@layerzerolabs/protocol-stellar-v2 0.2.45 → 0.2.47

package/contracts/common-macros/src/lib.rs

@@ -244,6 +244,16 @@ pub fn only_auth(_attr: TokenStream, item: TokenStream) -> TokenStream {
 /// Injects a role check at the start of the function. Panics with
 /// `RbacError::Unauthorized` if the account does not have the role (aligns with OpenZeppelin).
 ///
+/// # Security Warning
+///
+/// **IMPORTANT**: This macro checks role membership but does NOT call
+/// `require_auth()`. Use this macro when:
+///
+/// 1. Your function already contains a `require_auth()` call for the account
+/// 2. You need role-based access control without authorization enforcement
+///
+/// If you need both role checking AND authorization, use `#[only_role]` instead.
+///
 /// # Requirements
 /// - The function must have an `Env` parameter
 /// - The function must have a parameter matching the first macro arg (of type `Address` or `&Address`)
@@ -264,7 +274,7 @@ pub fn only_auth(_attr: TokenStream, item: TokenStream) -> TokenStream {
 /// ```ignore
 /// pub fn mint(env: Env, caller: Address, amount: i128) {
 ///     utils::rbac::ensure_role(&env, &soroban_sdk::Symbol::new(&env, "minter"), &caller);
-///     // Original function body
+///     // Original function body (no require_auth)
 /// }
 /// ```
 #[proc_macro_attribute]
@@ -277,6 +287,12 @@ pub fn has_role(attr: TokenStream, item: TokenStream) -> TokenStream {
 /// Same as `#[has_role]` but also calls `account.require_auth()` to ensure
 /// the caller has authorized the transaction.
 ///
+/// **IMPORTANT**: This macro both checks role membership AND enforces
+/// authorization. In Stellar contracts, duplicate `require_auth()` calls for
+/// the same account will cause panics. If your function already contains a
+/// `require_auth()` call for the same account, use `#[has_role]` instead to
+/// avoid duplicate authorization checks.
+///
 /// # Requirements
 /// Same as `#[has_role]`.
 ///

package/contracts/macro-integration-tests/tests/runtime/oapp/mod.rs

@@ -1,5 +1,5 @@
 use endpoint_v2::Origin;
-use oapp::oapp_core::OAPP_ADMIN_ROLE;
+use oapp::oapp_core::OAPP_MANAGER_ROLE;
 use oapp::oapp_receiver::LzReceiveInternal;
 use oapp_macros::oapp;
 use soroban_sdk::{
@@ -50,10 +50,10 @@ impl TestOApp {
     }
 }
 
-/// Grants `OAPP_ADMIN_ROLE` to `owner` via the public `grant_role` interface.
+/// Grants `OAPP_MANAGER_ROLE` to `owner` via the public `grant_role` interface.
 /// Call after `init()` in tests that exercise RBAC-protected entrypoints.
 pub fn grant_oapp_admin(env: &Env, contract: &Address, owner: &Address) {
-    let role = Symbol::new(env, OAPP_ADMIN_ROLE);
+    let role = Symbol::new(env, OAPP_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: owner,
         invoke: &MockAuthInvoke {

package/contracts/oapps/counter/src/tests/mod.rs

@@ -1,4 +1,4 @@
-use oapp::oapp_core::OAPP_ADMIN_ROLE;
+use oapp::oapp_core::OAPP_MANAGER_ROLE;
 use soroban_sdk::{
     testutils::{MockAuth, MockAuthInvoke},
     token::StellarAssetClient,
@@ -25,7 +25,7 @@ pub fn mint_to(env: &Env, owner: &Address, native_token: &Address, to: &Address,
 }
 
 pub fn grant_oapp_admin(env: &Env, contract: &Address, owner: &Address) {
-    let role = Symbol::new(env, OAPP_ADMIN_ROLE);
+    let role = Symbol::new(env, OAPP_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: owner,
         invoke: &MockAuthInvoke {

package/contracts/oapps/oapp/src/oapp_core.rs

@@ -9,7 +9,7 @@ use utils::{
 };
 
 /// Role for OApp administrative actions (set_peer, set_delegate, set_enforced_options).
-pub const OAPP_ADMIN_ROLE: &str = "OAPP_ADMIN_ROLE";
+pub const OAPP_MANAGER_ROLE: &str = "OAPP_MANAGER_ROLE";
 
