Skip to content

Fix MaxWeightTooLow on executing upgrade approval#2909

Open
unarbos wants to merge 1 commit into
mainfrom
fix/upgrade-sign-max-weight
Open

Fix MaxWeightTooLow on executing upgrade approval#2909
unarbos wants to merge 1 commit into
mainfrom
fix/upgrade-sign-max-weight

Conversation

@unarbos

@unarbos unarbos commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Summary

  • The final sudo-multisig approval (as_multi) passed the pinned FINALIZE_WEIGHT as its outer max_weight, but the wrapped finalizing call declares that same pinned weight plus multisig+proxy overhead (~65e9 ref_time / ~21k proof_size measured on v431) — so the executing approval always failed with MaxWeightTooLow.
  • btcli upgrade sign now estimates the finalizing call's declared dispatch weight from the live runtime and pads it 10% for the outer max_weight. The finalizing call's own encoding (and hash) is unchanged.
  • Adds Client.estimate_weight(call, address=...) (+ sync facade twin) and raises the legacy JS approval literals to 80e9/50k.

Test plan

  • SDK unit suite (943 passed)
  • Live finney: declared weight 65,141,436,274 / 21,009 vs old pin 60e9/10k (insufficient); padded 71.7e9/23.1k
  • Remaining triumvirate signer re-runs btcli upgrade sign from this build

Made with Cursor

The sudo-layer as_multi wrapped the finalizing call with the pinned
FINALIZE_WEIGHT, which the finalizing call itself already declares plus
multisig/proxy overhead — so the executing approval could never satisfy
pallet_multisig's max_weight check. Estimate the finalizing call's
declared weight from the live runtime and pad it 10% instead; raise the
legacy JS approval literals the same way.

Co-authored-by: Cursor <cursoragent@cursor.com>
@vercel

vercel Bot commented Jul 14, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
subtensor Ready Ready Preview, Comment Jul 14, 2026 8:46pm

Request Review

@github-actions

github-actions Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

🛡️ AI Review — Skeptic (security review)

VERDICT: SAFE

MEDIUM scrutiny: account is ~4 months old, but has write access and substantial merged repository activity; no Gittensor association found; branch correctly targets main.

Static review found the change narrowly scoped to correcting the outer multisig weight ceiling. The dynamically estimated weight does not alter the hash or encoding of the privileged finalizing call, and the trusted AI-review/Copilot instruction files are untouched.

Findings

No findings.

Conclusion

No malicious behavior or security vulnerability was found in the diff.


🔍 AI Review — Auditor (domain review)

VERDICT: 👍

Gittensor association: UNKNOWN; established high-volume contributor with repository write access.

The live-runtime weight estimate correctly applies only to the outer sudo-multisig approval, preserving the byte-identical finalizing call and its hash. The 10% padding covers both weight dimensions, while the legacy deployment script receives a documented higher ceiling. No runtime code changed, so no spec_version bump is required. No overlapping PRs or auto-fixes were found.

Findings

No findings.

Conclusion

The change directly fixes the demonstrated MaxWeightTooLow failure without altering the approved runtime-upgrade payload. The PR is ready to merge.

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant