Add testnet governance deployment and testing scripts

[alysiahuggins]

Adds scripts for deploying and testing the complete governance setup on testnets. This makes it much easier to validate timelock operations, role management, and ownership transfers before mainnet.

This PR:

• Adds testnet-governance-deploy.sh - deploys all contracts with proper timelock ownership, roles, and governance controls in one go
• Adds testnet-governance-flows.sh - tests timelock operations (schedule, execute, cancel) and role management
• Adds support for empty function values in timelock operations, so parameterless functions like pause() work without needing --function-values ""

This PR does not:

• test multisig operations

Key places to review:

• contracts/rust/deployer/scripts/testnet-governance-deploy.sh - main deployment orchestration
• contracts/rust/deployer/scripts/testnet-governance-flows.sh - testing flows

How to test this PR:

Follow readme, feel free to test on localhost using anvil

Things tested

• Tested flow with Rob where he executed testnet-governance-flows.sh and he confirmed his transactions with his hardware wallet
• Deployed to Sepolia testnet with shortened timelock delays (30s for Ops, 60s for SafeExit)
• Verified timelock operations work correctly (schedule, execute, cancel)
• Tested role management via timelock (grant/revoke PAUSER_ROLE)
• Confirmed ownership transfers to timelocks work as expected

Things not tested

• Any multisig interaction but this will be addressed when another PR is merged

---

• To see the specific tasks where the Asana app for GitHub is being used, see below:
  • https://app.asana.com/0/0/1211707758778733

[alysiahuggins]

created this function because when i was i did storage reads of a recently deployed address, the data was not available to be read yet

[alysiahuggins]

/gemini review

[gemini-code-assist]

Thank you for the explanation! This retry_until_true helper is indeed a very good solution for handling the eventual consistency issues often encountered when performing storage reads immediately after transactions, especially on public RPC nodes. It significantly improves the robustness of the deployment and verification scripts by accounting for potential RPC latency. Excellent addition!

[alysiahuggins]

@gemini-code-assist review

[gemini-code-assist]

Code Review

This pull request introduces valuable scripts for deploying and testing the complete governance setup on testnets, significantly easing the validation of timelock operations, role management, and ownership transfers. The implementation of a robust retry mechanism for state checks after transactions is a critical improvement, enhancing the reliability of deployments and upgrades, especially on potentially flaky RPC networks. Additionally, allowing empty function values in timelock operations adds necessary flexibility for interacting with parameterless contract functions. Overall, these changes are well-structured and contribute positively to the project's testing and deployment infrastructure.

[alysiahuggins]

/gemini summary

[gemini-code-assist]

Summary of Changes

This pull request significantly enhances the testnet environment by introducing dedicated scripts for deploying and thoroughly testing the complete governance setup. It streamlines the validation process for critical operations like timelock scheduling and execution, role management, and ownership transfers, ensuring the system behaves as expected before mainnet deployment. The changes also improve the reliability of deployment and verification steps by incorporating retry logic and cooldowns to account for eventual consistency with RPC nodes, making the testing process more robust and less prone to transient failures.

Highlights

• New Testnet Governance Scripts: Introduced testnet-governance-deploy.sh for comprehensive deployment of governance contracts and testnet-governance-flows.sh for validating timelock operations and role management on testnets.
• Enhanced Deployment Robustness: Implemented retry mechanisms with exponential backoff (retry_until_true helper) and 1-second cooldowns after contract deployments to address RPC timing issues and rate limiting, ensuring more reliable deployments and state verification.
• Flexible Timelock Operations: Modified the deployer to support empty function values in timelock operations, allowing parameterless functions (e.g., pause()) to be scheduled and executed via the timelock without requiring dummy arguments.
• Dynamic Environment Configuration: Updated .env to use dynamic references for ESPRESSO_SEQUENCER_ETH_MULTISIG_PAUSER_ADDRESS and ESPRESSO_SAFE_EXIT_TIMELOCK_ADMIN, improving configurability and reducing hardcoded values.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• .env
  • Updated ESPRESSO_SEQUENCER_ETH_MULTISIG_PAUSER_ADDRESS and ESPRESSO_SAFE_EXIT_TIMELOCK_ADMIN to reference ESPRESSO_SEQUENCER_ETH_MULTISIG_ADDRESS for dynamic configuration.
• .gitignore
  • Added .env.governance.test to the ignore list to prevent committing generated test environment files.
• contracts/rust/deployer/scripts/README.md
  • Added a new README detailing the usage, prerequisites, deployment steps, and flow testing instructions for the new governance scripts.
• contracts/rust/deployer/scripts/testnet-governance-deploy.sh
  • Introduced a new shell script to automate the deployment of all governance-related contracts (Ops Timelock, Safe Exit Timelock, Core Contracts, Upgrades, Fee Contract) to testnets, configuring them with proper timelock ownership and roles.
• contracts/rust/deployer/scripts/testnet-governance-flows.sh
  • Introduced a new shell script to automate the testing of various governance flows, including scheduling, executing, and canceling timelock operations, and granting roles via timelock.
• contracts/rust/deployer/src/lib.rs
  • Added constants MAX_RETRY_ATTEMPTS and RETRY_INITIAL_DELAY_MS for retry logic.
  • Implemented a 1-second cooldown after each contract deployment to mitigate RPC rate limiting.
  • Integrated a new retry_until_true helper function into contract upgrade verification steps and proxy implementation reading to handle eventual consistency issues with RPC nodes.
  • Corrected init_data cloning in a test case.
• contracts/rust/deployer/src/proposals/timelock.rs
  • Added is_operation_canceled function to check the status of canceled timelock operations.
  • Incorporated the retry_until_true helper into schedule_timelock_operation, execute_timelock_operation, and cancel_timelock_operation to ensure reliable verification of timelock operation states.
• sequencer/src/bin/deploy.rs
  • Modified the function_values argument parsing to allow for empty values, enabling timelock operations for parameterless functions.

Activity

• alysiahuggins requested a review from gemini-code-assist.
• alysiahuggins requested a summary from gemini.
• alysiahuggins created the retry_until_true function to handle eventual consistency in storage reads after deployment.
• gemini-code-assist[bot] praised the retry_until_true helper as an excellent solution for RPC latency and improved robustness.
• gemini-code-assist[bot] identified a high-priority issue regarding a hardcoded OLD_PAUSER address in testnet-governance-flows.sh.
• alysiahuggins addressed the hardcoded OLD_PAUSER issue by making it dynamic.
• gemini-code-assist[bot] confirmed the OLD_PAUSER issue was resolved by dynamic assignment.
• gemini-code-assist[bot] identified a medium-priority issue regarding an ambiguous comment for ACCOUNT_INDEX in README.md.
• alysiahuggins addressed the ambiguous ACCOUNT_INDEX comment.
• gemini-code-assist[bot] confirmed the ACCOUNT_INDEX comment clarity issue was resolved.
• gemini-code-assist[bot] identified a medium-priority issue regarding a hardcoded NEW_ESCROW_PERIOD in testnet-governance-flows.sh.
• alysiahuggins addressed the hardcoded NEW_ESCROW_PERIOD issue by making it configurable.
• gemini-code-assist[bot] confirmed the NEW_ESCROW_PERIOD configurability issue was resolved.

[sveitser]

LGTM. Wasn't fully able to test the flow script but seems like a good addition even if there are some rough edges.