 // =====================================================
 // OAppCore Storage and Events
@@ -73,8 +73,8 @@ pub trait OAppCore: Ownable + RoleBasedAccessControl {
     /// # Arguments
     /// * `eid` - The endpoint ID
     /// * `peer` - The address of the peer to be associated with the corresponding endpoint, or None to remove the peer
-    /// * `operator` - The address that must have OAPP_ADMIN_ROLE
-    #[only_role(operator, OAPP_ADMIN_ROLE)]
+    /// * `operator` - The address that must have OAPP_MANAGER_ROLE
+    #[only_role(operator, OAPP_MANAGER_ROLE)]
     fn set_peer(
         env: &soroban_sdk::Env,
         eid: u32,
@@ -89,8 +89,8 @@ pub trait OAppCore: Ownable + RoleBasedAccessControl {
     ///
     /// # Arguments
     /// * `delegate` - The address of the delegate to be set, or None to remove the delegate
-    /// * `operator` - The address that must have OAPP_ADMIN_ROLE
-    #[only_role(operator, OAPP_ADMIN_ROLE)]
+    /// * `operator` - The address that must have OAPP_MANAGER_ROLE
+    #[only_role(operator, OAPP_MANAGER_ROLE)]
     fn set_delegate(env: &soroban_sdk::Env, delegate: &Option<soroban_sdk::Address>, operator: &soroban_sdk::Address) {
         endpoint_client::<Self>(env).set_delegate(&env.current_contract_address(), delegate);
     }

package/contracts/oapps/oapp/src/oapp_options_type3.rs

@@ -1,4 +1,4 @@
-use crate::{self as oapp, errors::OAppError, oapp_core::OAPP_ADMIN_ROLE};
+use crate::{self as oapp, errors::OAppError, oapp_core::OAPP_MANAGER_ROLE};
 use common_macros::{contract_trait, only_role, storage};
 use soroban_sdk::{assert_with_error, contractevent, contracttype, panic_with_error, Bytes, Env, Vec};
 use utils::{buffer_reader::BufferReader, rbac::RoleBasedAccessControl};
@@ -53,8 +53,8 @@ pub trait OAppOptionsType3: RoleBasedAccessControl {
     ///
     /// # Arguments
     /// * `options` - A vector of EnforcedOptionParam structures specifying enforced options
-    /// * `operator` - The address that must have OAPP_ADMIN_ROLE
-    #[only_role(operator, OAPP_ADMIN_ROLE)]
+    /// * `operator` - The address that must have OAPP_MANAGER_ROLE
+    #[only_role(operator, OAPP_MANAGER_ROLE)]
     fn set_enforced_options(
         env: &soroban_sdk::Env,
         options: &soroban_sdk::Vec<oapp::oapp_options_type3::EnforcedOptionParam>,

package/contracts/oapps/oapp/src/tests/mod.rs

@@ -4,15 +4,15 @@ mod oapp_receiver;
 mod oapp_sender;
 mod test_macros;
 
-use crate::oapp_core::OAPP_ADMIN_ROLE;
+use crate::oapp_core::OAPP_MANAGER_ROLE;
 use soroban_sdk::{
     testutils::{MockAuth, MockAuthInvoke},
     Address, Env, IntoVal, Symbol,
 };
 
-/// Grants `OAPP_ADMIN_ROLE` to `owner` via the public `grant_role` interface.
+/// Grants `OAPP_MANAGER_ROLE` to `owner` via the public `grant_role` interface.
 pub(super) fn grant_oapp_admin(env: &Env, contract: &Address, owner: &Address) {
-    let role = Symbol::new(env, OAPP_ADMIN_ROLE);
+    let role = Symbol::new(env, OAPP_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: owner,
         invoke: &MockAuthInvoke {

package/contracts/oapps/oft/integration-tests/setup.rs

@@ -10,7 +10,7 @@ use crate::{
     oft_types::OftType,
 };
 use endpoint_v2::{EndpointV2, EndpointV2Client};
-use oapp::oapp_core::OAPP_ADMIN_ROLE;
+use oapp::oapp_core::OAPP_MANAGER_ROLE;
 use simple_message_lib::{SimpleMessageLib, SimpleMessageLibClient};
 use soroban_sdk::{
     contract, contractimpl, contracttype, log,
@@ -215,7 +215,7 @@ pub fn wire_oft(env: &Env, chains: &[&ChainSetup<'_>]) {
 }
 
 fn grant_oapp_admin(env: &Env, contract: &Address, owner: &Address) {
-    let role = Symbol::new(env, OAPP_ADMIN_ROLE);
+    let role = Symbol::new(env, OAPP_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: owner,
         invoke: &MockAuthInvoke {

package/contracts/oapps/oft/integration-tests/utils.rs

@@ -1,7 +1,7 @@
 //! Utility functions for OFT-STD integration tests.
 
