diff --git a/aptos-move/framework/aptos-framework/doc/aptos_governance.md b/aptos-move/framework/aptos-framework/doc/aptos_governance.md
index 4daf73a12bded..4598f8c382bbb 100644
--- a/aptos-move/framework/aptos-framework/doc/aptos_governance.md
+++ b/aptos-move/framework/aptos-framework/doc/aptos_governance.md
@@ -109,6 +109,7 @@ on a proposal multiple times as long as the total voting power of these votes do
use 0x1::governance_proposal;
use 0x1::math64;
use 0x1::option;
+use 0x1::permissioned_signer;
use 0x1::randomness_config;
use 0x1::reconfiguration_with_dkg;
use 0x1::signer;
@@ -1261,6 +1262,7 @@ Return proposal_id when a proposal is successfully created.
metadata_hash: vector<u8>,
is_multi_step_proposal: bool,
): u64 acquires GovernanceConfig, GovernanceEvents {
+ permissioned_signer::assert_master_signer(proposer);
let proposer_address = signer::address_of(proposer);
assert!(
stake::get_delegated_voter(stake_pool) == proposer_address,
@@ -1492,6 +1494,7 @@ cannot vote on the proposal even after partial governance voting is enabled.
voting_power: u64,
should_pass: bool,
) acquires ApprovedExecutionHashes, VotingRecords, VotingRecordsV2, GovernanceEvents {
+ permissioned_signer::assert_master_signer(voter);
let voter_address = signer::address_of(voter);
assert!(stake::get_delegated_voter(stake_pool) == voter_address, error::invalid_argument(ENOT_DELEGATED_VOTER));
diff --git a/aptos-move/framework/aptos-framework/doc/code.md b/aptos-move/framework/aptos-framework/doc/code.md
index ce18af9e16fbc..cf52525ae13a5 100644
--- a/aptos-move/framework/aptos-framework/doc/code.md
+++ b/aptos-move/framework/aptos-framework/doc/code.md
@@ -50,6 +50,7 @@ This module supports functionality related to code management.
use 0x1::features;
use 0x1::object;
use 0x1::option;
+use 0x1::permissioned_signer;
use 0x1::signer;
use 0x1::string;
use 0x1::system_addresses;
@@ -598,6 +599,7 @@ package.
public fun publish_package(owner: &signer, pack: PackageMetadata, code: vector<vector<u8>>) acquires PackageRegistry {
+ permissioned_signer::assert_master_signer(owner);
// Disallow incompatible upgrade mode. Governance can decide later if this should be reconsidered.
assert!(
pack.upgrade_policy.policy > upgrade_policy_arbitrary().policy,
@@ -679,6 +681,7 @@ package.
public fun freeze_code_object(publisher: &signer, code_object: Object<PackageRegistry>) acquires PackageRegistry {
+ permissioned_signer::assert_master_signer(publisher);
let code_object_addr = object::object_address(&code_object);
assert!(exists<PackageRegistry>(code_object_addr), error::not_found(ECODE_OBJECT_DOES_NOT_EXIST));
assert!(
diff --git a/aptos-move/framework/aptos-framework/doc/delegation_pool.md b/aptos-move/framework/aptos-framework/doc/delegation_pool.md
index 9ce29ab22430e..8d8af42c5b0d8 100644
--- a/aptos-move/framework/aptos-framework/doc/delegation_pool.md
+++ b/aptos-move/framework/aptos-framework/doc/delegation_pool.md
@@ -245,6 +245,7 @@ transferred to A
use 0x1::error;
use 0x1::event;
use 0x1::features;
+use 0x1::permissioned_signer;
use 0x1::pool_u64_unbound;
use 0x1::signer;
use 0x1::smart_table;
@@ -2782,6 +2783,7 @@ Ownership over setting the operator/voter is granted to owner who h
operator_commission_percentage: u64,
delegation_pool_creation_seed: vector<u8>,
) acquires DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(owner);
assert!(features::delegation_pools_enabled(), error::invalid_state(EDELEGATION_POOLS_DISABLED));
let owner_address = signer::address_of(owner);
assert!(!owner_cap_exists(owner_address), error::already_exists(EOWNER_CAP_ALREADY_EXISTS));
@@ -2942,6 +2944,7 @@ Vote on a proposal with a voter's voting power. To successfully vote, the follow
voting_power: u64,
should_pass: bool
) acquires DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(voter);
assert_partial_governance_voting_enabled(pool_address);
// synchronize delegation and stake pools before any user operation.
