@layerzerolabs/protocol-stellar-v2 0.2.29 → 0.2.30

package/contracts/message-libs/uln-302/src/tests/send_uln302/effective_send_uln_config.rs

@@ -68,7 +68,7 @@ fn test_effective_send_uln_config_with_custom_config() {
     assert_eq_event(
         &env,
         &uln302.address,
-        SendUlnConfigSet { config: custom_config.clone(), dst_eid: eid, sender: oapp.clone() },
+        SendUlnConfigSet { config: Some(custom_config.clone()), dst_eid: eid, sender: oapp.clone() },
     );
 
     // Get aggregated config - should have custom confirmations but default DVNs
@@ -112,3 +112,52 @@ fn test_effective_send_uln_config_must_have_at_least_one_dvn() {
     let result = endpoint.try_set_config(&Address::generate(&env), &oapp, &uln302.address, &params);
     assert_eq!(result.err().unwrap().ok().unwrap(), Uln302Error::UlnAtLeastOneDVN.into());
 }
+
+#[test]
+fn test_remove_send_uln_config_by_setting_none() {
+    let setup = setup();
+
+    let default_config = UlnConfig::generate(&setup.env, 10, 2, 3, 2);
+    let eid = 100;
+
+    setup.set_default_configs(eid, default_config.clone());
+
+    let TestSetup { env, uln302, endpoint, .. } = setup;
+
+    let oapp = Address::generate(&env);
+
+    // Step 1: Set a custom send ULN config
+    let custom_config = OAppUlnConfig {
+        use_default_confirmations: false,
+        use_default_required_dvns: true,
+        use_default_optional_dvns: true,
+        uln_config: UlnConfig {
+            confirmations: 20,
+            required_dvns: vec![&env],
+            optional_dvns: vec![&env],
+            optional_dvn_threshold: 0,
+        },
+    };
+
+    let config_bytes = custom_config.clone().to_xdr(&env);
+    let params = vec![&env, SetConfigParam { eid, config_type: CONFIG_TYPE_SEND_ULN, config: config_bytes }];
+    endpoint.set_config(&Address::generate(&env), &oapp, &uln302.address, &params);
+
+    // Verify custom config is applied
+    let config = uln302.effective_send_uln_config(&oapp, &eid);
+    assert_eq!(config.confirmations, 20);
+    assert!(uln302.oapp_send_uln_config(&oapp, &eid).is_some());
+
+    // Step 2: Remove the custom config by setting None
+    let none_config: Option<OAppUlnConfig> = None;
+    let config_bytes = none_config.to_xdr(&env);
+    let params = vec![&env, SetConfigParam { eid, config_type: CONFIG_TYPE_SEND_ULN, config: config_bytes }];
+    endpoint.set_config(&Address::generate(&env), &oapp, &uln302.address, &params);
+
+    // Verify the OApp-specific config is removed
+    assert_eq!(uln302.oapp_send_uln_config(&oapp, &eid), None);
+
+    // Verify the effective config falls back to defaults
+    let config = uln302.effective_send_uln_config(&oapp, &eid);
+    assert_eq!(config, default_config);
+}

package/contracts/message-libs/uln-302/src/uln302.rs

@@ -30,10 +30,6 @@ impl Uln302 {
         UlnStorage::set_treasury(env, treasury);
     }
 
-    // ============================================================================================
-    // View Functions
-    // ============================================================================================
-
     /// Returns the LayerZero endpoint contract address.
     pub fn endpoint(env: &Env) -> Address {
         UlnStorage::endpoint(env).unwrap()
@@ -95,10 +91,6 @@ impl IMessageLib for Uln302 {
     }
 }
 
-// ============================================================================================
-// Helper Functions
-// ============================================================================================
-
 /// Parse a config from XDR bytes, panicking with InvalidConfig error if parsing fails
 fn parse_config<T: FromXdr>(env: &Env, config_bytes: &Bytes) -> T {
     T::from_xdr(env, config_bytes).ok().unwrap_or_panic(env, Uln302Error::InvalidConfig)

package/contracts/oapps/counter/Cargo.toml

@@ -19,17 +19,17 @@ oapp-macros = { workspace = true }
 [dev-dependencies]
 soroban-sdk = { workspace = true, features = ["testutils"] }
 utils = { workspace = true, features = ["testutils"] }
-simple-message-lib = { workspace = true }
+simple-message-lib = { workspace = true, features = ["testutils"] }
 blocked-message-lib = { workspace = true }
 message-lib-common = { workspace = true, features = ["testutils"] }
 endpoint-v2 = { workspace = true, features = ["testutils"] }
 executor = { workspace = true, features = ["testutils"] }
 uln302 = { workspace = true, features = ["testutils"] }
 dvn = { workspace = true, features = ["testutils"] }
-dvn-fee-lib = { workspace = true }
-executor-fee-lib = { workspace = true }
+dvn-fee-lib = { workspace = true, features = ["testutils"] }
+executor-fee-lib = { workspace = true, features = ["testutils"] }
 treasury = { workspace = true, features = ["testutils"] }
-price-feed = { workspace = true }
+price-feed = { workspace = true, features = ["testutils"] }
 fee-lib-interfaces = { workspace = true }
 executor-helper = { workspace = true }
 # For real DVN signature verification in integration tests

package/contracts/oapps/counter/integration_tests/setup_uln.rs

@@ -10,7 +10,7 @@ use crate::{
 use dvn::{DVNClient, DstConfig as DvnDstConfig, DstConfigParam as DvnDstConfigParam, LzDVN};
 use dvn_fee_lib::DvnFeeLib;
 use endpoint_v2::{EndpointV2, EndpointV2Client};
-use executor::{DstConfig as ExecutorDstConfig, ExecutorClient, LzExecutor, SetDstConfigParam};
+use executor::{DstConfig as ExecutorDstConfig, ExecutorClient, LzExecutor, LzExecutorClient, SetDstConfigParam};
 use executor_fee_lib::ExecutorFeeLib;
 use executor_helper::{ExecutorHelper, ExecutorHelperClient};
 use fee_lib_interfaces::Price;
@@ -18,7 +18,7 @@ use price_feed::{types::UpdatePrice, LzPriceFeed};
 use soroban_sdk::{
     testutils::{Address as _, MockAuth, MockAuthInvoke},
     token::TokenClient,
-    vec, Address, BytesN, Env, IntoVal, Vec,
+    vec, Address, BytesN, Env, IntoVal, Symbol, Vec,
 };
 use treasury::Treasury;
 use uln302::{
@@ -493,6 +493,26 @@ fn setup_chain_workers<'a>(
     let executor = ExecutorClient::new(env, &executor_address);
     let executor_helper = ExecutorHelperClient::new(env, &executor_helper_address);
 
+    // Register the executor helper with the executor (address + allowed function names)
+    let allowed_functions: Vec<Symbol> = vec![
+        env,
+        Symbol::new(env, "execute"),
+        Symbol::new(env, "compose"),
+        Symbol::new(env, "native_drop_and_execute"),
+    ];
+    let admin = &infra.admin;
+    let lz_executor = LzExecutorClient::new(env, &executor_address);
+    env.mock_auths(&[MockAuth {
+        address: admin,
+        invoke: &MockAuthInvoke {
+            contract: &executor_address,
+            fn_name: "set_executor_helper",
+            args: (admin, &executor_helper_address, &allowed_functions).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    lz_executor.set_executor_helper(admin, &executor_helper_address, &allowed_functions);
+
     (dvn, dvn2, executor, executor_helper)
 }
 

package/contracts/oapps/counter/src/counter.rs

@@ -12,7 +12,7 @@ use endpoint_v2::{
 use oapp::{
     oapp_core::{initialize_oapp, OAppCore},
     oapp_receiver::{LzReceiveInternal, OAppReceiver},
-    oapp_sender::OAppSenderInternal,
+    oapp_sender::{FeePayer, OAppSenderInternal},
 };
 use oapp_macros::oapp;
 use soroban_sdk::{assert_with_error, panic_with_error, token::TokenClient, Address, Bytes, BytesN, Env};
@@ -23,7 +23,7 @@ pub struct Counter;
 #[contract_impl]
 impl Counter {
     pub fn __constructor(env: &Env, owner: &Address, endpoint: &Address, delegate: &Address) {
-        initialize_oapp::<Self>(env, owner, endpoint, &Some(delegate.clone()));
+        initialize_oapp::<Self>(env, owner, endpoint, delegate);
         let endpoint_client = LayerZeroEndpointV2Client::new(env, endpoint);
         CounterStorage::set_eid(env, &endpoint_client.eid());
     }
@@ -39,9 +39,9 @@ impl Counter {
         let outbound_count = Self::outbound_count(env, dst_eid);
         CounterStorage::set_outbound_count(env, dst_eid, &(outbound_count + 1));
 
-        // Send the message
+        // Send the message — caller already authorized via require_auth() above
         let message = codec::encode(env, (msg_type as u8).into(), Self::eid(env));
-        Self::__lz_send(env, dst_eid, &message, options, caller, fee, caller);
+        Self::__lz_send(env, dst_eid, &message, options, &FeePayer::Verified(caller.clone()), fee, caller);
     }
 
     // ============================================================================================
@@ -152,14 +152,14 @@ impl LzReceiveInternal for Counter {
                 let outbound_count = Self::outbound_count(env, origin.src_eid);
                 CounterStorage::set_outbound_count(env, origin.src_eid, &(outbound_count + 1));
 
-                // Send the response message
+                // Send the response message — contract is the fee payer (auto-authorized)
                 let options = options::executor_lz_receive_option(env, 200000, 10);
                 Self::__lz_send(
                     env,
                     origin.src_eid,
                     &codec::encode_with_value(env, MsgType::Vanilla, Self::eid(env), 10),
                     &options,
-                    &contract_address,
+                    &FeePayer::Verified(contract_address.clone()),
                     &MessagingFee { native_fee: value, zro_fee: 0 },
                     &contract_address,
                 );
@@ -221,14 +221,14 @@ impl ILayerZeroComposer for Counter {
             // Increment the outbound count
             CounterStorage::set_outbound_count(env, src_eid, &(Self::outbound_count(env, src_eid) + 1));
 
-            // Send the response message
+            // Send the response message — contract is the fee payer (auto-authorized)
             let curr_address = env.current_contract_address();
             Self::__lz_send(
                 env,
                 src_eid,
                 &codec::encode(env, MsgType::Vanilla, Self::eid(env)),
                 &options::executor_lz_receive_option(env, 200000, 0),
-                &curr_address,
+                &FeePayer::Verified(curr_address.clone()),
                 &MessagingFee { native_fee: value, zro_fee: 0 },
                 &curr_address,
             );