-use crate::extensions::rate_limiter::{Direction, Mode, RateLimitConfig, RATE_LIMITER_ADMIN_ROLE};
-use crate::extensions::oft_fee::FEE_ADMIN_ROLE;
+use crate::extensions::rate_limiter::{Direction, Mode, RateLimitConfig, RATE_LIMITER_MANAGER_ROLE};
+use crate::extensions::oft_fee::FEE_MANAGER_ROLE;
 use crate::extensions::pausable::{PAUSER_ROLE, UNPAUSER_ROLE};
 use crate::integration_tests::setup::{decode_packet, ChainSetup};
 use crate::MintableClient;
@@ -406,8 +406,8 @@ pub fn is_paused(chain: &ChainSetup<'_>) -> bool {
 // ============================================================================
 
 pub fn set_fee_deposit_address(env: &Env, chain: &ChainSetup<'_>, deposit_address: &Address) {
-    // `set_fee_deposit_address` is protected by RBAC (`FEE_ADMIN_ROLE`). Grant it to owner for tests.
-    let role = Symbol::new(env, FEE_ADMIN_ROLE);
+    // `set_fee_deposit_address` is protected by RBAC (`FEE_MANAGER_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, FEE_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
@@ -433,8 +433,8 @@ pub fn set_fee_deposit_address(env: &Env, chain: &ChainSetup<'_>, deposit_addres
 }
 
 pub fn set_default_fee_bps(env: &Env, chain: &ChainSetup<'_>, fee_bps: u32) {
-    // `set_default_fee_bps` is protected by RBAC (`FEE_ADMIN_ROLE`). Grant it to owner for tests.
-    let role = Symbol::new(env, FEE_ADMIN_ROLE);
+    // `set_default_fee_bps` is protected by RBAC (`FEE_MANAGER_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, FEE_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
@@ -460,8 +460,8 @@ pub fn set_default_fee_bps(env: &Env, chain: &ChainSetup<'_>, fee_bps: u32) {
 }
 
 pub fn set_fee_bps(env: &Env, chain: &ChainSetup<'_>, dst_eid: u32, fee_bps: u32) {
-    // `set_fee_bps` is protected by RBAC (`FEE_ADMIN_ROLE`). Grant it to owner for tests.
-    let role = Symbol::new(env, FEE_ADMIN_ROLE);
+    // `set_fee_bps` is protected by RBAC (`FEE_MANAGER_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, FEE_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
@@ -510,8 +510,8 @@ pub fn set_rate_limit_with_mode(
     window_seconds: u64,
     mode: Mode,
 ) {
-    // `set_rate_limit` is protected by RBAC (`RATE_LIMITER_ADMIN_ROLE`). Grant it to owner for tests.
-    let role = Symbol::new(env, RATE_LIMITER_ADMIN_ROLE);
+    // `set_rate_limit` is protected by RBAC (`RATE_LIMITER_MANAGER_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, RATE_LIMITER_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {

package/contracts/oapps/oft/src/extensions/oft_fee.rs

@@ -3,7 +3,7 @@ use soroban_sdk::{assert_with_error, contractevent, token::TokenClient, Address,
 use utils::{option_ext::OptionExt, rbac::RoleBasedAccessControl};
 
 /// Role for fee configuration (set_default_fee_bps, set_fee_bps, set_fee_deposit_address).
-pub const FEE_ADMIN_ROLE: &str = "FEE_ADMIN_ROLE";
+pub const FEE_MANAGER_ROLE: &str = "FEE_MANAGER_ROLE";
 
