Skip to content

feat(bridge-v1): add safe harbour address with admin controls and RPC#83

Merged
prajwolrg merged 13 commits into
mainfrom
STR-3181-safe-harbour-address
May 20, 2026
Merged

feat(bridge-v1): add safe harbour address with admin controls and RPC#83
prajwolrg merged 13 commits into
mainfrom
STR-3181-safe-harbour-address

Conversation

@prajwolrg
Copy link
Copy Markdown
Collaborator

@prajwolrg prajwolrg commented Apr 23, 2026
edited
Loading

Description

Adds a safe harbour address to the Bridge V1 subprotocol. The address is configured at init time (in BridgeV1InitConfig) and held in the bridge state as deactivated. The bridge reacts to inter-protocol messages from the admin subprotocol to update the destination descriptor and to activate the safe harbour on Defcon signals. A new RPC method exposes the current value to clients.

Type of Change

  • New feature/Enhancement (non-breaking change which adds functionality or enhances an existing one)
  • Dependency update

Note to Reviewers

The full flow will be tested once we add the StrataSecurityCouncil role as part of #81.

Checklist

  • I have performed a self-review of my code.
  • I have commented my code where necessary.
  • My changes do not introduce new warnings.

Related Issues

STR-3181

barakshani
barakshani reviewed Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@barakshani barakshani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

overall looks good, left some small comments. But why is this only for defcon 1? we can activate the address both on defcon 1 and 3, the difference is just time delay until they are activated.

Comment thread crates/params/src/params.rs
Comment thread crates/subprotocols/bridge-v1/msgs/src/lib.rs Outdated
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 27, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 97.90210% with 3 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
crates/subprotocols/bridge-v1/msgs/src/lib.rs 0.00% 2 Missing ⚠️
...s/subprotocols/bridge-v1/types/src/safe_harbour.rs 98.57% 1 Missing ⚠️
Files with missing lines Coverage Δ
bin/asm-runner/src/rpc_server.rs 98.01% <100.00%> (+0.01%) ⬆️
crates/params/src/params.rs 99.11% <100.00%> (+<0.01%) ⬆️
crates/params/src/subprotocols/bridge.rs 100.00% <100.00%> (ø)
...rotocols/bridge-v1/subprotocol/src/state/bridge.rs 97.91% <100.00%> (+0.11%) ⬆️
...protocols/bridge-v1/subprotocol/src/subprotocol.rs 89.42% <100.00%> (+11.87%) ⬆️
...bprotocols/bridge-v1/subprotocol/src/test_utils.rs 97.00% <100.00%> (+0.03%) ⬆️
...s/subprotocols/bridge-v1/types/src/safe_harbour.rs 98.57% <98.57%> (ø)
crates/subprotocols/bridge-v1/msgs/src/lib.rs 60.00% <0.00%> (-15.00%) ⬇️

... and 7 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@prajwolrg prajwolrg force-pushed the STR-3181-safe-harbour-address branch from 86cdfc8 to 221a9a5 Compare April 28, 2026 16:39
@prajwolrg prajwolrg requested a review from MdTeach May 18, 2026 10:43
@prajwolrg prajwolrg force-pushed the STR-3181-safe-harbour-address branch from 221a9a5 to a5572e0 Compare May 19, 2026 00:59
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 19, 2026
edited
Loading

Commit: b039cf8
SP1 Execution Results

program cycles gas
asm-stf 130,127,169 129,751,742
moho 5,191,380 5,499,715

prajwolrg added 2 commits May 19, 2026 07:04
@prajwolrg
feat: add ability to update the safe harbour address
d62a0df
@prajwolrg
feat(rpc): expose getSafeHarbour endpoint
2697b63 
Lets clients fetch the safe harbour address from the bridge state at a
given Bitcoin block hash, completing the read path for the new state
field added earlier in this branch.
@prajwolrg prajwolrg changed the title Str 3181 safe harbour address feat(bridge-v1): add safe harbour address with admin controls and RPC May 19, 2026
@prajwolrg
test(fn): emit safe_harbour_address in generated ASM params
421a26e 
The bridge subprotocol init config now requires a `safe_harbour_address`
descriptor. Without it the runner panics on params load and every
functional test fails the ASM-ready probe.
@prajwolrg prajwolrg marked this pull request as ready for review May 19, 2026 03:24
@prajwolrg prajwolrg self-assigned this May 19, 2026
@prajwolrg prajwolrg requested a review from barakshani May 19, 2026 03:25
storopoli
storopoli approved these changes May 19, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@storopoli storopoli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 421a26e

Tests are really lacking: There is no test asserting initial deactivated state, address updates, activation on both Defcon messages, or RPC serialization.

Given this is consensus state plus admin-control behavior, I’d add focused unit tests around BridgeV1Subproto::process_msgs and one RPC/harness check before merging.

prajwolrg added 3 commits May 20, 2026 15:37
@prajwolrg
test(bridge-v1-types): cover SafeHarbour activation and serde
6dcf675 
The safe harbour ships as consensus state and is surfaced by the
`getSafeHarbour` RPC, so its activation semantics and JSON shape are
load-bearing for both the protocol and clients. Add unit coverage for
the initial deactivated state, the activation flag, address updates
preserving activation, and SSZ + JSON serde round-trips.
@prajwolrg
test(bridge-v1): cover safe harbour handling in process_msgs
cefe0a3 
`process_msgs` is the only entry point through which the admin
subprotocol can mutate the safe harbour, so its behaviour for each
inter-protocol message variant is consensus-critical. Pin down that
`UpdateSafeHarbourAddress` swaps the address without activating, that
both Defcon1 and Defcon3 flip the activation flag, and that an admin
address update after activation keeps the new address active.
@prajwolrg
test(fn): exercise getSafeHarbour RPC
c9ab880 
Cover the new `strata_asm_getSafeHarbour` endpoint end-to-end against
a live runner: assert that without any admin defcon signal the
configured address surfaces verbatim, that the payload is deactivated,
and that the response is stable across processed blocks. The RPC is
the only client-facing surface of the safe harbour, so its JSON shape
is part of the contract clients will rely on.
@prajwolrg prajwolrg added this pull request to the merge queue May 20, 2026
Merged via the queue into main with commit f6e09c8 May 20, 2026
23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MdTeach MdTeach MdTeach approved these changes

@storopoli storopoli storopoli approved these changes

@Rajil1213 Rajil1213 Awaiting requested review from Rajil1213

@barakshani barakshani Awaiting requested review from barakshani

Assignees

@prajwolrg prajwolrg

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@prajwolrg @MdTeach @barakshani @storopoli