@layerzerolabs/protocol-stellar-v2 0.2.11 → 0.2.13

package/contracts/message-libs/uln-302/src/tests/receive_uln302/set_default_receive_uln_configs.rs

@@ -17,8 +17,8 @@ fn test_set_default_receive_uln_configs() {
 
     let oapp_receive_uln_configs = vec![
         &env,
-        SetDefaultUlnConfigParam { dst_eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) },
-        SetDefaultUlnConfigParam { dst_eid: 101, config: UlnConfig::generate(&env, 2, 1, 3, 1) },
+        SetDefaultUlnConfigParam { eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) },
+        SetDefaultUlnConfigParam { eid: 101, config: UlnConfig::generate(&env, 2, 1, 3, 1) },
     ];
 
     env.mock_auths(&[MockAuth {
@@ -37,7 +37,7 @@ fn test_set_default_receive_uln_configs() {
 
     let uln302_receive_client = ReceiveUln302Client::new(&env, &uln302.address);
     for config in oapp_receive_uln_configs.clone() {
-        assert_eq!(uln302_receive_client.default_receive_uln_config(&config.dst_eid), Some(config.config));
+        assert_eq!(uln302_receive_client.default_receive_uln_config(&config.eid), Some(config.config));
     }
 }
 
@@ -47,7 +47,7 @@ fn test_set_default_receive_uln_configs_authorization() {
     let TestSetup { env, uln302, .. } = setup();
 
     let oapp_receive_uln_configs =
-        vec![&env, SetDefaultUlnConfigParam { dst_eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) }];
+        vec![&env, SetDefaultUlnConfigParam { eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) }];
 
     uln302.set_default_receive_uln_configs(&oapp_receive_uln_configs);
 }
@@ -58,7 +58,7 @@ fn test_set_default_receive_uln_configs_assert_default_config() {
 
     let mut config = UlnConfig::generate(&env, 1, 1, 3, 1);
     config.required_dvns.push_back(config.required_dvns.get(0).unwrap().clone());
-    let oapp_receive_uln_configs = vec![&env, SetDefaultUlnConfigParam { dst_eid: 100, config }];
+    let oapp_receive_uln_configs = vec![&env, SetDefaultUlnConfigParam { eid: 100, config }];
 
     env.mock_all_auths();
     let result = uln302.try_set_default_receive_uln_configs(&oapp_receive_uln_configs);

package/contracts/message-libs/uln-302/src/tests/send_uln302/set_default_send_uln_configs.rs

@@ -18,8 +18,8 @@ fn test_set_default_send_uln_configs() {
 
     let oapp_send_uln_configs = vec![
         &env,
-        SetDefaultUlnConfigParam { dst_eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) },
-        SetDefaultUlnConfigParam { dst_eid: 101, config: UlnConfig::generate(&env, 2, 1, 3, 1) },
+        SetDefaultUlnConfigParam { eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) },
+        SetDefaultUlnConfigParam { eid: 101, config: UlnConfig::generate(&env, 2, 1, 3, 1) },
     ];
 
     env.mock_auths(&[MockAuth {
@@ -38,7 +38,7 @@ fn test_set_default_send_uln_configs() {
 
     let uln302_send_client = SendUln302Client::new(&env, &uln302.address);
     for config in oapp_send_uln_configs.clone() {
-        assert_eq!(uln302_send_client.default_send_uln_config(&config.dst_eid), Some(config.config));
+        assert_eq!(uln302_send_client.default_send_uln_config(&config.eid), Some(config.config));
     }
 }
 
