Skip to content

Commit

Permalink
Auth changes (#30)
Browse files Browse the repository at this point in the history 
* auth

* add darwinia ringdao timelock addr
  • Loading branch information
@hujw77
hujw77 authored Nov 18, 2024
1 parent c4c1da1 commit 72dbe5b
Show file tree
Hide file tree
Showing 3 changed files with 67 additions and 1 deletion.
1 change: 1 addition & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ test :; @forge test
dry-run:; @forge script script/Deploy.s.sol:DeployScript
deploy :; @forge script script/Deploy.s.sol:DeployScript --broadcast --verify --verifier blockscout
migrate:; @forge script script/Migrate.s.sol:MigrateScript --broadcast --verify --verifier blockscout
auth :; @forge script script/Auth.s.sol:AuthScript --broadcast

sync :; @git submodule update --recursive

Expand Down
2 changes: 1 addition & 1 deletion foundry.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ bytecode_hash = "ipfs"
extra_output = ["storageLayout"]
extra_output_files = ["metadata"]
fs_permissions = [{ access = "read", path = "out" }]
# eth_rpc_url = "https://rpc.darwinia.network"
# eth_rpc_url = "http://c1.crab-rpc.itering.io:9944"
# etherscan_api_key = "xxx"

[rpc_endpoints]
Expand Down
65 changes: 65 additions & 0 deletions script/Auth.s.sol
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

import {Script} from "forge-std/Script.sol";
import {safeconsole} from "forge-std/safeconsole.sol";
import {Upgrades} from "openzeppelin-foundry-upgrades/Upgrades.sol";
import {Core} from "openzeppelin-foundry-upgrades/internal/Core.sol";
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
import "@openzeppelin/contracts/access/IAccessControl.sol";

contract AuthScript is Script {
address deployer = 0x5d3c814F82Ef2b22101635f8C6A3e7C8E09E7DD6;
address deposit = 0x46275d29113f065c2aac262f34C7a3d8a8B7377D;
address gRING = 0xdafa555e2785DC8834F4Ea9D1ED88B6049142999;
address hub = 0xa4fFAC7A5Da311D724eD47393848f694Baee7930;

address ktonDAOTimelock = 0x08837De0Ae21C270383D9F2de4DB03c7b1314632;

bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;

function getRingDao() public view returns (address) {
if (block.chainid == 44) {
return 0x663fC3000f0101BF16FDc9F73F02DA6Efa8c5875;
} else if (block.chainid == 46) {
return 0x4DCf0f14cC58fc2Bf313e70573dDB7309523bb23;
} else {
revert("unsupported");
}
}

function run() public {
vm.startBroadcast();

// transfer deposit proxy admin ownership
Ownable depositProxyAdmin = Ownable(Upgrades.getAdminAddress(deposit));
if (depositProxyAdmin.owner() == deployer) {
depositProxyAdmin.transferOwnership(ktonDAOTimelock);
}
require(depositProxyAdmin.owner() == ktonDAOTimelock, "!deposit");

// transfer hub proxy admin ownership
address ringDao = getRingDao();
Ownable hubProxyAdmin = Ownable(Upgrades.getAdminAddress(hub));
if (hubProxyAdmin.owner() == deployer) {
hubProxyAdmin.transferOwnership(ringDao);
}
require(hubProxyAdmin.owner() == ringDao, "!hub");

// gRING grant RingDAO admin role, deplyer renounce
require(IAccessControl(gRING).hasRole(DEFAULT_ADMIN_ROLE, deployer), "!admin1");
IAccessControl(gRING).grantRole(DEFAULT_ADMIN_ROLE, ringDao);
require(IAccessControl(gRING).hasRole(DEFAULT_ADMIN_ROLE, ringDao), "!admin2");
IAccessControl(gRING).renounceRole(DEFAULT_ADMIN_ROLE, deployer);
require(!IAccessControl(gRING).hasRole(DEFAULT_ADMIN_ROLE, deployer), "!renounce");

// transfer gRING proxy admin ownership
Ownable gRINGProxyAdmin = Ownable(Upgrades.getAdminAddress(gRING));
if (gRINGProxyAdmin.owner() == deployer) {
gRINGProxyAdmin.transferOwnership(ringDao);
}
require(gRINGProxyAdmin.owner() == ringDao, "!gRING");

vm.stopBroadcast();
}
}

0 comments on commit 72dbe5b

Please sign in to comment.