From 15552cc58d71874906cb5ce281c8e0d5891ccd89 Mon Sep 17 00:00:00 2001
From: Branislav Kontur <bkontur@gmail.com>
Date: Tue, 4 Mar 2025 16:26:09 +0100
Subject: [PATCH] Revert and simplify
---
.../parachains/src/paras/benchmarking.rs | 26 +--
polkadot/runtime/parachains/src/paras/mod.rs | 204 ++++++------------
.../runtime/parachains/src/paras/tests.rs | 200 +++++++----------
.../polkadot_runtime_parachains_paras.rs | 4 +-
.../polkadot_runtime_parachains_paras.rs | 4 +-
prdoc/pr_7592.prdoc | 2 +-
6 files changed, 155 insertions(+), 285 deletions(-)
diff --git a/polkadot/runtime/parachains/src/paras/benchmarking.rs b/polkadot/runtime/parachains/src/paras/benchmarking.rs
index ff322d3ea59..7a832b0312b 100644
--- a/polkadot/runtime/parachains/src/paras/benchmarking.rs
+++ b/polkadot/runtime/parachains/src/paras/benchmarking.rs
@@ -37,6 +37,7 @@ const SAMPLE_SIZE: u32 = 1024;
fn assert_last_event<T: Config>(generic_event: <T as Config>::RuntimeEvent) {
let events = frame_system::Pallet::<T>::events();
+ println!("{:?}", events);
let system_event: <T as frame_system::Config>::RuntimeEvent = generic_event.into();
// compare to the last event record
let frame_system::EventRecord { event, .. } = &events[events.len() - 1];
@@ -250,32 +251,33 @@ mod benchmarks {
}
#[benchmark]
- fn authorize_code_hash() {
+ fn authorize_force_set_current_code_hash() {
let para_id = ParaId::from(1000);
- let authorization =
- CodeHashAuthorization::ForceSetCurrentCode { para_id, code_hash: [0; 32].into() };
- let expire_at = frame_system::Pallet::<T>::block_number()
- .saturating_add(BlockNumberFor::<T>::from(1_000_000_u32));
+ let code = ValidationCode(vec![0; 32]);
+ let new_code_hash = code.hash();
+ let valid_period = BlockNumberFor::<T>::from(1_000_000_u32);
#[extrinsic_call]
- _(RawOrigin::Root, authorization.clone(), expire_at);
+ _(RawOrigin::Root, para_id, new_code_hash, valid_period);
- assert_last_event::<T>(Event::CodeAuthorized { authorization, expire_at }.into());
+ assert_last_event::<T>(Event::CodeAuthorized {
+ para_id,
+ code_hash: new_code_hash,
+ expire_at: frame_system::Pallet::<T>::block_number().saturating_add(valid_period)
+ }.into());
}
#[benchmark]
- fn apply_authorized_code(c: Linear<MIN_CODE_SIZE, MAX_CODE_SIZE>) {
+ fn apply_authorized_force_set_current_code(c: Linear<MIN_CODE_SIZE, MAX_CODE_SIZE>) {
let code = ValidationCode(vec![0; c as usize]);
let para_id = ParaId::from(1000);
- let authorization =
- CodeHashAuthorization::ForceSetCurrentCode { para_id, code_hash: code.hash() };
let expire_at =
frame_system::Pallet::<T>::block_number().saturating_add(BlockNumberFor::<T>::from(c));
- AuthorizedCodeHash::<T>::set(vec![(authorization.clone(), expire_at)]);
+ AuthorizedCodeHash::<T>::insert(¶_id, (code.hash(), expire_at));
generate_disordered_pruning::<T>();
#[extrinsic_call]
- _(RawOrigin::Root, authorization, code);
+ _(RawOrigin::Root, para_id, code);
assert_last_event::<T>(Event::CurrentCodeUpdated(para_id).into());
}
diff --git a/polkadot/runtime/parachains/src/paras/mod.rs b/polkadot/runtime/parachains/src/paras/mod.rs
index 3fbb34cffbc..4608fddba90 100644
--- a/polkadot/runtime/parachains/src/paras/mod.rs
+++ b/polkadot/runtime/parachains/src/paras/mod.rs
@@ -550,73 +550,6 @@ impl AssignCoretime for () {
}
}
-/// Represents different types of authorization for handling code hashes.
-/// This enum defines various actions related to validation code management.
