npm - @etherisc/gif-next - Versions diffs - 0.0.2-ead1eb0-841 → 0.0.2-eadf4ad-211 - Mend

@etherisc/gif-next 0.0.2-ead1eb0-841 → 0.0.2-eadf4ad-211

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (182) hide show

package/contracts/registry/ReleaseManager.sol CHANGED Viewed

@@ -1,224 +1,243 @@
 // SPDX-License-Identifier: Apache-2.0
 pragma solidity ^0.8.20;
+import {Clones} from "@openzeppelin/contracts/proxy/Clones.sol";
+import {IAccessManager} from "@openzeppelin/contracts/access/manager/IAccessManager.sol";
 import {AccessManaged} from "@openzeppelin/contracts/access/manager/AccessManaged.sol";
 import {NftId} from "../type/NftId.sol";
-import {RoleId} from "../type/RoleId.sol";
+import {RoleId, ADMIN_ROLE, PUBLIC_ROLE} from "../type/RoleId.sol";
 import {ObjectType, ObjectTypeLib, zeroObjectType, REGISTRY, SERVICE} from "../type/ObjectType.sol";
 import {Version, VersionLib, VersionPart, VersionPartLib} from "../type/Version.sol";
 import {Timestamp, TimestampLib} from "../type/Timestamp.sol";
 import {IService} from "../shared/IService.sol";
+import {AccessManagerUpgradeableInitializeable} from "../shared/AccessManagerUpgradeableInitializeable.sol";
 import {IRegistry} from "./IRegistry.sol";
 import {Registry} from "./Registry.sol";
 import {IRegistryService} from "./IRegistryService.sol";
 import {RegistryAccessManager} from "./RegistryAccessManager.sol";
+    // gif admin is not technical, should sent simple txs
+    // foundation creates
+    // other guy deployes
+    // other guy checks (can precompute addresses and compare with what deployed)
+    // foundation activates
+// TODO add function to deactivate releases
+// TODO in next pr add getVersion() to releaseAccessManager only, set in initialize()
+// TODO in next pr make single base for registry access manager, release access manager and instance access manager
 contract ReleaseManager is AccessManaged
 {
     using ObjectTypeLib for ObjectType;
-    event LogReleaseCreation(VersionPart version);
+    event LogReleaseCreation(VersionPart version, bytes32 salt, AccessManagerUpgradeableInitializeable accessManager);
     event LogReleaseActivation(VersionPart version);
-    // createNextRelease
-    error NotRegistryService();
-    error UnexpectedServiceAuthority(address expected, address found);
+    // prepareRelease
+    error ErrorReleaseManagerReleaseEmpty();
+    error ErrorReleaseManagerReleaseAlreadyCreated(VersionPart version);
     // registerService
-    error NotService();
+    error ErrorReleaseManagerNotService(IService service);
+    error ErrorReleaseManagerServiceAddressInvalid(IService given, address expected);
     // activateNextRelease
-    error ReleaseNotCreated();
-    error ReleaseRegistrationNotFinished();
-    // _getAndVerifyContractInfo
-    error UnexpectedRegisterableType(ObjectType expected, ObjectType found);
-    error NotRegisterableOwner(address notOwner);
-    error SelfRegistration();
-    error RegisterableOwnerIsRegistered();
+    error ErrorReleaseManagerReleaseNotCreated(VersionPart releaseVersion);
+    error ErrorReleaseManagerReleaseRegistrationNotFinished(VersionPart releaseVersion, uint awaitingRegistration);
+    error ErrorReleaseManagerReleaseAlreadyActivated(VersionPart releaseVersion);
     // _verifyService
-    error UnexpectedServiceVersion(VersionPart expected, VersionPart found);
-    error UnexpectedServiceDomain(ObjectType expected, ObjectType found);
-    // _verifyAndStoreConfig
-    error ConfigMissing();
-    error ConfigServiceDomainInvalid(uint configArrayIndex, ObjectType domain);
-    error ConfigSelectorZero(uint configArrayIndex);
-    error SelectorAlreadyExists(VersionPart releaseVersion, ObjectType serviceDomain);
+    error ErrorReleaseManagerServiceReleaseAuthorityMismatch(IService service, address serviceAuthority, address releaseAuthority);
+    error ErrorReleaseManagerServiceReleaseVersionMismatch(IService service, VersionPart serviceVersion, VersionPart releaseVersion);
-    RegistryAccessManager private immutable _accessManager;
-    IRegistry private immutable _registry;
+    // _verifyServiceInfo
+    error ErrorReleaseManagerServiceInfoAddressInvalid(IService service, address expected);
+    error ErrorReleaseManagerServiceInfoInterceptorInvalid(IService service, bool isInterceptor);
+    error ErrorReleaseManagerServiceInfoTypeInvalid(IService service, ObjectType expected, ObjectType found);
+    error ErrorReleaseManagerServiceInfoOwnerInvalid(IService service, address expected, address found);
+    error ErrorReleaseManagerServiceSelfRegistration(IService service);
+    error ErrorReleaseManagerServiceOwnerRegistered(IService service, address owner);
-    VersionPart immutable _initial;// first active major version
-    VersionPart _latest;// latest active major version
-    VersionPart _next;// major version to create and activate
+    // _verifyServiceAuthorizations
+    error ErrorReleaseManagerServiceRoleInvalid(address service, RoleId role);
-    mapping(VersionPart majorVersion => IRegistry.ReleaseInfo info) _release;
+    RegistryAccessManager public immutable _accessManager;
+    IRegistry public immutable _registry;
-    // registry service function selector assigned to domain
-    mapping(VersionPart majorVersion => mapping(ObjectType serviceDomain => bytes4[])) _selectors;
+    mapping(VersionPart version => AccessManagerUpgradeableInitializeable accessManager) internal _releaseAccessManager;
+    mapping(VersionPart version => IRegistry.ReleaseInfo info) internal _releaseInfo;
+    mapping(address registryService => bool isActive) internal _active;// have access to registry
-    uint _awaitingRegistration; // "services left to register" counter
+    VersionPart immutable internal _initial;// first active version
+    VersionPart internal _latest;// latest active version
+    VersionPart internal _next;// version to create and activate
-    mapping(address registryService => bool isActive) _active;
-    mapping(VersionPart majorVersion => bool isValid) _valid; // TODO refactor to use _active only
+    uint internal _awaitingRegistration; // "services left to register" counter
     constructor(
         RegistryAccessManager accessManager,
         VersionPart initialVersion)
         AccessManaged(accessManager.authority())
     {
-        require(initialVersion.toInt() > 0, "ReleaseManager: initial version is 0");
         _accessManager = accessManager;
         _initial = initialVersion;
-        _next = initialVersion;
+        _next = VersionPartLib.toVersionPart(initialVersion.toInt() - 1);
         _registry = new Registry();
     }
-    /// @dev skips previous release if was not activated
-    function createNextRelease()
+    /// @dev skips previous release if it was not activated
+    function createNextRelease()
         external
         restricted // GIF_ADMIN_ROLE
+        returns(VersionPart version)
     {
-        // allow to register new registry service for next version
-        // TODO check/test: assignment to _next likely missing ...
-        VersionPartLib.toVersionPart(_next.toInt() + 1);
-        // disallow registration of regular services for next version while registry service is not registered
+        _next = VersionPartLib.toVersionPart(_next.toInt() + 1);
         _awaitingRegistration = 0;
-        emit LogReleaseCreation(_next);
     }
-    function activateNextRelease()
-        external
-        restricted // GIF_ADMIN_ROLE
+    function prepareNextRelease(
+        address[] memory addresses,
+        RoleId[][] memory serviceRoles,
+        RoleId[][] memory functionRoles,
+        bytes4[][][] memory selectors,
+        bytes32 salt
+    )
+        external
+        restricted // GIF_MANAGER_ROLE
+        returns(address releaseAccessManagerAddress, VersionPart version, bytes32 releaseSalt)
     {
-        VersionPart version = _next;
-        address service = _registry.getServiceAddress(REGISTRY(), version);
-        // release was created
-        if(service == address(0)) {
-            revert ReleaseNotCreated();
+        if(addresses.length == 0) {
+            revert ErrorReleaseManagerReleaseEmpty();
         }
-        // release fully deployed
         if(_awaitingRegistration > 0) {
-            revert ReleaseRegistrationNotFinished();
+            revert ErrorReleaseManagerReleaseAlreadyCreated(version);
         }
-        //setTargetClosed(service, false);
+        _verifyReleaseAuthorizations(addresses, serviceRoles, functionRoles, selectors);
-        _latest = version;
+        version = getNextVersion();
-        _active[service] = true;
-        _valid[version] = true;
+        _releaseInfo[version].version = version;
+        _releaseInfo[version].addresses = addresses;
+        _releaseInfo[version].serviceRoles = serviceRoles;
+        _releaseInfo[version].functionRoles = functionRoles;
+        _releaseInfo[version].selectors = selectors;
+        _awaitingRegistration = addresses.length;
-        emit LogReleaseActivation(version);
+        version = getNextVersion();
+        // ensures unique salt
+        releaseSalt = keccak256(
+            bytes.concat(
+                bytes32(version.toInt()),
+                salt));
+        releaseAccessManagerAddress = Clones.cloneDeterministic(_accessManager.authority(), releaseSalt);
+        AccessManagerUpgradeableInitializeable releaseAccessManager = AccessManagerUpgradeableInitializeable(releaseAccessManagerAddress);
