Adjust Operations Group Permissions

[CharlieMc0]

Describe the Issue
We want to make sure we correctly categorize high risk messages based on the potential impact.

Some of these messages need to be adjusted:

node/x/authority/types/authorization_list.go

Lines 10 to 41 in 0bcb422

	// OperationPolicyMessages keeps track of the message URLs that can, by default, only be executed by operational policy address
	OperationPolicyMessages = []string{
	"/zetachain.zetacore.crosschain.MsgRefundAbortedCCTX",
	"/zetachain.zetacore.crosschain.MsgAbortStuckCCTX",
	"/zetachain.zetacore.crosschain.MsgUpdateRateLimiterFlags",
	"/zetachain.zetacore.crosschain.MsgWhitelistERC20",
	"/zetachain.zetacore.fungible.MsgDeployFungibleCoinZRC20",
	"/zetachain.zetacore.fungible.MsgDeploySystemContracts",
	"/zetachain.zetacore.fungible.MsgRemoveForeignCoin",
	"/zetachain.zetacore.fungible.MsgUpdateZRC20LiquidityCap",
	"/zetachain.zetacore.fungible.MsgUpdateZRC20WithdrawFee",
	"/zetachain.zetacore.fungible.MsgUnpauseZRC20",
	"/zetachain.zetacore.observer.MsgAddObserver",
	"/zetachain.zetacore.observer.MsgRemoveChainParams",
	"/zetachain.zetacore.observer.MsgResetChainNonces",
	"/zetachain.zetacore.observer.MsgUpdateChainParams",
	"/zetachain.zetacore.observer.MsgEnableCCTX",
	"/zetachain.zetacore.observer.MsgUpdateGasPriceIncreaseFlags",
	"/zetachain.zetacore.lightclient.MsgEnableHeaderVerification",
	}
	// AdminPolicyMessages keeps track of the message URLs that can, by default, only be executed by admin policy address
	AdminPolicyMessages = []string{
	"/zetachain.zetacore.crosschain.MsgMigrateTssFunds",
	"/zetachain.zetacore.crosschain.MsgUpdateTssAddress",
	"/zetachain.zetacore.fungible.MsgUpdateContractBytecode",
	"/zetachain.zetacore.fungible.MsgUpdateSystemContract",
	"/zetachain.zetacore.observer.MsgUpdateObserver",
	"/zetachain.zetacore.authority.MsgAddAuthorization",
	"/zetachain.zetacore.authority.MsgRemoveAuthorization",
	"/zetachain.zetacore.authority.MsgUpdateChainInfo",
	}
	// EmergencyPolicyMessages keeps track of the message URLs that can, by default, only be executed by emergency policy address

What is the impact when MsgRemoveForeignCoin is used? If it deletes the supply or takes an irreversible action should be moved to the Admin group

* MsgAddObserver - Does this by itself cause any changes to the network or signing process? It should probably be moved to Admin

Expected Outcome

All of these should move to the admin group and maybe the two described above based on your answers.

• MsgEnableHeaderVerification
• MsgRemoveChainParams
• MsgDeployFungibleCoinZRC20
• MsgRemoveForeignCoin
• MsgWhitelistERC20

[lumtis]

• MsgAddObserver - Does this by itself cause any changes to the network or signing process? It should probably be moved to Admin

I think it makes sense to move it as well as independently of the signing process, observer is a sensitive part of the network

What is the impact when MsgRemoveForeignCoin is used? If it deletes the supply or takes an irreversible action should be moved to the Admin group

Delete the foreign coin object in the store but not the smart contract. I think we'll have to revise the process of for removing token and move this one in admin for now