package/contracts/oapps/oapp/src/interfaces/oapp_msg_inspector.rs

@@ -3,9 +3,28 @@
 //! This module defines the `IOAppMsgInspector` trait that external inspector contracts
 //! must implement to validate outgoing LayerZero messages and options.
 //!
+//! Implementations can signal failure in two ways:
+//! - Return `false` to indicate the inspection failed.
+//! - Panic directly to abort the transaction immediately.
+//!
 //! ## Usage
 //!
-//! Inspector contracts should implement this trait and panic if inspection fails:
+//! ### Returning a boolean
+//!
+//! ```ignore
+//! use oapp::interfaces::IOAppMsgInspector;
+//!
+//! pub struct MyInspector;
+//!
+//! #[contractimpl]
+//! impl IOAppMsgInspector for MyInspector {
+//!     fn inspect(env: &Env, oapp: &Address, message: &Bytes, options: &Bytes) -> bool {
+//!         is_valid(message, options)
+//!     }
+//! }
+//! ```
+//!
+//! ### Panicking on failure
 //!
 //! ```ignore
 //! use oapp::interfaces::IOAppMsgInspector;
@@ -14,12 +33,11 @@
 //!
 //! #[contractimpl]
 //! impl IOAppMsgInspector for MyInspector {
-//!     fn inspect(env: &Env, oapp: &Address, message: &Bytes, options: &Bytes) {
-//!         // Validate message and options
-//!         // Panic if invalid
+//!     fn inspect(env: &Env, oapp: &Address, message: &Bytes, options: &Bytes) -> bool {
 //!         if !is_valid(message, options) {
 //!             panic_with_error!(env, MyError::InspectionFailed);
 //!         }
+//!         true
 //!     }
 //! }
 //! ```
@@ -31,17 +49,22 @@ use soroban_sdk::{contractclient, Address, Bytes, Env};
 /// Contracts implementing this trait can be set as message inspectors on OFT contracts
 /// to validate outgoing messages and options before they are sent cross-chain.
 ///
-/// If inspection fails, the implementation should panic to revert the transaction.
+/// Implementations may either return `false` to indicate failure, or panic directly
+/// to abort the transaction.
 #[contractclient(name = "OAppMsgInspectorClient")]
 pub trait IOAppMsgInspector {
-    /// Inspects the LayerZero message and options before sending.
+    /// Allows the inspector to examine LayerZero message contents and determine their validity.
     ///
     /// # Arguments
     /// * `oapp` - The address of the OApp contract sending the message
-    /// * `message` - The encoded message payload to be sent
-    /// * `options` - The LayerZero options for the message
+    /// * `message` - The message payload to be inspected.
+    /// * `options` - Additional LayerZero options for inspection.
+    ///
+    /// # Returns
+    /// * `bool` - `true` if the inspection passed, `false` if the message or options are invalid.
     ///
     /// # Panics
-    /// Should panic if the message or options are invalid, reverting the transaction.
-    fn inspect(env: &Env, oapp: &Address, message: &Bytes, options: &Bytes);
+    /// Implementations may choose to panic instead of returning `false` to abort the
+    /// transaction immediately with a specific error.
+    fn inspect(env: &Env, oapp: &Address, message: &Bytes, options: &Bytes) -> bool;
 }

package/contracts/oapps/oapp/src/lib.rs

@@ -1,11 +1,15 @@
 #![no_std]
 
-pub mod errors;
-pub mod interfaces;
 pub mod oapp_core;
 pub mod oapp_options_type3;
 pub mod oapp_receiver;
 pub mod oapp_sender;
 
+mod errors;
+mod interfaces;
+
+pub use errors::*;
+pub use interfaces::*;
+
 #[cfg(test)]
 mod tests;

package/contracts/oapps/oapp/src/oapp_core.rs

@@ -1,28 +1,8 @@
+use crate::{errors::OAppError, oapp_receiver::RECEIVER_VERSION, oapp_sender::SENDER_VERSION};
 use common_macros::{contract_trait, only_auth, storage};
 use endpoint_v2::LayerZeroEndpointV2Client;
 use soroban_sdk::{contractevent, Address, BytesN, Env};
-use utils::ownable::{Ownable, OwnableInitializer};
-
-/// Initializes the OApp with the specified configuration.
-///
-/// This function sets up the OApp by initializing ownership, storing the LayerZero endpoint,
-/// and optionally setting a delegate address for the endpoint.
-///
-/// # Arguments
-/// * `env` - The Soroban environment
-/// * `owner` - The address that will own this OApp
-/// * `endpoint` - The LayerZero endpoint address to associate with this OApp
-/// * `delegate` - Optional delegate address to set on the endpoint for this OApp
-pub fn initialize_oapp<T: OAppCore + OwnableInitializer>(
-    env: &Env,
-    owner: &Address,
-    endpoint: &Address,
-    delegate: &Option<Address>,
-) {
-    T::init_owner(env, owner);
-    OAppCoreStorage::set_endpoint(env, endpoint);
-    LayerZeroEndpointV2Client::new(env, endpoint).set_delegate(&env.current_contract_address(), delegate);
-}
+use utils::{option_ext::OptionExt, ownable::{Ownable, OwnableInitializer}};
 
