eSNmrK7C | test123     | 1.2.3.4    | 0.00ms   | 0.00ms   | 0.00ms   | false     
 7sk4SevuKLWNDLDjCy8m9bMk9MtXPDxmL5TQrchDPeca | chi-dn-dzd4 | 100.0.0.49 | 0.00ms   | 0.00ms   | 0.00ms   | false     
 Cu9n4EreVz2iUieSAyLxbLMtcKCTzggLomn68oUge5ww | test456     | 1.2.3.5    | 0.00ms   | 0.00ms   | 0.00ms   | false  

$ cargo run connect ibrl --env devnet
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.26s
     Running `/home/jolveira/malbeclabs/doublezero/target/debug/doublezero connect ibrl --env devnet`
DoubleZero Service Provisioning
🔗  Start Provisioning User...
Public IP detected: 190.229.37.107 - If you want to use a different IP, you can specify it with `--client-ip x.x.x.x`
🔍  Provisioning User for IP: 190.229.37.107
    User account created
    Connected to device: chi-dn-dzd1 
    Service provisioned with status: ok
✅  User Provisioned

$ cargo run disconnect --env devnet
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.26s
     Running `/home/jolveira/malbeclabs/doublezero/target/debug/doublezero disconnect --env devnet`
DoubleZero Service Provisioning
🔍  Decommissioning User
Public IP detected: 190.229.37.107 - If you want to use a different IP, you can specify it with `--client-ip x.x.x.x`
\ [00:00:00] [##########>-----------------------------] 1/4 deleting user account...                                                                                                    🔍  Deleting User Account for: FLB693Uu2yYUhFiFjSwbCfKAuuVyTST5LPJK7UgDQVRt
🔍  User Account deleting...
✅  Deprovisioning Complete