Merge pull request #166 from nafsonig/feat/multi

Feat/multi

Author: mijinummi

apps/api-service/src/gas-estimation/__tests__/fee-configuration.service.spec.ts

@@ -341,6 +341,148 @@ describe("FeeConfigurationService", () => {
       expect(updatedSettings.requireApprovalForLargeChanges).toBe(true);
       expect(updatedSettings.enableUserNotifications).toBe(true);
     });
+
+    it("should validate multisig threshold against signer count", async () => {
+      await expect(
+        service.updateAdminSettings(
+          {
+            multisigSigners: ["admin-1"],
+            multisigApprovalThreshold: 2,
+          },
+          "admin-user",
+        ),
+      ).rejects.toThrow(
+        "Multisig approval threshold cannot exceed the number of configured signers.",
+      );
+    });
+  });
+
+  describe("multisig approval workflow", () => {
+    beforeEach(async () => {
+      await service.updateAdminSettings(
+        {
+          multisigSigners: ["admin-1", "admin-2"],
+          multisigApprovalThreshold: 2,
+        },
+        "admin-user",
+      );
+    });
+
+    it("should require a multisig approval request for large changes", async () => {
+      const updateRequest: FeeUpdateRequest = {
+        basePricePerRequest: 0.00003,
+        reason: "Large price adjustment",
+        notifyUsers: false,
+      };
+
+      await expect(
+        service.updateConfiguration("default", updateRequest, "admin-1"),
+      ).rejects.toThrow(
+        "Large fee changes must be submitted through the multisig approval workflow.",
+      );
+
+      const approvalRequest = await service.createApprovalRequest(
+        "default",
+        updateRequest,
+        "admin-1",
+      );
+
+      expect(approvalRequest.status).toBe("PENDING");
+      expect(approvalRequest.approvals).toEqual(["admin-1"]);
+      expect(approvalRequest.threshold).toBe(2);
+    });
+
+    it("should apply the update after enough signer approvals", async () => {
+      const updateRequest: FeeUpdateRequest = {
+        basePricePerRequest: 0.00003,
+        reason: "Critical pricing change",
+        notifyUsers: false,
+      };
+
+      const approvalRequest = await service.createApprovalRequest(
+        "default",
+        updateRequest,
+        "admin-1",
+      );
+
+      const approvedRequest = await service.approveApprovalRequest(
+        approvalRequest.id,
+        "admin-2",
+      );
+
+      expect(approvedRequest.status).toBe("APPROVED");
+      const currentConfig = await service.getCurrentConfiguration();
+      expect(currentConfig.basePricePerRequest).toBe(0.00003);
+    });
+
+    it("should reject approvals from unauthorized users", async () => {
+      const updateRequest: FeeUpdateRequest = {
+        basePricePerRequest: 0.00003,
+        reason: "Unauthorized approval attempt",
+        notifyUsers: false,
+      };
+
+      const approvalRequest = await service.createApprovalRequest(
+        "default",
+        updateRequest,
+        "admin-1",
+      );
+
+      await expect(
+        service.approveApprovalRequest(approvalRequest.id, "not-a-signer"),
+      ).rejects.toThrow(
+        "User not-a-signer is not authorized to approve this request",
+      );
+    });
+  });
+
+  describe("timelock delay", () => {
+    beforeEach(async () => {
+      await service.updateAdminSettings(
+        {
+          timelockDelayMinutes: 1,
+        },
+        "admin-user",
+      );
+
+      jest.useFakeTimers({ now: new Date("2026-03-29T12:00:00.000Z") });
+    });
+
+    afterEach(() => {
+      jest.useRealTimers();
+    });
+
+    it("should schedule direct updates when the delay has not yet elapsed", async () => {
+      const updateRequest: FeeUpdateRequest = {
+        basePricePerRequest: 0.00002,
+        reason: "Delayed pricing update",
+        notifyUsers: false,
+      };
+
+      const currentConfig = await service.updateConfiguration(
+        "default",
+        updateRequest,
+        "admin-user",
+      );
+
+      expect(currentConfig.basePricePerRequest).toBe(0.00001);
+
+      const scheduledUpdates = await service.getScheduledUpdates("default");
+      expect(scheduledUpdates.length).toBe(1);
+      expect(scheduledUpdates[0].status).toBe("SCHEDULED");
+      expect(scheduledUpdates[0].scheduledAt.toISOString()).toBe(
+        new Date("2026-03-29T12:01:00.000Z").toISOString(),
+      );
+
+      jest.setSystemTime(new Date("2026-03-29T12:02:00.000Z"));
+      const executed = await service.processPendingScheduledUpdates();
+
+      expect(executed.length).toBe(1);
+      expect(executed[0].status).toBe("EXECUTED");
+
+      const updatedConfig = await service.getCurrentConfiguration();
+      expect(updatedConfig.basePricePerRequest).toBe(0.00002);
+    });
   });
 