-#[derive(PartialEq, Eq, Clone, Encode, Decode, DecodeWithMemTracking, RuntimeDebug, TypeInfo)]
-#[cfg_attr(test, derive(Ord, PartialOrd))]
-pub enum CodeHashAuthorization<N> {
- /// Forces the current validation code for a parachain to be set.
- ForceSetCurrentCode {
- /// The ID of the parachain.
- para_id: ParaId,
- /// The validation code hash.
- code_hash: ValidationCodeHash,
- },
-
- /// Forces a scheduled code upgrade for a parachain.
- ForceScheduleCodeUpgrade {
- /// The ID of the parachain.
- para_id: ParaId,
- /// The validation code hash.
- code_hash: ValidationCodeHash,
- /// The relay parent block number at which the upgrade should be applied.
- relay_parent_number: N,
- },
-
- /// Adds a trusted validation code hash to the system.
- AddTrustedValidationCode {
- /// The validation code hash
- code_hash: ValidationCodeHash,
- },
-}
-
-impl<N> CodeHashAuthorization<N> {
- /// Determines if the current authorization should be replaced by another.
- ///
- /// # Returns
- /// - `true` if `other` should replace `self`
- /// - `false` otherwise
- fn should_be_replaced_by(&self, other: &CodeHashAuthorization<N>) -> bool {
- use CodeHashAuthorization::*;
-
- match (self, other) {
- (ForceSetCurrentCode { para_id: a, .. }, ForceSetCurrentCode { para_id: b, .. }) |
- (
- ForceScheduleCodeUpgrade { para_id: a, .. },
- ForceScheduleCodeUpgrade { para_id: b, .. },
- ) if a == b => true,
-
- (
- AddTrustedValidationCode { code_hash: a },
- AddTrustedValidationCode { code_hash: b },
- ) if a == b => true,
-
- _ => false,
- }
- }
-
- /// Compares the stored `code_hash` with the hash of the provided validation code.
- fn code_matches(&self, code: &ValidationCode) -> bool {
- let code_hash = match self {
- CodeHashAuthorization::ForceSetCurrentCode { code_hash, .. } |
- CodeHashAuthorization::ForceScheduleCodeUpgrade { code_hash, .. } |
- CodeHashAuthorization::AddTrustedValidationCode { code_hash } => code_hash,
- };
-
- code_hash == &code.hash()
- }
-}
-
pub trait WeightInfo {
fn force_set_current_code(c: u32) -> Weight;
fn force_set_current_head(s: u32) -> Weight;
@@ -632,8 +565,8 @@ pub trait WeightInfo {
fn include_pvf_check_statement_finalize_onboarding_accept() -> Weight;
fn include_pvf_check_statement_finalize_onboarding_reject() -> Weight;
fn include_pvf_check_statement() -> Weight;
- fn authorize_code_hash() -> Weight;
- fn apply_authorized_code(c: u32) -> Weight;
+ fn authorize_force_set_current_code_hash() -> Weight;
+ fn apply_authorized_force_set_current_code(c: u32) -> Weight;
}
pub struct TestWeightInfo;
@@ -679,10 +612,10 @@ impl WeightInfo for TestWeightInfo {
// This special value is to distinguish from the finalizing variants above in tests.
Weight::MAX - Weight::from_parts(1, 1)
}
- fn authorize_code_hash() -> Weight {
+ fn authorize_force_set_current_code_hash() -> Weight {
Weight::MAX
}
- fn apply_authorized_code(_c: u32) -> Weight {
+ fn apply_authorized_force_set_current_code(_c: u32) -> Weight {
Weight::MAX
}
}
@@ -757,8 +690,10 @@ pub mod pallet {
PvfCheckRejected(ValidationCodeHash, ParaId),
/// New code hash has been authorized for a Para.
CodeAuthorized {
- /// CodeHash authorization request.
- authorization: CodeHashAuthorization<BlockNumberFor<T>>,
+ // Para
+ para_id: ParaId,
+ /// Authorized code hash.
+ code_hash: ValidationCodeHash,
/// Block at which authorization expires and will be removed.
expire_at: BlockNumberFor<T>,
},
@@ -893,13 +828,10 @@ pub mod pallet {
#[pallet::storage]
pub type FutureCodeHash<T: Config> = StorageMap<_, Twox64Concat, ParaId, ValidationCodeHash>;
- /// The code hash authorizations which will expire `expire_at` `BlockNumberFor<T>`.