@@ -48,7 +48,7 @@ fn test_set_default_send_uln_configs_authorization() {
     let TestSetup { env, uln302, .. } = setup();
 
     let oapp_send_uln_configs =
-        vec![&env, SetDefaultUlnConfigParam { dst_eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) }];
+        vec![&env, SetDefaultUlnConfigParam { eid: 100, config: UlnConfig::generate(&env, 1, 1, 3, 1) }];
 
     uln302.set_default_send_uln_configs(&oapp_send_uln_configs);
 }
@@ -59,7 +59,7 @@ fn test_set_default_send_uln_configs_assert_default_config() {
 
     let mut config = UlnConfig::generate(&env, 1, 1, 3, 1);
     config.required_dvns.push_back(config.required_dvns.get(0).unwrap().clone());
-    let oapp_send_uln_configs = vec![&env, SetDefaultUlnConfigParam { dst_eid: 100, config }];
+    let oapp_send_uln_configs = vec![&env, SetDefaultUlnConfigParam { eid: 100, config }];
 
     env.mock_all_auths();
     let result = uln302.try_set_default_send_uln_configs(&oapp_send_uln_configs);

package/contracts/message-libs/uln-302/src/tests/setup.rs

@@ -1,6 +1,6 @@
+use common_macros::contract_impl;
 use endpoint_v2::{FeeRecipient, MessageLibClient, MessageLibManagerClient, Origin, SetConfigParam};
 use message_lib_common::interfaces::{ILayerZeroDVN, ILayerZeroExecutor, ILayerZeroTreasury};
-use common_macros::contract_impl;
 use soroban_sdk::{
     contract, log, symbol_short,
     testutils::{Address as _, MockAuth, MockAuthInvoke},
@@ -212,7 +212,7 @@ impl<'a> TestSetup<'a> {
     }
 
     pub fn set_default_send_uln_config(&self, eid: u32, config: UlnConfig) {
-        let params = vec![&self.env, SetDefaultUlnConfigParam { dst_eid: eid, config }];
+        let params = vec![&self.env, SetDefaultUlnConfigParam { eid, config }];
         self.env.mock_auths(&[MockAuth {
             address: &self.owner,
             invoke: &MockAuthInvoke {
@@ -226,7 +226,7 @@ impl<'a> TestSetup<'a> {
     }
 
     pub fn set_default_receive_uln_config(&self, eid: u32, config: UlnConfig) {
-        let params = vec![&self.env, SetDefaultUlnConfigParam { dst_eid: eid, config }];
+        let params = vec![&self.env, SetDefaultUlnConfigParam { eid, config }];
         self.env.mock_auths(&[MockAuth {
             address: &self.owner,
             invoke: &MockAuthInvoke {

package/contracts/message-libs/uln-302/src/types.rs

@@ -23,6 +23,23 @@ pub struct UlnConfig {
 }
 
 impl UlnConfig {
+    /// Creates a new UlnConfig with default values.
+    pub fn default(env: &Env) -> Self {
+        UlnConfig { confirmations: 0, required_dvns: vec![&env], optional_dvns: vec![&env], optional_dvn_threshold: 0 }
+    }
+
+    /// Validates a UlnConfig for using as a default config.
+    ///
+    /// Performs comprehensive validation including:
+    /// - Required DVNs validation (no duplicates, within limits)
+    /// - Optional DVNs validation (no duplicates, within limits, valid threshold)
+    /// - At least one DVN requirement (either required or optional with threshold > 0)
+    pub fn validate_default_config(&self, env: &Env) {
+        self.validate_required_dvns(env);
+        self.validate_optional_dvns(env);
+        self.validate_at_least_one_dvn(env);
+    }
+
     /// Validates the required DVNs configuration.
     ///
     /// Checks:
@@ -50,18 +67,6 @@ impl UlnConfig {
         );
     }
 
