feat: treasury initialization for mainnet genesis #563
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add change file documenting the upcoming treasury initialization feature for the mainnet genesis block. JIRA: PM-20981
Add support for initializing the Midnight treasury from observed cNight deposits in the ICS (Illiquid Circulation Supply) contract on Cardano. - Add CnightTreasuryConfig type with validation for config files - Add --cnight-treasury-config CLI argument to generate-genesis command - Add fund_treasury() method using DistributeReserve and PayBlockRewardsToTreasury - Integrate treasury funding early in genesis flow (before wallet distribution) - Add example config files for dev and preview environments
Add #[allow(clippy::too_many_arguments)] to init() method. The parameter count is a pre-existing issue; refactoring to a config struct is deferred.
Add test_genesis_with_treasury_config that verifies end-to-end treasury funding during genesis generation. The test creates a treasury config with multiple UTxOs, passes it to GenesisGenerator, and verifies the resulting state.treasury contains the expected NIGHT balance.
Merged ledger-parameters-config feature with treasury-config feature. Both CLI arguments are now supported: - --cnight-treasury-config: Initialize treasury from ICS observations - --ledger-parameters-config: Custom ledger parameters
Contributor
|
KICS version: v2.1.16
|
Updated treasury.json to cnight-treasury-config.json to match the actual implementation.
Removed 4 tests that provided minimal value: - test_error_message_total_mismatch: only tests Display impl - test_treasury_amount: trivial accessor test - test_validate_total_matches_sum: redundant with test_parse_valid_config - test_validate_zero_total_empty_utxos: trivial edge case Remaining tests (3 unit + 1 integration) cover critical paths.
- Added #[allow(clippy::too_many_arguments)] to GenesisGenerator::new() - Removed 4 low-value tests from treasury_config.rs
The ICS contract address is already stored in pc-chain-config.json (cardano_addresses.bridge.illiquid_circulation_supply_validator_address). Removes the duplication to maintain a single source of truth. The genesis tool does not currently use the ICS address for validation - when UTxO validation is implemented per acceptance criteria, the address can be read from pc-chain-config.json. JIRA: PM-20981
rsporny
approved these changes
Jan 30, 2026
…easury config The ICS address values in pc-chain-config.json are now deprecated, so cnight-treasury-config.json becomes the source of truth for ICS contract addresses. Re-adds the field with consistent naming. PR: #563
Extend CnightTreasuryConfig with mandatory fields for Cardano verification per ADR-0023: - reference_block_hash: block at which to verify UTxOs - cnight_policy_id: policy ID for cNight asset verification Add CNIGHT_ASSET_NAME constant (empty string per Cardano convention). Add db-sync dependencies to toolkit: - partner-chains-db-sync-data-sources - sidechain-domain Update all network config files with required fields. JIRA: PM-20981
Implement TreasuryVerifier to verify treasury configuration against Cardano db-sync per ADR-0023 requirements: - Query db-sync for reference block existence - Verify each UTxO exists at the expected address - Verify each UTxO contains cNight with expected amount - Comprehensive error types for all failure scenarios JIRA: PM-20981
Add --db-sync-url and --skip-cardano-verification arguments to the generate-genesis command. When treasury config contains UTxOs: - Verification is required by default (fails if no db-sync-url) - --skip-cardano-verification bypasses for testing - DB_SYNC_URL env var supported as alternative to CLI arg JIRA: PM-20981
NachoPal
requested changes
Jan 30, 2026
Contributor
There was a problem hiding this comment.
I don't think "reference_block_hash" should be a hardcoded value per contract configuration, it should be a dynamic input of the Generation/Validation tool.
Checking with @kapke to make sure we are aligned.
Also, in order to align with Genesis generation, better to add new Node subcommands instead of adding it as node-toolkit commands.
Refactor TreasuryVerifier to use TreasuryDataSource trait for testability: - TreasuryDataSource trait abstracts database operations - DbSyncDataSource implements trait for production db-sync queries - MockTreasuryDataSource provides in-memory mock for tests Add comprehensive mock tests covering: - Block not found, UTxO not found, wrong address, amount mismatch - Success cases for single and multiple UTxOs - Empty UTxO list handling JIRA: PM-20981
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Add treasury initialization to genesis generation, enabling the Midnight mainnet treasury to be funded from observed cNight deposits in the ICS contract on Cardano.
🎫 PM-20981
Motivation
The Midnight treasury must be initialized at genesis with Night tokens corresponding to cNight locked in the ICS (Illiquid Circulation Supply) contract on Cardano. This is a one-off operation that establishes the initial treasury balance based on verified Cardano UTxOs.
Without this capability, the genesis block cannot correctly reflect the treasury state required for mainnet launch.
Changes
Treasury Configuration Module (
util/toolkit/src/treasury_config.rs) - IntroducesCnightTreasuryConfigstruct containing the ICS contract address (illiquid_circulation_supply_validator_address), a list of UTxOs representing cNight deposits, and a total Night amount. Includes validation to ensure the configured total matches the sum of UTxO amounts, with overflow detection.Genesis Generator Integration (
util/toolkit/src/genesis_generator.rs) - Addsfund_treasury()method that initializes the treasury using a two-step transfer via the block reward pool. Accepts optionalCnightTreasuryConfigto specify the treasury funding amount at genesis time.CLI Argument (
util/toolkit/src/commands/generate_genesis.rs) - New--cnight-treasury-configflag that accepts a path to a JSON configuration file, enabling treasury initialization during genesis generation.Network Configuration Files - Adds
cnight-treasury-config.jsonfor each network environment:res/dev/andres/preview/- Placeholder address (addr_test1placeholderaddr) with zero amountsres/devnet/andres/govnet/- Real ICS contract addresses from deployed reserve contractsTest Coverage - 8 unit tests covering configuration parsing, total validation, mismatch detection, overflow handling, and edge cases. 1 integration test verifying treasury is correctly funded during genesis generation.
📌 Submission Checklist
🔱 Fork Strategy
🗹 TODO before merging