Merged
Conversation
Contributor
📝 WalkthroughWalkthroughThis PR adds a changeset entry marking a minor version bump for the registry package and updates the Changes
Possibly related PRs
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 15
🧹 Nitpick comments (4)
chains/xlayer/addresses.yaml (1)
7-7: Add provenance breadcrumbs for this ISM address swap.Line 7 is a high-impact verifier change; please include (or link) the multisig tx hash/source mapping for this chain in PR context so operators can audit confidently before merge.
Based on learnings: "When adding or changing contract addresses, note the source (PR, tx hash) for address provenance".
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@chains/xlayer/addresses.yaml` at line 7, The interchainSecurityModule address change is a high-impact verifier update; update the PR and the interchainSecurityModule entry to include provenance breadcrumbs by adding the multisig transaction hash (or linked source/PR) that authorized this address swap and a short note (e.g., multisig tx hash, block explorer URL, or governance PR link) so operators can audit it; ensure the provenance is adjacent to the interchainSecurityModule symbol in the same change and mention the exact multisig tx hash in the PR description for traceability.chains/optimism/addresses.yaml (1)
11-11: Add provenance for this address rotation in a durable place.For this kind of high-impact address swap, please include tx hash / multisig execution reference (commit message, PR body, or adjacent metadata) so future audits can trace why this value changed.
Based on learnings: "When adding or changing contract addresses, note the source (PR, tx hash) for address provenance".
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@chains/optimism/addresses.yaml` at line 11, The interchainSecurityModule address was rotated but lacks provenance; update the entry for interchainSecurityModule in chains/optimism/addresses.yaml to include durable provenance (e.g., add an adjacent metadata field or comment containing the multisig execution reference and transaction hash and link to the PR/commit) so auditors can trace the change—ensure the provenance is stored alongside the interchainSecurityModule key and includes the tx hash, multisig execution ID (or link), date, and PR/commit reference.chains/cyber/addresses.yaml (1)
7-7: Changeset adequately documents batch provenance—consider adding the Safe transaction hash for deeper auditability.The cyber ISM update is part of the documented "April 2nd multisig batch" per
.changeset/cyan-books-rest.md. Since multisig batches are the standard procedure for mass ISM updates across chains, the batch-level documentation provides sufficient provenance. To enhance auditability for fast rollback scenarios, consider adding the Safe transaction hash or governance proposal URL directly to the changeset entry.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@chains/cyber/addresses.yaml` at line 7, Update the changeset metadata to include the Safe multisig transaction hash or governance proposal URL for this ISM update: locate the entry that sets interchainSecurityModule = "0x855857015094C04d2743B3D04FEfC713b6EC7762" and add a field (e.g., safeTxHash or proposalUrl) with the Safe transaction hash or proposal link so reviewers can trace the April 2nd multisig batch directly from the changeset.chains/coti/addresses.yaml (1)
7-7: Add provenance for this ISM address update.Line 7 looks structurally correct, but this is a high-impact config change; add a provenance note (Apr 2 multisig tx hash / source doc) so auditors can trace it quickly.
Based on learnings: When adding or changing contract addresses, note the source (PR, tx hash) for address provenance.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@chains/coti/addresses.yaml` at line 7, Add a provenance comment for the interchainSecurityModule address by appending a short provenance note that cites the Apr 2 multisig transaction hash and a source document or PR link so auditors can verify the change; specifically, update the entry for interchainSecurityModule to include a provenance line (e.g., "provenance: Apr 2 multisig tx: <tx-hash>, source: <doc/PR link>") adjacent to the interchainSecurityModule value to document where the address came from.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.changeset/cyan-books-rest.md:
- Line 5: Update the release note line that currently reads "April 2nd multisig
batch." to include address provenance details: append the multisig transaction
hash(es) or the canonical execution PR URL for the ISM rotation and list any
changed/added contract addresses alongside their source provenance; ensure the
note clearly labels each address with its source (e.g., "multisig tx: <hash>" or
"PR: <link>") so future audit/rollback can trace the change.
In `@chains/adichain/addresses.yaml`:
- Line 7: Add provenance metadata for the interchainSecurityModule entry
(address "0xd24d5Bc3A4FC914b2b8a90FAE4e825Fd4d2D2e14") by appending fields that
record the deployment transaction hash, block number and timestamp, a
block-explorer verification link for the contract, and the multisig transaction
reference or PR that approved this April 2nd multisig batch; update the
addresses YAML entry for interchainSecurityModule to include keys like
deploymentTxHash, deploymentBlock, deploymentTimestamp, explorerUrl, and
multisigTxRef (or prRef) so future auditors can trace the origin.