-    /// Validates a UlnConfig for using as a default config.
-    ///
-    /// Performs comprehensive validation including:
-    /// - Required DVNs validation (no duplicates, within limits)
-    /// - Optional DVNs validation (no duplicates, within limits, valid threshold)
-    /// - At least one DVN requirement (either required or optional with threshold > 0)
-    pub fn validate_default_config(&self, env: &Env) {
-        self.validate_required_dvns(env);
-        self.validate_optional_dvns(env);
-        self.validate_at_least_one_dvn(env);
-    }
-
     /// Validates that the configuration has at least one DVN for verification.
     ///
     /// A valid configuration must have either:
@@ -97,12 +102,7 @@ impl OAppUlnConfig {
             use_default_confirmations: true,
             use_default_required_dvns: true,
             use_default_optional_dvns: true,
-            uln_config: UlnConfig {
-                confirmations: 0,
-                required_dvns: vec![&env],
-                optional_dvns: vec![&env],
-                optional_dvn_threshold: 0,
-            },
+            uln_config: UlnConfig::default(env),
         }
     }
 
@@ -112,11 +112,9 @@ impl OAppUlnConfig {
     /// - When using defaults, corresponding config values must be empty/zero
     /// - When not using defaults, the provided values must be valid
     pub fn validate_oapp_config(&self, env: &Env) {
-        assert_with_error!(
-            env,
-            !self.use_default_confirmations || self.uln_config.confirmations == 0,
-            Uln302Error::InvalidConfirmations
-        );
+        if self.use_default_confirmations {
+            assert_with_error!(env, self.uln_config.confirmations == 0, Uln302Error::InvalidConfirmations);
+        }
 
         if self.use_default_required_dvns {
             assert_with_error!(env, self.uln_config.required_dvns.is_empty(), Uln302Error::InvalidRequiredDVNs);
@@ -139,11 +137,13 @@ impl OAppUlnConfig {
     pub fn apply_default_config(&self, default_config: &UlnConfig) -> UlnConfig {
         let confirmations =
             if self.use_default_confirmations { default_config.confirmations } else { self.uln_config.confirmations };
+
         let required_dvns = if self.use_default_required_dvns {
             default_config.required_dvns.clone()
         } else {
             self.uln_config.required_dvns.clone()
         };
+
         let (optional_dvns, optional_dvn_threshold) = if self.use_default_optional_dvns {
             (default_config.optional_dvns.clone(), default_config.optional_dvn_threshold)
         } else {
@@ -159,7 +159,7 @@ impl OAppUlnConfig {
 #[derive(Clone, Eq, PartialEq, Debug)]
 pub struct SetDefaultUlnConfigParam {
     /// The destination endpoint ID (for send) or source endpoint ID (for receive).
-    pub dst_eid: u32,
+    pub eid: u32,
     /// The ULN configuration to set as default.
     pub config: UlnConfig,
 }

package/contracts/message-libs/uln-302/src/uln302.rs

@@ -54,7 +54,7 @@ impl Uln302 {
     }
 }
 
-#[contract_impl(contracttrait)]
+#[contract_impl]
 impl IMessageLib for Uln302 {
     /// Sets OApp-specific configuration parameters for the message library.
     ///

package/contracts/oapps/counter/integration_tests/utils.rs

@@ -128,7 +128,7 @@ pub fn lz_compose(env: &Env, chain: &ChainSetup<'_>, executor: &Address, packet:
 pub fn scan_packet_sent_event(env: &Env, endpoint: &Address) -> Option<(Bytes, Bytes, Address)> {
     let mut packet = None;
     for (emitter, topics, data) in env.events().all() {
-        let packet_sent_symbol = Symbol::new(env, "PacketSent").to_val();
+        let packet_sent_symbol = Symbol::new(env, "packet_sent").to_val();
         if emitter == *endpoint && topics.contains(packet_sent_symbol) {
             let map: Map<Symbol, Val> = data.into_val(env);
 

package/contracts/oapps/oapp/src/oapp_core.rs

@@ -1,6 +1,6 @@
-use common_macros::{event, only_owner, storage};
+use common_macros::{only_owner, storage};
 use endpoint_v2::LayerZeroEndpointV2Client;
-use soroban_sdk::{contracttrait, Address, BytesN, Env};
+use soroban_sdk::{contractevent, contracttrait, Address, BytesN, Env};
 use utils::ownable::Ownable;
 use utils::ownable::OwnableInitializer;
 