 // =====================================================
 // OAppCore Storage and Events
@@ -30,10 +10,11 @@ pub fn initialize_oapp<T: OAppCore + OwnableInitializer>(
 
 #[storage]
 pub enum OAppCoreStorage {
-    // Immutable endpoint address
+    // Endpoint address - set once during initialization
     #[instance(Address)]
     Endpoint,
 
+    // Mapping from endpoint ID to remote peer address
     #[persistent(BytesN<32>)]
     Peer { eid: u32 },
 }
@@ -58,7 +39,7 @@ pub trait OAppCore: Ownable {
     /// - `sender_version`: The version of the OAppSender
     /// - `receiver_version`: The version of the OAppReceiver
     fn oapp_version(_env: &soroban_sdk::Env) -> (u64, u64) {
-        (1, 1)
+        (SENDER_VERSION, RECEIVER_VERSION)
     }
 
     /// Retrieves the LayerZero endpoint address associated with the OApp.
@@ -101,6 +82,50 @@ pub trait OAppCore: Ownable {
     }
 }
 
+// =====================================================
+// Helper Functions
+// =====================================================
+
+/// Initializes the OApp with the specified configuration.
+///
+/// This function sets up the OApp by initializing ownership, storing the LayerZero endpoint,
+/// and setting a delegate address for the endpoint.
+///
+/// # Arguments
+/// * `env` - The Soroban environment
+/// * `owner` - The address that will own this OApp
+/// * `endpoint` - The LayerZero endpoint address to associate with this OApp
+/// * `delegate` - The delegate address to set on the endpoint for this OApp
+pub fn initialize_oapp<T: OAppCore + OwnableInitializer>(
+    env: &Env,
+    owner: &Address,
+    endpoint: &Address,
+    delegate: &Address,
+) {
+    T::init_owner(env, owner);
+    OAppCoreStorage::set_endpoint(env, endpoint);
+    LayerZeroEndpointV2Client::new(env, endpoint)
+        .set_delegate(&env.current_contract_address(), &Some(delegate.clone()));
+}
+
+/// Retrieves the peer address associated with a specific endpoint ID; panics if NOT set.
+///
+/// This is a safe getter that ensures a peer has been configured for the given endpoint.
+/// If no peer is set (i.e., the peer is `None`), it will panic with `OAppError::NoPeer`.
+///
+/// # Arguments
+/// * `env` - The Soroban environment
+/// * `eid` - The endpoint ID
+///
+/// # Returns
+/// The peer address (`BytesN<32>`) associated with the specified endpoint
+///
+/// # Panics
+/// Panics with `OAppError::NoPeer` if no peer is set for the given endpoint ID
+pub fn get_peer_or_panic<T: OAppCore>(env: &Env, eid: u32) -> BytesN<32> {
+    T::peer(env, eid).unwrap_or_panic(env, OAppError::NoPeer)
+}
+
 /// Returns a client for the LayerZero endpoint.
 pub fn endpoint_client<'a, T: OAppCore>(env: &'a Env) -> LayerZeroEndpointV2Client<'a> {
     LayerZeroEndpointV2Client::new(env, &T::endpoint(env))

package/contracts/oapps/oapp/src/oapp_options_type3.rs

@@ -1,7 +1,7 @@
 use crate::{self as oapp, errors::OAppError};
 use common_macros::{contract_trait, only_auth, storage};
 use soroban_sdk::{assert_with_error, contractevent, contracttype, panic_with_error, Bytes, Env, Vec};
-use utils::{buffer_reader::BufferReader, ownable::Ownable};
+use utils::{auth::Auth, buffer_reader::BufferReader};
 
 pub const OPTION_TYPE3: u16 = 3;
 
