Open
Conversation
…de, executeGovernedUpgrade, getAppGoverned
…mmands - ABI: getAppGoverned→getAppTimelocked, DirectUpgradeNotAllowed→TimelockRequired, GovernanceRequired→NotTimelocked - SDK caller: getAppGoverned→getAppTimelocked, update error messages - SDK app module: isGoverned→isTimelocked in interface and implementation - CLI upgrade: block direct upgrade when app is timelocked - CLI upgrade schedule/execute: new commands for timelocked two-step flow - CLI ownership transfer: new command, shows timelocked mode note post-transfer - Docs: add governance-commands.md documenting all new commands and flows
SDK: - Update AppController ABI from latest contract (adds cancelUpgrade, team role functions, getAppOwner) - Add cancelAppUpgrade, grantTeamRole, revokeTeamRole, getTeamRoleMembers, getAppOwner to caller.ts - Add TeamRole enum to SDK - Add cancelUpgrade, grantTeamRole, revokeTeamRole, getTeamRoleMembers to AppModule interface and implementation - Export new functions and types from client/index.ts CLI: - ecloud compute app upgrade cancel — cancel a pending scheduled upgrade - ecloud compute team grant <addr> --role=PAUSER|DEVELOPER — grant team role - ecloud compute team revoke <addr> --role=PAUSER|DEVELOPER — revoke team role - ecloud compute team list — show ADMIN/PAUSER/DEVELOPER members for an app
…e selection - CLI now stores multiple identities (EOA, Safe, Timelock) per user in config - Active identity is tracked per environment - auth login: shows identity selector; 1 identity auto-prompts, replacing key wipes old identities and re-discovers Timelock for new EOA - auth new/generate: rewritten with EOA/Safe/Timelock flows; enforces CANONICAL_SALT for deterministic Timelock addresses - auth whoami: shows all identities with active marker and signing key status - SDK: add deploySafe, deployTimelock, discoverTimelockForEOA, CANONICAL_SALT - SDK: add SafeTimelockFactory and TimelockController ABIs
…ore replace - auth new → Safe: auto-generate signing key if none exists, EOA always pre-filled as owner - auth new → Timelock: EOA proposer defaults to signing key, Safe prompts for address - Consistent warning message across all key-replace flows - Show existing key in pager before warning so user can back it up - Safe Transaction Service discovery in auth login (find Safes where EOA is owner) - Remove redundant Safe identity entry when Safe+Timelock deployed together
executeGovernedUpgrade previously re-ran the full Docker build pipeline to reconstruct the Release for on-chain hash verification. This would fail with ReleaseMismatch on any non-deterministic build. The Release is already emitted in full in the AppUpgradeScheduled event. Add getScheduledRelease() to fetch and decode it from logs by matching on readyAt, then pass it directly to executeUpgrade — no rebuild needed. Also simplifies ExecuteGovernedUpgradeOptions and the execute CLI command, removing all build flags (dockerfile, image-ref, env-file, instance-type, log-visibility, resource-usage-monitoring) that are no longer required.
…ions Add schedule/execute CLI commands and SDK methods for the three AppController operations that require Timelock routing when an app is timelocked: terminateApp, transferOwnership, and grantTeamRole(ADMIN). - TimelockController ABI: add schedule, execute, hashOperation, getTimestamp - caller.ts: add scheduleTimelockOp/executeTimelockOp primitives, per-op helpers (terminate, transferOwnership, grantTeamAdmin), and readyAt helpers - AppModule: expose all new methods including getTimelockTerminateReadyAt, getTimelockTransferOwnershipReadyAt, getTimelockGrantAdminReadyAt - CLI: app terminate schedule/execute, app ownership schedule-transfer/ execute-transfer, team grant-admin schedule/execute
… consistent style - Add new commands: ownership schedule/execute-transfer, terminate schedule/execute, upgrade cancel, team grant-admin schedule/execute - Rename sections to command-group style (compute app, compute team, etc.) - Shorten command names in table rows (remove ecloud compute app prefix) - Replace emoji cell values with plain text (no permission, direct, yes, visible) - Abbreviate column headers to TL(EOA) / TL(Safe) - Update legend to document new cell value vocabulary
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
contract changes Layr-Labs/eigenx-contracts#9