@@ -30,7 +30,8 @@ pub enum OAppCoreStorage {
     Peer { eid: u32 },
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct PeerSet {
     pub eid: u32,
     pub peer: Option<BytesN<32>>,

package/contracts/oapps/oapp/src/oapp_options_type3.rs

@@ -1,6 +1,6 @@
 use crate::errors::OAppError;
-use common_macros::{event, only_owner, storage};
-use soroban_sdk::{assert_with_error, contracttrait, contracttype, panic_with_error, Bytes, Env, Vec};
+use common_macros::{only_owner, storage};
+use soroban_sdk::{assert_with_error, contractevent, contracttrait, contracttype, panic_with_error, Bytes, Env, Vec};
 use utils::ownable::Ownable;
 
 pub const OPTION_TYPE3: u32 = 3;
@@ -20,7 +20,8 @@ pub enum OAppOptionsType3Storage {
     EnforcedOptions { eid: u32, msg_type: u32 },
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct EnforcedOptionSet {
     pub enforced_option_params: Vec<EnforcedOptionParam>,
 }

package/contracts/oapps/oft/integration-tests/utils.rs

@@ -157,7 +157,7 @@ pub fn lz_compose(
 pub fn scan_packet_sent_event(env: &Env, endpoint: &Address) -> Option<(Bytes, Bytes, Address)> {
     let mut packet = None;
     for (emitter, topics, data) in env.events().all() {
-        let packet_sent_symbol = Symbol::new(env, "PacketSent").to_val();
+        let packet_sent_symbol = Symbol::new(env, "packet_sent").to_val();
         if emitter == *endpoint && topics.contains(packet_sent_symbol) {
             let map: Map<Symbol, Val> = data.into_val(env);
 

package/contracts/oapps/oft/src/events.rs

@@ -1,7 +1,7 @@
-use common_macros::event;
-use soroban_sdk::{Address, BytesN};
+use soroban_sdk::{contractevent, Address, BytesN};
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct OFTSent {
     pub guid: BytesN<32>,
     pub dst_eid: u32,
@@ -10,7 +10,8 @@ pub struct OFTSent {
     pub amount_received_ld: i128,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct OFTReceived {
     pub guid: BytesN<32>,
     pub src_eid: u32,

package/contracts/oapps/oft/src/extensions/oft_fee.rs

@@ -1,5 +1,5 @@
-use common_macros::{contract_error, event, only_owner, storage};
-use soroban_sdk::{assert_with_error, contracttrait, token::TokenClient, Address, Env};
+use common_macros::{contract_error, only_owner, storage};
+use soroban_sdk::{assert_with_error, contractevent, contracttrait, token::TokenClient, Address, Env};
 use utils::{option_ext::OptionExt, ownable::Ownable};
 
 /// Base fee in basis points (10,000 BPS = 100%)
@@ -27,23 +27,27 @@ pub enum OFTFeeError {
     SameValue,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct DefaultFeeBpsSet {
     pub fee_bps: u64,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct FeeBpsSet {
     pub dst_eid: u32,
     pub fee_bps: u64,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct FeeBpsUnset {
     pub dst_eid: u32,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct FeeDepositAddressSet {
     pub fee_deposit_address: Address,
 }

package/contracts/oapps/oft/src/extensions/pausable.rs

@@ -1,5 +1,5 @@
-use common_macros::{contract_error, event, only_owner, storage};
-use soroban_sdk::{assert_with_error, contracttrait, Env};
+use common_macros::{contract_error, only_owner, storage};
+use soroban_sdk::{assert_with_error, contractevent, contracttrait, Env};
 use utils::ownable::Ownable;
 
 #[storage]
@@ -15,7 +15,8 @@ pub enum OFTPausableError {
     PauseStatusUnchanged,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct PausedSet {
     pub paused: bool,
 }
@@ -47,4 +48,3 @@ pub trait OFTPausableInternal {
         assert_with_error!(env, !OFTPausableStorage::paused(env), OFTPausableError::Paused);
     }
 }
-

package/contracts/oapps/oft/src/extensions/rate_limiter.rs

@@ -1,5 +1,5 @@
-use common_macros::{contract_error, event, only_owner, storage};
-use soroban_sdk::{assert_with_error, contracttrait, contracttype, panic_with_error, Env};
+use common_macros::{contract_error, only_owner, storage};
+use soroban_sdk::{assert_with_error, contractevent, contracttrait, contracttype, panic_with_error, Env};
 use utils::ownable::Ownable;
 
 #[contracttype]
@@ -34,7 +34,8 @@ pub enum RateLimitError {
     SameValue,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct RateLimitSet {
     pub direction: Direction,
     pub eid: u32,
@@ -42,7 +43,8 @@ pub struct RateLimitSet {
     pub window_seconds: u64,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct RateLimitUpdated {
     pub direction: Direction,
     pub eid: u32,
@@ -50,7 +52,8 @@ pub struct RateLimitUpdated {
     pub window_seconds: u64,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct RateLimitUnset {
     pub direction: Direction,
     pub eid: u32,
@@ -195,4 +198,3 @@ pub trait RateLimiterInternal {
         RateLimitStorage::set_rate_limit(env, direction, eid, &rate_limit);
     }
 }
-

package/contracts/utils/src/ownable.rs

@@ -1,7 +1,7 @@
 use crate::errors::OwnableError;
 use crate::option_ext::OptionExt;
-use common_macros::{event, storage};
-use soroban_sdk::{assert_with_error, contractclient, Address, Env};
+use common_macros::storage;
+use soroban_sdk::{assert_with_error, contractclient, contractevent, Address, Env};
 
 // ============================================
 // Ownable Initializer Interface
@@ -44,14 +44,16 @@ pub fn require_owner_auth<T: Ownable>(env: &Env) {
 }
 
 /// Event emitted when ownership is transferred.
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct OwnershipTransferred {
     pub old_owner: Address,
     pub new_owner: Address,
 }
 
 /// Event emitted when ownership is renounced.
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct OwnershipRenounced {
     pub old_owner: Address,
 }

package/contracts/utils/src/tests/testing_utils.rs

@@ -1,23 +1,25 @@
 use crate::testing_utils::{assert_event, assert_events, ExpectedEvent, IntoExpectedEvent};
-use common_macros::event;
-use soroban_sdk::{contract, contractimpl, testutils::Address as _, Address, Env, IntoVal, Val, Vec};
+use soroban_sdk::{contract, contractevent, contractimpl, testutils::Address as _, Address, Env, IntoVal, Val, Vec};
 
 // ============================================
 // Test Fixtures
 // ============================================
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct TestEvent1 {
     pub value: u32,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct TestEvent2 {
     pub name: u32,
     pub count: u64,
 }
 
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct TestEvent3 {
     pub address: Address,
 }

package/contracts/utils/src/ttl.rs

@@ -1,6 +1,5 @@
 use crate::errors::TtlError;
-use common_macros::event;
-use soroban_sdk::{assert_with_error, contractclient, contracttype, Env};
+use soroban_sdk::{assert_with_error, contractclient, contractevent, contracttype, Env};
 
 /// Number of ledgers per day (~5 second ledger close time).
 pub const LEDGERS_PER_DAY: u32 = (24 * 3600) / 5;
@@ -111,12 +110,14 @@ impl TtlConfigurable for DefaultTtlConfigurable {
 // ============================================
 
 /// Event emitted when TTL configs are set.
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct TtlConfigsSet {
     pub instance: Option<TtlConfig>,
     pub persistent: Option<TtlConfig>,
 }
 