+        _releaseAccessManager[version] = releaseAccessManager;
+        releaseAccessManager.initialize(address(this));
+        emit LogReleaseCreation(version, releaseSalt, releaseAccessManager);
     }
-    // TODO implement reliable way this function can only be called directly after createNextRelease()
-    // IMPORTANT: MUST never be possible to create with access/release manager, token registry
-    // callable once per release after release creation
-    // can not register regular services
-    function registerRegistryService(IRegistryService service)
+    function registerService(IService service)
         external
         restricted // GIF_MANAGER_ROLE
         returns(NftId nftId)
     {
-        if(!service.supportsInterface(type(IRegistryService).interfaceId)) {
-            revert NotRegistryService();
-        }
+        (
+            IRegistry.ObjectInfo memory info,
+            ObjectType domain,
+            VersionPart version
+        ) = _verifyService(service);
+        uint serviceIdx = _awaitingRegistration - 1;
+        address serviceAddress = _releaseInfo[version].addresses[serviceIdx];
+        // TODO temp, while typescript addresses computation is not implemented
+        /*if(address(service) != serviceAddress) {
+            revert ErrorReleaseManagerServiceAddressInvalid(service, serviceAddress);
+        }*/
+        _setServiceAuthorizations(
+            _releaseAccessManager[version],
+            // TODO temp, while typescript addresses computation is not implemented
+            address(service),//serviceAddress,
+            _releaseInfo[version].serviceRoles[serviceIdx],
+            _releaseInfo[version].functionRoles[serviceIdx],
+            _releaseInfo[version].selectors[serviceIdx]);
+        _awaitingRegistration = serviceIdx;
+        // checked in registry
+        _releaseInfo[version].domains.push(domain);
+        nftId = _registry.registerService(info, version, domain);
-        // TODO unreliable! MUST guarantee the same authority -> how?
-        address serviceAuthority = service.authority();
-        if(serviceAuthority != authority()) {
-            revert UnexpectedServiceAuthority(
-                authority(),
-                serviceAuthority);
-        }
-        IRegistry.ObjectInfo memory info = _getAndVerifyContractInfo(service, SERVICE(), msg.sender);
-        VersionPart majorVersion = _next;
-        ObjectType domain = REGISTRY();
-        _verifyService(service, majorVersion, domain);
-        _createRelease(service.getFunctionConfigs());
-        nftId = _registry.registerService(info, majorVersion, domain);
-        // external call
         service.linkToRegisteredNftId();
     }
-    // TODO adding service to release -> synchronized with proxy upgrades or simple addServiceToRelease(service, version, selector)?
-    // TODO removing service from release? -> set _active to false forever, but keep all other records?
-    function registerService(IService service)
-        external
-        restricted // GIF_MANAGER_ROLE
-        returns(NftId nftId)
+    function activateNextRelease()
+        external
+        restricted // GIF_ADMIN_ROLE
     {
-        if(!service.supportsInterface(type(IService).interfaceId)) {
-            revert NotService();
+        VersionPart version = _next;
+        address service = _registry.getServiceAddress(REGISTRY(), version);
+        // release exists, registry service is a MUST
+        //if(_releaseAccessManager[version] == address(0)) {
+        if(service == address(0)) {
+            revert ErrorReleaseManagerReleaseNotCreated(version);
+        }
+        // release fully deployed
+        if(_awaitingRegistration > 0) {
+            revert ErrorReleaseManagerReleaseRegistrationNotFinished(version, _awaitingRegistration);
         }
-        IRegistry.ObjectInfo memory info = _getAndVerifyContractInfo(service, SERVICE(), msg.sender);
-        VersionPart majorVersion = getNextVersion();
-        ObjectType domain = _release[majorVersion].domains[_awaitingRegistration];// reversed registration order of services specified in RegistryService config
-        _verifyService(service, majorVersion, domain);
-        // setup and grant unique role if service does registrations
-        bytes4[] memory selectors = _selectors[majorVersion][domain];
-        address registryService = _registry.getServiceAddress(REGISTRY(), majorVersion);
-        if(selectors.length > 0) {
-            _accessManager.setAndGrantUniqueRole(
-                address(service),
-                registryService,
-                selectors);
+        // release is not activated
+        if(_releaseInfo[version].activatedAt.gtz()) {
