Transfer VMC Ownership to PoA Manager

Now that the PoA Manager is deployed and owned by your Safe wallet, we need to transfer ownership of the Validator Manager Contract to the PoA Manager.

Why This Transfer?

Currently, your EOA (externally owned account) directly owns the Validator Manager. This means you alone can:

• Add validators
• Remove validators
• Change validator weights

By transferring ownership to the PoA Manager, you're inserting it as an intermediary that your multi-sig controls.

Before and After

Important Considerations

Pre-Transfer Checklist

Before transferring ownership, verify:

• ✅ PoA Manager Deployed: You have a valid PoA Manager address
• ✅ Safe Ownership: Your Safe wallet owns the PoA Manager
• ✅ Signer Access: You have access to the required number of signers
• ✅ Test Transaction: Consider testing a simple Safe transaction first

Transfer Ownership

Use the tool below to transfer Validator Manager ownership to your PoA Manager:

What Happens During Transfer

When you call transferOwnership():

1. Verification: The Validator Manager verifies you're the current owner
2. State Update: The _owner state variable is updated to the PoA Manager address
3. Event Emission: An OwnershipTransferred event is emitted
4. Immediate Effect: From this moment, only the PoA Manager can call owner-restricted functions

// Simplified transfer logic
function transferOwnership(address newOwner) public onlyOwner {
    require(newOwner != address(0), "New owner is zero address");
    _transferOwnership(newOwner);
}

function _transferOwnership(address newOwner) internal {
    address oldOwner = _owner;
    _owner = newOwner;
    emit OwnershipTransferred(oldOwner, newOwner);
}

Verification

After the transfer completes, calling owner() on the proxy (e.g. 0xfacade...) should return the PoA Manager address:

cast call <PROXY> "owner()(address)" --rpc-url <YOUR_L1_RPC>   # → your PoA Manager

Also confirm your EOA can no longer call owner-restricted functions directly.

Troubleshooting: GS013 / OwnableUnauthorizedAccount

If a validator operation from the multi-sig fails — the Safe shows GS013 / "cannot estimate gas" / "this transaction will most likely fail," or a direct call reverts with selector 0x118cdaa7 (OwnableUnauthorizedAccount) — the ownership chain is wired to the wrong address. Check it end to end:

1. PoA Manager → proxy? cast call <PoAManager> "validatorManager()(address)" must return the proxy (0xfacade...), not the implementation. If it points at the implementation, redeploy the PoA Manager with the proxy address.
2. Proxy → PoA Manager? cast call <PROXY> "owner()(address)" (your proxy, e.g. 0xfacade...) must return the PoA Manager. If it still returns your EOA, the transfer was run against the implementation — re-run it on the proxy. (No proxy? This is just the Validator Manager address.)
3. Multi-sig → PoA Manager? cast call <PoAManager> "owner()(address)" must return your Safe.

A preflight that mirrors exactly what the Safe will execute (it reverts 0x118cdaa7 if mis-wired and succeeds once correct), so you can confirm before collecting signatures:

cast call <PoAManager> "initiateValidatorWeightUpdate(bytes32,uint64)" <VALIDATION_ID> <NEW_WEIGHT> \
  --from <SAFE_ADDRESS> --rpc-url <YOUR_L1_RPC>

Complete Ownership Chain

With this transfer complete, you now have the full multi-sig governance chain:

Safe/Ash Wallet
    ↓ owns
PoA Manager
    ↓ owns
Validator Manager
    ↓ manages
P-Chain Validators

Next Steps

Your multi-sig setup is now complete! In the next chapter, you'll learn how to perform validator operations through this new governance structure.

Key differences in the new flow:

• Operations are proposed in the Safe wallet
• Multiple signers must approve
• Approved transactions are executed through the PoA Manager
• The PoA Manager calls the Validator Manager