 /// Base fee in basis points (10,000 BPS = 100%)
 /// Used as denominator in fee calculations
@@ -82,8 +82,8 @@ pub trait OFTFee: OFTFeeInternal + RoleBasedAccessControl {
     /// - `Some(n)`: sets the default fee to `n` basis points (must be >0 and <=10,000).
     /// - `Some(0)`: rejected — use `None` to remove the default fee instead.
     /// - `None`: removes the default fee (effective rate becomes 0).
-    /// * `operator` - The address that must have FEE_ADMIN_ROLE
-    #[only_role(operator, FEE_ADMIN_ROLE)]
+    /// * `operator` - The address that must have FEE_MANAGER_ROLE
+    #[only_role(operator, FEE_MANAGER_ROLE)]
     fn set_default_fee_bps(env: &soroban_sdk::Env, default_fee_bps: &Option<u32>, operator: &soroban_sdk::Address) {
         Self::__set_default_fee_bps(env, default_fee_bps);
     }
@@ -96,8 +96,8 @@ pub trait OFTFee: OFTFeeInternal + RoleBasedAccessControl {
     /// # Arguments
     /// * `dst_eid` - The destination endpoint ID
     /// * `fee_bps` - The fee rate (0-10,000), or None to remove the fee configuration
-    /// * `operator` - The address that must have FEE_ADMIN_ROLE
-    #[only_role(operator, FEE_ADMIN_ROLE)]
+    /// * `operator` - The address that must have FEE_MANAGER_ROLE
+    #[only_role(operator, FEE_MANAGER_ROLE)]
     fn set_fee_bps(env: &soroban_sdk::Env, dst_eid: u32, fee_bps: &Option<u32>, operator: &soroban_sdk::Address) {
         Self::__set_fee_bps(env, dst_eid, fee_bps);
     }
@@ -106,8 +106,8 @@ pub trait OFTFee: OFTFeeInternal + RoleBasedAccessControl {
     ///
     /// # Arguments
     /// * `fee_deposit_address` - The address to deposit fees to, or None to remove the fee deposit address
-    /// * `operator` - The address that must have FEE_ADMIN_ROLE
-    #[only_role(operator, FEE_ADMIN_ROLE)]
+    /// * `operator` - The address that must have FEE_MANAGER_ROLE
+    #[only_role(operator, FEE_MANAGER_ROLE)]
     fn set_fee_deposit_address(
         env: &soroban_sdk::Env,
         fee_deposit_address: &Option<soroban_sdk::Address>,

package/contracts/oapps/oft/src/extensions/rate_limiter.rs

@@ -4,7 +4,7 @@ use soroban_sdk::{assert_with_error, contractevent, contracttype, Env};
 use utils::rbac::RoleBasedAccessControl;
 
 /// Role for rate limiter configuration (set_rate_limit).
-pub const RATE_LIMITER_ADMIN_ROLE: &str = "RATE_LIMITER_ADMIN_ROLE";
+pub const RATE_LIMITER_MANAGER_ROLE: &str = "RATE_LIMITER_MANAGER_ROLE";
 
 // =========================================================================
 // Types
@@ -108,8 +108,8 @@ pub trait RateLimiter: RateLimiterInternal + RoleBasedAccessControl {
     /// * `direction` - The direction (Inbound or Outbound)
     /// * `eid` - The endpoint ID
     /// * `config` - The rate limit configuration, or None to remove the rate limit
-    /// * `operator` - The address that must have RATE_LIMITER_ADMIN_ROLE
-    #[only_role(operator, RATE_LIMITER_ADMIN_ROLE)]
+    /// * `operator` - The address that must have RATE_LIMITER_MANAGER_ROLE
+    #[only_role(operator, RATE_LIMITER_MANAGER_ROLE)]
     fn set_rate_limit(
         env: &soroban_sdk::Env,
         direction: &oft::rate_limiter::Direction,
@@ -279,7 +279,7 @@ fn calculate_decayed_in_flight(env: &Env, state: &RateLimitState) -> i128 {
     assert_with_error!(env, timestamp >= state.last_update, RateLimitError::InvalidTimestamp);
 
     let elapsed = timestamp - state.last_update;
-    let decay = (elapsed as i128) * state.config.limit / (state.config.window_seconds as i128);
+    let decay = (elapsed as i128).saturating_mul(state.config.limit) / (state.config.window_seconds as i128);
 
     // Ensure the decayed in-flight amount is not negative
     (state.in_flight_on_last_update - decay).max(0)

package/contracts/oapps/oft/src/tests/extensions/oft_fee.rs

@@ -1,7 +1,7 @@
 extern crate std;
 
 use crate::extensions::oft_fee::{OFTFee, OFTFeeError, OFTFeeInternal};
-use crate::extensions::oft_fee::FEE_ADMIN_ROLE;
+use crate::extensions::oft_fee::FEE_MANAGER_ROLE;
 use soroban_sdk::{
     contract, contractimpl,
     testutils::{Address as _, MockAuth, MockAuthInvoke},
@@ -34,10 +34,10 @@ impl RoleBasedAccessControl for FeeTestContract {}
 
