HWR Ownership Overview
Before transferring ownership of your HWR, it’s important to understand what this ownership entails. Ownership grants control over configuration settings, such as the Interchain Security Module (ISM), Validator options, and other parameters critical to security.Once a mailbox is set up on the chain, anyone can deploy a HWR. HWRs are
commonly deployed by a few different groups - the Abacus Works team, the asset
issuer, the chain team, or the application team.
Overview of Ownership
- Responsibilities: As the owner, you take on responsibilities that include managing security configurations, like the ISM and Validator settings, to meet your specific security and operational goals.
- Security & Autonomy: Ownership choices often come down to security and control preferences. We strongly recommend using a multisig like a Gnosis Safe for any production setups. Teams can choose full ownership for complete autonomy, or joint ownership on the multisig to share security management. Joint ownership enables collaborative decision-making on critical updates, which can increase trust for users and developers.
ISM, Validator, and Relayer Options
When configuring or transferring a HWR, owners have flexibility in managing ISM, Validator, and Relayer settings:- ISM Customization: Each HWR may require a tailored ISM configuration depending on security needs. Owners can set up a custom ISM or use Hyperlane’s default setup.
- Validator Options: Ownership allows you to choose or manage your Validator set. Hyperlane can handle Validator responsibilities by default, making it optional to run your own.
- Relayer Support: Hyperlane provides Relayer services by default, but teams can operate their own Relayers for more control over security, reliability, and costs. This customization enables teams to tailor message handling to fit specific performance, compliance, or operational requirements.
HWR Ownership Transfer Guide
Using the Hyperlane CLI
One of the quickest way to transfer a HWR ownership is by using the Hyperlane CLI.If you followed the Deploy a Warp
Route guide, you may have deployed
a HWR with the owner set to the single private key. In production, it is
advisable to use a multisig.
warp read
, you should see a similar config with owner
set to private key’s address:
warp read
will save the output to CURRENT_DIR/configs/warp-route-deployment.yaml
. Follow these steps using the CLI to transfer the existing ownership to another address.
Step 1: Configuration
Updateowner
address in the warp-route-deployment.yaml
warp-route-deployment.yaml
Step 2: Apply
Using the CLI, execute by providing the token symbol and HWR config: You should see a batch of transactions executed on chain, and a final message indicating that the warp config has been updated.Step 3: Confirm
To confirm that the owner was successfully updated using the Hyperlane CLI, run the following command with your token symbol and the chain it is deployed on: After runningwarp read
, you should see a similar config with the now updated owner
: