Following this tutorial verbatim for deploying an upgradeable contract and then delegating authority to a Gnosis Safe results in an error on Rinkeby.
This forum keeps throwing an error saying I’m not allowed to post more than 2 links for some reason, so I’m putting the content in this pastebin: https://pastebin.com/CMFpDHgY
Hi @sean,
The ProxyAdmin contract is Ownable.
I want to try it out but I recommend separating the deploy and the transfer of ownership into two separate scripts.
I suggest you look at not using the ERC20 Preset Minter Pauser contract, instead you should create your own based on the Preset which takes in the address that you want to use for roles as parameters to the initializer, rather than granting and revoking in the constructor. I recently created an issue for this purpose: https://github.com/OpenZeppelin/openzeppelin-contracts/issues/2422
Hi @sean,
There is one ProxyAdmin contract per network per project (see: https://docs.openzeppelin.com/upgrades-plugins/1.x/faq#what-is-a-proxy-admin).
If you transfer ownership of the ProxyAdmin to a Gnosis Safe, all subsequent deployments of upgradeable contracts from that project will use that one ProxyAdmin. To upgrade any of the contracts you will need to do so via the Gnosis Safe (either the OpenZeppelin app in Gnosis Safe or OpenZeppelin Defender). You can still deploy from that project.
The ProxyAdmin (and your implementation contracts) are recorded in the <network_name>.json file in the .openzeppelin directory. See the documentation for details: https://docs.openzeppelin.com/upgrades-plugins/1.x/network-files
Hi @sean,
If I understand correctly, you had already transferred ownership of the ProxyAdmin and the issue occurred when you tried to do this again when it was already transferred.
I recommend separating out the deployProxy from the transfer of ownership of the ProxyAdmin, as you should only transfer the ProxyAdmin once, whilst you can deploy multiple proxies if required.
Hi @sean,
Just wanted to check if you needed any more information?
@abcoathup I need some more info please. How do I transfer the ownership a second time to a new proxy admin?
I didnt realize this was a one time action. The safe that I transfered it to, I have removed it from the Defender UI (and added a new safe). But the new safe is not the proxy admin, and I can no longer make it so.
I could use the old safe, but the problem is Defender doesnt allow me to add it back into the UI, I can only create yet another new one.
I understand I can upgrade the contracts manual using the OZ app inside Gnosis Safe, but this is cumbersome and I would like to do it through the Defender UI.
How can I add an existing safe back into my Defender UI? I believe this feature needs to be added if not already possible. I made the mistake of deleting my proxy admin, now what?
How can I re-transfer the proxy admin owner from my old safe (which is not in the UI) to my new safe (which is now in the Defender UI)?
How can I delete my project and start over in the worst case scenario. There doesnt even seem to be an option to delete the project.
Also my upgrade proposal in the UI is now in limbo, I cannot approve, view, or delete it.
Opening a proposal in Defender the UI gives me the error
Something went wrong when trying to load this proposal (Upgrade owner has changed. Expected 0x663d823a3AC353511CE26F667ad0e717c2DE7c0f but got 0xE087FDB9843c0Cceb4eA269BB8A348df577a5476.). Please try again or contact us at defender-support@openzeppelin.com.
Where the first address is the new safe, and second is the old one.
Hi @abcoathup ,
I am dealing with the same issue here.
Your hint with the json file is great. So I looked it up and it says:
"admin": {
"address": "0x2fCa1E5abFf9aE04d9CFA2B17BDf754D9388a02c",
"txHash": "0x2943650eba90c3c67eabbe3784d585720e8288c990706430e596503d2033b2b9"
},
So the highlighted address should be the proxyAdmin contract address, right?
When I go to rinkeby.etherscan.io and check this address, I can see that the contract was created about 4 months ago, longer than I work in this company I am currently working with (so I cannot verify this right now as my supervisor is on holiday).
When I use the getProxyAdmin() function and put in the address of the contract I am trying to upgrade, I get the same highlighted address from above. So I conclude that I have correctly identified the proxyAdmin address for my contract. Right?
Now when I check the owner() function, it gives me this address here:
And this is where I get lost. Cause this address seems to not like belong to our organization. It has so many transactions and sends out 18,75ETH all the time which makes me wonder if this is a faucet.
What else can I do now to solve this "Ownable: caller is not the owner" issue?
Thank you so much in advance for your help.