Revamp scripts

Author: thmzlt

Anchor.toml

@@ -1,14 +1,17 @@
+[toolchain]
+
 [features]
-seeds = true
+resolution = true
 skip-lint = false
+
 [programs.localnet]
 program_authority_escrow = "Fg6PaFpoGXkYsidMpWTK6W2BeZ7FEfcYkg476zPFsLnS"
 
 [registry]
 url = "https://api.apr.dev"
 
 [provider]
-cluster = "Localnet"
+cluster = "localnet"
 wallet = "/home/gbescos/.config/solana/id.json"
 
 [scripts]

Cargo.lock

@@ -1,26 +1,43 @@
 # program-authority-escrow
 
-A minimalistic, stateless program to safely transfer a solana program from one upgrade authority to another one.
+A stateless Solana program for safe program authority transfers.
 
-The way it works :
-- The current authority uses Propose to transfer the authority of any program to a PDA of the escrow seeded by (current_authority, new_authority)
-- Once the authority has been transferred two outcomes are possible : 
-  - If the current authority calls Revert, the PDA will give the authority back to the current authority 
-  - If the new authority calls Accept, the PDA will give the authority to the new authority
+The current authority calls `propose` to transfer authority to an escrow PDA seeded by `(current_authority, new_authority)`. From there:
+- The current authority can call `revert` to reclaim authority
+- The new authority can call `accept` to complete the transfer
 
-Basically, this program enforces that the new authority has signed before they accept the authority. 
-This makes errors where we mistakenly transfer the authority to a key that we don't own reversible.
+This ensures the new authority has signed before accepting, making accidental transfers to wrong keys reversible.
+
+Build with `cargo build-sbf` and test with `cargo test-sbf`.
+
+## Scripts
+
+TypeScript scripts are provided to interact with the on-chain program. All scripts support:
+- File-based keypairs or Ledger hardware wallets
+- Squads v3 multisig proposals via `--multisig`
+
+Install dependencies with `yarn install`. See `scripts/helpers.ts` for documentation on CLI arguments.
+
+### Propose
+
+Transfer program authority to the escrow. The current authority proposes the transfer:
 
-## Testing
-To run tests:
 ```shell
-cargo test-sbf
+yarn propose --keypair <path|ledger> --program <program_address> --authority <new_authority>
 ```
 
-## Building
-To build:
+### Accept
+
+Accept a proposed authority transfer. The new authority accepts:
+
+```shell
+yarn accept --keypair <path|ledger> --program <program_address> --authority <previous_authority>
+```
+
+### Revert
+
+Revert a proposed transfer before it's accepted. The current authority reverts:
 
 ```shell
-cargo build-sbf
+yarn revert --keypair <path|ledger> --program <program_address> --authority <new_authority>
 ```
-Artifacts will be placed at: `target/deploy/*.so`

README.md

@@ -1,19 +1,28 @@
 {
-    "scripts": {
-        "lint:fix": "prettier */*.js \"*/**/*{.js,.ts}\" -w",
-        "lint": "prettier */*.js \"*/**/*{.js,.ts}\" --check"
-    },
-    "dependencies": {
-        "@project-serum/anchor": "^0.26.0"
-    },
-    "devDependencies": {
-        "chai": "^4.3.4",
-        "mocha": "^9.0.3",
-        "ts-mocha": "^10.0.0",
-        "@types/bn.js": "^5.1.0",
-        "@types/chai": "^4.3.0",
-        "@types/mocha": "^9.0.0",
-        "typescript": "^4.3.5",
-        "prettier": "^2.6.2"
-    }
+  "scripts": {
+    "lint:fix": "prettier */*.js \"*/**/*{.js,.ts}\" -w",
+    "lint": "prettier */*.js \"*/**/*{.js,.ts}\" --check",
+    "propose": "ts-node scripts/propose.ts",
+    "revert": "ts-node scripts/revert.ts",
+    "accept": "ts-node scripts/accept.ts"
+  },
+  "dependencies": {
+    "@coral-xyz/anchor": "^0.30.0",
+    "@ledgerhq/hw-transport": "^6.31.13",
+    "@ledgerhq/hw-transport-node-hid": "^6.29.14",
+    "@sqds/sdk": "^2.0.4",
+    "@types/minimist": "^1.2.5",
+    "minimist": "^1.2.8",
+    "ts-node": "^10.9.2"
+  },
+  "devDependencies": {
+    "@types/bn.js": "^5.1.0",
+    "@types/chai": "^4.3.0",
+    "@types/mocha": "^9.0.0",
+    "chai": "^4.3.4",
+    "mocha": "^9.0.3",
+    "prettier": "^2.6.2",
+    "ts-mocha": "^10.0.0",
+    "typescript": "^4.3.5"
+  }
 }

package.json

@@ -20,6 +20,7 @@ default = []
 custom-heap = []
 custom-panic = []
 anchor-debug = []
+idl-build = ["anchor-lang/idl-build"]
 
 [dependencies]
 anchor-lang.workspace = true
@@ -29,4 +30,3 @@ solana-program-test.workspace = true
 solana-sdk.workspace = true
 tokio.workspace = true
 bincode.workspace = true
-

programs/program-authority-escrow/Cargo.toml

@@ -5,10 +5,7 @@ use anchor_lang::{
     prelude::*,
     solana_program::{
         bpf_loader_upgradeable,
-        program::{
-            invoke,
-            invoke_signed,
-        },
+        program::{invoke, invoke_signed},
     },
 };
 