 #[contractimpl]
 impl FeeTestContract {
-    /// Test-only: grants FEE_ADMIN_ROLE to the contract.
+    /// Test-only: grants FEE_MANAGER_ROLE to the contract.
     pub fn init_roles(env: Env) {
         let contract_id = env.current_contract_address();
-        grant_role_no_auth(&env, &contract_id, &Symbol::new(&env, FEE_ADMIN_ROLE), &contract_id);
+        grant_role_no_auth(&env, &contract_id, &Symbol::new(&env, FEE_MANAGER_ROLE), &contract_id);
     }
 
     pub fn fee_view(env: Env, dst_eid: u32, amount_ld: i128) -> i128 {

package/contracts/oapps/oft/src/tests/extensions/rate_limiter.rs

@@ -4,7 +4,7 @@ use crate as oft;
 use crate::extensions::rate_limiter::{
     Direction, Mode, RateLimitConfig, RateLimitError, RateLimiter, RateLimiterInternal,
 };
-use crate::extensions::rate_limiter::RATE_LIMITER_ADMIN_ROLE;
+use crate::extensions::rate_limiter::RATE_LIMITER_MANAGER_ROLE;
 use soroban_sdk::{contract, contractimpl, testutils::Ledger as _, Address, Env, Symbol};
 use utils::auth::Auth;
 use utils::rbac::{grant_role_no_auth, RoleBasedAccessControl};
@@ -32,13 +32,13 @@ impl RoleBasedAccessControl for RateLimiterTestContract {}
 
 #[contractimpl]
 impl RateLimiterTestContract {
-    /// Test-only: grants RATE_LIMITER_ADMIN_ROLE to the contract.
+    /// Test-only: grants RATE_LIMITER_MANAGER_ROLE to the contract.
     pub fn init_roles(env: Env) {
         let contract_id = env.current_contract_address();
         grant_role_no_auth(
             &env,
             &contract_id,
-            &Symbol::new(&env, RATE_LIMITER_ADMIN_ROLE),
+            &Symbol::new(&env, RATE_LIMITER_MANAGER_ROLE),
             &contract_id,
         );
     }

package/contracts/oapps/oft-core/integration-tests/setup.rs

@@ -20,7 +20,7 @@ use soroban_sdk::{
     token::{StellarAssetClient, TokenClient},
     Address, Bytes, BytesN, Env, IntoVal, Symbol,
 };
-use oapp::oapp_core::OAPP_ADMIN_ROLE;
+use oapp::oapp_core::OAPP_MANAGER_ROLE;
 use utils::rbac::grant_role_no_auth;
 
 // ============================================================================
@@ -182,9 +182,9 @@ fn setup_chain<'a>(env: &Env) -> ChainSetup<'a> {
     let shared_decimals: u32 = 6; // Default shared decimals
     let oft_address = env.register(TestOFT, (&oft_token, &owner, &endpoint_address, &delegate, &shared_decimals));
 
-    // Grant OAPP_ADMIN_ROLE to owner so they can call set_peer, set_delegate, set_msg_inspector, etc.
+    // Grant OAPP_MANAGER_ROLE to owner so they can call set_peer, set_delegate, set_msg_inspector, etc.
     env.as_contract(&oft_address, || {
-        grant_role_no_auth(env, &owner, &Symbol::new(env, OAPP_ADMIN_ROLE), &owner);
+        grant_role_no_auth(env, &owner, &Symbol::new(env, OAPP_MANAGER_ROLE), &owner);
     });
     let composer_address = env.register(DummyComposer, (&endpoint_address,));
 
@@ -264,7 +264,7 @@ pub fn wire_oft(env: &Env, chains: &[&ChainSetup<'_>]) {
 }
 
 fn grant_oapp_admin(env: &Env, contract: &Address, owner: &Address) {
-    let role = soroban_sdk::Symbol::new(env, oapp::oapp_core::OAPP_ADMIN_ROLE);
+    let role = soroban_sdk::Symbol::new(env, oapp::oapp_core::OAPP_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: owner,
         invoke: &MockAuthInvoke {

