chore: bring main changes back to next#3052
Merged
mmagician merged 2 commits intoJun 9, 2026
Merged
Conversation
Collaborator
|
Why not actually bring all the changes on |
partylikeits1983
force-pushed
the
partylikeits1983-claude/backport-tx-script-allowlist-next
branch
from
040ba17 to
3fd17fd
Compare
partylikeits1983
changed the title
main into next
partylikeits1983
requested review from
Fumuran,
PhilippGackstatter,
bobbinth and
mmagician
PhilippGackstatter
approved these changes
Jun 8, 2026
Collaborator
|
@partylikeits1983 are you sure the list of commits is correct? E.g. I see #2994 which was already merged into |
feat: allow root-allowlisted tx scripts on network accounts (#3028) AuthNetworkAccount previously banned every transaction script outright. This generalizes that ban into a tx-script-root allowlist that mirrors the existing note-script allowlist: a transaction that runs no tx script is allowed, and any tx script that does run must have its MAST root in an allowlist fixed at account creation. This lets network accounts run owner-approved scripts (e.g. setting the expiration delta, needed by the ntx-builder) while preserving the invariant that only root-pinned, pre-approved code can run against a signature-less account. Changes: - Add `TransactionScriptRoot` newtype mirroring `NoteScriptRoot`; `TransactionScript::root()` now returns it. - Add `tx_script_allowlist.masm` (`assert_tx_script_allowed`) and switch the network auth component to it; remove the now-unused `assert_no_tx_script`. - Add `NetworkAccountTxScriptAllowlist` storage (`allowed_tx_scripts` slot); an empty allowlist permits no tx scripts (the prior behavior). - Wire through `AuthNetworkAccount::with_allowed_tx_scripts` and `AuthMethod::NetworkAccount.allowed_tx_script_roots`. A root pins a script's code but not its `TX_SCRIPT_ARGS`/advice inputs, which an arbitrary submitter controls, so only scripts whose behavior is fixed regardless of those inputs should be allowlisted. Breaking: the component gains a second storage slot (existing network accounts must be recreated), and `TransactionScript::root()` returns `TransactionScriptRoot` instead of `Word`. Closes #3027. Co-authored-by: Philipp Gackstatter <PhilippGackstatter@users.noreply.github.com>
* refactor: rename network-account note allowlist API
partylikeits1983
force-pushed
the
partylikeits1983-claude/backport-tx-script-allowlist-next
branch
from
3fd17fd to
6f0a922
Compare
Contributor
Author
|
Heads up: I force-pushed this branch to rewrite its history. The previous version did a full The branch is now a clean cherry-pick of just the two genuinely-missing commits, #3028 and #3049, rebased on the current Re-requesting review since the prior approval was on the old merge head. |
partylikeits1983
changed the title
main into next
PhilippGackstatter
approved these changes
Jun 9, 2026
mmagician
changed the title
main changes back to next
mmagician
approved these changes
Jun 9, 2026
mmagician
deleted the
partylikeits1983-claude/backport-tx-script-allowlist-next
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Brings
nextto parity withmainby backporting the only two commits that were not already onnext: the network-account tx-script allowlist (#3028) and its note-allowlist API rename follow-up (#3049).Every other commit from
main's v0.15.x line had already been independently backported tonext(CloneforTransactionContextBuilder#2979, duplicate-GER rejection #2983, MASM style-guide removal #2994, same-scheme attachment docs #2992, uniqueBURNnote id #2987, assertion-macro arms #2897, circular note-dependency rejection #2993, and B2AGGNoteType::Publicenforcement #2988 / #3005). A fullgit merge main into nextre-introduced all of those as duplicate commits, which is what the earlier version of this PR did.This version instead cherry-picks only #3028 and #3049 on top of the current
next, so the diff contains exactly those two changes and nothing else. The v0.15.1 / v0.15.2 release bumps are intentionally excluded becausenextis on0.16.0.After this merges,
nextcontains all ofmain's functional changes with no duplicated history.