@@ -10,20 +10,19 @@ pub const OPTION_TYPE3: u16 = 3;
 pub struct EnforcedOptionParam {
     pub eid: u32,
     pub msg_type: u32,
-    pub options: Bytes,
+    pub options: Option<Bytes>,
 }
 
 #[storage]
 pub enum OAppOptionsType3Storage {
     #[persistent(Bytes)]
-    #[default(Bytes::new(env))]
     EnforcedOptions { eid: u32, msg_type: u32 },
 }
 
 #[contractevent]
 #[derive(Clone, Debug, Eq, PartialEq)]
 pub struct EnforcedOptionSet {
-    pub enforced_option_params: Vec<EnforcedOptionParam>,
+    pub enforced_options: Vec<EnforcedOptionParam>,
 }
 
 // =========================================================================
@@ -31,7 +30,7 @@ pub struct EnforcedOptionSet {
 // =========================================================================
 
 #[contract_trait]
-pub trait OAppOptionsType3: Ownable {
+pub trait OAppOptionsType3: Auth {
     /// Retrieves the enforced options for a given endpoint and message type.
     ///
     /// # Arguments
@@ -40,11 +39,11 @@ pub trait OAppOptionsType3: Ownable {
     ///
     /// # Returns
     /// The enforced options for the given endpoint and message type
-    fn enforced_options(env: &soroban_sdk::Env, eid: u32, msg_type: u32) -> soroban_sdk::Bytes {
+    fn enforced_options(env: &soroban_sdk::Env, eid: u32, msg_type: u32) -> Option<soroban_sdk::Bytes> {
         OAppOptionsType3Storage::enforced_options(env, eid, msg_type)
     }
 
-    /// Sets the enforced options for specific endpoint and message type combinations.
+    /// Sets or removes the enforced options for specific endpoint and message type combinations.
     ///
     /// Only the `authorizer` of the OApp can call this function.
     /// Provides a way for the OApp to enforce things like paying for PreCrime, AND/OR minimum dst lzReceive gas amounts etc.
@@ -57,13 +56,15 @@ pub trait OAppOptionsType3: Ownable {
     #[only_auth]
     fn set_enforced_options(
         env: &soroban_sdk::Env,
-        options: soroban_sdk::Vec<oapp::oapp_options_type3::EnforcedOptionParam>,
+        options: &soroban_sdk::Vec<oapp::oapp_options_type3::EnforcedOptionParam>,
     ) {
-        for option in &options {
-            assert_option_type3(env, &option.options);
-            OAppOptionsType3Storage::set_enforced_options(env, option.eid, option.msg_type, &option.options);
+        for param in options {
+            if let Some(ref opts) = param.options {
+                assert_option_type3(env, opts);
+            }
+            OAppOptionsType3Storage::set_or_remove_enforced_options(env, param.eid, param.msg_type, &param.options);
         }
-        EnforcedOptionSet { enforced_option_params: options }.publish(env);
+        EnforcedOptionSet { enforced_options: options.clone() }.publish(env);
     }
 
     /// Combines options for a given endpoint and message type.
@@ -86,23 +87,29 @@ pub trait OAppOptionsType3: Ownable {
         msg_type: u32,
         extra_options: &soroban_sdk::Bytes,
     ) -> soroban_sdk::Bytes {
-        let mut enforced_options = Self::enforced_options(env, eid, msg_type);
+        let enforced_options_opt = Self::enforced_options(env, eid, msg_type);
 