   describe("validateUpdateRequest", () => {

apps/api-service/src/gas-estimation/controllers/fee-configuration.controller.ts

@@ -113,6 +113,161 @@ export class FeeConfigurationController {
     }
   }
 
+  /**
+   * Create a multisig approval request for a large fee update
+   */
+  @Post(':configId/approval-requests')
+  async createApprovalRequest(
+    @Param('configId') configId: string,
+    @Body() updateRequest: FeeUpdateRequest,
+  ) {
+    try {
+      const adminUserId = 'admin-user'; // Placeholder
+      const approvalRequest = await this.feeConfigurationService.createApprovalRequest(
+        configId,
+        updateRequest,
+        adminUserId,
+      );
+      return {
+        success: true,
+        data: approvalRequest,
+        message: 'Approval request created successfully',
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to create approval request',
+        HttpStatus.BAD_REQUEST,
+      );
+    }
+  }
+
+  @Get('approval-requests')
+  async getApprovalRequests(@Query('configId') configId?: string) {
+    try {
+      const approvalRequests = await this.feeConfigurationService.getApprovalRequests(configId);
+      return {
+        success: true,
+        data: approvalRequests,
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to fetch approval requests',
+        HttpStatus.INTERNAL_SERVER_ERROR,
+      );
+    }
+  }
+
+  @Get('approval-requests/:requestId')
+  async getApprovalRequest(@Param('requestId') requestId: string) {
+    try {
+      const approvalRequest = await this.feeConfigurationService.getApprovalRequest(requestId);
+      return {
+        success: true,
+        data: approvalRequest,
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to fetch approval request',
+        HttpStatus.INTERNAL_SERVER_ERROR,
+      );
+    }
+  }
+
+  @Get('scheduled-updates')
+  async getScheduledUpdates(@Query('configId') configId?: string) {
+    try {
+      const scheduledUpdates = await this.feeConfigurationService.getScheduledUpdates(configId);
+      return {
+        success: true,
+        data: scheduledUpdates,
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to fetch scheduled updates',
+        HttpStatus.INTERNAL_SERVER_ERROR,
+      );
+    }
+  }
+
+  @Get('scheduled-updates/:updateId')
+  async getScheduledUpdate(@Param('updateId') updateId: string) {
+    try {
+      const scheduledUpdate = await this.feeConfigurationService.getScheduledUpdate(updateId);
+      return {
+        success: true,
+        data: scheduledUpdate,
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to fetch scheduled update',
+        HttpStatus.INTERNAL_SERVER_ERROR,
+      );
+    }
+  }
+
+  @Post('scheduled-updates/process')
+  async processScheduledUpdates() {
+    try {
+      const executedUpdates = await this.feeConfigurationService.processPendingScheduledUpdates();
+      return {
+        success: true,
+        data: executedUpdates,
+        message: 'Processed pending scheduled updates',
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to process scheduled updates',
+        HttpStatus.BAD_REQUEST,
+      );
+    }
+  }
+
+  @Post('approval-requests/:requestId/approve')
+  async approveApprovalRequest(
+    @Param('requestId') requestId: string,
+  ) {
+    try {
+      const adminUserId = 'admin-user'; // Placeholder
+      const approvalRequest = await this.feeConfigurationService.approveApprovalRequest(
+        requestId,
+        adminUserId,
+      );
+      return {
+        success: true,
+        data: approvalRequest,
+        message: 'Approval recorded successfully',
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to approve request',
+        HttpStatus.BAD_REQUEST,
+      );
+    }
+  }
+
+  @Post('approval-requests/:requestId/reject')
+  async rejectApprovalRequest(
+    @Param('requestId') requestId: string,
+  ) {
+    try {
+      const adminUserId = 'admin-user'; // Placeholder
+      const approvalRequest = await this.feeConfigurationService.rejectApprovalRequest(
+        requestId,
+        adminUserId,
+      );
+      return {
+        success: true,
+        data: approvalRequest,
+        message: 'Approval request rejected successfully',
+      };
+    } catch (error) {
+      throw new HttpException(
+        error.message || 'Failed to reject request',
+        HttpStatus.BAD_REQUEST,
+      );
+    }
+  }
+
   /**
    * Create new fee configuration
    */

apps/api-service/src/gas-estimation/interfaces/fee-config.interface.ts

@@ -121,6 +121,38 @@ export interface FeeValidationResult {
   };
 }
 
+export type ApprovalStatus = "PENDING" | "APPROVED" | "REJECTED";
+
+export interface ApprovalRequest {
+  id: string;
+  configurationId: string;
+  requestedBy: string;
+  request: FeeUpdateRequest;
+  requiredSigners: string[];
+  approvals: string[];
+  rejections: string[];
+  threshold: number;
+  status: ApprovalStatus;
+  createdAt: Date;
+  updatedAt: Date;
+  reason: string;
+  effectiveDate: Date;
+  notifyUsers: boolean;
+}
+
+export type ScheduledUpdateStatus = "SCHEDULED" | "EXECUTED" | "CANCELLED";
+
+export interface ScheduledUpdate {
+  id: string;
+  configurationId: string;
+  request: FeeUpdateRequest;
+  createdBy: string;
+  scheduledAt: Date;
+  status: ScheduledUpdateStatus;
+  createdAt: Date;
+  updatedAt: Date;
+}
+
 export interface FeeConfigurationHistory {
   id: string;
   configurationId: string;
@@ -200,7 +232,10 @@ export interface AdminFeeSettings {
   allowFeeUpdates: boolean;
   requireApprovalForLargeChanges: boolean;
   largeChangeThreshold: number; // percentage change
-  approvalRequiredUsers: string[]; // Admin user IDs required for approval
+  approvalRequiredUsers: string[]; // Legacy list of admin user IDs required for approval
+  multisigSigners: string[]; // Authorized multisig signer user IDs
+  multisigApprovalThreshold: number; // Number of signers required to approve large changes
+  timelockDelayMinutes: number; // Minimum delay before upgrade execution
   defaultGracePeriod: number; // days before fee changes take effect
   enableUserNotifications: boolean;
   notificationChannels: ("email" | "sms" | "in-app" | "webhook")[];