feat(multisig-prover): allow governance to update workerset and docum…

…ent instantiation msg parameters (#355) * feat(multisig-prover): allow governance to update workerset and document instantiation msg parameters
axelarnetwork · Apr 18, 2024 · 07bc88f · 07bc88f
1 parent 54be045
commit 07bc88f
Show file tree

Hide file tree

Showing 2 changed files with 54 additions and 2 deletions.
diff --git a/contracts/multisig-prover/src/contract.rs b/contracts/multisig-prover/src/contract.rs
@@ -70,7 +70,8 @@ pub fn execute(
     match msg {
         ExecuteMsg::ConstructProof { message_ids } => execute::construct_proof(deps, message_ids),
         ExecuteMsg::UpdateWorkerSet {} => {
-            execute::require_admin(&deps, info)?;
+            execute::require_admin(&deps, info.clone())
+                .or_else(|_| execute::require_governance(&deps, info))?;
             execute::update_worker_set(deps, env)
         }
         ExecuteMsg::ConfirmWorkerSet {} => execute::confirm_worker_set(deps, info.sender),
@@ -338,7 +339,7 @@ mod tests {
     }
 
     #[test]
-    fn test_update_worker_set_from_non_admin_should_fail() {
+    fn test_update_worker_set_from_non_admin_or_governance_should_fail() {
         let mut test_case = setup_test_case();
         let res = test_case.app.execute_contract(
             Addr::unchecked("some random address"),
@@ -356,6 +357,30 @@ mod tests {
         );
     }
 
+    #[test]
+    fn test_update_worker_set_from_governance_should_succeed() {
+        let mut test_case = setup_test_case();
+        let res = test_case.app.execute_contract(
+            test_case.governance.clone(),
+            test_case.prover_address.clone(),
+            &ExecuteMsg::UpdateWorkerSet {},
+            &[],
+        );
+        assert!(res.is_ok());
+    }
+
+    #[test]
+    fn test_update_worker_set_from_admin_should_succeed() {
+        let mut test_case = setup_test_case();
+        let res = test_case.app.execute_contract(
+            test_case.governance.clone(),
+            test_case.prover_address.clone(),
+            &ExecuteMsg::UpdateWorkerSet {},
+            &[],
+        );
+        assert!(res.is_ok());
+    }
+
     #[test]
     fn test_update_worker_set_remove_one() {
         let mut test_case = setup_test_case();

diff --git a/contracts/multisig-prover/src/msg.rs b/contracts/multisig-prover/src/msg.rs
@@ -8,19 +8,46 @@ use crate::encoding::{Data, Encoder};
 
 #[cw_serde]
 pub struct InstantiateMsg {
+    /// Address that can execute all messages that either have unrestricted or admin permission level, such as UpdateWorkerSet.
+    /// Should be set to a trusted address that can react to unexpected interruptions to the contract's operation.
     pub admin_address: String,
+    /// Address that can call all messages of unrestricted, admin and governance permission level, such as UpdateSigningThreshold.
+    /// This address can execute messages that bypasses verification checks to rescue the contract if it got into an otherwise unrecoverable state due to external forces.
+    /// On mainnet, it should match the address of the Cosmos governance module.
     pub governance_address: String,
+    /// Address of the gateway on axelar associated with the destination chain. For example, if this prover is creating proofs to
+    /// be relayed to Ethereum, this is the address of the gateway on Axelar for Ethereum.
     pub gateway_address: String,
+    /// Address of the multisig contract on axelar.
     pub multisig_address: String,
+    /// Address of the monitoring contract on axelar.
     pub monitoring_address: String,
+    /// Address of the service registry contract on axelar.
     pub service_registry_address: String,
+    /// Address of the voting verifier contract on axelar associated with the destination chain. For example, if this prover is creating
+    /// proofs to be relayed to Ethereum, this is the address of the voting verifier for Ethereum.
     pub voting_verifier_address: String,
+    /// Chain id of the chain for which this prover contract creates proofs. For example, if the destination chain is Ethereum, the chain id is 1.
     pub destination_chain_id: Uint256,
+    /// Threshold of weighted signatures required for signing to be considered complete
     pub signing_threshold: MajorityThreshold,
+    /// Name of service in the service registry for which verifiers are registered.
     pub service_name: String,
+    /// Name of chain for which this prover contract creates proofs.
     pub chain_name: String,
+    /// Maximum tolerable difference between currently active workerset and registered workerset.
+    /// The workerset registered in the service registry must be different by more than this number
+    /// of workers before calling UpdateWorkerSet. For example, if this is set to 1, UpdateWorkerSet
+    /// will fail unless the registered workerset and active workerset differ by more than 1.
     pub worker_set_diff_threshold: u32,
+    /// Type of encoding to use for signed batches. Blockchains can encode their execution payloads in various ways (ABI, BCS, etc).
+    /// This defines the specific encoding type to use for this prover, which should correspond to the encoding type used by the gateway
+    /// deployed on the destination chain.
     pub encoder: Encoder,
+    /// Public key type verifiers use for signing batches. Different blockchains support different cryptographic signature algorithms (ECDSA, Ed25519, etc).
+    /// This defines the specific signature algorithm to use for this prover, which should correspond to the signature algorithm used by the gateway
+    /// deployed on the destination chain. The multisig contract supports multiple public keys per verifier (each a different type of key), and this
+    /// parameter controls which registered public key to use for signing for each verifier registered to the destination chain.
     pub key_type: KeyType,
 }