Closed jubeira closed 11 months ago
I've tested the verify
task with the first deployment and with the original delays, and it seems to be working properly.
CI task will fail until the delays can actually be applied, and there's always a minimum delay of 5 days for that. That's what is happening with the currently selected deployment (which btw will be overridden once again by #91). I'll think how to improve this a bit.
The current state should be good to review as a first approach.
Fixing the jobs while the delays are scheduled but not executed would take some more work, and while desirable I think it's not a huge return for the work at this point.
Ok, this is pretty cool.
executeDelays
txBut I think it needs a bit more documentation (e.g., the name of the onchain verification task in the description), and especially what happens when it's deployed on a new network, and when something is changed on chain, like a delay is added or changed. We have to change the input config to keep up with it?
I've modified the scripts a bit so that it's now mostly automatic. We should document somewhere the need for the settings file though.
Description
This PR introduces:
If the contract is deployed in a given network, the new task
build-timelock-authorizer-config
creates a JSON file based on the input configuration for the deployment. The file specifies the delays set for granting / executing action IDs.Then, the task
check-timelock-authorizer-config
verifies the integrity of the file (similar to the address lookup system).Networks that have the Timelock Authorizer should have a non-empty config file, and the file has to match the input specs. This will now be enforced by CI.
The on-chain verification will fail whenever a new rule is added. In particular, it fails right after the deployment because setting the initial delays takes at least 5 days.
I think this is good enough for a first iteration. Eventually the scheduled actions to set the delays shall be executed and the jobs should stop failing.
As a second iteration, we can dig in the scheduled actions, check whether the specified rules are scheduled, and if they are scheduled but still cannot be executed the job should pass.
Type of change
Checklist:
master
, or there's a description of how to mergeIssue Resolution