@@ -86,29 +83,29 @@ pub mod program_authority_escrow {
 
 #[derive(Accounts)]
 pub struct Propose<'info> {
-    pub current_authority:     Signer<'info>,
+    pub current_authority: Signer<'info>,
     /// CHECK: Unchecked new authority, can be a native wallet or a PDA of another program
-    pub new_authority:         AccountInfo<'info>,
+    pub new_authority: AccountInfo<'info>,
     #[account(seeds = [current_authority.key().as_ref(),new_authority.key().as_ref()], bump)]
-    pub escrow_authority:      SystemAccount<'info>,
+    pub escrow_authority: SystemAccount<'info>,
     #[account(executable, constraint = matches!(program_account.as_ref(), UpgradeableLoaderState::Program{..}))]
-    pub program_account:       Account<'info, UpgradeableLoaderState>,
+    pub program_account: Account<'info, UpgradeableLoaderState>,
     #[account(mut, seeds = [program_account.key().as_ref()], bump, seeds::program = bpf_upgradable_loader.key())]
-    pub program_data:          Account<'info, ProgramData>,
+    pub program_data: Account<'info, ProgramData>,
     pub bpf_upgradable_loader: Program<'info, BpfUpgradableLoader>,
 }
 
 #[derive(Accounts)]
 pub struct Accept<'info> {
     /// CHECK: CPI will have the wrong seeds and fail if this is the wrong current authority
-    pub current_authority:     AccountInfo<'info>,
-    pub new_authority:         Signer<'info>,
+    pub current_authority: AccountInfo<'info>,
+    pub new_authority: Signer<'info>,
     #[account(seeds = [current_authority.key().as_ref(),new_authority.key().as_ref()], bump)]
-    pub escrow_authority:      SystemAccount<'info>,
+    pub escrow_authority: SystemAccount<'info>,
     #[account(executable, constraint = matches!(program_account.as_ref(), UpgradeableLoaderState::Program{..}))]
-    pub program_account:       Account<'info, UpgradeableLoaderState>,
+    pub program_account: Account<'info, UpgradeableLoaderState>,
     #[account(mut, seeds = [program_account.key().as_ref()], bump, seeds::program = bpf_upgradable_loader.key())]
-    pub program_data:          Account<'info, ProgramData>,
+    pub program_data: Account<'info, ProgramData>,
     pub bpf_upgradable_loader: Program<'info, BpfUpgradableLoader>,
 }
 

programs/program-authority-escrow/src/lib.rs

@@ -20,6 +20,7 @@ default = []
 custom-heap = []
 custom-panic = []
 anchor-debug = []
+idl-build = ["anchor-lang/idl-build"]
 
 [dependencies]
 anchor-lang.workspace = true
@@ -29,4 +30,3 @@ solana-program-test.workspace = true
 solana-sdk.workspace = true
 tokio.workspace = true
 bincode.workspace = true
-

programs/program-authority-timelock/Cargo.toml

@@ -5,10 +5,7 @@ use anchor_lang::{
     prelude::*,
     solana_program::{
         bpf_loader_upgradeable,
-        program::{
-            invoke,
-            invoke_signed,
-        },
+        program::{invoke, invoke_signed},
     },
 };
 
@@ -74,29 +71,29 @@ pub mod program_authority_timelock {
 #[derive(Accounts)]
 #[instruction(timestamp : i64)]
 pub struct Commit<'info> {
-    pub current_authority:     Signer<'info>,
+    pub current_authority: Signer<'info>,
     /// CHECK: Unchecked new authority, can be a native wallet or a PDA of another program
-    pub new_authority:         AccountInfo<'info>,
+    pub new_authority: AccountInfo<'info>,
     #[account(seeds = [new_authority.key().as_ref(), timestamp.to_be_bytes().as_ref()], bump)]
-    pub escrow_authority:      SystemAccount<'info>,
+    pub escrow_authority: SystemAccount<'info>,
     #[account(executable, constraint = matches!(program_account.as_ref(), UpgradeableLoaderState::Program{..}))]
-    pub program_account:       Account<'info, UpgradeableLoaderState>,
+    pub program_account: Account<'info, UpgradeableLoaderState>,
     #[account(mut, seeds = [program_account.key().as_ref()], bump, seeds::program = bpf_upgradable_loader.key())]
-    pub program_data:          Account<'info, ProgramData>,
+    pub program_data: Account<'info, ProgramData>,
     pub bpf_upgradable_loader: Program<'info, BpfUpgradableLoader>,
 }
 
 #[derive(Accounts)]
 #[instruction(timestamp : i64)]
 pub struct Transfer<'info> {
     /// CHECK: Unchecked new authority, can be a native wallet or a PDA of another program
-    pub new_authority:         AccountInfo<'info>,
+    pub new_authority: AccountInfo<'info>,
     #[account(seeds = [new_authority.key().as_ref(), timestamp.to_be_bytes().as_ref()], bump)]
-    pub escrow_authority:      SystemAccount<'info>,
+    pub escrow_authority: SystemAccount<'info>,
     #[account(executable, constraint = matches!(program_account.as_ref(), UpgradeableLoaderState::Program{..}))]
-    pub program_account:       Account<'info, UpgradeableLoaderState>,
+    pub program_account: Account<'info, UpgradeableLoaderState>,
     #[account(mut, seeds = [program_account.key().as_ref()], bump, seeds::program = bpf_upgradable_loader.key())]
-    pub program_data:          Account<'info, ProgramData>,
+    pub program_data: Account<'info, ProgramData>,
     pub bpf_upgradable_loader: Program<'info, BpfUpgradableLoader>,
 }