refactor: remove command pda from rotate signers ix (#415)

* refactor: remove command PDA parameter from `rotate_signers`
---------

Co-authored-by: Guilherme Felipe da Silva <[email protected]>

solana/helpers/test-fixtures/src/test_setup.rs

@@ -683,14 +683,12 @@ impl TestFixture {
         &mut self,
         gateway_root_pda: &Pubkey,
         execute_data_pda: &Pubkey,
-        rotate_signers_command_pda: &Pubkey,
         current_verifier_set_tracker_pda: &Pubkey,
         new_verifier_set_tracker_pda: &Pubkey,
     ) -> BanksTransactionResultWithMetadata {
         let ix = gateway::instructions::rotate_signers(
             *execute_data_pda,
             *gateway_root_pda,
-            *rotate_signers_command_pda,
             None,
             *current_verifier_set_tracker_pda,
             *new_verifier_set_tracker_pda,
@@ -781,7 +779,6 @@ impl TestFixture {
     /// gateway.rotate_signers.
     ///
     /// Returns:
-    /// - approved command PDA
     /// - execute data thats stored inside the execute data PDA
     /// - execute data PDA
     pub async fn fully_rotate_signers(
@@ -790,8 +787,8 @@ impl TestFixture {
         new_signer_set: VerifierSet,
         signers: &SigningVerifierSet,
         domain_separator: &[u8; 32],
-    ) -> (Pubkey, Vec<u8>, Pubkey) {
-        let (command_pdas, execute_data, execute_data_pda, tx) = self
+    ) -> (Vec<u8>, Pubkey) {
+        let (execute_data, execute_data_pda, tx) = self
             .fully_rotate_signers_with_execute_metadata(
                 gateway_root_pda,
                 new_signer_set,
@@ -800,7 +797,7 @@ impl TestFixture {
             )
             .await;
         assert!(tx.result.is_ok());
-        (command_pdas, execute_data, execute_data_pda)
+        (execute_data, execute_data_pda)
     }
 
     pub async fn fully_rotate_signers_with_execute_metadata(
@@ -809,7 +806,7 @@ impl TestFixture {
         new_signer_set: VerifierSet,
         signers: &SigningVerifierSet,
         domain_separator: &[u8; 32],
-    ) -> (Pubkey, Vec<u8>, Pubkey, BanksTransactionResultWithMetadata) {
+    ) -> (Vec<u8>, Pubkey, BanksTransactionResultWithMetadata) {
         let current_verifier_set_tracker_pda = signers.verifier_set_tracker();
         let (new_verifier_set_tracker_pda, _) =
             gateway::get_verifier_set_tracker_pda(&gateway::ID, new_signer_set.hash(hasher_impl()));
@@ -822,28 +819,16 @@ impl TestFixture {
             )
             .await;
 
-        let command = OwnedCommand::RotateSigners(new_signer_set);
-        let rotate_signers_command_pda = self
-            .init_pending_gateway_commands(gateway_root_pda, &[command])
-            .await
-            .pop()
-            .unwrap();
         let tx = self
             .rotate_signers_with_metadata(
                 gateway_root_pda,
                 &execute_data_pda,
-                &rotate_signers_command_pda,
                 &current_verifier_set_tracker_pda,
                 &new_verifier_set_tracker_pda,
             )
             .await;
 
-        (
-            rotate_signers_command_pda,
-            execute_data,
-            execute_data_pda,
-            tx,
-        )
+        (execute_data, execute_data_pda, tx)
     }
 
     pub async fn get_account<T: solana_program::program_pack::Pack + BorshDeserialize>(

solana/programs/gateway/src/axelar_auth_weighted.rs

@@ -99,11 +99,11 @@ impl AxelarAuthWeighted {
         }
 
         let epoch = self.current_epoch();
-        let elapsed: BnumU256 = epoch
+        let diff: BnumU256 = epoch
             .checked_sub(verifier_set_tracker.epoch)
             .ok_or(AxelarAuthWeightedError::EpochCalculationOverflow)?
             .into();
-        if elapsed >= self.previous_signers_retention.into() {
+        if diff >= self.previous_signers_retention.into() {
             msg!("verifier set is too old");
             return Err(AxelarAuthWeightedError::InvalidSignerSet);
         }

solana/programs/gateway/src/instructions.rs

@@ -39,15 +39,13 @@ pub enum GatewayInstruction {
     /// Accounts expected by this instruction:
     /// 0. [WRITE] Gateway Root Config PDA account
     /// 1. [] Gateway ExecuteData PDA account
-    /// 2. [WRITE] Gateway ApprovedCommand PDA account. The command needs to be
-    ///    `RotateSigners`.
-    /// 3. [] Verifier Setr Tracker PDA account (the one that signed the
+    /// 2. [] Verifier Setr Tracker PDA account (the one that signed the
     ///    ExecuteData)
-    /// 4. [WRITE, SIGNER] new uninitialized VerifierSetTracker PDA account (the
+    /// 3. [WRITE, SIGNER] new uninitialized VerifierSetTracker PDA account (the
     ///    one that needs to be initialized)
-    /// 5. [WRITE, SIGNER] Funding account for the new VerifierSetTracker PDA
-    /// 6. [] System Program account
-    /// 7. Opional: [SIGNER] `Operator` that's stored in the gateway confi PDA.
+    /// 4. [WRITE, SIGNER] Funding account for the new VerifierSetTracker PDA
+    /// 5. [] System Program account
+    /// 6. Optional: [SIGNER] `Operator` that's stored in the gateway config PDA.
     RotateSigners,
 