+ /// The code hash authorizations for a para which will expire `expire_at` `BlockNumberFor<T>`.
#[pallet::storage]
- pub(super) type AuthorizedCodeHash<T: Config> = StorageValue<
- _,
- Vec<(CodeHashAuthorization<BlockNumberFor<T>>, BlockNumberFor<T>)>,
- ValueQuery,
- >;
+ pub type AuthorizedCodeHash<T: Config> =
+ StorageMap<_, Twox64Concat, ParaId, (ValidationCodeHash, BlockNumberFor<T>)>;
/// This is used by the relay-chain to communicate to a parachain a go-ahead with in the upgrade
/// procedure.
@@ -1258,40 +1190,34 @@ pub mod pallet {
}
/// Sets the storage for the authorized current code hash of the parachain.
- /// If not applied, it will be removed at the `expire_at` block.
+ /// If not applied, it will be removed at the `System::block_number() + valid_period` block.
///
- /// This can be useful, for example, when triggering `Paras::force_set_current_code(para,
- /// code)` from a different chain than the one where the `Paras` pallet is deployed.
+ /// This can be useful, when triggering `Paras::force_set_current_code(para, code)`
+ /// from a different chain than the one where the `Paras` pallet is deployed.
///
/// The main purpose is to avoid transferring the entire `code` Wasm blob between chains.
/// Instead, we authorize `code_hash` with `root`, which can later be applied by
- /// `Paras::apply_authorized_code(authorization, code)` by anyone.
+ /// `Paras::apply_authorized_force_set_current_code(para, code)` by anyone.
///
- /// Authorizations are stored in an **overwriting manner**,
- /// for exampe we won't store multiple `ForceSetCurrentCode` for one parachain.
+ /// Authorizations are stored in an **overwriting manner**.
#[pallet::call_index(9)]
- #[pallet::weight(<T as Config>::WeightInfo::authorize_code_hash())]
- pub fn authorize_code_hash(
+ #[pallet::weight(<T as Config>::WeightInfo::authorize_force_set_current_code_hash())]
+ pub fn authorize_force_set_current_code_hash(
origin: OriginFor<T>,
- new_authorization: CodeHashAuthorization<BlockNumberFor<T>>,
- expire_at: BlockNumberFor<T>,
+ para: ParaId,
+ new_code_hash: ValidationCodeHash,
+ valid_period: BlockNumberFor<T>,
) -> DispatchResult {
ensure_root(origin)?;
- ensure!(
- expire_at > frame_system::Pallet::<T>::block_number(),
- Error::<T>::InvalidBlockNumber
- );
- // insert authorized code hash and make sure to overwrite existing variant
- // `CodeHashAuthorization` for `para_id`.
- AuthorizedCodeHash::<T>::mutate(|authorizations| {
- authorizations.retain(|(authorization, _)| {
- !authorization.should_be_replaced_by(&new_authorization)
- });
- authorizations.push((new_authorization.clone(), expire_at));
- });
+ let now = frame_system::Pallet::<T>::block_number();
+ let expire_at = now.saturating_add(valid_period);
+
+ // insert authorized code hash and make sure to overwrite existing one for a para.
+ AuthorizedCodeHash::<T>::insert(¶, (new_code_hash, expire_at));
Self::deposit_event(Event::CodeAuthorized {
- authorization: new_authorization,
+ para_id: para,
+ code_hash: new_code_hash,
expire_at,
});
@@ -1301,33 +1227,21 @@ pub mod pallet {
/// Applies the already authorized current code for the parachain,
/// triggering the same functionality as `force_set_current_code`.
#[pallet::call_index(10)]
- #[pallet::weight(<T as Config>::WeightInfo::apply_authorized_code(code.0.len() as u32))]
- pub fn apply_authorized_code(
+ #[pallet::weight(<T as Config>::WeightInfo::apply_authorized_force_set_current_code(new_code.0.len() as u32))]
+ pub fn apply_authorized_force_set_current_code(
_origin: OriginFor<T>,
- authorization: CodeHashAuthorization<BlockNumberFor<T>>,
- code: ValidationCode,
+ para: ParaId,
+ new_code: ValidationCode,
) -> DispatchResultWithPostInfo {
// no need to ensure, anybody can do this
// Ensure `new_code` is authorized
- let (authorized_code_hash, _) = Self::validate_authorization(authorization, &code)?;
- // remove
- AuthorizedCodeHash::<T>::mutate(|authorizations| {
- authorizations.retain(|(auth, _)| auth != &authorized_code_hash);
- });
+ let _ = Self::validate_authorization_for(¶, &new_code)?;
+ // Remove authorization
+ AuthorizedCodeHash::<T>::remove(para);
// apply/dispatch
- match authorized_code_hash {
- CodeHashAuthorization::ForceSetCurrentCode { para_id, .. } =>
- Self::do_force_set_current_code_update(para_id, code),
- CodeHashAuthorization::AddTrustedValidationCode { .. } =>
- Self::do_add_trusted_validation_code(code),
- CodeHashAuthorization::ForceScheduleCodeUpgrade {
- para_id,
- relay_parent_number,
- ..
