yash/fix/deprecate-oz-ownable

[0xpanicError]

Note

High Risk
Wide UUPS proxy storage-layout and access-control migration across critical protocol contracts; mistakes could brick upgrades or weaken who can upgrade/seize/admin-call.

Overview
This PR removes active OpenZeppelin OwnableUpgradeable usage across core protocol proxies in favor of RoleRegistry-based access control, while keeping the old Ownable storage layout via a new DeprecatedOZOwnable placeholder (_owner + gap, no owner() / transferOwnership API).

Contract changes: Many upgradeable contracts (EETH, LiquidityPool, WeETH, oracle/admin, staking, deposits, rewards, withdrawals, etc.) swap OwnableUpgradeable for DeprecatedOZOwnable, drop __Ownable_init() from initializers, and stop relying on per-contract owners for admin paths already gated by RolesLibrary. WeETHWithdrawAdapter.initialize no longer calls _transferOwnership. WithdrawRequestNFT invalid-request transfers now require onlyUpgradeTimelock on the registry instead of owner().

Scripts: Deploy/verify steps that assumed timelock owner() on adapters/distributors are removed or commented in favor of registry-only governance.

Tests: Widespread updates from contract.owner() to roleRegistryInstance.owner(), adjusted timelock tests targeting RoleRegistry (Ownable2Step), and new revert expectations for invalid NFT transfers.

^{Reviewed by Cursor Bugbot for commit b454250. Bugbot is set up for automated code reviews on this repo. Configure here.}

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 39d552c. Configure here.}