106 lines
2.9 KiB
Bash
106 lines
2.9 KiB
Bash
|
|
#!/usr/bin/env bash
|
||
|
|
# Deploy Multisig for Production
|
||
|
|
# Complete multisig deployment procedure
|
||
|
|
|
||
|
|
set -euo pipefail
|
||
|
|
|
||
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../../../.." && pwd)"
|
||
|
|
|
||
|
|
source "$PROJECT_ROOT/.env" 2>/dev/null || true
|
||
|
|
|
||
|
|
NETWORK="${1:-mainnet}"
|
||
|
|
CONFIG_FILE="${2:-$SCRIPT_DIR/../multisig/multisig-config.json}"
|
||
|
|
|
||
|
|
if [ ! -f "$CONFIG_FILE" ]; then
|
||
|
|
echo "Error: Multisig config file not found: $CONFIG_FILE"
|
||
|
|
echo ""
|
||
|
|
echo "Create config file first using:"
|
||
|
|
echo " ./scripts/bridge/trustless/multisig/deploy-multisig.sh $NETWORK <signer1> <signer2> [signer3] ..."
|
||
|
|
exit 1
|
||
|
|
fi
|
||
|
|
|
||
|
|
echo "Production Multisig Deployment"
|
||
|
|
echo "=============================="
|
||
|
|
echo "Network: $NETWORK"
|
||
|
|
echo "Config: $CONFIG_FILE"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Read config
|
||
|
|
THRESHOLD=$(jq -r '.threshold' "$CONFIG_FILE")
|
||
|
|
SIGNERS=$(jq -r '.signers[]' "$CONFIG_FILE")
|
||
|
|
SIGNER_COUNT=$(echo "$SIGNERS" | wc -l)
|
||
|
|
|
||
|
|
echo "Configuration:"
|
||
|
|
echo " Type: ${SIGNER_COUNT}-of-${SIGNER_COUNT} (threshold: $THRESHOLD)"
|
||
|
|
echo " Signers:"
|
||
|
|
echo "$SIGNERS" | while read -r signer; do
|
||
|
|
echo " - $signer"
|
||
|
|
done
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Deployment checklist
|
||
|
|
echo "Pre-Deployment Checklist:"
|
||
|
|
echo " [ ] All signers have hardware wallets"
|
||
|
|
echo " [ ] All signers have tested on testnet"
|
||
|
|
echo " [ ] All signers understand multisig operations"
|
||
|
|
echo " [ ] Backup signers identified (if needed)"
|
||
|
|
echo " [ ] Emergency procedures documented"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Deployment steps
|
||
|
|
echo "Deployment Steps:"
|
||
|
|
echo ""
|
||
|
|
echo "1. Deploy Gnosis Safe via Web Interface:"
|
||
|
|
echo " - Go to https://app.safe.global/"
|
||
|
|
echo " - Connect wallet (use one of the signers)"
|
||
|
|
echo " - Create new Safe"
|
||
|
|
echo " - Network: $NETWORK"
|
||
|
|
echo ""
|
||
|
|
echo "2. Add Signers:"
|
||
|
|
for signer in $SIGNERS; do
|
||
|
|
echo " - Add signer: $signer"
|
||
|
|
done
|
||
|
|
echo ""
|
||
|
|
echo "3. Set Threshold:"
|
||
|
|
echo " - Threshold: $THRESHOLD"
|
||
|
|
echo " - Verify: ${SIGNER_COUNT}-of-${SIGNER_COUNT} multisig"
|
||
|
|
echo ""
|
||
|
|
echo "4. Deploy Safe:"
|
||
|
|
echo " - Review configuration"
|
||
|
|
echo " - Execute deployment transaction"
|
||
|
|
echo " - Save Safe address"
|
||
|
|
echo ""
|
||
|
|
echo "5. Verify Deployment:"
|
||
|
|
echo " - Verify Safe address on explorer"
|
||
|
|
echo " - Test with small transaction"
|
||
|
|
echo " - Verify all signers can sign"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Save deployment info
|
||
|
|
DEPLOYMENT_FILE="$SCRIPT_DIR/../multisig/deployment-$(date +%Y%m%d-%H%M%S).json"
|
||
|
|
cat > "$DEPLOYMENT_FILE" <<EOF
|
||
|
|
{
|
||
|
|
"network": "$NETWORK",
|
||
|
|
"deploymentDate": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
|
||
|
|
"config": $(cat "$CONFIG_FILE"),
|
||
|
|
"safeAddress": null,
|
||
|
|
"deploymentTx": null,
|
||
|
|
"status": "pending"
|
||
|
|
}
|
||
|
|
EOF
|
||
|
|
|
||
|
|
echo "Deployment tracking file created: $DEPLOYMENT_FILE"
|
||
|
|
echo ""
|
||
|
|
echo "After deployment, update the file with:"
|
||
|
|
echo " - safeAddress: Deployed Safe address"
|
||
|
|
echo " - deploymentTx: Deployment transaction hash"
|
||
|
|
echo " - status: 'deployed'"
|
||
|
|
echo ""
|
||
|
|
echo "Next Steps After Deployment:"
|
||
|
|
echo "1. Transfer contract ownership to multisig"
|
||
|
|
echo "2. Test multisig operations"
|
||
|
|
echo "3. Document multisig address"
|
||
|
|
echo "4. Set up monitoring for multisig"
|
||
|
|
|