synchronize_delegation_pool(pool_address);
@@ -3021,6 +3024,7 @@ voting power in THIS delegation pool must be not less than the minimum required
metadata_hash: vector<u8>,
is_multi_step_proposal: bool,
) acquires DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(voter);
assert_partial_governance_voting_enabled(pool_address);
// synchronize delegation and stake pools before any user operation
@@ -3793,6 +3797,7 @@ Allows an owner to change the operator of the underlying stake pool.
owner: &signer,
new_operator: address
) acquires DelegationPoolOwnership, DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(owner);
let pool_address = get_owned_pool_address(signer::address_of(owner));
// synchronize delegation and stake pools before any user operation
// ensure the old operator is paid its uncommitted commission rewards
@@ -3828,6 +3833,7 @@ one for each pool.
operator: &signer,
new_beneficiary: address
) acquires BeneficiaryForOperator {
+ permissioned_signer::assert_master_signer(operator);
assert!(features::operator_beneficiary_change_enabled(), std::error::invalid_state(
EOPERATOR_BENEFICIARY_CHANGE_NOT_SUPPORTED
));
@@ -3873,6 +3879,7 @@ Allows an owner to update the commission percentage for the operator of the unde
owner: &signer,
new_commission_percentage: u64
) acquires DelegationPoolOwnership, DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(owner);
assert!(features::commission_change_delegation_pool_enabled(), error::invalid_state(
ECOMMISSION_RATE_CHANGE_NOT_SUPPORTED
));
diff --git a/aptos-move/framework/aptos-framework/sources/aptos_governance.move b/aptos-move/framework/aptos-framework/sources/aptos_governance.move
index 19c8d45c92753..dc75f8c2a1c3c 100644
--- a/aptos-move/framework/aptos-framework/sources/aptos_governance.move
+++ b/aptos-move/framework/aptos-framework/sources/aptos_governance.move
@@ -31,6 +31,7 @@ module aptos_framework::aptos_governance {
use aptos_framework::system_addresses;
use aptos_framework::aptos_coin::{Self, AptosCoin};
use aptos_framework::consensus_config;
+ use aptos_framework::permissioned_signer;
use aptos_framework::randomness_config;
use aptos_framework::reconfiguration_with_dkg;
use aptos_framework::timestamp;
@@ -375,6 +376,7 @@ module aptos_framework::aptos_governance {
metadata_hash: vector,
is_multi_step_proposal: bool,
): u64 acquires GovernanceConfig, GovernanceEvents {
+ permissioned_signer::assert_master_signer(proposer);
let proposer_address = signer::address_of(proposer);
assert!(
stake::get_delegated_voter(stake_pool) == proposer_address,
@@ -506,6 +508,7 @@ module aptos_framework::aptos_governance {
voting_power: u64,
should_pass: bool,
) acquires ApprovedExecutionHashes, VotingRecords, VotingRecordsV2, GovernanceEvents {
+ permissioned_signer::assert_master_signer(voter);
let voter_address = signer::address_of(voter);
assert!(stake::get_delegated_voter(stake_pool) == voter_address, error::invalid_argument(ENOT_DELEGATED_VOTER));
diff --git a/aptos-move/framework/aptos-framework/sources/code.move b/aptos-move/framework/aptos-framework/sources/code.move
index ef884c9695d1c..3e4d2d7866d71 100644
--- a/aptos-move/framework/aptos-framework/sources/code.move
+++ b/aptos-move/framework/aptos-framework/sources/code.move
@@ -13,6 +13,7 @@ module aptos_framework::code {
use std::string;
use aptos_framework::event;
use aptos_framework::object::{Self, Object};
+ use aptos_framework::permissioned_signer;
// ----------------------------------------------------------------------
// Code Publishing
@@ -145,6 +146,7 @@ module aptos_framework::code {
/// Publishes a package at the given signer's address. The caller must provide package metadata describing the
/// package.