 /// Event emitted when TTL configs are frozen.
-#[event]
+#[contractevent]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub struct TtlConfigsFrozen {}

package/contracts/workers/dvn/src/auth.rs

@@ -5,14 +5,23 @@ use soroban_sdk::{
     auth::{Context, CustomAccountInterface},
     contractimpl, contracttype,
     crypto::Hash,
-    xdr::ToXdr,
+    vec, Symbol,
 };
-use utils::buffer_writer::BufferWriter;
 
 // ============================================================================
 // Authentication Data Types
 // ============================================================================
 
+#[contracttype]
+#[derive(Clone, Debug, Eq, PartialEq)]
+pub enum Sender {
+    /// No explicit sender (permissionless execution).
+    None,
+    /// A registered admin (ed25519) submitting the transaction.
+    /// The tuple is `(public_key, signature)` where the signature covers the Soroban payload.
+    Admin(BytesN<32>, BytesN<64>),
+}
+
 /// Authentication data for DVN contract transactions.
 ///
 /// This struct is used with Soroban's custom account interface to authorize
@@ -26,10 +35,8 @@ pub struct TransactionAuthData {
     pub expiration: u64,
     /// Signatures from multisig signers (secp256k1, 65 bytes each).
     pub signatures: Vec<BytesN<65>>,
-    /// Admin's Ed25519 public key (32 bytes).
-    pub admin: BytesN<32>,
-    /// Admin's Ed25519 signature over the signature payload (64 bytes).
-    pub admin_signature: BytesN<64>,
+    /// Entity submitting the transaction (admin, or permissionless).
+    pub sender: Sender,
 }
 
 // ============================================================================
@@ -37,51 +44,44 @@ pub struct TransactionAuthData {
 // ============================================================================
 
 #[contractimpl]
-impl CustomAccountInterface for Dvn {
+impl CustomAccountInterface for LzDVN {
     type Signature = TransactionAuthData;
     type Error = DvnError;
 
     /// Validates authorization for DVN contract operations.
-    ///
-    /// This implements Soroban's custom account interface, allowing the DVN
-    /// contract to act as its own account with multisig authorization.
-    ///
-    /// # Validation Steps
-    /// 1. Verify the admin signature is from a registered admin
-    /// 2. Check the VID matches the contract's configured VID
-    /// 3. Ensure the auth data hasn't expired
-    /// 4. Verify the auth contexts hash hasn't been used (replay protection)
-    /// 5. Verify multisig signatures meet the threshold
     fn __check_auth(
         env: Env,
         signature_payload: Hash<32>,
         auth_data: Self::Signature,
         auth_contexts: Vec<Context>,
     ) -> Result<(), Self::Error> {
-        let TransactionAuthData { vid, expiration, signatures, admin, admin_signature } = auth_data;
-
-        // Verify the admin signature is valid and from a registered admin.
-        Self::verify_admin(&env, &admin, &admin_signature, &signature_payload)?;
+        let TransactionAuthData { vid, expiration, signatures, sender } = auth_data;
 
-        // Verify the VID matches the contract's configured VID.
-        let stored_vid = Self::vid(&env);
-        if vid != stored_vid {
+        // 1. Check VID and expiration
+        if vid != Self::vid(&env) {
             return Err(DvnError::InvalidVid);
         }
-        // Ensure the auth data hasn't expired.
         if expiration <= env.ledger().timestamp() {
             return Err(DvnError::AuthDataExpired);
         }
 
-        // Compute the hash of the auth data for replay protection.
-        let hash = Self::hash_auth_data(&env, vid, expiration, &auth_contexts);
-        // Verify the hash hasn't been used (replay protection) and set it as used.
+        // 2. Admin verification (skip for quorum_change_admin)
+        if !Self::is_invoking_quorum_change_admin(&env, &auth_contexts) {
+            let Sender::Admin(public_key, signature) = sender else {
+                return Err(DvnError::OnlyAdmin);
+            };
+            Self::verify_admin_signature(&env, &public_key, &signature, &signature_payload)?;
+        }
+
+        // 3. Replay protection
+        let calls = Self::extract_execution_calls(&env, &auth_contexts)?;
+        let hash = Self::hash_call_data(&env, vid, expiration, &calls);
         if DvnStorage::used_hash(&env, &hash) {
             return Err(DvnError::HashAlreadyUsed);
         }
         DvnStorage::set_used_hash(&env, &hash, &true);
 