+            revert ErrorReleaseManagerReleaseAlreadyActivated(version);
         }
-        _awaitingRegistration--;
-        nftId = _registry.registerService(info, majorVersion, domain);
+        _latest = version;
-        // external call
-        service.linkToRegisteredNftId();
+        _active[service] = true;
+        _releaseInfo[version].activatedAt = TimestampLib.blockTimestamp();
+        emit LogReleaseActivation(version);
     }
     //--- view functions ----------------------------------------------------//
-    function isActiveRegistryService(address service) external view returns(bool)
-    {
+    function predictDeterministicAddress(
+        address implementation,
+        bytes32 salt,
+        address deployer
+    ) external pure returns (address predicted) {
+        return Clones.predictDeterministicAddress(implementation, salt, deployer);
+    }
+    function isActiveRegistryService(address service) external view returns(bool) {
         return _active[service];
     }
-    function isValidRelease(VersionPart version) external view returns(bool)
-    {
-        return _valid[version];
+    function isValidRelease(VersionPart version) external view returns(bool) {
+        return _releaseInfo[version].activatedAt.gtz();
     }
-    function getRegistry() external view returns(address)
-    {
+    function getRegistry() external view returns(address) {
         return (address(_registry));
     }
-    function getReleaseInfo(VersionPart version) external view returns(IRegistry.ReleaseInfo memory)
-    {
-        return _release[version];
+    function getReleaseInfo(VersionPart version) external view returns(IRegistry.ReleaseInfo memory) {
+        return _releaseInfo[version];
     }
-    function getNextVersion() public view returns(VersionPart)
-    {
+    function getNextVersion() public view returns(VersionPart) {
         return _next;
     }
@@ -230,99 +249,134 @@ contract ReleaseManager is AccessManaged
         return _initial;
     }
+    function getReleaseAccessManager(VersionPart version) external view returns(AccessManagerUpgradeableInitializeable) {
+        return _releaseAccessManager[version];
+    }
     //--- private functions ----------------------------------------------------//
-    function _getAndVerifyContractInfo(
+    function _verifyService(IService service)
+        internal
+        returns(
+            IRegistry.ObjectInfo memory serviceInfo,
+            ObjectType serviceDomain,
+            VersionPart serviceVersion
+        )
+    {
+        if(!service.supportsInterface(type(IService).interfaceId)) {
+            revert ErrorReleaseManagerNotService(service);
+        }
+        address owner = msg.sender;
+        address serviceAuthority = service.authority();
+        serviceVersion = service.getVersion().toMajorPart();
+        serviceDomain = service.getDomain();// checked in registry
+        serviceInfo = service.getInitialInfo();
+        _verifyServiceInfo(service, serviceInfo, owner);
+        VersionPart releaseVersion = getNextVersion(); // never 0
+        address releaseAuthority = address(_releaseAccessManager[releaseVersion]); // can be zero if registering service when release is not created
+        // IMPORTANT: can not guarantee service access is actually controlled by authority
+        if(serviceAuthority != releaseAuthority) {
+            revert ErrorReleaseManagerServiceReleaseAuthorityMismatch(
+                service,
+                serviceAuthority,
+                releaseAuthority);
+        }
+        if(serviceVersion != releaseVersion) {
+            revert ErrorReleaseManagerServiceReleaseVersionMismatch(
+                service,
+                serviceVersion,
+                releaseVersion);
+        }
+    }
+    function _verifyServiceInfo(
         IService service,
-        ObjectType expectedType,
+        IRegistry.ObjectInfo memory info,
         address expectedOwner // assume always valid, can not be 0
     )
         internal
-        // view
-        returns(
-            IRegistry.ObjectInfo memory info
-        )
+        view
     {
-        info = service.getInitialInfo();
-        info.objectAddress = address(service);
-        info.isInterceptor = false; // service is never interceptor, at least now
+        if(info.objectAddress != address(service)) {
+            revert ErrorReleaseManagerServiceInfoAddressInvalid(service, address(service));
+        }
+        if(info.isInterceptor != false) { // service is never interceptor
+            revert ErrorReleaseManagerServiceInfoInterceptorInvalid(service, info.isInterceptor);
+        }
-        if(info.objectType != expectedType) {// type is checked in registry anyway...but service logic may depend on expected value