package/contracts/oapps/oft-core/src/oft_core.rs

@@ -58,7 +58,7 @@ use crate::{
 use common_macros::{contract_trait, only_role};
 use endpoint_v2::{MessagingComposerClient, MessagingFee, MessagingReceipt};
 use oapp::{
-    oapp_core::{init_ownable_oapp, OAPP_ADMIN_ROLE},
+    oapp_core::{init_ownable_oapp, OAPP_MANAGER_ROLE},
     oapp_options_type3::OAppOptionsType3,
     oapp_receiver::OAppReceiver,
     oapp_sender::{FeePayer, OAppSenderInternal},
@@ -448,12 +448,12 @@ pub trait OFTCore: OFTInternal {
     /// Pass `None` to remove the inspector and disable outbound validation.
     ///
     /// # Authorization
-    /// Requires the caller to have `OAPP_ADMIN_ROLE`.
+    /// Requires the caller to have `OAPP_MANAGER_ROLE`.
     ///
     /// # Arguments
     /// * `inspector` - Address of the inspector contract, or `None` to remove it
-    /// * `operator` - The address that must have OAPP_ADMIN_ROLE
-    #[only_role(operator, OAPP_ADMIN_ROLE)]
+    /// * `operator` - The address that must have OAPP_MANAGER_ROLE
+    #[only_role(operator, OAPP_MANAGER_ROLE)]
     fn set_msg_inspector(
         env: &soroban_sdk::Env,
         inspector: &Option<soroban_sdk::Address>,

package/contracts/oapps/oft-core/src/tests/test_msg_inspector.rs

@@ -60,7 +60,7 @@ fn test_set_msg_inspector() {
     // Deploy a passing inspector
     let inspector_address = env.register(PassingInspector, ());
 
-    // Owner (with OAPP_ADMIN_ROLE) sets the inspector
+    // Owner (with OAPP_MANAGER_ROLE) sets the inspector
     env.mock_auths(&[MockAuth {
         address: &setup.owner,
         invoke: &MockAuthInvoke {
@@ -127,7 +127,7 @@ fn test_set_msg_inspector_requires_owner() {
     // Deploy a passing inspector
     let inspector_address = env.register(PassingInspector, ());
 
-    // Non-owner (without OAPP_ADMIN_ROLE) tries to set the inspector
+    // Non-owner (without OAPP_MANAGER_ROLE) tries to set the inspector
     let non_owner = Address::generate(&env);
     env.mock_auths(&[MockAuth {
         address: &non_owner,
@@ -139,7 +139,7 @@ fn test_set_msg_inspector_requires_owner() {
         },
     }]);
 
-    // This should panic because non_owner does not have OAPP_ADMIN_ROLE
+    // This should panic because non_owner does not have OAPP_MANAGER_ROLE
     setup.oft.set_msg_inspector(&Some(inspector_address), &non_owner);
 }
 

package/contracts/oapps/oft-core/src/tests/test_utils.rs

@@ -8,7 +8,7 @@ use crate::{
     types::{OFTReceipt, SendParam},
 };
 use endpoint_v2::{LayerZeroReceiverClient, MessagingFee, MessagingParams, MessagingReceipt, Origin};
-use oapp::oapp_core::{OAppCoreClient, OAPP_ADMIN_ROLE};
+use oapp::oapp_core::{OAppCoreClient, OAPP_MANAGER_ROLE};
 use soroban_sdk::{
     address_payload::AddressPayload,
     bytes, contract, contractimpl, log, symbol_short,
@@ -101,7 +101,7 @@ pub fn create_origin(src_eid: u32, sender: &BytesN<32>, nonce: u64) -> Origin {
 }
 
 fn grant_oapp_admin(env: &Env, contract: &Address, owner: &Address) {
-    let role = Symbol::new(env, oapp::oapp_core::OAPP_ADMIN_ROLE);
+    let role = Symbol::new(env, oapp::oapp_core::OAPP_MANAGER_ROLE);
     env.mock_auths(&[MockAuth {
         address: owner,
         invoke: &MockAuthInvoke {
@@ -613,12 +613,12 @@ impl<'a> OFTTestSetupBuilder<'a> {
         OFTTestSetup::mint_to(env, &owner, &native_token, &owner, INITIAL_MINT_AMOUNT);
         OFTTestSetup::mint_to(env, &owner, &zro_token, &owner, INITIAL_MINT_AMOUNT);
 