     /// Represents the `CallContract` Axelar event.
@@ -283,7 +281,6 @@ pub fn approve_messages(
 pub fn rotate_signers(
     execute_data_account: Pubkey,
     gateway_root_pda: Pubkey,
-    command_account: Pubkey,
     operator: Option<Pubkey>,
     current_verifier_set_tracker_pda: Pubkey,
     new_verifier_set_tracker_pda: Pubkey,
@@ -294,7 +291,6 @@ pub fn rotate_signers(
     let mut accounts = vec![
         AccountMeta::new(gateway_root_pda, false),
         AccountMeta::new_readonly(execute_data_account, false),
-        AccountMeta::new(command_account, false),
         AccountMeta::new_readonly(current_verifier_set_tracker_pda, false),
         AccountMeta::new(new_verifier_set_tracker_pda, false),
         AccountMeta::new(payer, true),

solana/programs/gateway/src/processor/rotate_signers.rs

@@ -12,11 +12,10 @@ use solana_program::sysvar::Sysvar;
 
 use super::Processor;
 use crate::axelar_auth_weighted::SignerSetMetadata;
-use crate::commands::ArchivedCommand;
 use crate::events::GatewayEvent;
 use crate::state::execute_data::{ArchivedGatewayExecuteData, RotateSignersVariant};
 use crate::state::verifier_set_tracker::VerifierSetTracker;
-use crate::state::{GatewayApprovedCommand, GatewayConfig};
+use crate::state::{GatewayConfig};
 use crate::{assert_valid_verifier_set_tracker_pda, seed_prefixes};
 
 impl Processor {
@@ -37,7 +36,6 @@ impl Processor {
         let mut accounts_iter = accounts.iter();
         let gateway_root_pda = next_account_info(&mut accounts_iter)?;
         let gateway_approve_messages_execute_data_pda = next_account_info(&mut accounts_iter)?;
-        let message_account = next_account_info(&mut accounts_iter)?;
         let signer_verifier_set = next_account_info(&mut accounts_iter)?;
         let new_empty_verifier_set = next_account_info(&mut accounts_iter)?;
         let payer = next_account_info(&mut accounts_iter)?;
@@ -82,16 +80,6 @@ impl Processor {
         };
 
         let new_verifier_set = &execute_data.data;
-        let command = ArchivedCommand::from(new_verifier_set);
-
-        let approved_command_account = message_account
-            .as_ref()
-            .check_initialized_pda::<GatewayApprovedCommand>(program_id)?
-            .command_valid_and_pending(gateway_root_pda.key, &command, message_account)?
-            .ok_or_else(|| {
-                msg!("Command already executed");
-                ProgramError::InvalidArgument
-            })?;
 
         // Check: proof signer set is known.
         let signer_data = gateway_config
@@ -124,10 +112,7 @@ impl Processor {
 
         gateway_config.auth_weighted.last_rotation_timestamp = current_time;
 
-        // Save the updated approved message account
-        let mut data = message_account.try_borrow_mut_data()?;
-        approved_command_account.pack_into_slice(&mut data);
-
+        // Rotate the signers
         let new_verifier_set_tracker = match gateway_config.rotate_signers(new_verifier_set) {
             Ok(new_verifier_set_tracker) => new_verifier_set_tracker,
             Err(err) => {

solana/programs/gateway/tests/module/rotate_signers.rs

@@ -12,7 +12,7 @@ use test_fixtures::test_setup::{
 };
 
 use crate::{
-    get_approved_command, get_gateway_events, get_gateway_events_from_execute_data, make_messages,
+    get_gateway_events, get_gateway_events_from_execute_data, make_messages,
     make_payload_and_commands,
 };
 
@@ -44,18 +44,12 @@ async fn successfully_rotates_signers() {
     let (execute_data_pda, _) = fixture
         .init_execute_data(&gateway_root_pda, payload, &signers, &domain_separator)
         .await;
-    let gateway_approved_command_pda = fixture
-        .init_pending_gateway_commands(&gateway_root_pda, &command)
-        .await
-        .pop()
-        .unwrap();
 
     // Action
     let tx = fixture
         .rotate_signers_with_metadata(
             &gateway_root_pda,
             &execute_data_pda,
-            &gateway_approved_command_pda,
             &signers.verifier_set_tracker(),
             &new_signer_set.verifier_set_tracker(),
         )
@@ -73,10 +67,6 @@ async fn successfully_rotates_signers() {
         assert_eq!(actual, expected);
     }
 