- } => Self::do_force_schedule_code_upgrade(para_id, code, relay_parent_number),
- }
+ Self::do_force_set_current_code_update(para, new_code);
// if ok, then allows "for free"
let post = PostDispatchInfo {
@@ -1392,22 +1306,22 @@ pub mod pallet {
.propagate(true)
.build()
},
- Call::apply_authorized_code { authorization, code } => {
- match Self::validate_authorization(authorization.clone(), &code) {
- Ok((authorization, expire_at)) => {
+ Call::apply_authorized_force_set_current_code { para, new_code } => {
+ match Self::validate_authorization_for(para, new_code) {
+ Ok((authorized_code_hash, expire_at)) => {
let now = frame_system::Pallet::<T>::block_number();
if expire_at < now {
- // this should not happen, because `validate_authorization`
- // validates `expire_at`
+ // this should not happen, because `Self::validate_authorization_for`
+ // validates `expire_at`.
return InvalidTransaction::Stale.into();
}
let longevity =
expire_at.saturating_sub(frame_system::Pallet::<T>::block_number());
- ValidTransaction::with_tag_prefix("ApplyAuthorizedCode")
+ ValidTransaction::with_tag_prefix("ApplyAuthorizedForceSetCurrentCode")
.priority(T::UnsignedPriority::get())
.longevity(TryInto::<u64>::try_into(longevity).unwrap_or(64_u64))
- .and_provides(authorization)
+ .and_provides((para, authorized_code_hash))
.propagate(true)
.build()
},
@@ -1700,11 +1614,18 @@ impl<T: Config> Pallet<T> {
/// This function removes authorizations that have expired,
/// meaning their `expire_at` block is less than or equal to the current block (`now`).
fn prune_expired_authorizations(now: BlockNumberFor<T>) -> Weight {
- AuthorizedCodeHash::<T>::mutate(|authorizations: &mut Vec<(_, BlockNumberFor<T>)>| {
- authorizations.retain(|(_, expire_at)| expire_at > &now);
+ let mut weight = T::DbWeight::get().reads(1);
+ let to_remove = AuthorizedCodeHash::<T>::iter().filter_map(|(para, (_, expire_at))| if expire_at <= now {
+ Some(para)
+ } else {
+ None
});
+ for para in to_remove {
+ AuthorizedCodeHash::<T>::remove(¶);
+ weight.saturating_accrue(T::DbWeight::get().writes(1));
+ }
- T::DbWeight::get().reads_writes(1, 1)
+ weight
}
/// Process the future code upgrades that should be applied directly.
@@ -2562,20 +2483,17 @@ impl<T: Config> Pallet<T> {
PvfActiveVoteMap::<T>::get(code_hash)
}
- /// This function checks whether the given `requested_authorization` exists in the list of
- /// authorized code hashes. If found, it verifies that the associated code matches the provided
- /// `code`. If the validation is successful, it returns the authorized `CodeHashAuthorization`.
- pub(crate) fn validate_authorization(
- requested_authorization: CodeHashAuthorization<BlockNumberFor<T>>,
+ /// This function checks whether the given `code.hash()` exists in the `AuthorizedCodeHash` map of
+ /// authorized code hashes for a para. If found, it verifies that the associated code matches the provided
+ /// `code`. If the validation is successful, it returns tuple as the authorized `ValidationCodeHash` with `expire_at`.