In `@chains/appchain/addresses.yaml`:
- Line 8: The interchainSecurityModule address was changed without provenance;
update the addresses.yaml entry for interchainSecurityModule to include a source
marker (e.g., a comment line or an adjacent metadata key like
interchainSecurityModule_provenance) that records the authoritative reference
(PR number or multisig tx hash, date, and author/approver) so future triage can
find the origin; locate the interchainSecurityModule entry and add that
provenance information directly alongside it.
In `@chains/berachain/addresses.yaml`:
- Line 7: The interchainSecurityModule address was changed without provenance;
update the chains/berachain/addresses.yaml by adding provenance details for the
interchainSecurityModule key (e.g., the multisig transaction hash and/or
authorizing PR number, author, and date) either as an inline comment next to
interchainSecurityModule: "0xf0683F..." or in a companion metadata block in the
same file (e.g., interchainSecurityModule_provenance) so ops can audit and roll
back reliably.
In `@chains/endurance/addresses.yaml`:
- Line 7: The interchainSecurityModule entry (interchainSecurityModule:
"0x62d335f32fc171B16880AE01d531c7897a831911") was changed without a source
reference; update the PR description to include the multisig proposal ID or
transaction hash that authorized this ISM address change (and, if available, a
block-explorer link and brief note of the multisig or proposer), following the
REVIEW.md pattern for address updates so maintainers can trace the origin of the
update.
In `@chains/kiichain/addresses.yaml`:
- Line 8: The addresses.yaml entry for interchainSecurityModule
("interchainSecurityModule: \"0x94BE8ECfBb7b86984f57601eB409f4f67BbeD428\"")
lacks a provenance reference to the April 2nd multisig execution; update the
provenance metadata for this change to include the specific Safe transaction
hash or full Safe tx URL (e.g., the Safe tx hash or
https://gnosis-safe.io/app/.../transactions/<txHash>) so reviewers can directly
verify the multisig batch that updated the ISM.
In `@chains/linea/addresses.yaml`:
- Line 7: Update the interchainSecurityModule entry to include provenance
metadata for the new address value; specifically annotate the
interchainSecurityModule (the "0xA995...EF92" value) with the transaction hash
or PR/source URL and a short note (e.g., "deployed in tx: <tx-hash>" or "updated
in PR: <PR-link>") so operators can trace the change—add this as a comment or a
provenance field adjacent to the interchainSecurityModule entry in
chains/linea/addresses.yaml.
In `@chains/mitosis/addresses.yaml`:
- Line 7: Add the multisig transaction hash for auditability next to the
interchainSecurityModule entry in addresses.yaml (reference key:
interchainSecurityModule) so future troubleshooting can trace the exact multisig
batch; add a new field like interchainSecurityModuleTxHash (or a single
"multisigTxHash" alongside the module key) containing the tx hash string or a
short link, and ensure the value matches the multisig batch noted in
.changeset/cyan-books-rest.md for easy cross-reference.
In `@chains/ontology/addresses.yaml`:
- Line 7: The interchainSecurityModule address update lacks provenance metadata;
annotate the entry for interchainSecurityModule
("0x39E4155e0Bd2A02f428FA1410993614785Aa6f62") with a provenance field
referencing the authoritative source (e.g., PR number and/or transaction hash)
so reviewers can verify the change; add a short provenance note adjacent to
interchainSecurityModule indicating the source identifier and optional timestamp
or block number.
In `@chains/opbnb/addresses.yaml`:
- Line 7: Add provenance for the interchainSecurityModule address in
chains/opbnb/addresses.yaml by annotating the entry with the source of the
address (e.g., multisig transaction hash, PR number, or block explorer URL);
update the interchainSecurityModule key to include a comment or add a nearby
metadata field (e.g., interchainSecurityModule_provenance or a metadata mapping)
that records the exact tx hash/PR and an optional human-readable note and
timestamp so reviewers can verify the change.
In `@chains/optimism/addresses.yaml`:
- Line 11: Update the aggregate chains/addresses.yaml to match the per-chain ISM
changes so all eight chains use the new interchainSecurityModule values; locate
the entries for interchainSecurityModule in chains/addresses.yaml and replace
the old addresses for optimism, electroneum, moonbeam, b3, astar, ink, lukso,
and tac with the corresponding new values from each per-chain file (e.g., the
interchainSecurityModule value in chains/optimism/addresses.yaml), verify there
are no remaining discrepancies between the aggregate and per-chain files, and
commit the synchronized aggregate file with a clear message indicating it was
updated to match per-chain ISM values.
