Only Root Toggles Subnet Emissions

[JohnReedV]

Description

This PR modifies sudo_set_subnet_emission_enabled so that only root can toggle it rather than root or owner.

[github-actions]

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

[github-actions]

[MEDIUM] Root-only path bypasses the admin freeze window

Switching this call to root-only is fine, but the replacement also drops ensure_admin_window_open(netuid). That guard is still applied to other root subnet-admin calls and is documented in pallets/subtensor/src/utils/misc.rs as preventing admin operations during the terminal freeze window to avoid interference with validator weight submissions. SubnetEmissionEnabled feeds block emission redistribution, so root can now toggle this economic control inside the protected window.

Suggested change

	ensure_root(origin)?;
	ensure_root(origin)?;
	pallet_subtensor::Pallet::<T>::ensure_admin_window_open(netuid)?;

[github-actions]

🛡️ AI Review — Skeptic (security review)

VERDICT: VULNERABLE

LOW scrutiny: established opentensor contributor with write permission; branch root-only-disable-emissions -> devnet-ready.

Static review only. The PR is a single runtime pallet change and does not touch .github/, Cargo.toml, Cargo.lock, build scripts, or trusted review files.

Findings

Sev	File	Finding
MEDIUM	pallets/admin-utils/src/lib.rs:2235	Root-only path bypasses the admin freeze window	inline

Conclusion

The change appears legitimate, but it removes the admin freeze-window guard from an emission-control extrinsic. That allows root-origin emission toggles during the period the runtime explicitly uses to prevent admin interference with validator weight submissions.

---

# 🔍 AI Review — Auditor (domain review) has not yet run on this PR.

[github-actions]

🔄 AI review updated — Skeptic: VULNERABLE