-        if enforced_options.is_empty() {
+        // No enforced options, pass whatever the caller supplied, even if it's empty or legacy type 1/2 options.
+        if enforced_options_opt.is_none() {
             return extra_options.clone();
         }
 
+        // No caller options, return enforced
+        let mut enforced_options = enforced_options_opt.unwrap(); // unwrap is safe because we checked if it is none above
         if extra_options.is_empty() {
             return enforced_options;
         }
 
+        // If caller provided extra_options, must be type 3 as its the ONLY type that can be combined.
         if extra_options.len() >= 2 {
             assert_option_type3(env, extra_options);
 
+            // Remove the first 2 bytes containing the type from the extra_options and combine with enforced.
             enforced_options.append(&extra_options.slice(2..));
             return enforced_options;
         }
 
+        // No valid set of options was found.
         panic_with_error!(env, OAppError::InvalidOptions);
     }
 }

package/contracts/oapps/oapp/src/oapp_receiver.rs

@@ -1,11 +1,15 @@
 use crate::{
     errors::OAppError,
-    oapp_core::{endpoint_client, OAppCore},
+    oapp_core::{endpoint_client, get_peer_or_panic, OAppCore},
 };
 use common_macros::contract_trait;
 use endpoint_v2::Origin;
 use soroban_sdk::{assert_with_error, token::TokenClient, Address, Bytes, BytesN, Env};
 
+/// The version of the OAppReceiver implementation.
+/// Version is bumped when changes are made to this contract.
+pub const RECEIVER_VERSION: u64 = 1;
+
 // =====================================================
 // LzReceiveInternal Trait
 // =====================================================
@@ -43,12 +47,12 @@ pub trait LzReceiveInternal {
 /// these methods via `LayerZeroReceiverClient`.
 ///
 /// # Default Implementations
-/// | Method | Behavior |
-/// |--------|----------|
-/// | `allow_initialize_path` | Returns true if origin sender matches configured peer |
-/// | `next_nonce` | Returns 0 (unordered delivery) |
-/// | `lz_receive` | Verifies payload, then calls `LzReceiveInternal::__lz_receive` |
-/// | `is_compose_msg_sender` | Returns true if sender is current contract |
+/// | Method                   | Behavior                                                       |
+/// |--------------------------|----------------------------------------------------------------|
+/// | `allow_initialize_path`  | Returns true if origin sender matches configured peer          |
+/// | `next_nonce`             | Returns 0 (unordered delivery)                                 |
+/// | `lz_receive`             | Verifies payload, then calls `LzReceiveInternal::__lz_receive` |
+/// | `is_compose_msg_sender`  | Returns true if sender is current contract                     |
 ///
 /// # Usage
 ///
@@ -171,23 +175,20 @@ pub fn clear_payload_and_transfer<T: OAppCore>(
     message: &Bytes,
     value: i128,
 ) {
+    // Require authorization from the executor and transfer the value from the executor to the oapp if has value
+    executor.require_auth();
+    // Assert that the message is from the expected peer
+    assert_with_error!(env, get_peer_or_panic::<T>(env, origin.src_eid) == origin.sender, OAppError::OnlyPeer);
+
     let this_address = env.current_contract_address();
     let endpoint_client = endpoint_client::<T>(env);
 
-    // Require authorization from the executor and transfer the value from the executor to the oapp if has value
-    executor.require_auth();
+    // Transfer the value from the executor to the oapp if has value
     if value != 0 {
         let token_client = TokenClient::new(env, &endpoint_client.native_token());
         token_client.transfer(executor, &this_address, &value);
     }
 
-    // Assert that the message is from the expected peer
-    assert_with_error!(
-        env,
-        T::peer(env, origin.src_eid).is_some_and(|peer| peer == origin.sender),
-        OAppError::OnlyPeer
-    );
-
     // Clear the message payload from the endpoint
     endpoint_client.clear(&this_address, origin, &this_address, guid, message);
 }