In `@chains/reactive/addresses.yaml`:
- Line 7: The interchainSecurityModule address entry lacks provenance; update
the addresses YAML by adding a provenance reference for the
interchainSecurityModule key (e.g., a comment or a new provenance field) that
records the source of this address (multisig tx hash, deployment artifact or PR
link), include the date and author/creator, and ensure the provenance is
human-readable and machine-parsable so reviewers can trace and roll back this
high-risk change.
In `@chains/shibarium/addresses.yaml`:
- Line 7: The interchainSecurityModule address was added without provenance;
update the interchainSecurityModule entry to include a provenance field (e.g.,
tx hash and/or PR URL and a short note) adjacent to the address so the source is
recorded; ensure you reference the exact symbol name interchainSecurityModule
and add a provenance key/value (txHash or sourcePR) describing where the address
came from and any verification notes.
In `@chains/soneium/addresses.yaml`:
- Line 7: Add provenance metadata for the updated interchainSecurityModule
address entry by appending a source reference (governing transaction hash or PR
reference) alongside the interchainSecurityModule:
"0xACE659E0eF1eD4E75b2748aa53B8B51055a319B7" value in the addresses.yaml entry;
include the tx hash or PR ID and an ISO8601 date and a brief label (e.g.,
"governing_tx" / "source_pr") so the change is auditable and clearly linked to
its origin.
In `@chains/superseed/addresses.yaml`:
- Line 7: Add provenance metadata for the interchainSecurityModule address
change: update the interchainSecurityModule entry in
chains/superseed/addresses.yaml to include a source reference (e.g., multisig
transaction hash or approved batch pointer and optionally PR number) alongside
the address so operators can verify the change; ensure the entry clearly names
the source (e.g., "source: multisig tx 0x...") and date or PR id to match the
registry's provenance format.
---
Nitpick comments:
In `@chains/coti/addresses.yaml`:
- Line 7: Add a provenance comment for the interchainSecurityModule address by
appending a short provenance note that cites the Apr 2 multisig transaction hash
and a source document or PR link so auditors can verify the change;
specifically, update the entry for interchainSecurityModule to include a
provenance line (e.g., "provenance: Apr 2 multisig tx: <tx-hash>, source:
<doc/PR link>") adjacent to the interchainSecurityModule value to document where
the address came from.
In `@chains/cyber/addresses.yaml`:
- Line 7: Update the changeset metadata to include the Safe multisig transaction
hash or governance proposal URL for this ISM update: locate the entry that sets
interchainSecurityModule = "0x855857015094C04d2743B3D04FEfC713b6EC7762" and add
a field (e.g., safeTxHash or proposalUrl) with the Safe transaction hash or
proposal link so reviewers can trace the April 2nd multisig batch directly from
the changeset.
In `@chains/optimism/addresses.yaml`:
- Line 11: The interchainSecurityModule address was rotated but lacks
provenance; update the entry for interchainSecurityModule in
chains/optimism/addresses.yaml to include durable provenance (e.g., add an
adjacent metadata field or comment containing the multisig execution reference
and transaction hash and link to the PR/commit) so auditors can trace the
change—ensure the provenance is stored alongside the interchainSecurityModule
key and includes the tx hash, multisig execution ID (or link), date, and
PR/commit reference.
