Skip to main content
This guide provides a step-by-step guide to transferring ownership of your Hyperlane Warp Route (HWR). It also explains the responsibilities, security considerations, and configuration options that come with owning a HWR.

HWR Ownership Overview

Before transferring ownership of your HWR, it’s important to understand what this ownership entails. Ownership grants control over configuration settings, such as the Interchain Security Module (ISM), Validator options, and other parameters critical to security.
Once a mailbox is set up on the chain, anyone can deploy a HWR. HWRs are commonly deployed by a few different groups - the Abacus Works team, the asset issuer, the chain team, or the application team.

Overview of Ownership

  • Responsibilities: As the owner, you take on responsibilities that include managing security configurations, like the ISM and Validator settings, to meet your specific security and operational goals.
  • Security & Autonomy: Ownership choices often come down to security and control preferences. We strongly recommend using a multisig like a Gnosis Safe for any production setups. Teams can choose full ownership for complete autonomy, or joint ownership on the multisig to share security management. Joint ownership enables collaborative decision-making on critical updates, which can increase trust for users and developers.

ISM, Validator, and Relayer Options

When configuring or transferring a HWR, owners have flexibility in managing ISM, Validator, and Relayer settings:
  • ISM Customization: Each HWR may require a tailored ISM configuration depending on security needs. Owners can set up a custom ISM or use Hyperlane’s default setup.
  • Validator Options: Ownership allows you to choose or manage your Validator set. Hyperlane can handle Validator responsibilities by default, making it optional to run your own.
  • Relayer Support: Hyperlane provides Relayer services by default, but teams can operate their own Relayers for more control over security, reliability, and costs. This customization enables teams to tailor message handling to fit specific performance, compliance, or operational requirements.

HWR Ownership Transfer Guide

Using the Hyperlane CLI

One of the quickest way to transfer a HWR ownership is by using the Hyperlane CLI.

Prerequisites

  • The warp route ID.
    • After deployment, the warp route ID is saved to the registry at $HOME/.hyperlane/deployments/warp_routes/<warpRouteId>.
    • The format is SYMBOL/id (e.g., ETH/yourid).
    • To list existing warp route IDs: ls $HOME/.hyperlane/deployments/warp_routes/
  • Access to the private key that currently owns the HWR.
If you followed the Deploy a Warp Route guide, you may have deployed a HWR with the owner set to the single private key. In production, it is advisable to use a multisig.
To confirm using the Hyperlane CLI, locate your token symbol and the chain it is deployed on: 
hyperlane warp read -w <warpRouteId>
You should be able to select the HWR that you wish to update the ownership for. After running warp read, you should see a similar config with owner set to private key’s address: 
yourchain:
  mailbox: "0x979Ca5202784112f4738403dBec5D0F3B9daabB9"
  owner: "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266"
  ...
Warp route configs are stored in your local registry at $HOME/.hyperlane/deployments/warp_routes/<warpRouteId>/. The warp read command outputs the current on-chain config for reference.
Follow these steps using the CLI to transfer the existing ownership to another address.

Step 1: Configuration

Update the owner address in the warp route deployment config in your local registry.
warp-route-deployment.yaml
yourchain:
  mailbox: '0x979Ca5202784112f4738403dBec5D0F3B9daabB9'
- owner: '0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266'
+ owner: '0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045'
  IInterchainSecurityModule:
    address: '0xd54d32cD6a62482497252D59E6cCC1445fF0b92d'
    type: staticAggregationIsm
    modules:
      - owner: '0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266'
        address: '0xcE512189fF1BD41186E9eDda02BF321Fb1FC6eAc'
        type: defaultFallbackRoutingIsm
        domains: {}
    threshold: 1
  name: Ether
  symbol: ETH
  decimals: 18
  totalSupply: 0
  type: native

Step 2: Apply

Using the CLI, execute by providing the warp route ID: 
hyperlane warp apply -w <warpRouteId>
You should see a batch of transactions executed on chain, and a final message indicating that the warp config has been updated.

Step 3: Confirm

To confirm that the owner was successfully updated using the Hyperlane CLI, run the following command with your token symbol and the chain it is deployed on: 
hyperlane warp read -w <warpRouteId>
After running warp read, you should see a similar config with the now updated owner: 
yourchain:
  mailbox: "0x979Ca5202784112f4738403dBec5D0F3B9daabB9"
  owner: "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045"
  IInterchainSecurityModule:
    address: "0x8af9445d8A3FbFBd1D5dF185B8a4533Ab060Cf36"
    type: staticAggregationIsm
    modules:
      - owner: "0xe738d6e51aad88F6F4ce6aB8827279cffFb94876"
        address: "0xBe0232d5d45f9aD8322C2C4F84c39e64302Cd996"
        type: defaultFallbackRoutingIsm
        domains: {}
    threshold: 1
  name: Ether
  symbol: ETH
  decimals: 18
  totalSupply: 0
  type: native
By completing these steps, you have successfully transferred and verified ownership of your HWR to a new address.