+ pub(crate) fn validate_authorization_for(
+ para: &ParaId,
code: &ValidationCode,
- ) -> Result<(CodeHashAuthorization<BlockNumberFor<T>>, BlockNumberFor<T>), Error<T>> {
- let Some((authorized_code_hash, expire_at)) = AuthorizedCodeHash::<T>::get()
- .into_iter()
- .find(|(a, _)| a == &requested_authorization)
- else {
+ ) -> Result<(ValidationCodeHash, BlockNumberFor<T>), Error<T>> {
+ let Some((authorized_code_hash, expire_at)) = AuthorizedCodeHash::<T>::get(para) else {
return Err(Error::<T>::NothingAuthorized);
};
- ensure!(authorized_code_hash.code_matches(code), Error::<T>::Unauthorized);
+ ensure!(authorized_code_hash == code.hash(), Error::<T>::Unauthorized);
ensure!(
expire_at > frame_system::Pallet::<T>::block_number(),
Error::<T>::InvalidBlockNumber
diff --git a/polkadot/runtime/parachains/src/paras/tests.rs b/polkadot/runtime/parachains/src/paras/tests.rs
index 2b429acb452..e6d2525c21b 100644
--- a/polkadot/runtime/parachains/src/paras/tests.rs
+++ b/polkadot/runtime/parachains/src/paras/tests.rs
@@ -2040,7 +2040,7 @@ fn force_set_current_code_works() {
}
#[test]
-fn authorize_code_hash_works() {
+fn authorize_force_set_current_code_hash_works() {
new_test_ext(MockGenesisConfig::default()).execute_with(|| {
let para_a = ParaId::from(111);
let para_b = ParaId::from(222);
@@ -2048,111 +2048,83 @@ fn authorize_code_hash_works() {
let code_2 = ValidationCode(vec![2]);
let code_1_hash = code_1.hash();
let code_2_hash = code_2.hash();
- let authorize_force_set_current_code_1_for_para_a =
- CodeHashAuthorization::ForceSetCurrentCode { para_id: para_a, code_hash: code_1_hash };
- let authorize_force_set_current_code_1_for_para_b =
- CodeHashAuthorization::ForceSetCurrentCode { para_id: para_b, code_hash: code_1_hash };
- let authorize_force_set_current_code_2_for_para_a =
- CodeHashAuthorization::ForceSetCurrentCode { para_id: para_a, code_hash: code_2_hash };
- let add_trusted_validation_code_1 =
- CodeHashAuthorization::AddTrustedValidationCode { code_hash: code_1_hash };
- let expire_at = 143;
+ let valid_period = 143;
// check before
- assert!(AuthorizedCodeHash::<Test>::get().is_empty());
+ assert_eq!(AuthorizedCodeHash::<Test>::iter().count(), 0);
// non-root user cannot authorize
assert_err!(
- Paras::authorize_code_hash(
+ Paras::authorize_force_set_current_code_hash(
RuntimeOrigin::signed(1),
- authorize_force_set_current_code_1_for_para_a.clone(),
- expire_at
+ para_a,
+ code_1_hash,
+ valid_period,
),
DispatchError::BadOrigin,
);
- // cannot authorize when `expire_at` is in the past
- System::set_block_number(expire_at + 1);
- assert_err!(
- Paras::authorize_code_hash(
- RuntimeOrigin::root(),
- authorize_force_set_current_code_1_for_para_a.clone(),
- expire_at
- ),
- Error::<Test>::InvalidBlockNumber,
- );
- let expire_at = expire_at + 2;
-
// root can authorize
- assert_ok!(Paras::authorize_code_hash(
- RuntimeOrigin::root(),
- authorize_force_set_current_code_1_for_para_a.clone(),
- expire_at
- ));
- assert_ok!(Paras::authorize_code_hash(
+ System::set_block_number(1);
+ assert_ok!(Paras::authorize_force_set_current_code_hash(
RuntimeOrigin::root(),
- authorize_force_set_current_code_1_for_para_b.clone(),
- expire_at
+ para_a,
+ code_1_hash,
+ valid_period
));
- assert_ok!(Paras::authorize_code_hash(
+ assert_eq!(
+ AuthorizedCodeHash::<Test>::get(¶_a),
+ Some((code_1_hash, 1 + valid_period))
+ );
+ System::set_block_number(5);
+ assert_ok!(Paras::authorize_force_set_current_code_hash(
RuntimeOrigin::root(),
- add_trusted_validation_code_1.clone(),