In `@chains/xlayer/addresses.yaml`:
- Line 7: The interchainSecurityModule address change is a high-impact verifier
update; update the PR and the interchainSecurityModule entry to include
provenance breadcrumbs by adding the multisig transaction hash (or linked
source/PR) that authorized this address swap and a short note (e.g., multisig tx
hash, block explorer URL, or governance PR link) so operators can audit it;
ensure the provenance is adjacent to the interchainSecurityModule symbol in the
same change and mention the exact multisig tx hash in the PR description for
traceability.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: e8e97553-e26b-4c1e-9314-aa52e8abf105
📒 Files selected for processing (118)
.changeset/cyan-books-rest.mdchains/adichain/addresses.yamlchains/ancient8/addresses.yamlchains/apechain/addresses.yamlchains/appchain/addresses.yamlchains/arbitrum/addresses.yamlchains/arbitrumnova/addresses.yamlchains/arcadia/addresses.yamlchains/artela/addresses.yamlchains/astar/addresses.yamlchains/aurora/addresses.yamlchains/avalanche/addresses.yamlchains/b3/addresses.yamlchains/base/addresses.yamlchains/berachain/addresses.yamlchains/bitlayer/addresses.yamlchains/blast/addresses.yamlchains/bob/addresses.yamlchains/boba/addresses.yamlchains/botanix/addresses.yamlchains/bsc/addresses.yamlchains/bsquared/addresses.yamlchains/carrchain/addresses.yamlchains/celo/addresses.yamlchains/chilizmainnet/addresses.yamlchains/citrea/addresses.yamlchains/coredao/addresses.yamlchains/coti/addresses.yamlchains/cyber/addresses.yamlchains/degenchain/addresses.yamlchains/dogechain/addresses.yamlchains/electroneum/addresses.yamlchains/endurance/addresses.yamlchains/eni/addresses.yamlchains/ethereum/addresses.yamlchains/everclear/addresses.yamlchains/fantom/addresses.yamlchains/flare/addresses.yamlchains/flowmainnet/addresses.yamlchains/fluent/addresses.yamlchains/fraxtal/addresses.yamlchains/fusemainnet/addresses.yamlchains/galactica/addresses.yamlchains/gnosis/addresses.yamlchains/gravity/addresses.yamlchains/harmony/addresses.yamlchains/hashkey/addresses.yamlchains/hemi/addresses.yamlchains/hyperevm/addresses.yamlchains/igra/addresses.yamlchains/immutablezkevmmainnet/addresses.yamlchains/incentiv/addresses.yamlchains/ink/addresses.yamlchains/kaia/addresses.yamlchains/katana/addresses.yamlchains/kiichain/addresses.yamlchains/lazai/addresses.yamlchains/linea/addresses.yamlchains/lisk/addresses.yamlchains/litchain/addresses.yamlchains/lukso/addresses.yamlchains/lumiaprism/addresses.yamlchains/mantapacific/addresses.yamlchains/mantle/addresses.yamlchains/mantra/addresses.yamlchains/matchain/addresses.yamlchains/merlin/addresses.yamlchains/metal/addresses.yamlchains/metis/addresses.yamlchains/miraclechain/addresses.yamlchains/mitosis/addresses.yamlchains/mocachain/addresses.yamlchains/mode/addresses.yamlchains/monad/addresses.yamlchains/moonbeam/addresses.yamlchains/morph/addresses.yamlchains/nibiru/addresses.yamlchains/ontology/addresses.yamlchains/oortmainnet/addresses.yamlchains/opbnb/addresses.yamlchains/optimism/addresses.yamlchains/orderly/addresses.yamlchains/peaq/addresses.yamlchains/plasma/addresses.yamlchains/plume/addresses.yamlchains/polygon/addresses.yamlchains/polygonzkevm/addresses.yamlchains/polynomialfi/addresses.yamlchains/prom/addresses.yamlchains/pulsechain/addresses.yamlchains/rarichain/addresses.yamlchains/reactive/addresses.yamlchains/redstone/addresses.yamlchains/ronin/addresses.yamlchains/scroll/addresses.yamlchains/shibarium/addresses.yamlchains/somnia/addresses.yamlchains/soneium/addresses.yamlchains/sonic/addresses.yamlchains/stable/addresses.yamlchains/story/addresses.yamlchains/subtensor/addresses.yamlchains/superpositionmainnet/addresses.yamlchains/superseed/addresses.yamlchains/swell/addresses.yamlchains/tac/addresses.yamlchains/taiko/addresses.yamlchains/torus/addresses.yamlchains/tron/addresses.yamlchains/vana/addresses.yamlchains/worldchain/addresses.yamlchains/xai/addresses.yamlchains/xlayer/addresses.yamlchains/xrplevm/addresses.yamlchains/zerogravity/addresses.yamlchains/zetachain/addresses.yamlchains/zircuit/addresses.yamlchains/zoramainnet/addresses.yaml
xeno097
approved these changes
Apr 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
feat: apr 2 ism updates
hyperlane-xyz/hyperlane-monorepo#8515
Backward compatibility
Testing
Note
High Risk
Updates
interchainSecurityModulecontract addresses across many chain registry entries, which directly affects message verification/security and can break cross-chain delivery if any address is incorrect. Large, wide-scope config change with operational risk despite being data-only.Overview
Updates the registry’s deployed ISM configuration for the Apr 2 multisig batch.
Adds a changeset bumping
@hyperlane-xyz/registryas a minor release, and updates theinterchainSecurityModuleaddress in a large set ofchains/*/addresses.yamlfiles (no other contract addresses appear to change).Written by Cursor Bugbot for commit d768f10. This will update automatically on new commits. Configure here.