-        // Grant OAPP_ADMIN_ROLE to owner so they can call set_peer, set_delegate, set_msg_inspector, etc.
+        // Grant OAPP_MANAGER_ROLE to owner so they can call set_peer, set_delegate, set_msg_inspector, etc.
         env.as_contract(&oft_address, || {
             grant_role_no_auth(
                 env,
                 &owner,
-                &Symbol::new(env, OAPP_ADMIN_ROLE),
+                &Symbol::new(env, OAPP_MANAGER_ROLE),
                 &owner,
             );
         });

package/contracts/workers/dvn/src/tests/dvn.rs

@@ -348,4 +348,8 @@ impl IDvnFeeLib for MockFeeLib {
             params.multiplier_bps as i128
         }
     }
+
+    fn version(_env: &Env) -> (u64, u32) {
+        (1, 1)
+    }
 }

package/contracts/workers/dvn-fee-lib/src/dvn_fee_lib.rs

@@ -63,6 +63,10 @@ impl IDvnFeeLib for DvnFeeLib {
             fee_result.native_price_usd,
         )
     }
+
+    fn version(_env: &Env) -> (u64, u32) {
+        (1, 1)
+    }
 }
 
 // ============================================================================

package/contracts/workers/fee-lib-interfaces/src/dvn_fee_lib.rs

@@ -73,4 +73,10 @@ pub trait IDvnFeeLib {
     /// # Returns
     /// The calculated fee in native token units (stroops for Stellar).
     fn get_fee(env: &Env, dvn: &Address, params: &DvnFeeParams) -> i128;
+
+    /// Returns the fee library contract version.
+    ///
+    /// # Returns
+    /// Tuple of (major version, minor version).
+    fn version(env: &Env) -> (u64, u32);
 }

package/contracts/workers/price-feed/src/price_feed.rs

@@ -1,6 +1,7 @@
 use common_macros::{contract_impl, lz_contract, only_auth};
 use fee_lib_interfaces::{FeeEstimate, ILayerZeroPriceFeed, Price};
-use soroban_sdk::{assert_with_error, panic_with_error, Address, Env, Vec};
+use soroban_sdk::{assert_with_error, Address, Env, Vec};
+use utils::option_ext::OptionExt;
 
 use crate::{
     errors::PriceFeedError,
@@ -110,7 +111,7 @@ impl LzPriceFeed {
 
     /// Set prices for multiple destinations (price updater or owner)
     pub fn set_price(env: &Env, price_updater: &Address, prices: &Vec<UpdatePrice>) {
-        Self::require_price_updater(env, price_updater);
+        Self::require_owner_or_price_updater(env, price_updater);
 
         prices.iter().for_each(|update| Self::set_price_internal(env, update.eid, &update.price));
     }
@@ -118,7 +119,7 @@ impl LzPriceFeed {
     /// Set price for Arbitrum with extension (price updater or owner)
     /// Corresponds to setPriceForArbitrum in PriceFeed.sol
     pub fn set_price_for_arbitrum(env: &Env, price_updater: &Address, update: &UpdatePriceExt) {
-        Self::require_price_updater(env, price_updater);
+        Self::require_owner_or_price_updater(env, price_updater);
 
         Self::set_price_internal(env, update.eid, &update.price);
 
@@ -131,7 +132,7 @@ impl LzPriceFeed {
     ///
     /// Kept as a standalone contract function (not part of the canonical `fee_lib_interfaces::ILayerZeroPriceFeed` interface).
     pub fn set_native_token_price_usd(env: &Env, price_updater: &Address, native_token_price_usd: u128) {
-        Self::require_price_updater(env, price_updater);
+        Self::require_owner_or_price_updater(env, price_updater);
         PriceFeedStorage::set_native_price_usd(env, &native_token_price_usd);
     }
 
@@ -171,7 +172,7 @@ impl LzPriceFeed {
 
     /// Estimate fee with default model
     fn estimate_fee_with_default_model(env: &Env, dst_eid: u32, calldata_size: u32, gas: u128) -> (u128, u128) {
-        let price = Self::get_price(env, dst_eid).unwrap_or_else(|| panic_with_error!(env, PriceFeedError::NoPrice));
+        let price = Self::get_price(env, dst_eid).unwrap_or_panic(env, PriceFeedError::NoPrice);
 
         // assuming the _gas includes (1) the 21,000 overhead and (2) not the calldata gas
         let gas_for_calldata = (calldata_size as u128) * (price.gas_per_byte as u128);
@@ -183,17 +184,14 @@ impl LzPriceFeed {
 
