mnaamani
commented
1 year ago While writing the members migration script I thought that the call bypassing for sudo calls was not working for the buy_membership dispatch, but now I realize I made the mistake of using sudo rather than sudo_as.
bedeho
We are doing a phased rollout of carthage https://github.com/Joystream/joystream/issues/3792 In the Frozen and Thawn stages we will have a BaseCallFilter applied on the system pallet which will limit dispatch calls that can be executed through extrinsics. https://github.com/Joystream/joystream/blob/c8d46f1d6bd33db1548d34f7367ac522f43cf798/runtime/src/lib.rs#L212
As we need to make calls into the pallets that are filtered we should still be able to through calls to sudo and sudo_as via the Sudo pallet.
Side Note: we should not filter the MultiSig pallet, because we plan to change sudo key to multi-sig after bootstrapping members. We should also confirm that doing a sudo/sudoAs call via multi-sig does indeed work as expected. More importantly we should make sure dispatching through multisig does not bypass the call filter.
code reference for BaseCallFilter:
How dispatch uses the filter https://github.com/Joystream/substrate/blob/f7c7c1d8abf081b8f0117f5458148be7ea77ad28/frame/support/procedural/src/construct_runtime/expand/origin.rs#L159
How filter can be bypassed - used by Sudo:sudo and Sudo:sudo_as https://github.com/Joystream/substrate/blob/f7c7c1d8abf081b8f0117f5458148be7ea77ad28/frame/support/procedural/src/construct_runtime/expand/call.rs#L119
Filter https://github.com/Joystream/substrate/blob/f7c7c1d8abf081b8f0117f5458148be7ea77ad28/frame/support/procedural/src/construct_runtime/expand/call.rs#L104
Tests https://github.com/Joystream/substrate/blob/f7c7c1d8abf081b8f0117f5458148be7ea77ad28/frame/support/test/tests/origin.rs#L171