-            revert UnexpectedRegisterableType(expectedType, info.objectType);
+        if(info.objectType != SERVICE()) {// type is checked in registry anyway...but service logic may depend on expected value
+            revert ErrorReleaseManagerServiceInfoTypeInvalid(service, SERVICE(), info.objectType);
         }
         address owner = info.initialOwner;
         if(owner != expectedOwner) { // registerable owner protection
-            revert NotRegisterableOwner(expectedOwner);
+            revert ErrorReleaseManagerServiceInfoOwnerInvalid(service, expectedOwner, owner);
         }
         if(owner == address(service)) {
-            revert SelfRegistration();
+            revert ErrorReleaseManagerServiceSelfRegistration(service);
         }
         if(_registry.isRegistered(owner)) {
-            revert RegisterableOwnerIsRegistered();
+            revert ErrorReleaseManagerServiceOwnerRegistered(service, owner);
         }
     }
-    function _verifyService(
-        IService service,
-        VersionPart expectedVersion,
-        ObjectType expectedDomain
+    function _verifyReleaseAuthorizations(
+        address[] memory serviceAddress,
+        RoleId[][] memory serviceRoles,
+        RoleId[][] memory functionRoles,
+        bytes4[][][] memory selectors
     )
         internal
         view
-        returns(ObjectType)
     {
-        Version version = service.getVersion();
-        VersionPart majorVersion = version.toMajorPart();
-        if(majorVersion != expectedVersion) {
-            revert UnexpectedServiceVersion(expectedVersion, majorVersion);
-        }
-        if(service.getDomain() != expectedDomain) {
-            revert UnexpectedServiceDomain(expectedDomain, service.getDomain());
+        for(uint serviceIdx = 0; serviceIdx < serviceAddress.length; serviceIdx++)
+        {
+            for(uint roleIdx = 0; roleIdx < serviceRoles[serviceIdx].length; roleIdx++)
+            {
+                RoleId role = serviceRoles[serviceIdx][roleIdx];
+                if(role == ADMIN_ROLE()) {
+                    revert ErrorReleaseManagerServiceRoleInvalid(serviceAddress[serviceIdx], role);
+                }
+            }
         }
-        return expectedDomain;
+        // TODO no duplicate service "domain" role per release
+        // TODO no duplicate service roles per service
+        // TODO no duplicate service function roles per service
+        // TODO no duplicate service function selectors per service
     }
-    // TODO check if registry supports types specified in the config array
-    function _createRelease(IRegistryService.FunctionConfig[] memory config)
+    function _setServiceAuthorizations(
+        IAccessManager accessManager,
+        address serviceAddress,
+        RoleId[] memory serviceRoles,
+        RoleId[] memory functionRoles,
+        bytes4[][] memory selectors
+    )
         internal
     {
-        VersionPart version = getNextVersion();
-        if(config.length == 0) {
-            revert ConfigMissing();
-        }
-        // always in release
-        _release[version].domains.push(REGISTRY());
-        for(uint idx = 0; idx < config.length; idx++)
+        for(uint idx = 0; idx < functionRoles.length; idx++)
         {
-            ObjectType domain = config[idx].serviceDomain;
-            // not "registry service" / zero domain
-            if(
-                domain == REGISTRY() ||
-                domain.eqz()
-            ) { revert ConfigServiceDomainInvalid(idx, domain); }
-            bytes4[] memory selectors = config[idx].selectors;
-            // TODO can be zero -> e.g. duplicate domain, first with zero selector, second with non zero selector -> need to check _release[version].domains.contains(domain) instead
-            // no overwrite
-            if(_selectors[version][domain].length > 0) {
-                revert SelectorAlreadyExists(version, domain);
-            }
-            _selectors[version][domain] = selectors;
-            _release[version].domains.push(domain);
+            accessManager.setTargetFunctionRole(
+                serviceAddress,
+                selectors[idx],
+                functionRoles[idx].toInt());
         }
-        // TODO set when activated?
-        _release[version].createdAt = TimestampLib.blockTimestamp();
-        //_release[version].updatedAt = TimestampLib.blockTimestamp();
-        _awaitingRegistration = config.length;
+        for(uint idx = 0; idx < serviceRoles.length; idx++)
+        {
+            accessManager.grantRole(
+                serviceRoles[idx].toInt(),
+                serviceAddress,
+                0);
+        }
     }
 }