     /// Estimate fee with Optimism model
     fn estimate_fee_with_optimism_model(env: &Env, dst_eid: u32, calldata_size: u32, gas: u128) -> (u128, u128) {
-        let ethereum_id = Self::get_l1_lookup_id_for_optimism_model(env, dst_eid);
-
         // L1 fee (Ethereum)
-        let ethereum_price =
-            Self::get_price(env, ethereum_id).unwrap_or_else(|| panic_with_error!(env, PriceFeedError::NoPrice));
+        let ethereum_id = Self::get_l1_lookup_id_for_optimism_model(env, dst_eid);
+        let ethereum_price = Self::get_price(env, ethereum_id).unwrap_or_panic(env, PriceFeedError::NoPrice);
         let gas_for_l1_calldata = ((calldata_size as u128) * (ethereum_price.gas_per_byte as u128)) + 3188; // 2100 + 68 * 16
         let l1_fee = gas_for_l1_calldata * (ethereum_price.gas_price_in_unit as u128);
 
         // L2 fee (Optimism)
-        let optimism_price =
-            Self::get_price(env, dst_eid).unwrap_or_else(|| panic_with_error!(env, PriceFeedError::NoPrice));
+        let optimism_price = Self::get_price(env, dst_eid).unwrap_or_panic(env, PriceFeedError::NoPrice);
         let gas_for_l2_calldata = (calldata_size as u128) * (optimism_price.gas_per_byte as u128);
         let l2_fee = (gas_for_l2_calldata + gas) * (optimism_price.gas_price_in_unit as u128);
 
@@ -207,16 +205,13 @@ impl LzPriceFeed {
 
     /// Estimate fee with Arbitrum model
     fn estimate_fee_with_arbitrum_model(env: &Env, dst_eid: u32, calldata_size: u32, gas: u128) -> (u128, u128) {
-        let arbitrum_price =
-            Self::get_price(env, dst_eid).unwrap_or_else(|| panic_with_error!(env, PriceFeedError::NoPrice));
-
-        let arbitrum_price_ext = Self::arbitrum_price_ext(env);
-
         // L1 fee (compressed calldata)
+        let arbitrum_price_ext = Self::arbitrum_price_ext(env);
         let gas_for_l1_calldata = (((calldata_size as u128) * Self::arbitrum_compression_percent(env)) / 100)
             * (arbitrum_price_ext.gas_per_l1_calldata_byte as u128);
 
         // L2 fee
+        let arbitrum_price = Self::get_price(env, dst_eid).unwrap_or_panic(env, PriceFeedError::NoPrice);
         let gas_for_l2_calldata = (calldata_size as u128) * (arbitrum_price.gas_per_byte as u128);
         let gas_fee = (gas + (arbitrum_price_ext.gas_per_l2_tx as u128) + gas_for_l1_calldata + gas_for_l2_calldata)
             * (arbitrum_price.gas_price_in_unit as u128);
@@ -251,18 +246,12 @@ impl LzPriceFeed {
     }
 
     /// Check if caller is price updater or owner
-    fn require_price_updater(env: &Env, caller: &Address) {
+    fn require_owner_or_price_updater(env: &Env, caller: &Address) {
         caller.require_auth();
-
-        // Owner is always approved
-        if let Some(owner) = Self::owner(env) {
-            if &owner == caller {
-                return;
-            }
-        }
-
-        // Check if caller is an active price updater
-        assert_with_error!(env, Self::is_price_updater(env, caller), PriceFeedError::OnlyPriceUpdater);
+        assert_with_error!(
+            env,
+            Self::owner(env).as_ref() == Some(caller) || Self::is_price_updater(env, caller),
+            PriceFeedError::OnlyPriceUpdater
+        );
     }
 }
-

package/package.json

@@ -1,15 +1,15 @@
 {
   "name": "@layerzerolabs/protocol-stellar-v2",
-  "version": "0.2.45",
+  "version": "0.2.47",
   "private": false,
   "license": "LZBL-1.2",
   "devDependencies": {
     "@types/node": "^22.18.6",
     "tsx": "^4.19.3",
     "typescript": "^5.8.2",
-    "@layerzerolabs/common-node-utils": "0.2.45",
-    "@layerzerolabs/vm-tooling-stellar": "0.2.45",
-    "@layerzerolabs/stellar-ts-bindings-gen": "0.2.45"
+    "@layerzerolabs/common-node-utils": "0.2.47",
+    "@layerzerolabs/stellar-ts-bindings-gen": "0.2.47",
+    "@layerzerolabs/vm-tooling-stellar": "0.2.47"
   },
   "publishConfig": {
     "access": "restricted",