Elgato_dark/datahaven
1
0
Fork 0
mirror of https://github.com/datahaven-xyz/datahaven synced 2026-05-24 01:38:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
datahaven/operator/runtime/testnet/tests
History
Steve Degosserie 72c3457183
fix: 🔨 Replace FreezeChainOnFailedMigration with SafeMode handler (#308) 
## Summary

Replaced the `DefaultFailedMigrationHandler` (which completely froze the
chain on migration failures) with `EnterSafeModeOnFailedMigration`
across all three runtimes (mainnet, stagenet, testnet). When a migration
fails, the chain now automatically enters SafeMode instead of freezing,
allowing governance to intervene and fix issues while preventing regular
user transactions.

## Problem

Previously, when a runtime migration failed, the chain would use
`FreezeChainOnFailedMigration`, which completely halted all operations
including governance functions. This made it impossible to recover from
migration failures without manual intervention at the node level.

## Solution

Implemented `EnterSafeModeOnFailedMigration` which:
- **Enters SafeMode** when a migration fails: the chain remains
_indefinitely_ under safe mode until it is disabled, either with Sudo or
Governance.
- **Allows governance operations** to continue (Sudo, SafeMode, TxPause,
Preimage, Scheduler, etc.)
- **Blocks regular user transactions** to prevent interaction with
potentially inconsistent storage
- **Falls back to freezing** if SafeMode cannot be entered

## Changes

### Core Implementation
- **`runtime/common/src/migrations.rs`**: Added
`FailedMigrationHandler<SafeMode>` type alias that wraps
`EnterSafeModeOnFailedMigration` with comprehensive documentation
- **All three runtimes** (`mainnet`, `stagenet`, `testnet`):
- Updated `pallet_migrations::Config::FailedMigrationHandler` to use
`FailedMigrationHandler<SafeMode>`
  - Removed obsolete TODO comments

### Tests
Added comprehensive migration failure tests to all three runtimes:
- **`failed_migration_enters_safe_mode`**: Verifies SafeMode is
activated, expiry is set, and event is emitted
- **`safe_mode_allows_governance_during_migration_failure`**: Confirms
governance can exit SafeMode after migration failure
- **`migrations_force_calls_are_root_only`**: Existing test for
migration management permissions

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Ahmad Kaouk <56095276+ahmadkaouk@users.noreply.github.com>
2025-11-25 16:09:19 +01:00
..
governance chore: ♻️ Add missing license header in operator & AVS contracts source code (#285) 2025-11-10 12:56:41 +01:00
common.rs chore: ♻️ Add missing license header in operator & AVS contracts source code (#285) 2025-11-10 12:56:41 +01:00
fee_adjustment.rs chore: ♻️ Add missing license header in operator & AVS contracts source code (#285) 2025-11-10 12:56:41 +01:00
lib.rs chore: ♻️ Add missing license header in operator & AVS contracts source code (#285) 2025-11-10 12:56:41 +01:00
migrations.rs fix: 🔨 Replace FreezeChainOnFailedMigration with SafeMode handler (#308) 2025-11-25 16:09:19 +01:00
native_token_transfer.rs chore: ♻️ Add missing license header in operator & AVS contracts source code (#285) 2025-11-10 12:56:41 +01:00
proxy.rs chore: ♻️ Add missing license header in operator & AVS contracts source code (#285) 2025-11-10 12:56:41 +01:00
safe_mode_tx_pause.rs fix: 🔨 Replace FreezeChainOnFailedMigration with SafeMode handler (#308) 2025-11-25 16:09:19 +01:00
treasury.rs chore: ♻️ Add missing license header in operator & AVS contracts source code (#285) 2025-11-10 12:56:41 +01:00