package/contracts/shared/ComponentService.sol CHANGED Viewed

@@ -26,15 +26,6 @@ abstract contract ComponentService is
     error ErrorComponentServiceSenderNotService(address sender);
     error ErrorComponentServiceComponentTypeInvalid(address component, ObjectType expectedType, ObjectType foundType);
-    /// @dev modifier to check if caller is a registered service
-    modifier onlyService() {
-        address caller = msg.sender;
-        if(!getRegistry().isRegisteredService(caller)) {
-            revert ErrorComponentServiceSenderNotService(caller);
-        }
-        _;
-    }
     // view functions
     function getRegistryService() public view virtual returns (IRegistryService) {

package/contracts/shared/ProxyManager.sol CHANGED Viewed

@@ -2,6 +2,7 @@
 pragma solidity ^0.8.20;
 import {ITransparentUpgradeableProxy} from "@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol";
+import {Create2} from "@openzeppelin/contracts/utils/Create2.sol";
 import {Blocknumber, blockNumber} from "../type/Blocknumber.sol";
 import {IVersionable} from "./IVersionable.sol";
@@ -79,6 +80,31 @@ contract ProxyManager is
         emit LogProxyManagerVersionableDeployed(address(_proxy), initialImplementation);
     }
+    function deployDetermenistic(address initialImplementation, bytes memory initializationData, bytes32 salt)
+        public
+        virtual
+        onlyOwner()
+        returns (IVersionable versionable)
+    {
+        if (_versions.length > 0) {
+            revert ErrorProxyManagerAlreadyDeployed();
+        }
+        address currentProxyOwner = getOwner();
+        address initialProxyAdminOwner = address(this);
+        _proxy = new UpgradableProxyWithAdmin{salt: salt}(
+            initialImplementation,
+            initialProxyAdminOwner,
+            getDeployData(currentProxyOwner, initializationData)
+        );
+        versionable = IVersionable(address(_proxy));
+        _updateVersionHistory(versionable.getVersion(), initialImplementation, currentProxyOwner);
+        emit LogProxyManagerVersionableDeployed(address(_proxy), initialImplementation);
+    }
     /// @dev upgrade existing contract
     function upgrade(address newImplementation, bytes memory upgradeData)
         public

package/contracts/staking/StakingService.sol CHANGED Viewed

@@ -143,14 +143,17 @@ contract StakingService is
         virtual override
         initializer()
     {
-        // TODO check this, might no longer be the way, refactor if necessary
-        address registryAddress;
-        (registryAddress,) = abi.decode(data, (address, address));
+        (
+            address registryAddress,,
+            //address managerAddress
+            address authority
+        ) = abi.decode(data, (address, address, address));
+        initializeService(registryAddress, authority, owner);
         StakingServiceStorage storage $ = _getStakingServiceStorage();
         $._poolService = IPoolService(_getServiceAddress(POOL()));
-        initializeService(registryAddress, address(0), owner);
         registerInterface(type(IStakingService).interfaceId);
     }

package/contracts/staking/{StakeingServiceManager.sol → StakingServiceManager.sol} RENAMED Viewed

@@ -13,15 +13,18 @@ contract StakingServiceManager is
     /// @dev initializes proxy manager with service implementation
     constructor(
-        address registryAddress
+        address authority,
+        address registryAddress,
+        bytes32 salt
     )
         ProxyManager(registryAddress)
     {
-        StakingService svc = new StakingService();
-        bytes memory data = abi.encode(registryAddress, address(this));
-        IVersionable versionable = deploy(
+        StakingService svc = new StakingService{salt: salt}();
+        bytes memory data = abi.encode(registryAddress, address(this), authority);
+        IVersionable versionable = deployDetermenistic(
             address(svc),
-            data);
+            data,
+            salt);
         _stakingService = StakingService(address(versionable));
     }