diff --git a/foundry.lock b/foundry.lock index f52506e..e946936 100644 --- a/foundry.lock +++ b/foundry.lock @@ -9,6 +9,6 @@ "rev": "67b81b417e3f2311f71058d526e4c16518b393cc" }, "lib/rain.vats": { - "rev": "cad9ca4c9f230c97d481c58f635a33c774e22c07" + "rev": "f52c8b471c557d672c1f0ecec5e39b8ae8f337fe" } } \ No newline at end of file diff --git a/lib/rain.vats b/lib/rain.vats index cad9ca4..f52c8b4 160000 --- a/lib/rain.vats +++ b/lib/rain.vats @@ -1 +1 @@ -Subproject commit cad9ca4c9f230c97d481c58f635a33c774e22c07 +Subproject commit f52c8b471c557d672c1f0ecec5e39b8ae8f337fe diff --git a/test/src/lib/LibProdTokensBase.t.sol b/test/src/lib/LibProdTokensBase.t.sol index 87a8889..e3d07c4 100644 --- a/test/src/lib/LibProdTokensBase.t.sol +++ b/test/src/lib/LibProdTokensBase.t.sol @@ -12,6 +12,7 @@ import {IReceiptVaultV3} from "rain.vats/interface/IReceiptVaultV3.sol"; import { IOffchainAssetReceiptVaultBeaconSetDeployerV1 } from "rain.vats/interface/IOffchainAssetReceiptVaultBeaconSetDeployerV1.sol"; +import {IAuthorizableV1} from "rain.vats/interface/IAuthorizableV1.sol"; import { ERC1967_BEACON_SLOT, LibExtrospectERC1967BeaconProxy @@ -89,6 +90,14 @@ contract LibProdTokensBaseTest is Test { LibExtrospectERC1967BeaconProxy.isBeaconOwner(wrappedVaultBeacon, LibProdDeployV1.BEACON_INITIAL_OWNER), "wrapped vault beacon owner mismatch" ); + + // Every prod receipt vault must report a non-zero authorizer, + // and all 13 prod token sets must share the same authorizer + // contract. Inconsistency would mean one vault is configured + // against a different permission boundary than its siblings. + address mstrAuthorizer = address(IAuthorizableV1(LibProdTokensBase.MSTR_RECEIPT_VAULT).authorizer()); + assertTrue(mstrAuthorizer != address(0), "mstr authorizer is zero"); + assertEq(address(IAuthorizableV1(receiptVault).authorizer()), mstrAuthorizer, "authorizer differs from mstr's"); } function testMstrTokenSetOnBase() external {