Native deploy, upgrade, and Squads multisig integration#68
Open
Native deploy, upgrade, and Squads multisig integration#68
Conversation
agave-install needs a full version (e.g. 2.1.21), not just a major.minor prefix. Comparison still uses major.minor matching.
- `quasar keys list` prints program ID from keypair file - `quasar keys sync` updates declare_id!() to match keypair - `quasar keys new` generates keypair + syncs (--force to overwrite) - `quasar clean` now preserves keypair files in target/deploy/ Uses the IDL parser's syn-based extraction for declare_id!(). Closes #64
- Validate program keypair is exactly 64 bytes before slicing in deploy.rs - Add RPC error field checks to get_latest_blockhash and get_account_data - Make Keypair inner SigningKey private (was unnecessarily pub)
Critical: - Transfer buffer authority to vault PDA after write-buffer so Squads can actually execute the upgrade Important: - Extract resolve_program_keypair() to deduplicate keypair path logic - Move program ID extraction to multisig::read_program_id_from_keypair() making deploy.rs a thin dispatch for the multisig path - Expand ~ in read_config_field() results via expand_tilde() - read_program_id_from_keypair() checks file existence before reading Minor: - Hoist AccountMeta import to module level (was repeated in 3 functions) - Use checked_add for transaction index increment - Remove tautological bump <= 255 assertion (u8 is always <= 255) - Add tilde_expansion test
quasar deploy --multisig <ADDR> --status now fetches and displays:
- Proposal status (Active/Approved/Executed/etc) with colored labels
- Each voting member's approval state (green check or dim dot)
- Threshold progress ("2/3 signed — awaiting 1 signature")
- If threshold met, interactive prompt to execute the transaction
Addresses shown in short format (1234...5678). Colored output
throughout using the existing style module.
Also adds: parse_multisig_account, parse_proposal_account,
vault_transaction_execute_ix, and 5 new tests.
…ct/multisig) - quasar deploy: initial deploy, errors if program exists on-chain - quasar deploy --multisig: deploy + transfer authority to vault - quasar deploy --upgrade: direct upgrade - quasar deploy --upgrade --multisig: propose through Squads Extracts parse_multisig_address, build_and_find_so, solana_deploy helpers. Makes short_addr public for cross-module use.
…beta) to RPC URLs
…ly, fix clippy - Fix critical VaultTransaction deserialization: creator is Pubkey (32 bytes) not 8, vault_bump field was missing, ephemeral_signer_bumps is Vec<u8> not u8. vault_index now correctly read at offset 81, message offset accounts for variable-length ephemeral bumps vec. - Resolve cluster URL (localnet→http://localhost:8899 etc.) before passing to solana CLI in all deploy paths, not just multisig paths. - Refactor deploy::run() from 8 positional params to DeployOpts struct to satisfy clippy::too_many_arguments. - Collapse nested if into single condition (clippy::collapsible_if). - Add 2 tests for VaultTransaction execute IX parsing (with and without ephemeral signer bumps).
Move RPC helpers, Keypair struct, and Solana CLI config functions into a dedicated rpc module shared by both multisig.rs and deploy.rs. Add Keypair::generate() for programmatic keypair creation.
…r returns - All ureq RPC calls go through a shared agent with 30s global timeout - Buffer chunk writes retry up to 3 times with 1s backoff - Multisig propose and execute paths now confirm transactions - Replace process::exit(1) in deploy.rs with proper error propagation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Native deploy pipeline
Previously
quasar deployshelled out tosolana program deploy. We had no control over transaction construction, couldn't set priority fees, and got the Solana CLI's error messages instead of our own. This branch rebuilds the entire deploy path in native Rust — we encode BPF Loader Upgradeable instructions directly, manage buffer uploads ourselves, and talk to the RPC viaureq.Every transaction in the pipeline now carries a
SetComputeUnitPriceinstruction. The CLI queriesgetRecentPrioritizationFeesfor a median and applies it automatically, or you can override with--priority-fee.Buffer uploads chunk at 950 bytes per transaction with a progress bar, retry failed chunks up to 3 times with fresh blockhashes, and confirm every transaction via
getSignatureStatusespolling. No fire-and-forget.The deploy command validates state before doing work:
--upgrade)--upgrade)No
solanaCLI subprocess calls remain in the deploy or multisig code paths.Squads v4 multisig integration
New
--multisig <address>flag onquasar deployfor teams that manage program authority through a Squads multisig.quasar deploy --multisig <addr>— Fresh deploy, then transfers upgrade authority to the multisig vault.quasar deploy --upgrade --multisig <addr>— Uploads a buffer, transfers buffer authority to the vault, then submits a Squads proposal (VaultTransactionCreate + ProposalCreate + ProposalApprove) in a single transaction.quasar deploy --upgrade --multisig <addr> --status— Fetches the latest proposal, shows each member's vote with colored indicators, and prompts to execute if threshold is met.The Squads integration parses on-chain account layouts directly (multisig state, proposals, vault transactions) rather than depending on an SDK. Anchor discriminators are computed at runtime. The inner upgrade instruction is encoded as a Squads
TransactionMessagematching their SmallVec wire format.CLI reference
quasar deployBuild and deploy a fresh program. Fails if the program keypair already exists on-chain.
quasar deploy --upgradeUpgrade an existing program. Verifies the on-chain upgrade authority matches your keypair before uploading the buffer.
quasar deploy --upgrade --multisig <ADDRESS>Propose a program upgrade through a Squads v4 multisig. Uploads the buffer, transfers its authority to the multisig vault, then creates a vault transaction + proposal and casts the first approval vote.
quasar deploy --upgrade --multisig <ADDRESS> --statusShow the approval status of the latest multisig proposal. Displays each voting member with a green checkmark or dim dot, the threshold progress, and prompts to execute if enough signatures have been collected.
Shared options
--program-keypair <PATH>target/deploy/<name>-keypair.json--upgrade-authority <PATH>-k, --keypair <PATH>-u, --url <URL>devnet,testnet,localnet,mainnet-beta). Defaults to Solana CLI config--skip-build.so--priority-fee <MICRO_LAMPORTS>New modules
rpc.rsKeypairwrapper overed25519-dalek, transaction confirmationbpf_loader.rsComputeBudgetencoding, deploy/upgrade/buffer orchestratorsmultisig.rs