- expire_at
+ para_b,
+ code_2_hash,
+ valid_period,
));
assert_eq!(
- AuthorizedCodeHash::<Test>::get(),
- vec![
- (authorize_force_set_current_code_1_for_para_a, expire_at),
- (authorize_force_set_current_code_1_for_para_b.clone(), expire_at),
- (add_trusted_validation_code_1.clone(), expire_at),
- ]
+ AuthorizedCodeHash::<Test>::get(¶_b),
+ Some((code_2_hash, 5 + valid_period))
);
+ assert_eq!(AuthorizedCodeHash::<Test>::iter().count(), 2);
- // the same authorization variant is overwritten
- assert_ok!(Paras::authorize_code_hash(
+ // request for the same para is overwritten
+ assert_ok!(Paras::authorize_force_set_current_code_hash(
RuntimeOrigin::root(),
- authorize_force_set_current_code_2_for_para_a.clone(),
- expire_at
+ para_a,
+ code_1_hash,
+ valid_period
));
- assert_ok!(Paras::authorize_code_hash(
+ assert_eq!(
+ AuthorizedCodeHash::<Test>::get(¶_a),
+ Some((code_1_hash, 5 + valid_period))
+ );
+ assert_ok!(Paras::authorize_force_set_current_code_hash(
RuntimeOrigin::root(),
- add_trusted_validation_code_1.clone(),
- expire_at + 5
+ para_a,
+ code_2_hash,
+ valid_period
));
assert_eq!(
- {
- let mut sorted = AuthorizedCodeHash::<Test>::get();
- sorted.sort();
- sorted
- },
- {
- let mut sorted = vec![
- (authorize_force_set_current_code_2_for_para_a, expire_at), // changed code
- (authorize_force_set_current_code_1_for_para_b, expire_at), // no change
- (add_trusted_validation_code_1, expire_at + 5), /* changed expire_at */
- ];
- sorted.sort();
- sorted
- }
+ AuthorizedCodeHash::<Test>::get(¶_a),
+ Some((code_2_hash, 5 + valid_period))
);
})
}
#[test]
-fn apply_authorized_code_works() {
- let apply_code = |origin,
- authorization: CodeHashAuthorization<_>,
- code: ValidationCode|
- -> (Result<_, _>, DispatchResultWithPostInfo) {
- let call = Call::apply_authorized_code {
- authorization: authorization.clone(),
- code: code.clone(),
+fn apply_authorized_force_set_current_code_works() {
+ let apply_code = |origin, para: ParaId, code: ValidationCode| -> (Result<_, _>, DispatchResultWithPostInfo) {
+ let call = Call::apply_authorized_force_set_current_code {
+ para,
+ new_code: code.clone(),
};
let validate_unsigned =
<Paras as ValidateUnsigned>::validate_unsigned(TransactionSource::InBlock, &call)
.map(|_| ());
- let dispatch_result = Paras::apply_authorized_code(origin, authorization, code);
+ let dispatch_result = Paras::apply_authorized_force_set_current_code(origin, para, code);
(validate_unsigned, dispatch_result)
};
@@ -2162,21 +2134,16 @@ fn apply_authorized_code_works() {
let code_1 = ValidationCode(vec![1]);
let code_2 = ValidationCode(vec![2]);
let code_1_hash = code_1.hash();
- let code_2_hash = code_2.hash();
- let authorize_force_set_current_code_1_for_para_a =
- CodeHashAuthorization::ForceSetCurrentCode { para_id: para_a, code_hash: code_1_hash };
- let add_trusted_validation_code_2 =
- CodeHashAuthorization::AddTrustedValidationCode { code_hash: code_2_hash };
- let expire_at = 143;
+ let valid_period = 143;
// check before
- assert!(AuthorizedCodeHash::<Test>::get().is_empty());
+ assert_eq!(AuthorizedCodeHash::<Test>::iter().count(), 0);
// cannot apply code when nothing authorized
assert_eq!(
apply_code(
RuntimeOrigin::signed(1),
- authorize_force_set_current_code_1_for_para_a.clone(),
+ para_a,
code_1.clone()
),
(
@@ -2184,29 +2151,16 @@ fn apply_authorized_code_works() {
Err(Error::<Test>::NothingAuthorized.into())
),
);
- assert_eq!(
- apply_code(
- RuntimeOrigin::signed(1),
- add_trusted_validation_code_2.clone(),
- code_2.clone()