public fun publish_package(owner: &signer, pack: PackageMetadata, code: vector>) acquires PackageRegistry {
+ permissioned_signer::assert_master_signer(owner);
// Disallow incompatible upgrade mode. Governance can decide later if this should be reconsidered.
assert!(
pack.upgrade_policy.policy > upgrade_policy_arbitrary().policy,
@@ -206,6 +208,7 @@ module aptos_framework::code {
}
public fun freeze_code_object(publisher: &signer, code_object: Object) acquires PackageRegistry {
+ permissioned_signer::assert_master_signer(publisher);
let code_object_addr = object::object_address(&code_object);
assert!(exists(code_object_addr), error::not_found(ECODE_OBJECT_DOES_NOT_EXIST));
assert!(
diff --git a/aptos-move/framework/aptos-framework/sources/delegation_pool.move b/aptos-move/framework/aptos-framework/sources/delegation_pool.move
index be1643ca6b197..d290395b1f672 100644
--- a/aptos-move/framework/aptos-framework/sources/delegation_pool.move
+++ b/aptos-move/framework/aptos-framework/sources/delegation_pool.move
@@ -124,6 +124,7 @@ module aptos_framework::delegation_pool {
use aptos_framework::aptos_governance;
use aptos_framework::coin;
use aptos_framework::event::{Self, EventHandle, emit};
+ use aptos_framework::permissioned_signer;
use aptos_framework::stake;
use aptos_framework::stake::get_operator;
use aptos_framework::staking_config;
@@ -841,6 +842,7 @@ module aptos_framework::delegation_pool {
operator_commission_percentage: u64,
delegation_pool_creation_seed: vector,
) acquires DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(owner);
assert!(features::delegation_pools_enabled(), error::invalid_state(EDELEGATION_POOLS_DISABLED));
let owner_address = signer::address_of(owner);
assert!(!owner_cap_exists(owner_address), error::already_exists(EOWNER_CAP_ALREADY_EXISTS));
@@ -941,6 +943,7 @@ module aptos_framework::delegation_pool {
voting_power: u64,
should_pass: bool
) acquires DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(voter);
assert_partial_governance_voting_enabled(pool_address);
// synchronize delegation and stake pools before any user operation.
synchronize_delegation_pool(pool_address);
@@ -1000,6 +1003,7 @@ module aptos_framework::delegation_pool {
metadata_hash: vector,
is_multi_step_proposal: bool,
) acquires DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(voter);
assert_partial_governance_voting_enabled(pool_address);
// synchronize delegation and stake pools before any user operation
@@ -1292,6 +1296,7 @@ module aptos_framework::delegation_pool {
owner: &signer,
new_operator: address
) acquires DelegationPoolOwnership, DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(owner);
let pool_address = get_owned_pool_address(signer::address_of(owner));
// synchronize delegation and stake pools before any user operation
// ensure the old operator is paid its uncommitted commission rewards
@@ -1307,6 +1312,7 @@ module aptos_framework::delegation_pool {
operator: &signer,
new_beneficiary: address
) acquires BeneficiaryForOperator {
+ permissioned_signer::assert_master_signer(operator);
assert!(features::operator_beneficiary_change_enabled(), std::error::invalid_state(
EOPERATOR_BENEFICIARY_CHANGE_NOT_SUPPORTED
));
@@ -1332,6 +1338,7 @@ module aptos_framework::delegation_pool {
owner: &signer,
new_commission_percentage: u64
) acquires DelegationPoolOwnership, DelegationPool, GovernanceRecords, BeneficiaryForOperator, NextCommissionPercentage {
+ permissioned_signer::assert_master_signer(owner);
assert!(features::commission_change_delegation_pool_enabled(), error::invalid_state(
ECOMMISSION_RATE_CHANGE_NOT_SUPPORTED
));