Using the Hyperlane CLI
When first deploying with the CLI, new HWR use a Trusted Relayer ISM out of the box so you don’t need to run a relayer or validator. In order to go to production, you’ll need to remove this ISM with the Hyperlane CLI.Prerequisites
- The HWR config.
- For new deployments, this config may take the filepath of
CURRENT_DIR/configs/warp-route-deployment.yaml
. - For existing deployment, the config can be generated by using
hyperlane warp read
if it exists in the Registry.
- For new deployments, this config may take the filepath of
- The warp route token symbol.
- The token symbol can be found onchain, or in your local Hyperlane Registry. By default, it is written to
$HOME/.hyperlane/deployments/warp_routes/<tokenSymbol>
.
- The token symbol can be found onchain, or in your local Hyperlane Registry. By default, it is written to
- Access to the private key that currently owns the HWR.
If you followed the Deploy a Warp
Route guide, you most likely have
deployed a HWR with a trusted relayer set to a signer address.
warp read
, you should see a similar config under interchainSecurityModule
containing a trustedRelayerIsm
:
trustedRelayerIsm
as part of the staticAggregationIsm
.
This means that the relayer
address will be allowed to call the HWR’s handle()
function. In other words, the relayer
can execute arbitrary messages on the HWR. This may be undesirable in cases outside of the self-relaying feature.
By default, warp read
will save the output to CURRENT_DIR/configs/warp-route-deployment.yaml
. Follow these steps using the CLI to transfer the existing ownership to another address.
Step 1: Configuration
Update thewarp-route-deployment.yaml
by removing the trustedRelayerIsm
block from modules
. Alternatively, you can configure the entire modules
block as desired.
warp-route-deployment.yaml
Step 2: Apply
Using the CLI, execute:Step 3: Confirm
To confirm that the trusted relayer was successfully removed using the Hyperlane CLI, run the following command with your token symbol and the chain it is deployed on:warp read
, confirm that the trusted relayer ISM has been removed from your HWR (In this example, it should only contain the remaining defaultFallbackRoutingIsm
). You should see a similar config under interchainSecurityModule
: