-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Setup Admin and Oracle Authority (#15)
Reworks the existing authorities to a more generic setup: *admin*: for config field updates. This can be a multisig. *oracle_authority*: for updates of history data. This has to be a hot wallet. With the previous configuration, the stake_authority had the power to change itself. Because it had to be a hot wallet, it's much more likely to get compromised and could then update itself to an attacker's personal wallet with no recourse from the team. In this configuration, the admin multisig could set the oracle_authority to a new hot wallet if the current one has been compromised.
- Loading branch information
Showing
16 changed files
with
100 additions
and
101 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletions
22
programs/validator-history/src/instructions/set_new_admin.rs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
use anchor_lang::prelude::*; | ||
|
||
use crate::state::Config; | ||
|
||
#[derive(Accounts)] | ||
pub struct SetNewAdmin<'info> { | ||
#[account( | ||
mut, | ||
seeds = [Config::SEED], | ||
bump = config.bump, | ||
has_one = admin, | ||
)] | ||
pub config: Account<'info, Config>, | ||
/// CHECK: fine since we are not deserializing account | ||
pub new_admin: AccountInfo<'info>, | ||
pub admin: Signer<'info>, | ||
} | ||
|
||
pub fn handler(ctx: Context<SetNewAdmin>) -> Result<()> { | ||
ctx.accounts.config.admin = ctx.accounts.new_admin.key(); | ||
Ok(()) | ||
} |
22 changes: 22 additions & 0 deletions
22
programs/validator-history/src/instructions/set_new_oracle_authority.rs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
use anchor_lang::prelude::*; | ||
|
||
use crate::state::Config; | ||
|
||
#[derive(Accounts)] | ||
pub struct SetNewOracleAuthority<'info> { | ||
#[account( | ||
mut, | ||
seeds = [Config::SEED], | ||
bump = config.bump, | ||
has_one = admin, | ||
)] | ||
pub config: Account<'info, Config>, | ||
/// CHECK: fine since we are not deserializing account | ||
pub new_oracle_authority: AccountInfo<'info>, | ||
pub admin: Signer<'info>, | ||
} | ||
|
||
pub fn handler(ctx: Context<SetNewOracleAuthority>) -> Result<()> { | ||
ctx.accounts.config.oracle_authority = ctx.accounts.new_oracle_authority.key(); | ||
Ok(()) | ||
} |
22 changes: 0 additions & 22 deletions
22
programs/validator-history/src/instructions/set_new_stake_authority.rs
This file was deleted.
Oops, something went wrong.
22 changes: 0 additions & 22 deletions
22
programs/validator-history/src/instructions/set_new_tip_distribution_authority.rs
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.