- ),
- (
- Err(InvalidTransaction::Custom(INVALID_TX_UNAUTHORIZED_CODE).into()),
- Err(Error::<Test>::NothingAuthorized.into())
- ),
- );
// authorize
- AuthorizedCodeHash::<Test>::set(vec![
- (authorize_force_set_current_code_1_for_para_a.clone(), expire_at),
- (add_trusted_validation_code_2.clone(), expire_at),
- ]);
+ System::set_block_number(5);
+ AuthorizedCodeHash::<Test>::insert(¶_a, (code_1_hash, valid_period + 5));
// cannot apply unauthorized code_2
assert_eq!(
apply_code(
RuntimeOrigin::signed(1),
- authorize_force_set_current_code_1_for_para_a.clone(),
+ para_a,
code_2.clone()
),
(
@@ -2216,11 +2170,11 @@ fn apply_authorized_code_works() {
);
// cannot apply obsolete authorization
- frame_system::Pallet::<Test>::set_block_number(expire_at + 1);
+ frame_system::Pallet::<Test>::set_block_number(valid_period + 5 + 10);
assert_eq!(
apply_code(
RuntimeOrigin::signed(1),
- authorize_force_set_current_code_1_for_para_a.clone(),
+ para_a,
code_1.clone(),
),
(
@@ -2228,27 +2182,25 @@ fn apply_authorized_code_works() {
Err(Error::<Test>::InvalidBlockNumber.into())
),
);
- frame_system::Pallet::<Test>::set_block_number(expire_at - 1);
+ frame_system::Pallet::<Test>::set_block_number(5 );
// ok - can apply authorized code
let (validate_unsigned, dispatch_result) = apply_code(
RuntimeOrigin::signed(1),
- authorize_force_set_current_code_1_for_para_a.clone(),
+ para_a,
code_1.clone(),
);
assert_ok!(validate_unsigned);
assert_ok!(dispatch_result);
- assert_eq!(
- AuthorizedCodeHash::<Test>::get(),
- vec![(add_trusted_validation_code_2.clone(), expire_at),]
- );
+ // check for removed
+ assert!(AuthorizedCodeHash::<Test>::get(¶_a).is_none());
// cannot apply previously authorized code again
assert_eq!(
apply_code(
RuntimeOrigin::signed(1),
- authorize_force_set_current_code_1_for_para_a,
+ para_a,
code_1,
),
(
@@ -2263,38 +2215,36 @@ fn apply_authorized_code_works() {
fn prune_expired_authorizations_works() {
new_test_ext(MockGenesisConfig::default()).execute_with(|| {
let para_a = ParaId::from(111);
+ let para_b = ParaId::from(123);
let code_1 = ValidationCode(vec![1]);
let code_1_hash = code_1.hash();
- let authorize_force_set_current_code_1_for_para_a =
- CodeHashAuthorization::ForceSetCurrentCode { para_id: para_a, code_hash: code_1_hash };
- let add_trusted_validation_code_1 =
- CodeHashAuthorization::AddTrustedValidationCode { code_hash: code_1_hash };
// add authorizations
- AuthorizedCodeHash::<Test>::set(vec![
- (authorize_force_set_current_code_1_for_para_a.clone(), 201),
- (add_trusted_validation_code_1.clone(), 202),
- ]);
+ AuthorizedCodeHash::<Test>::insert(¶_a, (code_1_hash, 201));
+ AuthorizedCodeHash::<Test>::insert(¶_b, (code_1_hash, 202));
- // nothing
+ // nothing prunned at 200
let _ = Paras::prune_expired_authorizations(200);
assert_eq!(
- AuthorizedCodeHash::<Test>::get(),
- vec![
- (authorize_force_set_current_code_1_for_para_a.clone(), 201),
- (add_trusted_validation_code_1.clone(), 202),
- ]
+ AuthorizedCodeHash::<Test>::get(¶_a),
+ Some((code_1_hash, 201))
+ );
+ assert_eq!(
+ AuthorizedCodeHash::<Test>::get(¶_b),
+ Some((code_1_hash, 202))
);
- // pruned 201
+ // pruned at 201
let _ = Paras::prune_expired_authorizations(201);
+ assert!(AuthorizedCodeHash::<Test>::get(¶_a).is_none());
assert_eq!(
- AuthorizedCodeHash::<Test>::get(),
- vec![(add_trusted_validation_code_1.clone(), 202),]
+ AuthorizedCodeHash::<Test>::get(¶_b),
+ Some((code_1_hash, 202))
);
- // pruned 202
+ // pruned at 203
let _ = Paras::prune_expired_authorizations(203);
