Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ All notable changes to this project will be documented in this file.

### Changes

- Onchain programs
- Restrict granting the `FOUNDATION` permission flag: a plain `PERMISSION_ADMIN` holder can no longer grant `FOUNDATION` (a privilege escalation). Only a `foundation_allowlist` member or an existing `FOUNDATION` holder may grant it, enforced independently of `RequirePermissionAccounts` so foundation members are never locked out.
- CLI
- Add `doublezero permission audit` to check legacy→Permission parity before enabling `require-permission-accounts`: it reports which legacy keys would lose access to migrated instructions (coverage gaps, non-zero exit), super-admin holders, and the non-migrated subsystems that still depend on the GlobalState allowlists.
- Collector
- Harden ledger writes against a slow/degraded RPC endpoint: bound each RPC request (default 15s, `--ledger-rpc-timeout`), size the connection pool above the submitter concurrency (default 128, `--ledger-rpc-max-conns`), and deadline each submission attempt so it fails fast and retries with a fresh blockhash instead of sending an expired one and failing preflight with `BlockhashNotFound`. (#3973)
- E2E
Expand Down
12 changes: 12 additions & 0 deletions smartcontract/cli/src/cli/command.rs
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,7 @@ impl ServiceabilityCommand {
PermissionCommands::Delete(args) => args.execute(ctx, client, out).await,
PermissionCommands::Get(args) => args.execute(ctx, client, out).await,
PermissionCommands::List(args) => args.execute(ctx, client, out).await,
PermissionCommands::Audit(args) => args.execute(ctx, client, out).await,
},
Self::Tenant(cmd) => match cmd.command {
TenantCommands::Create(args) => args.execute(ctx, client, out).await,
Expand Down Expand Up @@ -395,6 +396,17 @@ mod tests {
));
}

#[test]
fn parses_permission_audit() {
let parsed = TestCli::try_parse_from(["test", "permission", "audit"]).unwrap();
assert!(matches!(
parsed.command,
ServiceabilityCommand::Permission(PermissionCliCommand {
command: PermissionCommands::Audit(_),
})
));
}

// `hide = true` must not gate parsing - operators and automation rely on
// these verbs being reachable even though they do not appear in --help.
#[test]
Expand Down
5 changes: 4 additions & 1 deletion smartcontract/cli/src/cli/permission.rs
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use clap::{Args, Subcommand};

use crate::permission::{delete::*, get::*, list::*, resume::*, set::*, suspend::*};
use crate::permission::{audit::*, delete::*, get::*, list::*, resume::*, set::*, suspend::*};

#[derive(Args, Debug)]
pub struct PermissionCliCommand {
Expand Down Expand Up @@ -28,4 +28,7 @@ pub enum PermissionCommands {
/// List all permission accounts
#[clap()]
List(ListPermissionCliCommand),
/// Audit legacy→Permission parity before enabling require-permission-accounts
#[clap()]
Audit(AuditPermissionCliCommand),
}
Loading
Loading