-        // Verify the multisig signatures meet the threshold.
+        // 4. Multisig verification (most expensive - do last)
         Self::verify_signatures(&env, &hash, &signatures);
 
         Ok(())
@@ -92,39 +92,53 @@ impl CustomAccountInterface for Dvn {
 // Internal Helper Functions
 // ============================================================================
 
-impl Dvn {
+impl LzDVN {
     /// Verifies that the admin signature is valid and from a registered admin.
     ///
     /// # Arguments
-    /// * `admin` - The admin's Ed25519 public key
-    /// * `admin_signature` - The admin's signature over the signature payload
+    /// * `public_key` - The admin's Ed25519 public key (32 bytes)
+    /// * `signature` - The admin's signature over the signature payload (64 bytes)
     /// * `signature_payload` - The payload that was signed
     ///
     /// # Errors
     /// Returns `DvnError::OnlyAdmin` if the signer is not a registered admin.
-    fn verify_admin(
+    fn verify_admin_signature(
         env: &Env,
-        admin: &BytesN<32>,
-        admin_signature: &BytesN<64>,
+        public_key: &BytesN<32>,
+        signature: &BytesN<64>,
         signature_payload: &Hash<32>,
     ) -> Result<(), DvnError> {
-        let admin_address = Address::from_payload(env, AddressPayload::AccountIdPublicKeyEd25519(admin.clone()));
+        let admin_address = Address::from_payload(env, AddressPayload::AccountIdPublicKeyEd25519(public_key.clone()));
         if !Self::is_admin(env, &admin_address) {
             return Err(DvnError::OnlyAdmin);
         }
 
-        env.crypto().ed25519_verify(admin, &signature_payload.clone().into(), admin_signature);
+        env.crypto().ed25519_verify(public_key, &signature_payload.clone().into(), signature);
 
         Ok(())
     }
 
-    /// Computes the hash of auth data for replay protection.
-    ///
-    /// Creates a unique hash from the VID, expiration, and auth contexts
-    /// to prevent the same authorization from being used multiple times.
-    fn hash_auth_data(env: &Env, vid: u32, expiration: u64, auth_contexts: &Vec<Context>) -> BytesN<32> {
-        let mut writer = BufferWriter::new(env);
-        let data = writer.write_u32(vid).write_u64(expiration).write_bytes(&auth_contexts.to_xdr(env)).to_bytes();
-        env.crypto().keccak256(&data).into()
+    /// Extracts the execution calls from the auth contexts.
+    fn extract_execution_calls(env: &Env, auth_contexts: &Vec<Context>) -> Result<Vec<Call>, DvnError> {
+        auth_contexts.iter().try_fold(vec![env], |mut calls, context| {
+            let Context::Contract(ctx) = context else {
+                return Err(DvnError::NonContractInvoke);
+            };
+            calls.push_back(Call { to: ctx.contract, func: ctx.fn_name, args: ctx.args });
+            Ok(calls)
+        })
+    }
+
+    /// Checks if the auth context is for `quorum_change_admin` on this contract.
+    /// This function doesn't require admin verification (quorum-only).
+    fn is_invoking_quorum_change_admin(env: &Env, auth_contexts: &Vec<Context>) -> bool {
+        // Must be exactly one call (no bundling with other operations)
+        if auth_contexts.len() != 1 {
+            return false;
+        }
+        let Context::Contract(ctx) = auth_contexts.first().unwrap() else {
+            return false;
+        };
+        ctx.contract == env.current_contract_address() && ctx.fn_name == Symbol::new(env, "quorum_change_admin")
     }
 }