-    // - command PDAs get updated
-    let approved_command = get_approved_command(&mut fixture, &gateway_approved_command_pda).await;
-    assert!(approved_command.is_command_executed());
-
     // - signers have been updated
     let root_pda_data = fixture
         .get_account::<gmp_gateway::state::GatewayConfig>(&gateway_root_pda, &gmp_gateway::ID)
@@ -197,17 +187,11 @@ async fn succeed_if_signer_set_signed_by_old_signer_set_and_submitted_by_the_ope
     let (execute_data_pda, _) = fixture
         .init_execute_data(&gateway_root_pda, payload, &signers, &domain_separator)
         .await;
-    let rotate_signers_command_pda = fixture
-        .init_pending_gateway_commands(&gateway_root_pda, &command)
-        .await
-        .pop()
-        .unwrap();
 
     // Action
     let ix = gmp_gateway::instructions::rotate_signers(
         execute_data_pda,
         gateway_root_pda,
-        rotate_signers_command_pda,
         Some(operator.pubkey()),
         signers.verifier_set_tracker(),
         newer_signer_set.verifier_set_tracker(),
@@ -232,10 +216,6 @@ async fn succeed_if_signer_set_signed_by_old_signer_set_and_submitted_by_the_ope
         assert_eq!(actual, expected);
     }
 
-    // - command PDAs get updated
-    let approved_command = get_approved_command(&mut fixture, &rotate_signers_command_pda).await;
-    assert!(approved_command.is_command_executed());
-
     // - signers have been updated
     let root_pda_data = fixture
         .get_account::<gmp_gateway::state::GatewayConfig>(&gateway_root_pda, &gmp_gateway::ID)
@@ -274,24 +254,18 @@ async fn fail_if_provided_operator_is_not_the_real_operator_thats_stored_in_gate
         .await;
 
     let newer_signer_set = make_signers(&[500, 200], 700);
-    let (payload, command) = payload_and_command(&newer_signer_set.verifier_set());
+    let (payload, ..) = payload_and_command(&newer_signer_set.verifier_set());
 
     // we stil use the initial signer set to sign the data (the `signers` variable)
     let (execute_data_pda, _) = fixture
         .init_execute_data(&gateway_root_pda, payload, &signers, &domain_separator)
         .await;
-    let rotate_signers_command_pda = fixture
-        .init_pending_gateway_commands(&gateway_root_pda, &command)
-        .await
-        .pop()
-        .unwrap();
 
     // Action
     let fake_operator = Keypair::new();
     let ix = gmp_gateway::instructions::rotate_signers(
         execute_data_pda,
         gateway_root_pda,
-        rotate_signers_command_pda,
         Some(fake_operator.pubkey()), // `stranger_danger` in place of the expected `operator`
         signers.verifier_set_tracker(),
         newer_signer_set.verifier_set_tracker(),
@@ -335,7 +309,7 @@ async fn fail_if_operator_is_not_using_pre_registered_signer_set() {
     // generate a new random operator set to be used (do not register it)
     let new_signer_set = make_signers(&[500, 200], 1);
     let random_signer_set = make_signers(&[11], 54);
-    let (payload, command) = payload_and_command(&new_signer_set.verifier_set());
+    let (payload, ..) = payload_and_command(&new_signer_set.verifier_set());
 
     // using `new_signers` which is the cause of the failure
     let (execute_data_pda, _) = fixture
@@ -346,17 +320,11 @@ async fn fail_if_operator_is_not_using_pre_registered_signer_set() {
             &domain_separator,
         )
         .await;
-    let rotate_signers_command_pda = fixture
-        .init_pending_gateway_commands(&gateway_root_pda, &command)
-        .await
-        .pop()
-        .unwrap();
 
     // Action
     let ix = gmp_gateway::instructions::rotate_signers(
         execute_data_pda,
         gateway_root_pda,
-        rotate_signers_command_pda,
         Some(operator.pubkey()),
         random_signer_set.verifier_set_tracker(),
         new_signer_set.verifier_set_tracker(),
@@ -587,22 +555,16 @@ async fn fail_on_rotate_signers_if_new_ops_len_is_zero() {
         .await;
 
     let new_signer_set = make_signers(&[], 1);
-    let (payload, command) = payload_and_command(&new_signer_set.verifier_set());
+    let (payload, ..) = payload_and_command(&new_signer_set.verifier_set());
     let (execute_data_pda, _) = fixture
         .init_execute_data(&gateway_root_pda, payload, &signers, &domain_separator)
         .await;
 
     // Action
-    let gateway_approved_command_pdas = fixture
-        .init_pending_gateway_commands(&gateway_root_pda, &command)
-        .await
-        .pop()
-        .unwrap();
     let tx = fixture
         .rotate_signers_with_metadata(
             &gateway_root_pda,
             &execute_data_pda,
-            &gateway_approved_command_pdas,
             &signers.verifier_set_tracker(),
             &new_signer_set.verifier_set_tracker(),
         )