- assert_eq!(AuthorizedCodeHash::<Test>::get(), vec![]);
+ assert!(AuthorizedCodeHash::<Test>::get(¶_a).is_none());
+ assert!(AuthorizedCodeHash::<Test>::get(¶_b).is_none());
})
}
diff --git a/polkadot/runtime/rococo/src/weights/polkadot_runtime_parachains_paras.rs b/polkadot/runtime/rococo/src/weights/polkadot_runtime_parachains_paras.rs
index 1d404a96f6f..f67329755c8 100644
--- a/polkadot/runtime/rococo/src/weights/polkadot_runtime_parachains_paras.rs
+++ b/polkadot/runtime/rococo/src/weights/polkadot_runtime_parachains_paras.rs
@@ -296,7 +296,7 @@ impl<T: frame_system::Config> polkadot_runtime_parachains::paras::WeightInfo for
}
/// Storage: `Paras::AuthorizedCodeHash` (r:1 w:1)
/// Proof: `Paras::AuthorizedCodeHash` (`max_values`: Some(1), `max_size`: None, mode: `Measured`)
- fn authorize_code_hash() -> Weight {
+ fn authorize_force_set_current_code_hash() -> Weight {
// Proof Size summary in bytes:
// Measured: `28`
// Estimated: `1513`
@@ -315,7 +315,7 @@ impl<T: frame_system::Config> polkadot_runtime_parachains::paras::WeightInfo for
/// Storage: `Paras::CodeByHash` (r:0 w:1)
/// Proof: `Paras::CodeByHash` (`max_values`: None, `max_size`: None, mode: `Measured`)
/// The range of component `c` is `[9, 3145728]`.
- fn apply_authorized_code(c: u32, ) -> Weight {
+ fn apply_authorized_force_set_current_code(c: u32, ) -> Weight {
// Proof Size summary in bytes:
// Measured: `126`
// Estimated: `3591`
diff --git a/polkadot/runtime/westend/src/weights/polkadot_runtime_parachains_paras.rs b/polkadot/runtime/westend/src/weights/polkadot_runtime_parachains_paras.rs
index 7700f4b37ef..66ca0d2465c 100644
--- a/polkadot/runtime/westend/src/weights/polkadot_runtime_parachains_paras.rs
+++ b/polkadot/runtime/westend/src/weights/polkadot_runtime_parachains_paras.rs
@@ -294,7 +294,7 @@ impl<T: frame_system::Config> polkadot_runtime_parachains::paras::WeightInfo for
}
/// Storage: `Paras::AuthorizedCodeHash` (r:1 w:1)
/// Proof: `Paras::AuthorizedCodeHash` (`max_values`: Some(1), `max_size`: None, mode: `Measured`)
- fn authorize_code_hash() -> Weight {
+ fn authorize_force_set_current_code_hash() -> Weight {
// Proof Size summary in bytes:
// Measured: `28`
// Estimated: `1513`
@@ -313,7 +313,7 @@ impl<T: frame_system::Config> polkadot_runtime_parachains::paras::WeightInfo for
/// Storage: `Paras::CodeByHash` (r:0 w:1)
/// Proof: `Paras::CodeByHash` (`max_values`: None, `max_size`: None, mode: `Measured`)
/// The range of component `c` is `[9, 3145728]`.
- fn apply_authorized_code(c: u32, ) -> Weight {
+ fn apply_authorized_force_set_current_code(c: u32, ) -> Weight {
// Proof Size summary in bytes:
// Measured: `126`
// Estimated: `3591`
diff --git a/prdoc/pr_7592.prdoc b/prdoc/pr_7592.prdoc
index f358ffee9bc..d78697ef61b 100644
--- a/prdoc/pr_7592.prdoc
+++ b/prdoc/pr_7592.prdoc
@@ -5,7 +5,7 @@ doc:
This feature can be useful when we want to trigger for example `Paras::force_set_current_code(para, code)` from a different chain than the one where the `Paras` pallet is deployed.
The main reason is to avoid transferring the entire `new_code` wasm blob between chains.
- Instead, we authorize `code_hash` with `root`, which can later be applied by `Paras::apply_authorized_code(para, authorization)` by anyone.
+ Instead, we authorize `code_hash` by `root` with `Paras::authorize_force_set_current_code_hash(para, code)`, which can later be applied by `Paras::apply_authorized_force_set_current_code(para, code)` by anyone.
crates:
- name: polkadot-runtime-parachains
bump: major
--
GitLab